CN107302706B - Image anti-hotlinking method and device and electronic equipment - Google Patents

Image anti-hotlinking method and device and electronic equipment Download PDF

Info

Publication number
CN107302706B
CN107302706B CN201710474820.8A CN201710474820A CN107302706B CN 107302706 B CN107302706 B CN 107302706B CN 201710474820 A CN201710474820 A CN 201710474820A CN 107302706 B CN107302706 B CN 107302706B
Authority
CN
China
Prior art keywords
image
encrypted
image block
blocks
unencrypted
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710474820.8A
Other languages
Chinese (zh)
Other versions
CN107302706A (en
Inventor
朱朴
王博
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing QIYI Century Science and Technology Co Ltd
Original Assignee
Beijing QIYI Century Science and Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing QIYI Century Science and Technology Co Ltd filed Critical Beijing QIYI Century Science and Technology Co Ltd
Priority to CN201710474820.8A priority Critical patent/CN107302706B/en
Publication of CN107302706A publication Critical patent/CN107302706A/en
Application granted granted Critical
Publication of CN107302706B publication Critical patent/CN107302706B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/23Processing of content or additional data; Elementary server operations; Server middleware
    • H04N21/234Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs
    • H04N21/2347Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs involving video stream encryption
    • H04N21/23476Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs involving video stream encryption by partially encrypting, e.g. encrypting the ending portion of a movie
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N19/00Methods or arrangements for coding, decoding, compressing or decompressing digital video signals
    • H04N19/10Methods or arrangements for coding, decoding, compressing or decompressing digital video signals using adaptive coding
    • H04N19/169Methods or arrangements for coding, decoding, compressing or decompressing digital video signals using adaptive coding characterised by the coding unit, i.e. the structural portion or semantic portion of the video signal being the object or the subject of the adaptive coding
    • H04N19/17Methods or arrangements for coding, decoding, compressing or decompressing digital video signals using adaptive coding characterised by the coding unit, i.e. the structural portion or semantic portion of the video signal being the object or the subject of the adaptive coding the unit being an image region, e.g. an object
    • H04N19/176Methods or arrangements for coding, decoding, compressing or decompressing digital video signals using adaptive coding characterised by the coding unit, i.e. the structural portion or semantic portion of the video signal being the object or the subject of the adaptive coding the unit being an image region, e.g. an object the region being a block, e.g. a macroblock
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N19/00Methods or arrangements for coding, decoding, compressing or decompressing digital video signals
    • H04N19/85Methods or arrangements for coding, decoding, compressing or decompressing digital video signals using pre-processing or post-processing specially adapted for video compression
    • H04N19/88Methods or arrangements for coding, decoding, compressing or decompressing digital video signals using pre-processing or post-processing specially adapted for video compression involving rearrangement of data among different coding units, e.g. shuffling, interleaving, scrambling or permutation of pixel data or permutation of transform coefficient data among different blocks

Landscapes

  • Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Multimedia (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the invention provides an image anti-theft chain method, an image anti-theft chain device and electronic equipment, wherein in the scheme, after a server obtains an image to be processed, an image block to be encrypted is extracted from the image to be processed; encrypting an image block to be encrypted to obtain an encrypted image block; and finally, combining the encrypted image blocks and the unencrypted image blocks obtained by extracting the image blocks to be encrypted from the image to be processed to obtain the encrypted image. By applying the scheme provided by the embodiment of the invention, the server encrypts the extracted image blocks to be encrypted, but does not encrypt the unencrypted image blocks, so that the time required by encryption operation is saved, and the security of the images to be processed is high due to the existence of the encryption operation.

