CN107707347A - The backup method and device of user key, the introduction method and device of user key - Google Patents

The backup method and device of user key, the introduction method and device of user key Download PDF

Info

Publication number
CN107707347A
CN107707347A CN201711026840.5A CN201711026840A CN107707347A CN 107707347 A CN107707347 A CN 107707347A CN 201711026840 A CN201711026840 A CN 201711026840A CN 107707347 A CN107707347 A CN 107707347A
Authority
CN
China
Prior art keywords
user key
key
random number
dispersion factor
character
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201711026840.5A
Other languages
Chinese (zh)
Other versions
CN107707347B (en
Inventor
陈柳章
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Excelsecu Data Technology Co Ltd
Original Assignee
Shenzhen Excelsecu Data Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Excelsecu Data Technology Co Ltd filed Critical Shenzhen Excelsecu Data Technology Co Ltd
Priority to CN201711026840.5A priority Critical patent/CN107707347B/en
Publication of CN107707347A publication Critical patent/CN107707347A/en
Application granted granted Critical
Publication of CN107707347B publication Critical patent/CN107707347B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The invention belongs to encryption technology field, more particularly to the introduction method and device of the backup method of user key and device and user key, by obtaining user key and generating the random number of presetting digit capacity;According to default algorithm, it is determined that dispersion factor corresponding with the random number;Dispersion factor is disperseed by built-in key, generates temporary encryption keys;The user key is encrypted based on the temporary encryption keys, generates user key ciphertext;According to the random number and the dispersion factor, it is determined that simultaneously display reminding information, so that user is when needing to import user key to plaintext decryption, the dispersion factor of complexity can be found out by way of remembering a small amount of character, both the security of user key ciphertext had been ensure that, user is remembered the dispersion factor of large amount of complex again, improve the convenience that user uses user key.