Description

Image anti-hotlinking method and device and electronic equipment
Technical Field
The invention relates to the technical field of data encryption, in particular to an image anti-theft chain method, an image anti-theft chain device and electronic equipment.
Background
With the rise of the internet and large data, more and more users upload files such as images on mobile terminals such as mobile phones to the network for storage, and in order to prevent the privacy of the users from being revealed due to stealing of the images uploaded to the network by third parties without permission, a series of anti-theft operations need to be performed on the images stored in the network.
Images stored in a network all match a URL (Uniform Resource Locator), and in order to prevent an unauthorized third party from accessing the image through the URL address and further causing the image to be leaked, in the prior art, an image anti-theft chain is usually set in a manner of encrypting the URL address by using an encryption algorithm.
However, the inventor finds that the prior art has at least the following problems in the process of implementing the invention: the image anti-theft chain set by the mode can prevent an illegal user from obtaining an image to a certain extent, but the encrypted URL address can be easily cracked by packet capturing and other modes. Once the URL address is cracked, an illegal user can directly acquire a related image through the URL address, resulting in low security of image storage.
Disclosure of Invention
The embodiment of the invention aims to provide an image anti-theft chain method, an image anti-theft chain device and electronic equipment, so that the safety of stored images is improved, and the probability of revealing user privacy is further reduced.
In order to achieve the above object, in a first aspect, an embodiment of the present invention provides a first image hotlink protection method, where the method includes:
acquiring an image to be processed;
extracting an image block to be encrypted from the image to be processed;
encrypting the image block to be encrypted to obtain an encrypted image block;
combining the encrypted image blocks and the unencrypted image blocks to obtain an encrypted image; the image to be processed comprises the image block to be encrypted and the unencrypted image block.
Preferably, the step of extracting the image block to be encrypted from the image to be processed includes:
dividing the image to be processed into a plurality of first image blocks;
and respectively extracting a second image block from each first image block, and taking the second image block as an image block to be encrypted, wherein the second image block accounts for a preset proportion in the first image blocks.
Preferably, the step of combining the encrypted image block and the unencrypted image block to obtain the encrypted image includes:
rearranging the encrypted tiles and the unencrypted tiles;
combining the rearranged image blocks into an encrypted image; and the image blocks in the encrypted image are connected through separators, and the metadata of the encrypted image carries image block arrangement information.
Preferably, the merging the encrypted image blocks and the unencrypted image blocks includes:
rearranging the unencrypted image blocks;
combining the rearranged unencrypted image blocks and the encrypted image blocks into an encrypted image; and the image blocks in the encrypted image are connected through separators, and the metadata of the encrypted image carries image block arrangement information.
Preferably, the method further comprises:
generating a Uniform Resource Locator (URL) of the encrypted image;
encrypting the URL to obtain an encrypted URL; and the encryption mode of the URL is different from the encryption mode of the image block to be encrypted.
In a second aspect, an embodiment of the present invention provides a second image hotlink protection method, including:
acquiring an image to be processed;
dividing the image to be processed into an image block to be encrypted and a plurality of unencrypted image blocks;
encrypting the image block to be encrypted and the image block arrangement information to obtain an encrypted image block; wherein the image block arrangement information is arrangement information before the plurality of unencrypted image blocks are rearranged;
and combining the encrypted image blocks and the unencrypted image blocks to obtain an encrypted image.
Preferably, the dividing the image to be processed into an image block to be encrypted and a plurality of unencrypted image blocks includes:
dividing the image to be processed into a plurality of first image blocks;
and respectively extracting a second image block from each first image block, taking the second image block as an image block to be encrypted, taking the image blocks except the second image block in the first image blocks as a plurality of unencrypted image blocks, wherein the second image blocks account for a preset proportion in the first image blocks.
Preferably, the image blocks in the encrypted image are connected by separators, and the image block arrangement information is stored in metadata.
Preferably, the method further comprises:
generating a Uniform Resource Locator (URL) of the encrypted image;
encrypting the URL to obtain an encrypted URL; and the encryption mode of the URL is different from the encryption mode of encrypting the image blocks to be encrypted and the image block arrangement information.
In a third aspect, an embodiment of the present invention provides a third image hotlink protection method, including:
acquiring an encrypted image, wherein the encrypted image comprises an encrypted image block and an unencrypted image block;
extracting the encrypted image block from the encrypted image;
decrypting the encrypted image block to obtain a decrypted image block;
and combining the decrypted image block and the unencrypted image block to obtain a decrypted image.
Preferably, the image blocks in the encrypted image are connected by separators; the extracting the encrypted image block from the encrypted image comprises:
splitting the encrypted image into image blocks by the separators;
and acquiring the encrypted image blocks in the image blocks.
Preferably, the combining the decrypted image block and the unencrypted image block to obtain a decrypted image includes:
acquiring image block arrangement information carried by metadata of the encrypted image;
and reordering each image block in the encrypted image according to the image block arrangement information, and combining the decrypted image block and the unencrypted image block which are ordered into a decrypted image.
Preferably, the acquiring the encrypted image includes:
acquiring an encrypted URL corresponding to an encrypted image, wherein the encrypted URL is an encrypted uniform resource locator;
decrypting the encrypted URL to obtain the URL of the encrypted image;
and downloading to obtain the encrypted image based on the URL of the encrypted image.
In a fourth aspect, an embodiment of the present invention provides a fourth image hotlink protection method, including:
acquiring an encrypted image, wherein the encrypted image comprises an encrypted image block and an unencrypted image block;
extracting the encrypted image block from the encrypted image;
decrypting the encrypted image block to obtain image block arrangement information and a decrypted image block of the unencrypted image block;
and arranging the unencrypted image blocks according to the image block arrangement information, and combining the arranged unencrypted image blocks and the arranged decrypted image blocks to obtain a decrypted image.
Preferably, the image blocks in the encrypted image are connected by separators; the extracting the encrypted image block from the encrypted image comprises:
splitting the encrypted image into image blocks by the separators;
and acquiring the encrypted image blocks in the image blocks.
Preferably, the decrypting the encrypted image block to obtain the image block arrangement information and the decrypted image block of the unencrypted image block includes:
decrypting the encrypted image block to obtain metadata of the encrypted image and a decrypted image block;
and extracting the image block arrangement information of the unencrypted image block from the metadata.
Preferably, the acquiring the encrypted image includes:
acquiring an encrypted URL corresponding to an encrypted image, wherein the encrypted URL is an encrypted uniform resource locator;
decrypting the encrypted URL to obtain the URL of the encrypted image;
and downloading to obtain the encrypted image based on the URL of the encrypted image.
In a fifth aspect, an embodiment of the present invention provides a first image hotlink prevention device, including:
the first acquisition module is used for acquiring an image to be processed;
the extraction module is used for extracting the image blocks to be encrypted from the images to be processed;
the first encryption module is used for encrypting the image block to be encrypted to obtain an encrypted image block;
the first merging module is used for merging the encrypted image blocks and the unencrypted image blocks to obtain an encrypted image; the image to be processed comprises the image block to be encrypted and the unencrypted image block.
Preferably, the extraction module includes:
the first segmentation sub-module is used for segmenting the image to be processed into a plurality of first image blocks;
and the first extraction sub-module is used for respectively extracting a second image block from each first image block, and taking the second image block as an image block to be encrypted, wherein the second image block accounts for a preset proportion in the first image block.
Preferably, the first merging module includes:
a first permutation submodule for rearranging the encrypted image blocks and the unencrypted image blocks;
a first combining sub-module for combining the rearranged image blocks into an encrypted image; and the image blocks in the encrypted image are connected through separators, and the metadata of the encrypted image carries image block arrangement information.
Preferably, the first merging module includes:
a second permutation submodule for rearranging the unencrypted image blocks;
the second combination sub-module is used for combining the rearranged unencrypted image blocks and the encrypted image blocks into an encrypted image; and the image blocks in the encrypted image are connected through separators, and the metadata of the encrypted image carries image block arrangement information.
Preferably, the apparatus further comprises:
a first generation module, configured to generate a uniform resource locator URL of the encrypted image;
the first encryption module is further configured to encrypt the URL to obtain an encrypted URL; and the encryption mode of the URL is different from the encryption mode of the image block to be encrypted.
In a sixth aspect, an embodiment of the present invention provides a second image hotlink prevention device, including:
the second acquisition module is used for acquiring an image to be processed;
the segmentation module is used for segmenting the image to be processed into an image block to be encrypted and a plurality of unencrypted image blocks;
the second encryption module is used for encrypting the image blocks to be encrypted and the image block arrangement information to obtain encrypted image blocks; wherein the image block arrangement information is arrangement information before the plurality of unencrypted image blocks are rearranged;
and the second merging module is used for merging the encrypted image blocks and the unencrypted image blocks to obtain an encrypted image.
Preferably, the segmentation module includes:
the second segmentation sub-module is used for segmenting the image to be processed into a plurality of first image blocks;
and the second extraction sub-module is used for respectively extracting a second image block from each first image block, taking the second image block as an image block to be encrypted, taking the image blocks except the second image block in the first image blocks as the plurality of unencrypted image blocks, wherein the second image block accounts for a preset proportion in the first image block.
Preferably, the image blocks in the encrypted image are connected by separators, and the image block arrangement information is stored in metadata.
Preferably, the apparatus further comprises:
the second generation module is used for generating a Uniform Resource Locator (URL) of the encrypted image;
the second encryption module is further configured to encrypt the URL to obtain an encrypted URL; and the encryption mode of the URL is different from the encryption mode of encrypting the image blocks to be encrypted and the image block arrangement information.
In a seventh aspect, an embodiment of the present invention provides a third image hotlink prevention device, including:
the third acquisition module is used for acquiring an encrypted image, wherein the encrypted image comprises an encrypted image block and an unencrypted image block;
the first extraction module is used for extracting the encrypted image block from the encrypted image;
the first decryption module is used for decrypting the encrypted image block to obtain a decrypted image block;
and the first combination module is used for combining the decrypted image blocks and the unencrypted image blocks to obtain a decrypted image.
Preferably, the image blocks in the encrypted image are connected by separators; the first extraction module comprises:
a first splitting sub-module, configured to split the encrypted image into image blocks through the separators;
and the first obtaining sub-module is used for obtaining the encrypted image blocks in the image blocks.
Preferably, the first assembling module comprises:
the second obtaining sub-module is used for obtaining image block arrangement information carried by metadata of the encrypted image;
and the third combination sub-module is used for reordering all image blocks in the encrypted image according to the image block arrangement information and combining the decrypted image blocks and the unencrypted image blocks after the reordering into a decrypted image.
Preferably, the third obtaining module includes:
the third obtaining submodule is used for obtaining an encrypted URL corresponding to the encrypted image, wherein the encrypted URL is an encrypted uniform resource locator;
the first decryption submodule is used for decrypting the encrypted URL to obtain the URL of the encrypted image;
and the first downloading submodule is used for downloading and obtaining the encrypted image based on the URL of the encrypted image.
In an eighth aspect, an embodiment of the present invention provides a fourth image hotlink protection device, including:
the fourth acquisition module is used for acquiring an encrypted image, wherein the encrypted image comprises an encrypted image block and an unencrypted image block;
the second extraction module is used for extracting the encrypted image block from the encrypted image;
the second decryption module is used for decrypting the encrypted image block to obtain image block arrangement information of the unencrypted image block and a decrypted image block;
and the second combination module is used for arranging the unencrypted image blocks according to the image block arrangement information and combining the arranged unencrypted image blocks and the arranged decrypted image blocks to obtain a decrypted image.
Preferably, the image blocks in the encrypted image are connected by separators; the second extraction module comprises:
a second splitting sub-module, configured to split the encrypted image into image blocks through the separators;
and the fourth obtaining sub-module is used for obtaining the encrypted image blocks in the image blocks.
Preferably, the second decryption module includes:
the second decryption submodule is used for decrypting the encrypted image block to obtain metadata of the encrypted image and a decrypted image block;
and the third extraction sub-module is used for extracting the image block arrangement information of the unencrypted image block from the metadata.
Preferably, the fourth obtaining module includes:
a fifth obtaining submodule, configured to obtain an encrypted URL corresponding to the encrypted image, where the encrypted URL is an encrypted uniform resource locator;
the third decryption submodule is used for decrypting the encrypted URL to obtain the URL of the encrypted image;
and the second downloading submodule is used for downloading and obtaining the encrypted image based on the URL of the encrypted image.
In a ninth aspect, an embodiment of the present invention further provides an electronic device, including a first processor, a first communication interface, a first memory, and a first communication bus, where the first processor, the first communication interface, and the first memory complete mutual communication through the first communication bus;
a first memory for storing a computer program;
the first processor is configured to implement the method steps of the first image anti-stealing link method when executing the program stored in the first memory.
In a tenth aspect, an embodiment of the present invention further provides another electronic device, including a second processor, a second communication interface, a second memory, and a second communication bus, where the second processor, the second communication interface, and the second memory complete communication with each other through the second communication bus;
a second memory for storing a computer program;
and the second processor is used for realizing the method steps of the second image anti-theft chain method when executing the program stored in the second memory.
In an eleventh aspect, an embodiment of the present invention further provides another electronic device, including a third processor, a third communication interface, a third memory, and a third communication bus, where the third processor, the third communication interface, and the third memory complete mutual communication through the third communication bus;
a third memory for storing a computer program;
and a third processor, configured to implement the method steps of the third image hotlink protection method when executing the program stored in the third memory.
In a twelfth aspect, an embodiment of the present invention further provides another electronic device, including a fourth processor, a fourth communication interface, a fourth memory, and a fourth communication bus, where the fourth processor, the fourth communication interface, and the fourth memory complete mutual communication through the fourth communication bus;
a third memory for storing a computer program;
and a third processor, configured to implement the method steps of the fourth image hotlink protection method when executing the program stored in the third memory.
In a thirteenth aspect, the embodiment of the present invention further provides a computer-readable storage medium, which stores instructions that, when executed on a computer, cause the computer to execute the first image hotlink prevention method.
In a fourteenth aspect, the embodiment of the present invention further provides another computer-readable storage medium, where instructions are stored in the computer-readable storage medium, and when the instructions are executed on a computer, the computer is caused to execute the second image hotlink prevention method.
In a fifteenth aspect, the embodiment of the present invention further provides a computer-readable storage medium, which stores instructions that, when executed on a computer, cause the computer to execute the third image hotlink prevention method.
In a sixteenth aspect, the embodiment of the present invention further provides a computer-readable storage medium, where instructions are stored, and when the instructions are executed on a computer, the computer is caused to execute the fourth image hotlink prevention method.
In a seventeenth aspect, the present invention further provides a computer program product containing instructions, which when run on a computer, causes the computer to execute the first image hotlink prevention method.
In an eighteenth aspect, embodiments of the present invention further provide another computer program product containing instructions, which when run on a computer, cause the computer to execute the second image hotlink prevention method described above.
In a nineteenth aspect, the present invention provides a computer program product containing instructions, which when run on a computer, causes the computer to execute the third image hotlink prevention method.
In a twentieth aspect, embodiments of the present invention further provide a computer program product containing instructions that, when executed on a computer, cause the computer to perform the fourth image hotlink prevention method described above.
In the scheme provided by the embodiment of the invention, after the server acquires the image to be processed, the image block to be encrypted is firstly extracted from the image to be processed; then encrypting the image block to be encrypted to obtain an encrypted image block; finally, combining the encrypted image block and the unencrypted image block to obtain an encrypted image; the image to be processed comprises an image block to be encrypted and an unencrypted image block. Therefore, in the scheme provided by the embodiment of the invention, the server extracts the image blocks to be encrypted from the image to be processed which needs to be stored, and encrypts the extracted image blocks to be encrypted without encrypting the unencrypted image blocks, that is, the encrypted image blocks are part of the image to be processed, so that not only is the time required by encryption operation saved, but also due to the existence of the encryption operation, even if the finally obtained encrypted image is leaked, an external device cannot directly obtain a complete image to be processed according to the encrypted image, and therefore, the security of the image to be processed is high.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below.
FIG. 1 is a schematic diagram of an application scenario according to an embodiment of the present invention;
fig. 2 is a flowchart illustrating a first image anti-hotlinking method according to an embodiment of the present invention;
fig. 3 is a flowchart illustrating a first image anti-hotlinking method according to another embodiment of the present invention;
FIG. 4 is a diagram illustrating a specific process of segmenting an image to be processed according to an embodiment of the present invention;
fig. 5 is a schematic diagram of a specific process of extracting an image block to be encrypted according to an embodiment of the present invention;
fig. 6 is a flowchart illustrating a first image anti-hotlinking method according to another embodiment of the present invention;
FIG. 7 is a flowchart illustrating a first image anti-hotlinking method according to still another embodiment of the present invention;
FIG. 8 is a flowchart illustrating a first image anti-hotlinking method according to yet another embodiment of the present invention;
fig. 9 is a flowchart illustrating a second image hotlink protection method according to an embodiment of the present invention;
FIG. 10 is a flowchart illustrating a second image anti-hotlinking method according to another embodiment of the present invention;
FIG. 11 is a flowchart illustrating a second image anti-hotlinking method according to another embodiment of the present invention;
fig. 12 is a flowchart illustrating a third image anti-hotlinking method according to an embodiment of the invention;
FIG. 13 is a flowchart illustrating a third image anti-hotlinking method according to another embodiment of the present invention;
FIG. 14 is a flowchart illustrating a third image anti-hotlinking method according to another embodiment of the present invention;
fig. 15 is a schematic diagram of a process of restoring an encrypted image according to an embodiment of the present invention;
FIG. 16 is a flowchart illustrating a third image anti-hotlinking method according to yet another embodiment of the present invention;
fig. 17 is a flowchart illustrating a fourth image hotlink protection method according to an embodiment of the present invention;
FIG. 18 is a flowchart illustrating a fourth image anti-hotlinking method according to another embodiment of the present invention;
FIG. 19 is a flowchart illustrating a fourth image anti-hotlinking method according to another embodiment of the invention;
FIG. 20 is a flowchart illustrating a fourth image anti-hotlinking method according to yet another embodiment of the invention;
fig. 21 is a schematic structural diagram of a first image anti-theft device according to an embodiment of the present invention;
fig. 22 is a schematic structural diagram of a first image anti-theft device according to another embodiment of the present invention;
fig. 23 is a schematic structural diagram of a first image anti-theft device according to yet another embodiment of the present invention;
fig. 24 is a schematic structural diagram of a first image anti-theft device according to yet another embodiment of the present invention;
FIG. 25 is a schematic structural diagram of a first image anti-theft device according to yet another embodiment of the present invention;
fig. 26 is a schematic structural diagram of a second image anti-theft device according to an embodiment of the present invention;
fig. 27 is a schematic structural diagram of a second image anti-theft device according to another embodiment of the present invention;
fig. 28 is a schematic structural diagram of a second image anti-theft device according to another embodiment of the present invention;
fig. 29 is a schematic structural diagram of a third image anti-theft device according to an embodiment of the present invention;
FIG. 30 is a schematic structural diagram of a third image anti-theft device according to another embodiment of the present invention;
fig. 31 is a schematic structural diagram of a third image anti-theft device according to another embodiment of the present invention;
FIG. 32 is a schematic structural diagram of a third image anti-theft device according to yet another embodiment of the present invention;
fig. 33 is a schematic structural diagram of a fourth image anti-theft chain device according to an embodiment of the present invention;
fig. 34 is a schematic structural diagram of a fourth image anti-theft chain device according to another embodiment of the present invention;
FIG. 35 is a schematic structural diagram of a fourth image anti-theft chain device according to yet another embodiment of the present invention;
FIG. 36 is a schematic structural diagram of a fourth image anti-theft device according to yet another embodiment of the present invention;
fig. 37 is a schematic structural diagram of an electronic device according to an embodiment of the present invention;
fig. 38 is a schematic structural diagram of another electronic device according to an embodiment of the invention;
fig. 39 is a schematic structural diagram of another electronic device according to an embodiment of the present invention;
fig. 40 is a schematic structural diagram of another electronic device according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be described below with reference to the drawings in the embodiments of the present invention.
Fig. 1 illustrates an exemplary system architecture 100 to which embodiments of an image anti-hotlinking method or apparatus of embodiments of the present invention may be applied.
As shown in fig. 1, the system architecture 100 may include terminal devices 101, 102, 103, a network 104, and a server 105. The network 104 serves as a medium for providing communication links between the terminal devices 101, 102, 103 and the server 105. Network 104 may include various connection types, such as wired, wireless communication links, or fiber optic cables, to name a few.
The user may use the terminal devices 101, 102, 103 to interact with the server 105 via the network 104 to receive or send messages or the like. The terminal devices 101, 102, 103 may have various communication client applications installed thereon, such as a web browser application, a shopping application, a search application, an instant messaging tool, a mailbox client, social platform software, and the like.
The terminal devices 101, 102, 103 may be various electronic devices having a display screen and supporting web browsing, including but not limited to smart phones, tablet computers, e-book readers, MP3 players (Moving Picture experts Group Audio Layer III, mpeg compression standard Audio Layer 3), MP4 players (Moving Picture experts Group Audio Layer IV, mpeg compression standard Audio Layer 4), laptop portable computers, desktop computers, and the like.
The server 105 may be a server providing various services, such as a background web server providing support for web pages displayed on the terminal devices 101, 102, 103. The background web server may analyze and perform other processing on the received data such as the web page request, and feed back a processing result (e.g., web page data) to the terminal device.
As shown in fig. 1, a server 105 is communicatively connected to terminals such as 101, 102, and 103. Since the storage space of the user's terminal is limited, many users are accustomed to storing data such as a large number of images in the server 105 through the terminal or backing up data such as images stored in the terminal in the server 105.
It can be understood that, because the server 105 in the network can be accessed by multiple terminals simultaneously, and the network environment is complex and variable, when the server 105 receives an image uploaded by a terminal, or the server 105 stores the image, there may be a risk that the image is stolen by an illegal user, and further image data of the user may be leaked, so that the security of the image is low.
To facilitate understanding of the solution provided by the embodiment of the present invention, it should be first explained that the server 105 in the embodiment of the present invention is a server capable of storing images, and the server 105 provides a service of storing and/or downloading images to the terminal. The terminal is a terminal device used by a user, the terminal can perform data communication with the server 105, can store a local image in the server 105, and can download the image from the server 105, there may be a plurality of terminals in the network, and there may also be a plurality of servers 105.
In a first implementation manner in the embodiment of the present invention, when any terminal uploads an image to be processed to the server 105, the server 105 acquires the image to be processed, and then the server 105 extracts an image block to be encrypted from the image to be processed; then, the server 105 encrypts the image block to be encrypted to obtain an encrypted image block; finally, combining the encrypted image block and the unencrypted image block to obtain an encrypted image; it is understood that the image to be processed includes all of the image blocks to be encrypted and the image blocks not to be encrypted.
Correspondingly, when the terminal needs to obtain the to-be-processed image from the server 105, the image obtained by the terminal is necessarily the encrypted image, and the encrypted image includes the encrypted image block and the unencrypted image block. In order to obtain a decrypted image corresponding to the encrypted image; the terminal first downloads the encrypted image from the server 105; extracting an encrypted image block from the encrypted image; then, decrypting the extracted encrypted image block to obtain a decrypted image block, namely the image block to be encrypted; and finally, combining the decrypted image block and the unencrypted image block to obtain a decrypted image.
In a second implementation manner in the embodiment of the present invention, when any terminal uploads an image to be processed to the server 105, the server 105 acquires the image to be processed, and then the server 105 divides the image to be processed into an image block to be encrypted and a plurality of unencrypted image blocks; then, the server 105 encrypts the arrangement information before the to-be-encrypted image block and the plurality of unencrypted image blocks are rearranged to obtain an encrypted image block; and finally, combining the encrypted image block and the unencrypted image block to obtain the encrypted image.
Correspondingly, when the terminal needs to obtain the to-be-processed image from the server 105, the image obtained by the terminal is necessarily the encrypted image, and the encrypted image includes the encrypted image block and the unencrypted image block. In order to obtain a decrypted image corresponding to the encrypted image; the terminal first downloads the encrypted image from the server 105; extracting an encrypted image block from the encrypted image; then, decrypting the encrypted image block to obtain image block arrangement information and a decrypted image block of the unencrypted image block; finally, the server 105 arranges the unencrypted image blocks according to the image block arrangement information, and combines the arranged unencrypted image blocks with the arranged decrypted image blocks to obtain a decrypted image.
As can be seen from the above description, the server 105 extracts the image blocks to be encrypted from the image to be processed that needs to be stored, and encrypts the extracted image blocks to be encrypted, but does not encrypt the unencrypted image blocks obtained after the image blocks to be encrypted are extracted from the image to be processed, that is, the encrypted image blocks are part of the image to be processed, which not only saves the time required by the encryption operation, but also prevents the external device from directly obtaining a complete image to be processed according to the encrypted image even if the finally obtained encrypted image is leaked due to the existence of the encryption operation, and therefore, the security of the image to be processed stored in the server 105 is high.
The present invention will be described in detail below with reference to specific examples.
Fig. 2 is a first flowchart of a first image anti-hotlinking method according to an embodiment of the present invention, where the method is used in the server, and as shown in fig. 2, the method includes the steps of:
s101: acquiring an image to be processed;
as can be understood by those skilled in the art, on one hand, the storage space of the terminal is often limited, a large amount of images stored in the terminal occupy a large amount of storage space of the terminal, which causes the terminal to be jammed, and the user cannot often view the images stored in the terminal; on the other hand, once the terminal is damaged or lost, the images stored in the terminal will be lost; for the reasons of the above two aspects, the user wants to synchronize the image stored in the terminal to a server in the network for backup.
The terminal uploads the image to the server, namely the server can receive the image uploaded by the terminal, namely the server acquires the image uploaded by the terminal; in the scheme provided by each embodiment of the invention, the image uploaded by the terminal is called as an image to be processed.
S102: and extracting the image blocks to be encrypted from the images to be processed.
It should be noted that the number of the to-be-encrypted image blocks extracted from the to-be-processed image is at least one, the specific extraction number may be preset based on an actual situation, meanwhile, the size of the to-be-encrypted image block may also be preset according to the actual situation, and the respective sizes of any two to-be-encrypted image blocks extracted from the same to-be-processed image may be the same or different.
Of course, since the image sizes of different images to be processed are different, an encryption ratio can be directly preset, so that the sum of the sizes of all the extracted image blocks to be encrypted is equal to the product of the size of the image to be processed and the encryption ratio. That is, the step of extracting the image block to be encrypted from the image to be processed (S102) may be: and extracting the image blocks to be encrypted from the image to be processed according to a preset encryption proportion.
In one case, the size of each extracted image block to be encrypted is the same, for example, the preset encryption ratio is 5%, and the size of the image to be processed is 10Mb, then 5 image blocks to be encrypted with the same size can be extracted from the image to be processed, and the size of each image block to be encrypted is 0.1 Mb.
In another case, the size of each extracted image block to be encrypted may be different, for example, the preset encryption ratio is 5%, and the size of the image to be processed is 10Mb, then 5 image blocks to be encrypted may be randomly extracted under the condition that the sum of the sizes of the extracted 5 image blocks to be encrypted is 0.5Mb, and finally, the sizes of the extracted 5 image blocks to be encrypted are 0.08Mb, 0.11Mb, 0.09Mb, 0.12Mb, and 0.1Mb, respectively.
S103: and encrypting the image block to be encrypted to obtain an encrypted image block.
It can be understood that, in the above-mentioned Encryption process for the image block to be encrypted, a corresponding Encryption rule (or Encryption Algorithm) needs to be adopted, for example, DES (Data Encryption Standard), 3DES (triple DES), IDEA (International Data Encryption Algorithm), and the like. The process and principle of encrypting the image block to be encrypted by the server are the same as those of the conventional method, the specific encryption process can refer to the prior art, and the specific encryption process is not described in detail in the embodiment of the invention.
After the image block to be encrypted is encrypted, the obtained encrypted image block may be a string of character strings, may also be a compressed packet, and may also be a segment of data stream, so that the embodiment of the present invention does not make explicit limitations on the specific form of the encrypted image block.
It should be noted that, in practical applications, all the image blocks to be encrypted may be encrypted as a whole to obtain an encrypted image block, that is, the obtained encrypted image block includes all the image blocks to be encrypted; of course, each to-be-encrypted image block may be encrypted, for example, 3 to-be-encrypted image blocks are extracted from the to-be-processed image, and then 3 encrypted image blocks respectively corresponding to the 3 to-be-encrypted image blocks may be finally obtained.
S104: combining the encrypted image block and the unencrypted image block to obtain an encrypted image; the image to be processed comprises an image block to be encrypted and an unencrypted image block.
It should be noted that, after the to-be-encrypted image blocks are extracted from the to-be-processed image, the remaining portions of the to-be-processed image are a plurality of image blocks, and in the embodiment of the present invention, the remaining image blocks are called as unencrypted image blocks, and of course, the sizes of the unencrypted image blocks are not limited to be the same or different. It can be understood that the to-be-processed image can be obtained by combining each to-be-encrypted image block and each unencrypted image block according to the image block arrangement sequence of each to-be-encrypted image block and each unencrypted image block in the to-be-processed image.
As can be seen from step S103, in order to increase the encryption speed and save the time and resources consumed by the encryption operation, only the extracted to-be-encrypted image block is encrypted, but not the unencrypted image block, but to ensure the integrity of the to-be-processed image, so that the uploaded to-be-processed image can be restored to the to-be-processed image after being downloaded by the terminal, the encrypted image block and the unencrypted image block need to be combined to obtain the encrypted image.
In practical application, considering that the encrypted image blocks and the unencrypted image blocks are independent parts, in order to distinguish the encrypted image blocks from the unencrypted image blocks, the terminal can conveniently obtain an original image to be processed by restoring the encrypted image, and in the obtained encrypted image, a separation identifier is arranged between any two image blocks, so that after the uploaded image to be processed is downloaded by the terminal, the terminal identifies each image block through the separation identifier, and the image to be processed is finally restored. Of course, the embodiments of the present invention do not limit the specific form of the separation marks.
Therefore, in the scheme provided by this embodiment, the server extracts the to-be-encrypted image block from the to-be-processed image to be stored, and encrypts the extracted to-be-encrypted image block, but does not encrypt the unencrypted image block, that is, the encrypted image block is a part of the to-be-processed image, so that not only is the time required by the encryption operation saved, but also due to the existence of the encryption operation, even if the finally obtained encrypted image is leaked, the external device cannot directly obtain a complete to-be-processed image according to the encrypted image, and therefore, the to-be-processed image stored in the server needs to be high in security.
It can be understood that, in an encrypted image obtained by combining encrypted image blocks and unencrypted image blocks, the order of each unencrypted image block is not fixed and chaotic, so that the more the number of unencrypted image blocks is, the more difficult it is to find the correct order of all unencrypted image blocks, i.e. the higher the security of the encrypted image is. On the basis of the embodiment of the method shown in fig. 2, the step of extracting the image block to be encrypted (S102) from the image to be processed may include:
dividing an image to be processed into a plurality of first image blocks;
and respectively extracting a second image block from each first image block, and taking the second image block as an image block to be encrypted, wherein the second image block accounts for a preset proportion in the first image blocks.
Namely, the first image hotlink protection method provided in this embodiment, as shown in fig. 3, includes the following steps S201 to S205.
S201: and acquiring an image to be processed.
S202: the image to be processed is divided into a plurality of first image blocks.
Specifically, whether the size of each of the first image blocks obtained by the division is the same and the number of the first image blocks may be preset according to an actual situation. For example, the number of the first image blocks obtained by dividing is preset according to the size of the image to be processed, and when the size of the image to be processed is less than or equal to 1Mb (mega), the number of the first image blocks may be 3; the number of first image blocks may be 4 when the size of the image to be processed is within the range of (1Mb, 5 Mb), and the number of first image blocks may be 5 when the size of the image to be processed is within the range of (5Mb, 10 Mb).
In consideration of the complexity of the operation, the number of the first image blocks may be set to be between 3 and 5, which is, of course, only an empirical value, and the application does not explicitly limit the specific number of the first image blocks.
The size of each first image block obtained by segmentation may be different, for example, the image to be processed is randomly segmented into 3 first image blocks with different sizes; of course, the size of each first image block obtained by the division may be the same, and as shown in fig. 4, the image to be processed is uniformly divided into 3 first image blocks with the same size: a first image block a, a first image block B and a first image block C.
Note that the first image blocks obtained by division are not strictly arranged in the order, and the first image blocks shown in fig. 4 are arranged in the order of the first image block a → B → C, and in addition to this, the first image blocks may be arranged in the order of the first image block a → C → B, the first image block B → C → a, and the first image block B → a → C, and the like, and the order of the first image blocks obtained by division is not specifically limited in the present application.
S203: and respectively extracting a second image block from each first image block, and taking the second image block as an image block to be encrypted, wherein the second image block accounts for a preset proportion in the first image blocks.
The second image blocks occupy a preset proportion in the first image blocks, and it can be understood that the proportion of the second image blocks extracted from the first image blocks in the first image blocks is a preset proportion no matter which first image block is used.
For example, referring to fig. 5, which is a schematic diagram illustrating a process of extracting an image block to be encrypted according to an embodiment of the present invention, for a first image block a, an image block that occupies 5% of the size of the first image block a, that is, a second image block a2 in the drawing, is extracted from the first image block a and is used as an image block to be encrypted; it will be understood that the second image block a2 is extracted from the first image block a, and then one image block remains before and after the extracted second image block a2 in the first image block a, i.e. the image blocks a1 and A3 in the figure, and obviously, the image blocks a1 and A3 may be regarded as two unencrypted image blocks.
In the same principle, for the first image block B and the first image block C, the image blocks to be encrypted, that is, the second image block B2 and the second image block C2 in fig. 5, are extracted respectively, and after the second image block B2 and the second image block C2 are extracted, the remaining image blocks B1, B3, C1, and C3 are extracted. As shown in fig. 5, for the first image block A, B, C, the respectively extracted image blocks to be encrypted include: the second image blocks a2, B2, and C2, the extracting of the unencrypted image block obtained after the image block to be encrypted includes: image blocks a1, A3, B1, B3, C1, and C3.
It can be understood that, compared with the example of fig. 5, if the above-mentioned to-be-processed image is not divided, and 3 to-be-encrypted image blocks are directly extracted from the to-be-processed image, the number of the remaining unencrypted image blocks is at most 4, which is less than 6 in the example of fig. 5, the number of the unencrypted image blocks is large, the correct arrangement order of all the unencrypted image blocks is not easy to find, and the security of the encrypted image is high.
S204: and encrypting the image block to be encrypted to obtain an encrypted image block.
S205: combining the encrypted image block and the unencrypted image block to obtain an encrypted image; the image to be processed comprises an image block to be encrypted and an unencrypted image block.
It is understood that the steps S201, S204, and S205 are respectively the same as the steps S101, S103, and S104 in the method embodiment shown in fig. 2, and the specific contents and explanations of the steps S201, S204, and S205 are detailed in the method embodiment shown in fig. 2, and the embodiment of the present invention is not described again here.
As can be seen from the above, in this embodiment, under the condition that the number of the extracted to-be-encrypted image blocks is fixed, since the to-be-processed image is divided, the number of the remaining unencrypted image blocks is larger, and it is not easy for other devices to find out the correct arrangement order of all the unencrypted image blocks, so that the security of the encrypted image is higher.
Combining the above contents, after extracting the image blocks to be encrypted from the image to be processed, each unencrypted image block remains, if the image to be processed is to be restored, each image block to be encrypted and each unencrypted image block need to be recombined according to the image block arrangement information in the image to be processed, and the image to be processed can be obtained.
For example, all the image blocks to be encrypted are the image block 1, the image block 3 and the image block 5, all the image blocks not to be encrypted are the image block 2, the image block 4, the image block 6 and the image block 7, and the image block arrangement information indicates that the correct arrangement sequence of all the image blocks is the image blocks 1 to 7, so that after any device obtains the image blocks to be encrypted and the image blocks not to be encrypted, the image blocks 1 to 7 are combined according to the correct arrangement sequence of all the image blocks indicated by the image block arrangement information, and the image to be processed can be obtained.
The image block arrangement information may be stored in the server and the respective terminals; the image block arrangement information may also be directly used as a part of the encrypted image, that is, the encrypted image at least comprises the unencrypted image block, the image block arrangement information and the encrypted image block.
It is understood that the order of positions between each encrypted image block and each unencrypted image block in the combined encrypted image may be random. Obviously, the above image block arrangement information is very important for restoring to obtain the to-be-processed image, and as a first implementation manner for combining the encrypted image block and the unencrypted image block in the embodiment of the present invention, on the basis of the method embodiment shown in fig. 2 or 3, the step of combining the encrypted image block and the unencrypted image block to obtain the encrypted image may include the following two steps:
rearranging the encrypted image blocks and the unencrypted image blocks;
combining the rearranged image blocks into an encrypted image; the image blocks in the encrypted image are connected through separators, and the metadata of the encrypted image carries image block arrangement information.
As shown in fig. 6, the first image hotlink protection method provided in this embodiment is based on the embodiment of the method shown in fig. 2, and includes the following steps S301 to S305.
S301: and acquiring an image to be processed.
S302: and extracting the image blocks to be encrypted from the images to be processed.
S303: and encrypting the image block to be encrypted to obtain an encrypted image block.
S304: the encrypted image blocks and the unencrypted image blocks are rearranged.
In the embodiment of the present invention, all the image blocks may be rearranged according to a preset rule, and of course, all the image blocks described herein include all encrypted image blocks and all unencrypted image blocks corresponding to the image to be processed.
For example, for any image to be processed, the server obtains encrypted image blocks identified as a2 ', B2 ' and C2 ' in sequence, and obtains unencrypted image blocks identified as a1, A3, B1, B3, C1 and C3 in sequence, where the preset rule requires that the order of rearranging all the image blocks is: a3, B2 ', a1, C1, B1, C2 ', B3, C3, and a2 ', the server rearranges the encrypted tiles and the unencrypted tiles according to the above preset rule.
Of course, in practical applications, the encrypted image blocks and the unencrypted image blocks may also be rearranged in other manners, and the embodiment of the present invention is not limited to the specific implementation manner of rearranging the encrypted image blocks and the unencrypted image blocks.
For example, the encrypted image blocks and the unencrypted image blocks may be rearranged in a random arrangement. Illustratively, the server obtains encrypted image blocks a-c and unencrypted image blocks 1-6 for an image to be processed, rearranges the encrypted image blocks and the unencrypted image blocks in a random arrangement manner, and the arrangement order of the rearranged encrypted image blocks and the rearranged unencrypted image blocks is as follows: an encrypted tile b, an unencrypted tile 3, an unencrypted tile 6, an unencrypted tile 1, an encrypted tile a, an encrypted tile c, an unencrypted tile 5, an unencrypted tile 4, and an unencrypted tile 2.
S305: combining the rearranged image blocks into an encrypted image; the image blocks in the encrypted image are connected through separators, and the metadata of the encrypted image carries image block arrangement information.