Description

The backup method and device of user key, the introduction method and device of user key
Technical field
The invention belongs to encryption technology field, more particularly to the backup method of user key and device and user key are led Enter method and device.
Background technology
Private key is the key factor decrypted and signed in security fields, generally, is signed in high safety field, such as network bank business Deng in order to ensure the safety of private key, private key must generate in key safety means, and private key can not be from key safety means Export.However, if the key safety means of user are once lose, in some application scenarios, such as bit coin private key, just again It can not give for change, so as to cause user's massive losses.
The content of the invention
In view of this, the embodiments of the invention provide the backup method of user key and device, the importing side of user key Method and device, security and convenience to solve existing user key encryption and leading-in technique be present and can not meet user's need simultaneously The problem of asking.
The first aspect of the embodiment of the present invention provides a kind of backup method of user key, including:
Obtain user key and generate the random number of presetting digit capacity;According to default algorithm, it is determined that with the random number pair The dispersion factor answered;Dispersion factor is disperseed by built-in key, generates temporary encryption keys;Based on the ephemeral encryption The user key is encrypted key, generates user key ciphertext;According to the random number and the dispersion factor, really Fixed and display reminding information.
The second aspect of the embodiment of the present invention provides a kind of introduction method of user key, including:
Obtain user key ciphertext and character;The coding of preset kind corresponding to the character of preset byte is intercepted, As dispersion factor;The dispersion factor is disperseed by built-in key, generates temporary decryption key;Based on described interim The user key ciphertext is decrypted decruption key, to generate user key.
The third aspect of the embodiment of the present invention provides a kind of back-up device of user key, including:
Acquisition module, for obtaining user key and generating the random number of presetting digit capacity;Determining module, for according to default Algorithm, it is determined that dispersion factor corresponding with the random number;First encrypting module, for by built-in key to dispersion factor Disperseed, generate temporary encryption keys;Second encrypting module, for based on the temporary encryption keys to the user key It is encrypted, generates user key ciphertext;Display module, for according to the random number and the dispersion factor, it is determined that simultaneously Display reminding information.
The fourth aspect of the embodiment of the present invention provides a kind of gatherer of user key, including:
Data obtaining module, for obtaining user key ciphertext and character;Generation module is encoded, for intercepting predetermined word The coding of preset kind corresponding to the character of section, as dispersion factor;Encrypting module, for by built-in key to described Dispersion factor is disperseed, and generates temporary encryption keys;Deciphering module, for based on the temporary decryption key to the user Key ciphertext is decrypted, to generate user key.
5th aspect of the embodiment of the present invention provides a kind of back-up terminals of user key, including memory, processor And it is stored in the computer program that can be run in the memory and on the processor, it is characterised in that the processing The step of device realizes the backup method of following user key when performing the computer program:
Obtain user key and generate the random number of presetting digit capacity;According to default algorithm, it is determined that with the random number pair The dispersion factor answered;Dispersion factor is disperseed by built-in key, generates temporary encryption keys;Based on the ephemeral encryption The user key is encrypted key, generates user key ciphertext;According to the random number and the dispersion factor, really Fixed and display reminding information.
It is described according to the random number and the dispersion factor, it is determined that simultaneously display reminding information, including:According to default Corresponding relation, searches the character of predetermined number corresponding with the random number, and shows the character, and the corresponding relation includes Numeral and the corresponding relation of character.
It is described that the character of predetermined number corresponding with the random number is searched according to default corresponding relation, including:By institute The numeral in random number per preset byte is stated as a call number, each index is sequentially searched in default character library table Chinese character corresponding to number.
It is described according to default algorithm, it is determined that dispersion factor corresponding with the random number includes:By in the random number Numeral per preset byte in default character library table search and is converted to the coding of corresponding Chinese character, intercepted as a call number The coding of preset byte is as dispersion factor.
6th aspect of the embodiment of the present invention provides a kind of importing terminal of user key, including memory, processor And it is stored in the computer program that can be run in the memory and on the processor, it is characterised in that the processing The step of device realizes the backup method of following user key when performing the computer program:
Obtain user key ciphertext and character;The coding of preset kind corresponding to the character of preset byte is intercepted, As dispersion factor;The dispersion factor is disperseed by built-in key, generates temporary decryption key;Based on described interim The user key ciphertext is decrypted decruption key, to generate user key.
The built-in key when built-in key generates with the user key ciphertext is identical.
7th aspect of the embodiment of the present invention provides a kind of computer-readable recording medium, the computer-readable storage Media storage has computer program, it is characterised in that the computer program realizes following user key when being executed by processor Backup method the step of:
Obtain user key and generate the random number of presetting digit capacity;According to default algorithm, it is determined that with the random number pair The dispersion factor answered;Dispersion factor is disperseed by built-in key, generates temporary encryption keys;Based on the ephemeral encryption The user key is encrypted key, generates user key ciphertext;According to the random number and the dispersion factor, really Fixed and display reminding information.
It is described according to the random number and the dispersion factor, it is determined that simultaneously display reminding information, including:According to default Corresponding relation, searches the character of predetermined number corresponding with the random number, and shows the character, and the corresponding relation includes Numeral and the corresponding relation of character.
It is described that the character of predetermined number corresponding with the random number is searched according to default corresponding relation, including:By institute The numeral in random number per preset byte is stated as a call number, each index is sequentially searched in default character library table Chinese character corresponding to number.
It is described according to default algorithm, it is determined that dispersion factor corresponding with the random number includes:By in the random number Numeral per preset byte in default character library table search and is converted to the coding of corresponding Chinese character, intercepted as a call number The coding of preset byte is as dispersion factor.
Obtain user key ciphertext and character;The coding of preset kind corresponding to the character of preset byte is intercepted, As dispersion factor;The dispersion factor is disperseed by built-in key, generates temporary decryption key;Based on described interim The user key ciphertext is decrypted decruption key, to generate user key.
Existing beneficial effect is the embodiment of the present invention compared with prior art:Generate the random number of presetting digit capacity;According to Default corresponding relation, search the character of predetermined number corresponding with the random number;Intercept the present count of preset byte The coding of preset kind is as dispersion factor corresponding to the character of amount;By built-in symmetric encipherment algorithm key to dispersion factor It is encrypted, generates temporary encryption keys;It is finally based on the temporary encryption keys user key is encrypted, generates User key ciphertext, so that user is when needing to import user key to plaintext decryption, can be by remembering a small amount of character Mode finds out the dispersion factor of complexity, both ensure that the security of user key ciphertext, and solving to lose because of private key again causes user The problem of loss.
Brief description of the drawings
Technical scheme in order to illustrate the embodiments of the present invention more clearly, below will be to embodiment or description of the prior art In the required accompanying drawing used be briefly