It should be emphasized that the metadata in the embodiment of the present invention is data generated for storing the image block arrangement information, which is different from the metadata used to describe the data attribute in the related art. Of course, the metadata in the embodiment of the present invention is a part of the encrypted image, and if the external device wants to know the image block arrangement information, the image block arrangement information needs to be extracted from the metadata.
In practical application, in order to distinguish each encrypted image block from each unencrypted image block so that the terminal can restore the encrypted image to obtain the original image to be encrypted, each encrypted image block and each unencrypted image block are considered to be independent parts.
It is understood that the separators are used to distinguish each image block after being divided, each image block is equivalent to a data stream, and if the separators are not used for marking, the device cannot correctly divide the encrypted image, i.e. cannot restore the encrypted image to the image to be processed. In the embodiment of the invention, the separators can be manually defined, and the separators can be identified by the equipment.
For example: in the encrypted images obtained after connection, the connection form between any encrypted image block and the adjacent unencrypted image block is 'encrypted image block/////unencrypted image block', and the '/////' in the above description is a separator which can separate two parts of contents of the encrypted image block and the unencrypted image block and has the function of separating and connecting the two parts of contents.
In addition, the encrypted image comprises two types of image blocks, namely an unencrypted image block and an encrypted image block, the image blocks of the same type can be connected by adopting one type of separator, and the image blocks of different types can be connected by adopting another type of separator.
Illustratively, the encrypted image blocks include image blocks a-c, and the unencrypted image blocks include image blocks 1-4, and the form of the connected encrypted image may specifically be: "image Block a! | A | A Image block c! | A | A Image block b///image block 4! | A | A Image block 2! | A | A Image block 1! | A | A Image block 3 ". It will be appreciated that "///" in the above description is a separator between different types of image blocks, "! | A | A "are separators between image blocks of the same type.
It should be noted that in practical applications, except where "////" and "! | A | A In addition to "as the separator,"/"," - "," \\ and "|", etc. may be used as the separator, which is reasonable, and therefore, the embodiment of the present invention does not explicitly limit the kind of the separator.
Illustratively, the form of the encrypted image obtained through the above process is specifically: "image Block 4! | A | A Image block 2! | A | A Image block 6///image block 5! | A | A Image block 1! | A | A Image block 7! | A | A Tile 3 "the server saves the encrypted image. Then, when the terminal accesses the server and downloads the above-mentioned encrypted image from the server, the terminal follows the delimiters "///" and "|! | A | A The method comprises the steps of distinguishing encrypted image blocks and unencrypted image blocks, decrypting the encrypted image blocks to obtain decrypted image blocks 2 ', 4 ' and 6 ' corresponding to the image blocks 2, 4 and 6 respectively, and combining the decrypted image blocks and the unencrypted image blocks in sequence to obtain the original image to be processed.
It is emphasized that, in the embodiment of the present invention, as described above, the image block arrangement information records the correct arrangement order of each image block to be encrypted and each unencrypted image block in the above image to be processed. The metadata of the encrypted image carries the image block arrangement information, that is, the server configures the image block arrangement information in the metadata of the encrypted image in the process of combining the encrypted image, so that even if the encrypted image block is extracted from the encrypted image and the encrypted image block is successfully decrypted after the external illegal device acquires the encrypted image, the external illegal device does not know that the image block arrangement information is extracted from the metadata of the encrypted image, and thus the external illegal device is difficult to recombine the decrypted image block and the unencrypted image block according to a correct arrangement order to obtain the image to be processed. The image block arrangement information is recorded in the metadata of the encrypted image, and the security of the encrypted image can be further ensured.
In practical application, as a specific implementation manner of the embodiment of the present invention, in order to further ensure the security of the image block arrangement information, the server may encode the image block arrangement information according to a predetermined encoding manner, and then store the encoded image block arrangement information in the metadata, so that even if an external illegal device acquires the encoded image block arrangement information, the encoded image block arrangement information cannot be decoded because the external illegal device cannot know the encoding manner, and therefore, the external illegal device still has difficulty in recombining the decoded decrypted image block and the unencrypted image block according to a correct arrangement order to obtain the image to be processed; the security of the encrypted image is further ensured.
Of course, in the embodiment of the present invention, the specific form of the above coding mode is not limited, and a person skilled in the art can completely code the image block arrangement information according to the existing feasible coding mode, and the embodiment of the present invention is not described in detail here.
As another specific implementation manner of the embodiment of the present invention, the server may further encrypt the image block arrangement information, and then store the encrypted image block arrangement information in the metadata, so that even if an external illegal device acquires the encrypted image block arrangement information, the external illegal device cannot acquire the encryption manner used by the encrypted image block arrangement information, which results in that the encrypted image block arrangement information cannot be decrypted, and thus it is still difficult for the external illegal device to recombine the decrypted image block and the unencrypted image block obtained by decryption according to a correct arrangement order to obtain the image to be processed; the security of the encrypted image is further ensured.
Of course, in the embodiment of the present invention, a specific form of an encryption algorithm used for encrypting the image block arrangement information is not limited, and a person skilled in the art can completely encrypt the image block arrangement information according to the existing feasible encryption algorithm, and the embodiment of the present invention is not described in detail here.
It is understood that the above steps S301 to S303 are respectively the same as steps S101 to S103 in the method embodiment shown in fig. 2, and the specific contents and explanations of steps S301 to S303 are detailed in the method embodiment shown in fig. 2, and the embodiment of the present invention is not described again here.
As described above, in the present embodiment, the image block arrangement information is stored in the metadata of the encrypted image, so that the terminal does not need to store the image block arrangement information, thereby reducing the occupation of the storage space of the terminal. In addition, the image block arrangement information is recorded in the metadata of the encrypted image, and the security of the encrypted image can be further ensured.
As a second implementation manner of combining the encrypted image block and the unencrypted image block in the embodiment of the present invention, on the basis of the embodiment of the method shown in fig. 2 or 3, the step of combining the encrypted image block and the unencrypted image block to obtain the encrypted image may further include the following two steps:
rearranging the unencrypted image blocks;
combining the rearranged unencrypted image blocks and the rearranged encrypted image blocks into an encrypted image; the image blocks in the encrypted image are connected through separators, and the metadata of the encrypted image carries image block arrangement information.
As shown in fig. 7, the first image hotlink protection method provided in this embodiment is based on the embodiment of the method shown in fig. 2, and includes the following steps S401 to S405.
S401: and acquiring an image to be processed.
S402: and extracting the image blocks to be encrypted from the images to be processed.
S403: and encrypting the image block to be encrypted to obtain an encrypted image block.
S404: the unencrypted image blocks are rearranged.
Unlike step S304 in the embodiment of the method shown in fig. 6, the image blocks rearranged in step S404 are all unencrypted image blocks, and the image blocks rearranged in step S304 include all unencrypted image blocks and all encrypted image blocks. Of course, the specific implementation manner of step S304 may refer to step S304 described above, and the embodiment of the present invention is not described herein again.
For example, all unencrypted image blocks may be rearranged in a random arrangement. Illustratively, the server obtains unencrypted image blocks 1 to 6 for the image to be processed, and rearranges the unencrypted image blocks in a random arrangement manner, wherein the arrangement order of the unencrypted image blocks after rearrangement is as follows: an unencrypted tile 3, an unencrypted tile 6, an unencrypted tile 1, an unencrypted tile 5, an unencrypted tile 4, and an unencrypted tile 2.
S405: combining the rearranged unencrypted image blocks and the rearranged encrypted image blocks into an encrypted image; the image blocks in the encrypted image are connected through separators, and the metadata of the encrypted image carries image block arrangement information.
For the related explanation and description of this step, reference may be made to step S305 in the method embodiment shown in fig. 6, which is not repeated herein.
It is understood that the above steps S401 to S403 are respectively the same as the steps S101 to S103 in the method embodiment shown in fig. 2, and the specific contents and explanations of the steps S401 to S403 are detailed in the method embodiment shown in fig. 2, and the embodiment of the present invention is not described again here.
As described above, in the present embodiment, the image block arrangement information is stored in the metadata of the encrypted image, so that the terminal does not need to store the image block arrangement information, thereby reducing the occupation of the storage space of the terminal. In addition, the image block arrangement information is recorded in the metadata of the encrypted image, and the security of the encrypted image can be further ensured.
On the basis of any one of the embodiments of the method shown in fig. 2, 3, 6 and 7, as shown in fig. 8, the first image hotlink prevention method may further include the following steps S105 and S106.
S105: a uniform resource locator, URL, of the encrypted image is generated.
As will be understood by those skilled in the art, after obtaining the encrypted image, the server may generate a Uniform Resource Locator (URL) for the encrypted image, for example, the server may generate a URL for the encrypted image: http:// pan. iqiiyi. com/s/1dFxhzK 9. The URL is the only identification of the encrypted image in the server, and after the terminal finishes uploading the image to be processed, the terminal can uniquely obtain the file corresponding to the URL by accessing the URL, namely the encrypted image.
S106: encrypting the URL to obtain an encrypted URL; the encryption mode of the URL is different from the encryption mode of the image block to be encrypted.
In order to further improve the security of the image to be processed, the generated URL may be encrypted, and similar to the encryption of the file, the encryption URL also needs to adopt an encryption rule, and common encryption rules include: DES, 3DES, IDEA, and so forth. Illustratively, a DES encryption algorithm may be used to encrypt a URL (i.e., http:// pan. iqiyi. com/s/1dFxhzK9), and the obtained encrypted URL may be a string of characters or a segment of data stream, so that the embodiment of the present invention does not explicitly limit the specific form of the encrypted URL.
The process and principle of encrypting the URL are the same as those of the existing mode, so the embodiment of the invention does not explain the specific encryption process of the URL in detail.
After obtaining the encrypted URL, the URL in the encrypted URL is invisible to the terminal, and if the encrypted URL cannot be decrypted, the terminal cannot download the encrypted image even if the terminal obtains the encrypted URL. If the terminal obtains the encrypted URL, the terminal decrypts the encrypted URL to obtain the URL (namely http:// pan. iqiyi. com/s/1dFxhzK9), so the terminal can access and download the encrypted image stored in the server according to the obtained URL to obtain the encrypted image, decrypt the encrypted image block in the encrypted image, and recombine the decrypted image block and the unencrypted image block obtained after decryption to obtain the original image to be processed.
As can be seen from the above, in the scheme of this embodiment, the URL corresponding to the image to be processed is encrypted to obtain the encrypted URL, so that the terminal needs to perform matching decryption after obtaining the encrypted URL to obtain the URL, and downloads the encrypted image stored in the server according to the obtained URL, thereby further improving the security of the image to be processed, and effectively reducing the risk of the image to be processed being leaked.
With respect to the first image hotlink protection method applied to the server shown in fig. 2, an embodiment of the present invention further provides a second image hotlink protection method applied to the server, as shown in fig. 9, where the method includes:
s501: and acquiring an image to be processed.
S502: the image to be processed is divided into an image block to be encrypted and a plurality of unencrypted image blocks.
In this step, the number and size of the image blocks to be encrypted and the image blocks not to be encrypted are not limited in the embodiment of the present invention, and in practical application, the segmentation rule may be preset according to the practical situation. Illustratively, the image to be processed is firstly divided into 7 image blocks, the 7 image blocks are respectively ordered to be 1-7, then the image blocks ordered to be 2, 4 and 6 are taken as the image blocks to be encrypted, and the image blocks ordered to be 1, 3, 5 and 7 are taken as the unencrypted image blocks.
S503: encrypting the image block to be encrypted and the image block arrangement information to obtain an encrypted image block; the image block arrangement information is arrangement information before a plurality of unencrypted image blocks are rearranged.
It should be particularly emphasized that, unlike step S103 in the method embodiment shown in fig. 2, the embodiment of the present invention simultaneously encrypts the image block to be encrypted and the image block arrangement information to obtain an encrypted image block. That is, the encrypted image blocks obtained in step S503 include the encrypted image blocks to be encrypted and the image block arrangement information.
It should be noted that the image block arrangement information is arrangement information before a plurality of unencrypted image blocks are rearranged, so in the embodiment of the present invention, after step S502 is executed, each obtained unencrypted image block may be rearranged; specifically, the obtained unencrypted image blocks may be rearranged according to a preset rule, for example, for any image to be processed, the unencrypted image blocks with the respective ranks of 1, 3, 5, and 7 are rearranged according to the preset rule, and the ranks of the unencrypted image blocks after rearrangement are 3, 7, 5, and 1; the obtained unencrypted image blocks may also be rearranged randomly, for example, the unencrypted image blocks with the respective ranks 1, 3, 5, and 7 may be rearranged randomly, and the ranks of the unencrypted image blocks after the rearrangement are 7, 1, 5, and 3.
In addition, the image block arrangement information in the embodiment is different from the image block arrangement information in the method embodiment shown in fig. 6, the image block arrangement information in the method embodiment shown in fig. 6 records the correct arrangement order of each image block to be encrypted and each unencrypted image block in the image to be processed, and the image block arrangement information in the embodiment of the invention records the correct arrangement order of each unencrypted image block in the image to be processed.
It can be understood that, in the image block arrangement information in the embodiment of the present invention, the correct arrangement order of each unencrypted image block in the to-be-processed image is recorded, but the correct arrangement order of each to-be-encrypted image block in the to-be-processed image is not recorded.
In order to facilitate restoring the to-be-processed image, in one case, the order of the to-be-encrypted image blocks is not rearranged, each to-be-encrypted image block is divided from a fixed position in the to-be-processed image block, for example, the number of the to-be-encrypted image blocks is 3, the first to-be-encrypted image block is divided between two unencrypted image blocks ordered as 1 and 3, and when image restoration is performed, the first to-be-encrypted image block is combined between two unencrypted image blocks ordered as 1 and 3 under the condition that each to-be-encrypted image block is obtained by decryption.
In another case, the correct arrangement order information of the to-be-encrypted image blocks may be recorded in the metadata of the embodiment of the method shown in fig. 6, that is, the correct arrangement order information of the to-be-encrypted image blocks is recorded in the metadata of the encrypted image, and the correct arrangement order information of each unencrypted image block is recorded in the encrypted image blocks, so that the terminal may complete image restoration based on the correct arrangement order information of the to-be-encrypted image blocks and the correct arrangement order information of each unencrypted image block.
In the embodiment of the present invention, step S103 may be referred to for specific implementation of step S503, and details of the embodiment of the present invention are not described herein.
S504: and combining the encrypted image block and the unencrypted image block to obtain an encrypted image.
It is understood that the steps S501 and S504 are respectively the same as the steps S101 and S104 in the method embodiment shown in fig. 2, and the specific contents and explanations of the steps S501 and S504 are detailed in the method embodiment shown in fig. 2, and the embodiment of the present invention is not repeated herein. Of course, different from step S104, in the present embodiment, the encrypted image block in step S504 further includes the above-mentioned image block arrangement information, but the execution process of step S504 is the same as that of step S104 in the method embodiment shown in fig. 2.
Illustratively, the encrypted image is in the form "encrypted image block///unencrypted image block 1! | A | A Unencrypted image block 2! | A | A Unencrypted image block 3! | A | A Unencrypted image block 4 ".
Therefore, in the scheme provided by this embodiment, the server encrypts the image block arrangement information and the to-be-encrypted image block obtained by dividing, but does not encrypt the unencrypted image block, that is, the encrypted image block is a part of the to-be-processed image, so that not only is the time required by the encryption operation saved, but also due to the existence of the encryption operation, even if the finally obtained encrypted image is leaked, the external device cannot directly combine the unencrypted image block to obtain the rough content of the to-be-processed image, that is, the complete to-be-processed image is directly obtained according to the encrypted image, and therefore, the security of the to-be-processed image stored in the server is high.
On the basis of the embodiment of the method shown in fig. 9, the step of dividing the image to be processed into an image block to be encrypted and a plurality of unencrypted image blocks may include:
dividing an image to be processed into a plurality of first image blocks;
and respectively extracting a second image block from each first image block, taking the second image block as an image block to be encrypted, taking the image blocks except the second image block in the first image blocks as a plurality of unencrypted image blocks, wherein the second image blocks account for a preset proportion in the first image blocks.
That is, the second image hotlink protection method provided in this embodiment, as shown in fig. 10, includes the following steps S601-S605.
S601: and acquiring an image to be processed.
S602: the image to be processed is divided into a plurality of first image blocks.
S603: and respectively extracting a second image block from each first image block, taking the second image block as an image block to be encrypted, taking the image blocks except the second image block in the first image blocks as a plurality of unencrypted image blocks, wherein the second image blocks account for a preset proportion in the first image blocks.
S604: encrypting the image block to be encrypted and the image block arrangement information to obtain an encrypted image block; the image block arrangement information is arrangement information before a plurality of unencrypted image blocks are rearranged.
S605: and combining the encrypted image block and the unencrypted image block to obtain an encrypted image.
It is understood that steps S601, S604, and S605 are respectively the same as steps S501, S503, and S504 in the method embodiment shown in fig. 9, and the specific contents and explanations of steps S601, S604, and S605 are detailed in the method embodiment shown in fig. 9, and the embodiment of the present invention is not repeated herein. Steps S602 and S603 are the same as steps S202 and S203 in the embodiment of the method shown in fig. 3, respectively, and the detailed contents and explanations of steps S602 and S603 are shown in the embodiment of the method shown in fig. 3, and the embodiment of the present invention is not repeated here again.
As can be seen from the above, in this embodiment, under the condition that the number of the extracted to-be-encrypted image blocks is fixed, since the to-be-processed image is divided, the number of the remaining unencrypted image blocks is larger, and it is not easy for other devices to find out the correct arrangement order of all the unencrypted image blocks, so that the security of the encrypted image is higher.
On the basis of any one of the method embodiments shown in fig. 9 or 10, the image blocks in the encrypted image are connected by separators, and the image block arrangement information is stored in the metadata.
For specific implementation of this example, reference may be made to relevant explanation and description of step S305 in the method embodiment shown in fig. 6, and details of the embodiment of the present invention are not described herein again.
In this embodiment, the separator is used to divide the encrypted image, so that the device can restore the encrypted image to the image block of the to-be-processed image; in addition, the image block arrangement information is stored in the metadata of the encrypted image, so the terminal does not need to store the image block arrangement information, and the occupation of the storage space of the terminal is reduced. In addition, by recording the image block arrangement information in the metadata of the encrypted image, the security of the encrypted image can be further ensured.
On the basis of any one of the above embodiments of the second image hotlink protection method applied to the server, as shown in fig. 11, the second image hotlink protection method provided in this embodiment may further include the following steps S505 and S506.
S505: generating a Uniform Resource Locator (URL) of the encrypted image;
s506: encrypting the generated URL to obtain an encrypted URL; the encryption mode of the URL is different from the encryption mode of encrypting the image blocks to be encrypted and the image block arrangement information.
It is understood that the steps S505 and S506 are respectively the same as the steps S105 and S106 in the method embodiment shown in fig. 8, and the specific contents and explanations of the steps S505 and S506 are detailed in the method embodiment shown in fig. 8, which is not repeated herein.
As can be seen from the above, in the scheme of this embodiment, the URL corresponding to the image to be processed is encrypted to obtain the encrypted URL, so that the terminal needs to perform matching decryption after obtaining the encrypted URL to obtain the URL, and downloads the encrypted image stored in the server according to the obtained URL, thereby further improving the security of the image to be processed, and effectively reducing the risk of the image to be processed being leaked.
Corresponding to the first image hotlink protection method applied to the server shown in fig. 2, the embodiment of the present invention further provides a third image hotlink protection method applied to the terminal, as shown in fig. 12, the second image hotlink protection method includes the following steps S701-S704:
s701: an encrypted image is obtained, the encrypted image comprising encrypted image blocks and unencrypted image blocks.
It is understood that the encrypted image may be obtained by the method embodiment shown in fig. 2, which includes the unencrypted image block and the encrypted image block. The encrypted image is stored in the server, so the terminal can download the encrypted image from the server; specifically, when the terminal downloads the encrypted image from the server, a URL request for the encrypted image may be first sent to the image, then the server sends a URL corresponding to the encrypted image to the image, and then the terminal accesses the server based on the URL to obtain the encrypted image by downloading.
S702: an encrypted image block is extracted from the encrypted image.
The encrypted image comprises encrypted image blocks and unencrypted image blocks, and the terminal can extract the encrypted image blocks from the encrypted image. Corresponding to the embodiment of the method shown in fig. 2, a division identifier is arranged between any two image blocks in the encrypted image, and in this case, the terminal can completely split the encrypted image according to the division identifier and then extract the split encrypted image block.
S703: and decrypting the encrypted image block to obtain a decrypted image block.
It can be understood that the encrypted image block is obtained by decrypting the image block to be encrypted by the server, and the encryption process uses an encryption rule, so to decrypt the encrypted image block, a decryption rule matching the encryption rule needs to be adopted. It is reasonable that the terminal can make a communication connection with a server storing an encrypted image, and at the same time, the terminal has a decryption rule matching the encryption rule.
S704: and combining the decrypted image block and the unencrypted image block to obtain a decrypted image.
That is, the terminal combines each image block to be encrypted and each unencrypted image block according to the image block arrangement information of each decrypted image block and each unencrypted image block to obtain a decrypted image, and obviously, the decrypted image corresponds to an image to be processed in the embodiment of the method shown in fig. 2.
Therefore, in the scheme provided by this embodiment, after the terminal acquires the encrypted image from the server, it needs to decrypt the encrypted image block in the encrypted image, and then combines the decrypted image block and the unencrypted image block that are finally obtained, because the decryption operation is only for the image block to be encrypted, the content of decryption is small, the decryption speed is high, the time required for decryption is short, and if the encrypted image block in the encrypted image is not decrypted, a complete decrypted image cannot be obtained, so that the security of the encrypted image is high.
On the basis of the embodiment of the method shown in fig. 12, as an implementation manner of the embodiment of the present invention, the image blocks in the encrypted image may be connected by separators; the step of extracting the encrypted image block from the encrypted image may include the following two steps:
splitting the encrypted image into image blocks by separators;
and acquiring the encrypted image blocks in each image block.
Namely, the third image hotlink protection method provided in this embodiment, as shown in fig. 13, the method includes the following steps S801 to S805.
S801: an encrypted image is obtained, the encrypted image comprising encrypted image blocks and unencrypted image blocks.
S802: the encrypted image is split into individual image blocks by separators.
Corresponding to the above-mentioned method embodiment shown in fig. 6, it can be understood that each encrypted image block and each unencrypted image block in the encrypted image are connected by a separator, and the terminal corresponds to the server, so that the terminal can know the specific separator used for separating each encrypted image block and each unencrypted image block, so that the terminal can recognize the separator used from the encrypted image and split the encrypted image into the image blocks by the separators, that is, the encrypted image is split into the encrypted image blocks and the unencrypted image blocks which form the encrypted image.
S803: and acquiring the encrypted image blocks in each image block.
It is understood that after splitting the encrypted image, the terminal may easily acquire the encrypted image block from each image block according to the prior art, for example, for each image block obtained by splitting, determine whether the image block is encrypted, if so, determine that the image block is an encrypted image block, and acquire the image block.
S804: and decrypting the encrypted image block to obtain a decrypted image block.
S805: and combining the decrypted image block and the unencrypted image block to obtain a decrypted image.
It is understood that steps S801, S804, and S805 are respectively the same as steps S701, S703, and S7404 in the method embodiment shown in fig. 12, and specific contents and explanations of steps S801, S804, and S805 are detailed in the method embodiment shown in fig. 12, and are not repeated herein.
Therefore, the terminal can distinguish each encrypted image block and each unencrypted image block in the encrypted image through the separators, and for other illegal devices, the terminal cannot know the separators used in the encrypted image, so that the encrypted image is difficult to split, and the security of the encrypted image is high.
On the basis of the embodiment of the method shown in fig. 12 or fig. 13, the step of combining the decrypted image block and the unencrypted image block to obtain the decrypted image may include:
acquiring image block arrangement information carried by metadata of the encrypted image;
and reordering each image block in the encrypted image according to the image block arrangement information, and combining the decrypted image block and the unencrypted image block which are ordered into a decrypted image.
For example, on the basis of the embodiment of the method shown in fig. 12, the third image anti-stealing link method provided by this embodiment, as shown in fig. 14, includes the following steps S901-S905.
S901: an encrypted image is obtained, the encrypted image comprising encrypted image blocks and unencrypted image blocks.
S902: an encrypted image block is extracted from the encrypted image.
S903: and decrypting the encrypted image block to obtain a decrypted image block.
S904: and acquiring image block arrangement information carried by metadata of the encrypted image.
Corresponding to the method embodiment shown in fig. 6, it can be understood that the terminal corresponds to the server, and the terminal can know in advance that the image block arrangement information is recorded in the metadata of the encrypted image.
Of course, corresponding to a specific implementation manner of the method embodiment shown in fig. 6, the server may encode the image block arrangement information according to a predetermined encoding manner, and then store the encoded image block arrangement information in the metadata; the terminal corresponds to the server, so that the terminal can acquire the decoding mode corresponding to the preset coding mode. After extracting the coded image block arrangement information from the metadata of the encrypted image, the terminal decodes the coded image block arrangement information to directly obtain the uncoded image block arrangement information.
Corresponding to another specific implementation manner of the method embodiment shown in fig. 6, the server may further encrypt the image block arrangement information, and then store the encrypted image block arrangement information in the metadata; and the terminal corresponds to the server, so that the terminal can acquire the encryption algorithm adopted by the server for encrypting the image block arrangement information. And after the terminal extracts the encrypted image block arrangement information from the metadata of the encrypted image, decrypting the encrypted image block arrangement information to directly obtain the unencrypted image block arrangement information.
S905: and reordering each image block in the encrypted image according to the image block arrangement information, and combining the ordered decrypted image block and the unencrypted image block into a decrypted image.
Illustratively, all decrypted image blocks include an image block 1, an image block 3 and an image block 5, all unencrypted image blocks include an image block 2, an image block 4, an image block 6 and an image block 7, and the image block arrangement information indicates that the correct arrangement order of all image blocks is image blocks 1 to 7, so that the terminal combines all decrypted image blocks and unencrypted image blocks according to the correct arrangement order of all image blocks 1 to 7 indicated by the image block arrangement information, and a decrypted image can be obtained.
It is understood that the above steps S901 to S903 are respectively the same as the steps S701 to S703 in the method embodiment shown in fig. 12, and the specific contents and explanations of the steps S901 to S903 are detailed in the method embodiment shown in fig. 12, which is not repeated herein.
Illustratively, as shown in fig. 15, for a certain encrypted image, the terminal obtains an unencrypted image block: tile C3, tile A3, tile C1, tile B3, tile B1, tile a1, and decrypted tile: tile a2, tile C2, tile B2; meanwhile, the terminal decrypts the metadata of the encrypted image to obtain the image block arrangement information: a1, a2, A3, B1, B2, B3, C1, C2, C3 ". The terminal arranges and combines the image blocks at corresponding positions according to the image block arrangement information to obtain a decrypted image.
As described above, in the present embodiment, the image block arrangement information is stored in the metadata of the encrypted image, so that the terminal does not need to store the image block arrangement information, thereby reducing the occupation of the storage space of the terminal. In addition, since the image block arrangement information is recorded in the metadata of the encrypted image, an external unauthorized device does not know to extract the image block arrangement information from the metadata of the encrypted image, and the security of the encrypted image can be further ensured.
On the basis of any of the embodiments of the method shown in fig. 12 to 14, the step of obtaining the encrypted image may include:
acquiring an encrypted URL corresponding to the encrypted image, wherein the encrypted URL is an encrypted uniform resource locator;
decrypting the encrypted URL to obtain the URL of the encrypted image;
and downloading the encrypted image based on the URL of the encrypted image.
For example, on the basis of the embodiment of the method shown in fig. 12, the third image hotlink prevention method provided by the present embodiment, as shown in fig. 16, includes the following steps S1001-S1006.
S1001: and acquiring an encrypted URL corresponding to the encrypted image, wherein the encrypted URL is an encrypted uniform resource locator.
After the terminal sends the URL request corresponding to the decrypted image to the server, the server sends the encrypted URL to the terminal, namely the terminal obtains the encrypted URL corresponding to the encrypted image.
S1002: and decrypting the encrypted URL to obtain the URL of the encrypted image.
The URL of the encrypted image is encrypted by the server, and the terminal corresponds to the server, so that the terminal can know a decryption algorithm corresponding to the encryption algorithm used to encrypt the encrypted image. For example, after the terminal and the server establish a corresponding relationship, the server sends the decryption algorithm to the terminal, and the terminal records the decryption algorithm locally.
S1003: and downloading the encrypted image based on the URL of the encrypted image.
After the terminal decrypts and obtains the URL, an image downloading request carrying the URL may be sent to the server, and after receiving the image downloading request, the server finds an encrypted image corresponding to the URL, and sends the encrypted image to the terminal, thereby completing the step of downloading the encrypted image by the terminal.
S1004: an encrypted image block is extracted from the encrypted image.
S1005: and decrypting the encrypted image block to obtain a decrypted image block.
S1006: and combining the decrypted image block and the unencrypted image block to obtain a decrypted image.
It is understood that the above steps S1004-S1006 are respectively the same as the steps S702-S704 in the method embodiment shown in fig. 12, and the specific contents and explanations of the steps S1004-S1006 are detailed in the method embodiment shown in fig. 12, and the embodiment of the present invention is not described again here.
As can be seen from the above, in the solution of the present embodiment, the terminal needs to perform decryption after obtaining the encrypted URL to obtain the URL, and downloads the encrypted image stored in the server according to the obtained URL, so that the security of the encrypted image is high.
Corresponding to the second image hotlink protection method applied to the server shown in fig. 9, an embodiment of the present invention further provides a fourth image hotlink protection method, where the fourth method is applied to a terminal, as shown in fig. 17, and includes:
s1101: an encrypted image is obtained, the encrypted image comprising encrypted tiles and unencrypted tiles.
S1102: an encrypted image block is extracted from the encrypted image.
It is understood that the above steps S1101-S1102 are respectively the same as steps S701-S702 in the method embodiment shown in fig. 12, and the specific contents and explanations of steps S1101-S1102 are shown in the method embodiment shown in fig. 12, and are not repeated herein.
S1103: and decrypting the encrypted image block to obtain the image block arrangement information of the unencrypted image block and the decrypted image block.
In combination with step S503 in the method embodiment shown in fig. 9, different from the method embodiment shown in fig. 12, it can be understood that the encrypted image blocks in this embodiment include encrypted decrypted image blocks and the image block arrangement information of the unencrypted image blocks.
S1104: and arranging the unencrypted image blocks according to the image block arrangement information, and combining the arranged unencrypted image blocks and the decrypted image blocks to obtain a decrypted image.
The image block arrangement information in the embodiment of the present invention records the correct arrangement order of each unencrypted image block in the to-be-processed image, but does not record the correct arrangement order of each to-be-encrypted image block in the to-be-processed image.
In order to obtain the decrypted image, in one case, the order of the decrypted image blocks is not rearranged when the decrypted image blocks are encrypted by the server, each decrypted image block is divided from a fixed position in the to-be-processed image block of the foregoing embodiment, for example, the number of the decrypted image blocks is 3, the first decrypted image block is divided from between two unencrypted image blocks ordered as 1 and 3, and in the case of decrypting each of the decrypted image blocks, the first decrypted image block is combined between two unencrypted image blocks ordered as 1 and 3.
In another case, the correct arrangement order information of the decrypted image blocks may be recorded in the metadata, that is, the correct arrangement order information of the image blocks to be encrypted is recorded in the metadata of the encrypted image, and the correct arrangement order information of each unencrypted image block is recorded in the encrypted image block, so that the terminal may complete image restoration based on the correct arrangement order information of the image blocks to be encrypted and the correct arrangement order information of each unencrypted image block.
Illustratively, the encrypted image is in the form "encrypted image block///unencrypted image block a! | A | A Unencrypted image block b! | A | A Unencrypted image block c! | A | A The terminal extracts the encrypted image block from the encrypted image and decrypts the encrypted image block to obtain the decrypted image block and the image block arrangement information, namely the unencrypted image block e! | A | A Unencrypted image block f! | A | A Unencrypted image block g///image block arrangement information ". The correct arrangement sequence of the image block arrangement information record unencrypted image blocks a-d obtained by decryption is respectively as follows: 3. 7, 1, 5; in addition, the correct arrangement order of the decrypted image blocks e-g recorded in the metadata of the encrypted image is respectively as follows: 4. 6, 2; the terminal follows the image blocks as follows: and sequentially arranging and combining the unencrypted image block c, the decrypted image block g, the unencrypted image block a, the decrypted image block e, the unencrypted image block d, the decrypted image block f and the unencrypted image block b to obtain a decrypted image.
Therefore, in the scheme provided by this embodiment, after the terminal acquires the encrypted image from the server, it needs to decrypt the encrypted image block in the encrypted image, and then combines the decrypted image block and the unencrypted image block that are finally obtained, because the decryption operation is only for the image block to be encrypted, the content of decryption is small, the decryption speed is high, the time required for decryption is short, and if the encrypted image block in the encrypted image is not decrypted, a complete decrypted image cannot be obtained, so that the security of the encrypted image is high.
On the basis of the embodiment of the method shown in fig. 17, as an implementation manner of the embodiment of the invention, the image blocks in the encrypted image are connected by separators; the step of extracting the encrypted image block from the encrypted image may include:
splitting the encrypted image into image blocks by separators;
and acquiring the encrypted image blocks in each image block.
Namely, the fourth image hotlink prevention method provided in this embodiment, as shown in fig. 18, the method includes the following steps S1201 to S1205.
S1201: acquiring an encrypted image, wherein the encrypted image comprises an encrypted image block and an unencrypted image block;
s1202: splitting the encrypted image into image blocks by separators;
s1203: acquiring an encrypted image block in each image block;
s1204: decrypting the encrypted image block to obtain image block arrangement information and a decrypted image block of the unencrypted image block;
s1205: and arranging the unencrypted image blocks according to the image block arrangement information, and combining the arranged unencrypted image blocks and the decrypted image blocks to obtain a decrypted image.
It is understood that steps S1201, S1204, and S1205 are respectively the same as steps S1101, S1103, and S1104 in the method embodiment shown in fig. 17, and the specific content and explanation of steps S1201, S1204, and S1205 are detailed in the method embodiment shown in fig. 17, and the embodiment of the present invention is not described again here. In addition, the above steps S1202 and S1203 are respectively the same as steps S802 and S803 in the method embodiment shown in fig. 13, and the specific contents and explanations of steps S1202 and S1203 are detailed in the method embodiment shown in fig. 13, and the embodiment of the present invention is not repeated herein.
Therefore, the terminal can distinguish each encrypted image block and each unencrypted image block in the encrypted image through the separators, and for other illegal devices, the terminal cannot know the separators used in the encrypted image, so that the encrypted image is difficult to split, and the security of the encrypted image is high.
On the basis of the embodiment of the method shown in fig. 17 or fig. 18, the decrypting the encrypted image block to obtain the image block arrangement information and the decrypted image block of the unencrypted image block may include:
decrypting the encrypted image block to obtain metadata of the encrypted image and a decrypted image block;
and extracting the image block arrangement information of the unencrypted image block from the metadata.
For example, on the basis of the embodiment of the method shown in fig. 17, the third image hotlink protection method provided by the present embodiment, as shown in fig. 19, includes the following steps S1301-S1305.
S1301: an encrypted image is obtained, the encrypted image comprising encrypted tiles and unencrypted tiles.
S1302: an encrypted image block is extracted from the encrypted image.
S1303: and decrypting the encrypted image block to obtain the metadata of the encrypted image and the decrypted image block.
It can be understood that, in this embodiment, the image block arrangement information of the unencrypted image block is recorded in the metadata of the encrypted image, and after the terminal decrypts the encrypted image block, the metadata and each decrypted image block can be directly obtained.
S1304: and extracting the image block arrangement information of the unencrypted image block from the metadata.
It can be understood that the metadata of the encrypted image carries the image block arrangement information of the unencrypted image block, and as for the terminal corresponding to the server, it knows the position where the image block arrangement information is recorded, so it is easy to extract the image block arrangement information of the unencrypted image block from the metadata.
S1305: and arranging the unencrypted image blocks according to the image block arrangement information, and combining the arranged unencrypted image blocks and the decrypted image blocks to obtain a decrypted image.
It is understood that steps S1301, S1302, and S1305 are respectively the same as steps S1101, S1102, and S1104 in the method embodiment shown in fig. 17, and specific contents and explanations of steps S1301, S1302, and S1305 are detailed in the method embodiment shown in fig. 17, and are not repeated herein.
In the embodiment, the image block arrangement information of the unencrypted image block is stored in the metadata of the encrypted image, so that the terminal does not need to store the image block arrangement information, and the occupation of the storage space of the terminal is reduced.
On the basis of any one of the embodiments of the method shown in fig. 17 to 19, the step of obtaining the encrypted image may include:
acquiring an encrypted URL corresponding to the encrypted image, wherein the encrypted URL is an encrypted uniform resource locator;
decrypting the encrypted URL to obtain the URL of the encrypted image;
and downloading the encrypted image based on the URL of the encrypted image.
For example, on the basis of the embodiment of the method shown in fig. 17, the fourth image anti-stealing link method provided by the present embodiment, as shown in fig. 20, includes the following steps S1401-S1406.
S1401: acquiring an encrypted URL corresponding to the encrypted image, wherein the encrypted URL is an encrypted uniform resource locator;
s1402: decrypting the encrypted URL to obtain the URL of the encrypted image;
s1403: and downloading the encrypted image based on the URL of the encrypted image.
S1404: extracting an encrypted image block from the encrypted image;
s1405: decrypting the encrypted image block to obtain image block arrangement information and a decrypted image block of the unencrypted image block;
s1406: and arranging the unencrypted image blocks according to the image block arrangement information, and combining the arranged unencrypted image blocks and the decrypted image blocks to obtain a decrypted image.
It is understood that the above steps S1404 to S1406 are respectively the same as the steps S1102 to S1104 in the embodiment of the method shown in fig. 17, and the specific contents and explanations of the steps S1404 to S1406 are detailed in the embodiment of the method shown in fig. 17, and are not repeated herein. In addition, steps S1401 to S1403 are respectively the same as steps S1001 to S1003 in the method embodiment shown in fig. 16, and specific contents and explanations of steps S1401 to S1403 are shown in the method embodiment shown in fig. 16, and are not described again here.
As can be seen from the above, in the solution of the present embodiment, the terminal needs to perform decryption after obtaining the encrypted URL to obtain the URL, and downloads the encrypted image stored in the server according to the obtained URL, so that the security of the encrypted image is high.
Corresponding to the above method embodiment shown in fig. 2, an embodiment of the present invention further provides a first image hotlink prevention device, which is applied to a server, as shown in fig. 21, and includes:
a first obtaining module 110, configured to obtain an image to be processed;
an extracting module 120, configured to extract an image block to be encrypted from the image to be processed;
the first encryption module 130 is configured to encrypt the image block to be encrypted to obtain an encrypted image block;
a first merging module 140, configured to merge the encrypted image block and the unencrypted image block to obtain an encrypted image; the image to be processed comprises the image block to be encrypted and the unencrypted image block.
Therefore, in the scheme provided by this embodiment, the server extracts the to-be-encrypted image block from the to-be-processed image to be stored, and encrypts the extracted to-be-encrypted image block, but does not encrypt the unencrypted image block, that is, the encrypted image block is a part of the to-be-processed image, so that not only is the time required by the encryption operation saved, but also due to the existence of the encryption operation, even if the finally obtained encrypted image is leaked, the external device cannot directly obtain a complete to-be-processed image according to the encrypted image, and therefore, the to-be-processed image stored in the server needs to be high in security.
Corresponding to the method embodiment shown in fig. 3, in the embodiment of the present invention, as shown in fig. 22, the extracting module 120 may include:
a first segmentation sub-module 1201, configured to segment the to-be-processed image into a plurality of first image blocks;
the first extraction sub-module 1202 is configured to extract a second image block from each first image block, and use the second image block as an image block to be encrypted, where the second image block occupies a preset proportion in the first image block.
As can be seen from the above, in this embodiment, under the condition that the number of the extracted to-be-encrypted image blocks is fixed, since the to-be-processed image is divided, the number of the remaining unencrypted image blocks is larger, and it is not easy for other devices to find out the correct arrangement order of all the unencrypted image blocks, so that the security of the encrypted image is higher.
Corresponding to the method embodiment shown in fig. 6, in the embodiment of the present invention, as shown in fig. 23, the first merging module 140 may include:
a first permutation submodule 1401 for rearranging the encrypted image blocks and the unencrypted image blocks;
a first combining sub-module 1402 for combining the rearranged image blocks into an encrypted image; and the image blocks in the encrypted image are connected through separators, and the metadata of the encrypted image carries image block arrangement information.
As described above, in the present embodiment, the image block arrangement information is stored in the metadata of the encrypted image, so that the terminal does not need to store the image block arrangement information, thereby reducing the occupation of the storage space of the terminal. In addition, the image block arrangement information is recorded in the metadata of the encrypted image, and the security of the encrypted image can be further ensured.
Corresponding to the method embodiment shown in fig. 7, in the embodiment of the present invention, as shown in fig. 24, the first merging module 140 may include:
a second permutation sub-module 1403, configured to rearrange the unencrypted image blocks;
a second combining sub-module 1404, configured to combine the rearranged unencrypted image block and the encrypted image block into an encrypted image; and the image blocks in the encrypted image are connected through separators, and the metadata of the encrypted image carries image block arrangement information.
As described above, in the present embodiment, the image block arrangement information is stored in the metadata of the encrypted image, so that the terminal does not need to store the image block arrangement information, thereby reducing the occupation of the storage space of the terminal. In addition, the image block arrangement information is recorded in the metadata of the encrypted image, and the security of the encrypted image can be further ensured.
Corresponding to the method embodiment shown in fig. 8, in the embodiment of the present invention, as shown in fig. 25, the first image anti-theft device may further include:
a first generating module 150 for generating a uniform resource locator URL of the encrypted image;
the first encryption module 130 is further configured to encrypt the URL to obtain an encrypted URL; and the encryption mode of the URL is different from the encryption mode of the image block to be encrypted.
As can be seen from the above, in the scheme of this embodiment, the URL corresponding to the image to be processed is encrypted to obtain the encrypted URL, so that the terminal needs to perform matching decryption after obtaining the encrypted URL to obtain the URL, and downloads the encrypted image stored in the server according to the obtained URL, thereby further improving the security of the image to be processed, and effectively reducing the risk of the image to be processed being leaked.
Corresponding to the above-mentioned method embodiment shown in fig. 9, the embodiment of the present invention further provides a second image hotlink prevention device, which is applied to a server, as shown in fig. 26, and includes:
a second obtaining module 210, configured to obtain an image to be processed;
a dividing module 220, configured to divide the image to be processed into an image block to be encrypted and a plurality of unencrypted image blocks;
the second encryption module 230 is configured to encrypt the image block to be encrypted and the image block arrangement information to obtain an encrypted image block; wherein the image block arrangement information is arrangement information before the plurality of unencrypted image blocks are rearranged;
and a second merging module 240, configured to merge the encrypted image block and the unencrypted image block to obtain an encrypted image.
Therefore, in the scheme provided by this embodiment, the server encrypts the image block arrangement information and the to-be-encrypted image block obtained by dividing, but does not encrypt the unencrypted image block, that is, the encrypted image block is a part of the to-be-processed image, so that not only is the time required by the encryption operation saved, but also due to the existence of the encryption operation, even if the finally obtained encrypted image is leaked, the external device cannot directly combine the unencrypted image block to obtain the rough content of the to-be-processed image, that is, the complete to-be-processed image is directly obtained according to the encrypted image, and therefore, the security of the to-be-processed image stored in the server is high.
Corresponding to the method embodiment shown in fig. 10, on the basis of the apparatus embodiment shown in fig. 26, in an embodiment of the present invention, as shown in fig. 27, the dividing module 220 may include:
a second division submodule 2201 configured to divide the image to be processed into a plurality of first image blocks;
a second extraction sub-module 2202, configured to extract a second image block from each first image block, use the second image block as an image block to be encrypted, and use image blocks, other than the second image block, of the first image blocks as the plurality of unencrypted image blocks, where the second image block occupies a preset proportion in the first image block.
As can be seen from the above, in this embodiment, under the condition that the number of the extracted to-be-encrypted image blocks is fixed, since the to-be-processed image is divided, the number of the remaining unencrypted image blocks is larger, and it is not easy for other devices to find out the correct arrangement order of all the unencrypted image blocks, so that the security of the encrypted image is higher.
As a specific implementation of the embodiment of the present invention, on the basis of the embodiment of the apparatus shown in fig. 26 or 27, tiles in the encrypted image may be connected by separators, and the tile arrangement information may be stored in metadata.
In this embodiment, the separator is used to divide the encrypted image, so that the device can restore the encrypted image to the image block of the to-be-processed image; in addition, the image block arrangement information is stored in the metadata of the encrypted image, so the terminal does not need to store the image block arrangement information, and the occupation of the storage space of the terminal is reduced. In addition, by recording the image block arrangement information in the metadata of the encrypted image, the security of the encrypted image can be further ensured.
Corresponding to the method embodiment shown in fig. 11, on the basis of any device embodiment corresponding to the second image anti-theft device, in an embodiment of the present invention, as shown in fig. 28, the device may further include:
a second generating module 250, configured to generate a uniform resource locator URL of the encrypted image;
the second encryption module 230 is further configured to encrypt the URL to obtain an encrypted URL; and the encryption mode of the URL is different from the encryption mode of encrypting the image blocks to be encrypted and the image block arrangement information.
As can be seen from the above, in the scheme of this embodiment, the URL corresponding to the image to be processed is encrypted to obtain the encrypted URL, so that the terminal needs to perform matching decryption after obtaining the encrypted URL to obtain the URL, and downloads the encrypted image stored in the server according to the obtained URL, thereby further improving the security of the image to be processed, and effectively reducing the risk of the image to be processed being leaked.
Corresponding to the above method embodiment shown in fig. 12, the embodiment of the present invention further provides a third image hotlink prevention device, which is applied to a terminal, as shown in fig. 29, and includes:
a third obtaining module 310, configured to obtain an encrypted image, where the encrypted image includes an encrypted image block and an unencrypted image block;
a first extraction module 320 for extracting the encrypted image block from the encrypted image;
the first decryption module 330 is configured to decrypt the encrypted image block to obtain a decrypted image block;
the first combining module 340 is configured to combine the decrypted image block and the unencrypted image block to obtain a decrypted image.
Therefore, in the scheme provided by this embodiment, after the terminal acquires the encrypted image from the server, it needs to decrypt the encrypted image block in the encrypted image, and then combines the decrypted image block and the unencrypted image block that are finally obtained, because the decryption operation is only for the image block to be encrypted, the content of decryption is small, the decryption speed is high, the time required for decryption is short, and if the encrypted image block in the encrypted image is not decrypted, a complete decrypted image cannot be obtained, so that the security of the encrypted image is high.
Corresponding to the method embodiment shown in fig. 13, on the basis of the apparatus embodiment shown in fig. 29, in the embodiment of the present invention, the image blocks in the encrypted image are connected by separators; as shown in the schematic view of figure 30,
the first extraction module 320 may include:
a first splitting sub-module 3201 configured to split the encrypted image into image blocks by the separators;
a first obtaining sub-module 3202 is configured to obtain encrypted image blocks in the respective image blocks.
Therefore, the terminal can distinguish each encrypted image block and each unencrypted image block in the encrypted image through the separators, and for other illegal devices, the terminal cannot know the separators used in the encrypted image, so that the encrypted image is difficult to split, and the security of the encrypted image is high.
Corresponding to the method embodiment shown in fig. 14, in the embodiment of the present invention, on the basis of the apparatus embodiment shown in fig. 29 or 30, as shown in fig. 31, the first assembling module 340 may include:
the second obtaining sub-module 3401 is configured to obtain image block arrangement information carried by metadata of the encrypted image;
and a third combining sub-module 3402, configured to reorder each image block in the encrypted image according to the image block arrangement information, and combine the decrypted image block and the unencrypted image block after being ordered into a decrypted image.
As described above, in the present embodiment, the image block arrangement information is stored in the metadata of the encrypted image, so that the terminal does not need to store the image block arrangement information, thereby reducing the occupation of the storage space of the terminal. In addition, since the image block arrangement information is recorded in the metadata of the encrypted image, an external unauthorized device does not know to extract the image block arrangement information from the metadata of the encrypted image, and the security of the encrypted image can be further ensured.
Corresponding to the method embodiment shown in fig. 16, on the basis of any one of the apparatus embodiments shown in fig. 29 to 31, in an embodiment of the present invention, as shown in fig. 32, the third obtaining module 310 may include:
a third obtaining sub-module 3101, configured to obtain an encrypted URL corresponding to the encrypted image, where the encrypted URL is an encrypted uniform resource locator;
a first decryption sub-module 3102, configured to decrypt the encrypted URL to obtain the URL of the encrypted image;
a first downloading submodule 3103, configured to download the encrypted image based on the URL of the encrypted image.
As can be seen from the above, in the solution of the present embodiment, the terminal needs to perform decryption after obtaining the encrypted URL to obtain the URL, and downloads the encrypted image stored in the server according to the obtained URL, so that the security of the encrypted image is high.
Corresponding to the above method embodiment shown in fig. 17, the embodiment of the present invention further provides a fourth image hotlink prevention device, which is applied to a terminal, and as shown in fig. 33, the device includes:
a fourth obtaining module 410, configured to obtain an encrypted image, where the encrypted image includes an encrypted image block and an unencrypted image block;
a second extraction module 420, configured to extract the encrypted image block from the encrypted image;
the second decryption module 430 is configured to decrypt the encrypted image block to obtain image block arrangement information and a decrypted image block of the unencrypted image block;
the second combining module 440 is configured to arrange the unencrypted image blocks according to the image block arrangement information, and combine the arranged unencrypted image blocks and the arranged decrypted image blocks to obtain a decrypted image.
Therefore, in the scheme provided by this embodiment, after the terminal acquires the encrypted image from the server, it needs to decrypt the encrypted image block in the encrypted image, and then combines the decrypted image block and the unencrypted image block that are finally obtained, because the decryption operation is only for the image block to be encrypted, the content of decryption is small, the decryption speed is high, the time required for decryption is short, and if the encrypted image block in the encrypted image is not decrypted, a complete decrypted image cannot be obtained, so that the security of the encrypted image is high.
Corresponding to the method embodiment shown in fig. 18, on the basis of the apparatus embodiment shown in fig. 33, in the embodiment of the present invention, the image blocks in the encrypted image are connected by separators; as shown in fig. 34, the second extraction module 420 may include:
a second splitting sub-module 4201, configured to split the encrypted image into image blocks by the separators;
a fourth obtaining sub-module 4202, configured to obtain the encrypted image blocks in the respective image blocks.
Therefore, the terminal can distinguish each encrypted image block and each unencrypted image block in the encrypted image through the separators, and for other illegal devices, the terminal cannot know the separators used in the encrypted image, so that the encrypted image is difficult to split, and the security of the encrypted image is high.
Corresponding to the method embodiment shown in fig. 19, on the basis of the apparatus embodiment shown in fig. 33 or 34, in the embodiment of the present invention, as shown in fig. 35, the second decryption module 430 may include:
the second decryption submodule 4301 is configured to decrypt the encrypted image block to obtain metadata of the encrypted image and a decrypted image block;
and the third extraction sub-module 4302 is configured to extract the image block arrangement information of the unencrypted image block from the metadata.
In the embodiment, the image block arrangement information of the unencrypted image block is stored in the metadata of the encrypted image, so that the terminal does not need to store the image block arrangement information, and the occupation of the storage space of the terminal is reduced.
Corresponding to the method embodiment shown in fig. 20, on the basis of any one of the apparatus embodiments shown in fig. 33 to 35, in an embodiment of the present invention, as shown in fig. 36, the fourth obtaining module 410 may include:
a fifth obtaining sub-module 4101, configured to obtain an encrypted URL corresponding to the encrypted image, where the encrypted URL is an encrypted uniform resource locator;
a third decryption submodule 4102, configured to decrypt the encrypted URL to obtain a URL of the encrypted image;
a second downloading sub-module 4103, configured to download the encrypted image based on the URL of the encrypted image.
As can be seen from the above, in the solution of the present embodiment, the terminal needs to perform decryption after obtaining the encrypted URL to obtain the URL, and downloads the encrypted image stored in the server according to the obtained URL, so that the security of the encrypted image is high.
An electronic device is further provided in the embodiment of the present invention, as shown in fig. 37, and includes a first processor 510, a first communication interface 520, a first memory 530 and a first communication bus 540, where the first processor 510, the first communication interface 520, and the first memory 530 complete communication with each other through the first communication bus 540,
a first memory 530 for storing a computer program;
the first processor 510, when executing the program stored in the first memory 530, implements the following steps:
acquiring an image to be processed;
extracting an image block to be encrypted from an image to be processed;
encrypting an image block to be encrypted to obtain an encrypted image block;
combining the encrypted image block and the unencrypted image block to obtain an encrypted image; the image to be processed comprises an image block to be encrypted and an unencrypted image block.
For specific implementation and related explanation of each step of the method, reference may be made to each method embodiment of the first image anti-hotlinking method, which is not described herein again.
Another electronic device is further provided in the embodiment of the present invention, as shown in fig. 38, including a second processor 610, a second communication interface 620, a second memory 630 and a second communication bus 640, where the second processor 610, the second communication interface 620 and the second memory 630 complete communication with each other through the second communication bus 640,
a second memory 630 for storing computer programs;
the second processor 610, when executing the program stored in the second memory 630, implements the following steps:
acquiring an image to be processed;
dividing an image to be processed into an image block to be encrypted and a plurality of unencrypted image blocks;
encrypting the image block to be encrypted and the image block arrangement information to obtain an encrypted image block; wherein, the image block arrangement information is the arrangement information before the rearrangement of a plurality of unencrypted image blocks;
and combining the encrypted image block and the unencrypted image block to obtain an encrypted image.
For specific implementation and related explanation of each step of the method, reference may be made to each method embodiment of the second image hotlink prevention method, which is not described herein again.
The embodiment of the present invention further provides another electronic device, as shown in fig. 39, which includes a third processor 710, a third communication interface 720, a third memory 730 and a third communication bus 740, wherein the third processor 710, the third communication interface 720 and the third memory 730 complete communication with each other through the third communication bus 740,
a third memory 730 for storing a computer program;
the third processor 710 is configured to, when executing the program stored in the third memory 730, implement the following steps:
acquiring an encrypted image, wherein the encrypted image comprises an encrypted image block and an unencrypted image block;
extracting an encrypted image block from the encrypted image;
decrypting the encrypted image block to obtain a decrypted image block;
and combining the decrypted image block and the unencrypted image block to obtain a decrypted image.
For specific implementation and related explanation of each step of the method, reference may be made to each method embodiment of the third image hotlink prevention method, which is not described herein again.
An embodiment of the present invention further provides another electronic device, as shown in fig. 40, including a fourth processor 810, a fourth communication interface 820, a fourth memory 830 and a fourth communication bus 840, where the fourth processor 810, the fourth communication interface 820 and the fourth memory 830 complete communication with each other through the fourth communication bus 840,
a fourth memory 830 for storing a computer program;
the fourth processor 810, when executing the program stored in the fourth memory 830, implements the following steps:
acquiring an encrypted image, wherein the encrypted image comprises an encrypted image block and an unencrypted image block;
extracting an encrypted image block from the encrypted image;
decrypting the encrypted image block to obtain image block arrangement information and a decrypted image block of the unencrypted image block;
and arranging the unencrypted image blocks according to the image block arrangement information, and combining the arranged unencrypted image blocks and the decrypted image blocks to obtain a decrypted image.
For specific implementation and related explanation of each step of the method, reference may be made to each method embodiment of the fourth image hotlink prevention method, which is not described herein again.
The communication bus mentioned in the electronic device may be a Peripheral Component Interconnect (PCI) bus, an Extended Industry Standard Architecture (EISA) bus, or the like. The communication bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one thick line is shown, but this does not mean that there is only one bus or one type of bus.
The communication interface is used for communication between the electronic equipment and other equipment.
The Memory may include a Random Access Memory (RAM) or a non-volatile Memory (non-volatile Memory), such as at least one disk Memory. Optionally, the memory may also be at least one memory device located remotely from the processor.
The Processor may be a general-purpose Processor, and includes a Central Processing Unit (CPU), a network Processor (Ne word Processor, NP), and the like; the integrated Circuit may also be a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other Programmable logic device, a discrete Gate or transistor logic device, or a discrete hardware component.
In yet another embodiment of the present invention, a computer-readable storage medium is further provided, which stores instructions that, when executed on a computer, cause the computer to execute the first image hotlink prevention method described in any one of the above embodiments.
In yet another embodiment of the present invention, another computer-readable storage medium is provided, which stores instructions that, when executed on a computer, cause the computer to perform the second image hotlink prevention method described in any of the above embodiments.
In another embodiment of the present invention, there is provided a computer-readable storage medium, which stores instructions that, when executed on a computer, cause the computer to execute the third image hotlink prevention method described in any one of the above embodiments.
In yet another embodiment of the present invention, a computer-readable storage medium is provided, which stores instructions that, when executed on a computer, cause the computer to execute the fourth image hotlink prevention method described in any of the above embodiments.
In yet another embodiment, a computer program product containing instructions is provided, which when run on a computer causes the computer to perform the first image anti-hotlinking method as described in any of the above embodiments.
In yet another embodiment of the present invention, another computer-readable storage medium is provided, which stores instructions that, when executed on a computer, cause the computer to perform the second image hotlink prevention method described in any of the above embodiments.
In another embodiment of the present invention, there is provided a computer-readable storage medium, which stores instructions that, when executed on a computer, cause the computer to execute the third image hotlink prevention method described in any one of the above embodiments.
In yet another embodiment of the present invention, a computer-readable storage medium is provided, which stores instructions that, when executed on a computer, cause the computer to execute the fourth image hotlink prevention method described in any of the above embodiments.
In the above embodiments, the implementation may be wholly or partially realized by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When loaded and executed on a computer, cause the processes or functions described in accordance with the embodiments of the invention to occur, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable device. The computer instructions may be stored in a computer readable storage medium or transmitted from one computer readable storage medium to another, for example, from one website site, computer, server, or data center to another website site, computer, server, or data center via wired (e.g., coaxial cable, fiber optic, Digital Subscriber Line (DSL)) or wireless (e.g., infrared, wireless, microwave, etc.). The computer-readable storage medium can be any available medium that can be accessed by a computer or a data storage device, such as a server, a data center, etc., that incorporates one or more of the available media. The usable medium may be a magnetic medium (e.g., floppy Disk, hard Disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., Solid State Disk (SSD)), among others.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
All the embodiments in the present specification are described in a related manner, and the same and similar parts among the embodiments may be referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the embodiments of the apparatus and the electronic device, since they are substantially similar to the method embodiments, the description is relatively simple, and for the relevant points, reference may be made to the partial description of the method embodiments.
The above description is only for the preferred embodiment of the present invention, and is not intended to limit the scope of the present invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention shall fall within the protection scope of the present invention.

Claims (20)

1. An image anti-hotlinking method, comprising:
acquiring an image to be processed;
dividing the image to be processed into a plurality of first image blocks;
respectively extracting a second image block from each first image block, and taking the second image block as an image block to be encrypted, wherein the second image block accounts for a preset proportion in the first image block;
encrypting the image block to be encrypted to obtain an encrypted image block;
rearranging the unencrypted image blocks;
combining the rearranged unencrypted image blocks and the encrypted image blocks into an encrypted image; the image blocks in the encrypted image are connected through separators, metadata of the encrypted image carries image block arrangement information, and the image block arrangement information records the correct arrangement sequence of the image blocks to be encrypted and the unencrypted image blocks; the image to be processed comprises the image block to be encrypted and the unencrypted image block.
2. The method of claim 1, further comprising:
generating a Uniform Resource Locator (URL) of the encrypted image;
encrypting the URL to obtain an encrypted URL; and the encryption mode of the URL is different from the encryption mode of the image block to be encrypted.
3. An image anti-hotlinking method, comprising:
acquiring an image to be processed;
dividing the image to be processed into a plurality of first image blocks;
respectively extracting a second image block from each first image block, taking the second image block as an image block to be encrypted, taking the image blocks except the second image block in the first image blocks as a plurality of unencrypted image blocks, wherein the second image blocks account for a preset proportion in the first image blocks;
rearranging the plurality of unencrypted image blocks;
encrypting the image blocks to be encrypted to obtain encrypted image blocks, and encrypting the image block arrangement information to obtain encrypted image block arrangement information; wherein the image block arrangement information is arrangement information before the plurality of unencrypted image blocks are rearranged;
combining the encrypted image blocks and the rearranged unencrypted image blocks to obtain an encrypted image; the image blocks in the encrypted image are connected through separators, and the encrypted image block arrangement information is stored in metadata of the encrypted image.
4. The method of claim 3, further comprising:
generating a Uniform Resource Locator (URL) of the encrypted image;
encrypting the URL to obtain an encrypted URL; and the encryption mode of the URL is different from the encryption mode of encrypting the image blocks to be encrypted and the image block arrangement information.
5. An image anti-hotlinking method, comprising:
acquiring an encrypted image, wherein the encrypted image comprises an encrypted image block and an unencrypted image block; the method comprises the steps that an encrypted image is obtained by a server, the image to be processed is divided into a plurality of first image blocks, a second image block is extracted from each first image block, the second image block is used as an image block to be encrypted, the image block to be encrypted is encrypted to obtain an encrypted image block, and after the unencrypted image blocks are rearranged, the rearranged unencrypted image blocks and the encrypted image blocks are combined to obtain the image; the second image block accounts for a preset proportion in the first image block; each image block in the encrypted image is connected through a separator;
splitting the encrypted image into image blocks through the separators to obtain encrypted image blocks in the image blocks;
decrypting the encrypted image block to obtain a decrypted image block;
acquiring image block arrangement information carried by metadata of the encrypted image; the image block arrangement information records the correct arrangement sequence of the image blocks to be encrypted and the unencrypted image blocks;
and reordering each image block in the encrypted image according to the image block arrangement information, and combining the decrypted image block and the unencrypted image block which are ordered into a decrypted image.
6. The method of claim 5, wherein the obtaining an encrypted image comprises:
acquiring an encrypted URL corresponding to an encrypted image, wherein the encrypted URL is an encrypted uniform resource locator;
decrypting the encrypted URL to obtain the URL of the encrypted image;
and downloading to obtain the encrypted image based on the URL of the encrypted image.
7. An image anti-hotlinking method, comprising:
acquiring an encrypted image, wherein the encrypted image comprises an encrypted image block and an unencrypted image block; the method comprises the steps that an encrypted image is obtained by a server, the image to be processed is divided into a plurality of first image blocks, a second image block is extracted from each first image block, the second image block is used as an image block to be encrypted, the image blocks except the second image block in the first image blocks are used as a plurality of unencrypted image blocks, the plurality of unencrypted image blocks are rearranged, the image block to be encrypted is encrypted to obtain an encrypted image block, image block arrangement information is encrypted to obtain encrypted image block arrangement information, and the encrypted image block and the rearranged unencrypted image block are combined to obtain the encrypted image block; the second image block accounts for a preset proportion in the first image block; each image block in the encrypted image is connected through a separator, the image block arrangement information is arrangement information before the plurality of unencrypted image blocks are rearranged, and the encrypted image block arrangement information is stored in metadata of the encrypted image;
splitting the encrypted image into image blocks through the separators to obtain encrypted image blocks in the image blocks;
decrypting the encrypted image block to obtain a decrypted image block;
acquiring the encrypted image block arrangement information from the metadata of the encrypted image, and decrypting the encrypted image block arrangement information to obtain the image block arrangement information;
and arranging the rearranged unencrypted image blocks according to the image block arrangement information, and combining the arranged unencrypted image blocks and the arranged decrypted image blocks to obtain a decrypted image.
8. The method of claim 7, wherein the obtaining an encrypted image comprises:
acquiring an encrypted URL corresponding to an encrypted image, wherein the encrypted URL is an encrypted uniform resource locator;
decrypting the encrypted URL to obtain the URL of the encrypted image;
and downloading to obtain the encrypted image based on the URL of the encrypted image.
9. An image anti-theft chain device, comprising:
the first acquisition module is used for acquiring an image to be processed;
an extraction module, the extraction module comprising:
the first segmentation sub-module is used for segmenting the image to be processed into a plurality of first image blocks;
the first extraction sub-module is used for respectively extracting a second image block from each first image block, the second image block is used as an image block to be encrypted, and the second image block accounts for a preset proportion in the first image block;
the first encryption module is used for encrypting the image block to be encrypted to obtain an encrypted image block;
a first merging module comprising: a second permutation submodule for rearranging the unencrypted image blocks; the second combination sub-module is used for combining the rearranged unencrypted image blocks and the encrypted image blocks into an encrypted image; the image blocks in the encrypted image are connected through separators, metadata of the encrypted image carries image block arrangement information, and the image block arrangement information records the correct arrangement sequence of the image blocks to be encrypted and the unencrypted image blocks; the image to be processed comprises the image block to be encrypted and the unencrypted image block.
10. The apparatus of claim 9, further comprising:
a first generation module, configured to generate a uniform resource locator URL of the encrypted image;
the first encryption module is further configured to encrypt the URL to obtain an encrypted URL; and the encryption mode of the URL is different from the encryption mode of the image block to be encrypted.
11. An image anti-theft chain device, comprising:
the second acquisition module is used for acquiring an image to be processed;
a segmentation module, the segmentation module comprising:
the second segmentation sub-module is used for segmenting the image to be processed into a plurality of first image blocks;
the second extraction sub-module is used for respectively extracting a second image block from each first image block, taking the second image block as an image block to be encrypted, taking the image blocks except the second image block in the first image block as a plurality of unencrypted image blocks, wherein the second image block accounts for a preset proportion in the first image block;
a first ordering module for rearranging the plurality of unencrypted image blocks;
the second encryption module is used for encrypting the image blocks to be encrypted to obtain encrypted image blocks and encrypting the image block arrangement information to obtain encrypted image block arrangement information; wherein the image block arrangement information is arrangement information before the plurality of unencrypted image blocks are rearranged;
the second merging module is used for merging the encrypted image blocks and the rearranged unencrypted image blocks to obtain an encrypted image; the image blocks in the encrypted image are connected through separators, and the encrypted image block arrangement information is stored in metadata of the encrypted image.
12. The apparatus of claim 11, further comprising:
the second generation module is used for generating a Uniform Resource Locator (URL) of the encrypted image;
the second encryption module is further configured to encrypt the URL to obtain an encrypted URL; and the encryption mode of the URL is different from the encryption mode of encrypting the image blocks to be encrypted and the image block arrangement information.
13. An image anti-theft chain device, comprising:
the third acquisition module is used for acquiring an encrypted image, wherein the encrypted image comprises an encrypted image block and an unencrypted image block; the method comprises the steps that an encrypted image is obtained by a server, the image to be processed is divided into a plurality of first image blocks, a second image block is extracted from each first image block, the second image block is used as an image block to be encrypted, the image block to be encrypted is encrypted to obtain an encrypted image block, and after the unencrypted image blocks are rearranged, the rearranged unencrypted image blocks and the encrypted image blocks are combined to obtain the image; the second image block accounts for a preset proportion in the first image block; each image block in the encrypted image is connected through a separator;
a first extraction module comprising: a first splitting sub-module, configured to split the encrypted image into image blocks through the separators; the first obtaining sub-module is used for obtaining encrypted image blocks in the image blocks;
the first decryption module is used for decrypting the encrypted image block to obtain a decrypted image block;
a first assembly module comprising: the second obtaining sub-module is used for obtaining image block arrangement information carried by metadata of the encrypted image; the image block arrangement information records the correct arrangement sequence of the image blocks to be encrypted and the unencrypted image blocks; and the third combination sub-module is used for reordering all image blocks in the encrypted image according to the image block arrangement information and combining the decrypted image blocks and the unencrypted image blocks after the reordering into a decrypted image.
14. The apparatus of claim 13, wherein the third obtaining module comprises:
the third obtaining submodule is used for obtaining an encrypted URL corresponding to the encrypted image, wherein the encrypted URL is an encrypted uniform resource locator;
the first decryption submodule is used for decrypting the encrypted URL to obtain the URL of the encrypted image;
and the first downloading submodule is used for downloading and obtaining the encrypted image based on the URL of the encrypted image.
15. An image anti-theft chain device, comprising:
the fourth acquisition module is used for acquiring an encrypted image, wherein the encrypted image comprises an encrypted image block and an unencrypted image block; the method comprises the steps that an encrypted image is obtained by a server, the image to be processed is divided into a plurality of first image blocks, a second image block is extracted from each first image block, the second image block is used as an image block to be encrypted, the image blocks except the second image block in the first image blocks are used as a plurality of unencrypted image blocks, the plurality of unencrypted image blocks are rearranged, the image block to be encrypted is encrypted to obtain an encrypted image block, image block arrangement information is encrypted to obtain encrypted image block arrangement information, and the encrypted image block and the rearranged unencrypted image block are combined to obtain the encrypted image block; the second image block accounts for a preset proportion in the first image block; each image block in the encrypted image is connected through a separator, the image block arrangement information is arrangement information before the plurality of unencrypted image blocks are rearranged, and the encrypted image block arrangement information is stored in metadata of the encrypted image;
a second extraction module comprising: a second splitting sub-module, configured to split the encrypted image into image blocks through the separators; the fourth obtaining sub-module is used for obtaining the encrypted image blocks in the image blocks;
the second decryption module is used for decrypting the encrypted image block to obtain a decrypted image block; acquiring the encrypted image block arrangement information from the metadata of the encrypted image, and decrypting the encrypted image block arrangement information to obtain the image block arrangement information;
and the second combination module is used for arranging the rearranged unencrypted image blocks according to the image block arrangement information and combining the arranged unencrypted image blocks and the arranged decrypted image blocks to obtain a decrypted image.
16. The apparatus of claim 15, wherein the fourth obtaining module comprises:
a fifth obtaining submodule, configured to obtain an encrypted URL corresponding to the encrypted image, where the encrypted URL is an encrypted uniform resource locator;
the third decryption submodule is used for decrypting the encrypted URL to obtain the URL of the encrypted image;
and the second downloading submodule is used for downloading and obtaining the encrypted image based on the URL of the encrypted image.
17. An electronic device is characterized by comprising a first processor, a first communication interface, a first memory and a first communication bus, wherein the first processor, the first communication interface and the first memory are used for completing communication with each other through the first communication bus;
a first memory for storing a computer program;
a first processor for implementing the method of claim 1 or 2 when executing the program stored in the first memory.
18. An electronic device is characterized by comprising a second processor, a second communication interface, a second memory and a second communication bus, wherein the second processor, the second communication interface and the second memory are communicated with each other through the second communication bus;
a second memory for storing a computer program;
a second processor for implementing the method of claim 3 or 4 when executing the program stored in the second memory.
19. An electronic device is characterized by comprising a third processor, a third communication interface, a third memory and a third communication bus, wherein the third processor, the third communication interface and the third memory complete mutual communication through the third communication bus;
a third memory for storing a computer program;
a third processor adapted to implement the method of claim 5 or 6 when executing the program stored in the third memory.
20. An electronic device is characterized by comprising a fourth processor, a fourth communication interface, a fourth memory and a fourth communication bus, wherein the fourth processor, the fourth communication interface and the fourth memory complete mutual communication through the fourth communication bus;
a fourth memory for storing a computer program;
a fourth processor adapted to perform the method of claim 7 or 8 when executing the program stored in the fourth memory.
CN201710474820.8A 2017-06-21 2017-06-21 Image anti-hotlinking method and device and electronic equipment Active CN107302706B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710474820.8A CN107302706B (en) 2017-06-21 2017-06-21 Image anti-hotlinking method and device and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710474820.8A CN107302706B (en) 2017-06-21 2017-06-21 Image anti-hotlinking method and device and electronic equipment

Publications (2)

Publication Number Publication Date
CN107302706A CN107302706A (en) 2017-10-27
CN107302706B true CN107302706B (en) 2020-08-14

Family

ID=60135578

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710474820.8A Active CN107302706B (en) 2017-06-21 2017-06-21 Image anti-hotlinking method and device and electronic equipment

Country Status (1)

Country Link
CN (1) CN107302706B (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108989604B (en) 2018-07-20 2020-05-05 京东方科技集团股份有限公司 Image encryption method, image transmission method, electronic device and readable storage medium
CN109495670B (en) * 2018-10-24 2020-10-23 中山大学 Format-compatible encryption and decryption method for color JPEG image
CN109981917B (en) * 2019-01-25 2021-04-06 佛山市顺德区中山大学研究院 Two-dimensional code image optical encryption method and system, device and storage medium thereof
CN110996132A (en) * 2019-12-26 2020-04-10 合肥道正企智大数据有限公司 Video image splitting, encrypting and transmitting method, device and system
CN111815723B (en) * 2020-07-08 2024-04-12 北京华云安信息技术有限公司 Data encryption method and device
CN112637442B (en) * 2020-12-28 2022-07-22 金润方舟科技股份有限公司 Method and device for encrypting circulating images by cloud server and local end
CN114979717B (en) * 2022-07-25 2022-11-08 广州万协通信息技术有限公司 Differential video encryption method based on equipment decoding capability and security chip device
CN117077703A (en) * 2023-09-14 2023-11-17 荣耀终端有限公司 Image processing method and electronic equipment

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1434402A (en) * 2002-01-21 2003-08-06 中国科学院研究生院 Method and system of URL based long distance image files description service
CN1917613A (en) * 2005-08-15 2007-02-21 刘畅 Method of encrypting dynamic image locally
US20090257582A1 (en) * 2008-04-14 2009-10-15 Chiou-Haun Lee Block-based stream encryption/decryption processing method
JP5115930B2 (en) * 2008-05-14 2013-01-09 国立大学法人 千葉大学 An image information encryption method, an image information encryption device, and a computer program for image encryption.
CN105049877A (en) * 2015-06-02 2015-11-11 阔地教育科技有限公司 Encryption method and device for live and recorded broadcast interaction system
CN105354501B (en) * 2015-10-28 2017-09-12 广东欧珀移动通信有限公司 The processing method and processing system of photo

Also Published As

Publication number Publication date
CN107302706A (en) 2017-10-27

Similar Documents

Publication Publication Date Title
CN107302706B (en) Image anti-hotlinking method and device and electronic equipment
CN102292931B (en) Method and device for multiple content protection systems in a file
US9037870B1 (en) Method and system for providing a rotating key encrypted file system
US10958416B2 (en) Encrypted and compressed data transmission with padding
Tierney et al. Cryptagram: Photo privacy for online social media
US10375032B2 (en) System and method for data segmentation and distribution across multiple cloud storage points
US20160117518A1 (en) File Encryption/Decryption Device And File Encryption/Decryption Method
US20140082376A1 (en) System, Method and Apparatus for Securely Saving/Retrieving Data on a Data Storage
US10685141B2 (en) Method for storing data blocks from client devices to a cloud storage system
KR20190104220A (en) Data backup methods and devices, storage media and servers
CN110798714B (en) HLS-based local video playing system and playing method
US10341433B2 (en) Copy and paste between devices
CN110795747A (en) Data encryption storage method, device, equipment and readable storage medium
KR20200127643A (en) Method and Apparatus for Distributed Processing of Data for Document Management
Temmermans et al. JPEG Privacy and Security framework for social networking and GLAM services
US10027632B2 (en) Data view based on context
Li et al. Reversible data hiding in block compressed sensing images
Koh et al. Encrypted cloud photo storage using Google photos
TW201317823A (en) Cloud secured storage system
CN110955909B (en) Personal data protection method and block link point
WO2020103059A1 (en) Data processing method and apparatus, electronic device and storage medium
CN113704206B (en) Metadata processing method and device, electronic equipment and storage medium
CN108985109A (en) A kind of date storage method and device
CN103226673A (en) Method and device for processing SWF (Shock Wave Flash) separation encryption in batches
Heeger et al. ExHide: Hiding data within the ExFAT file system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant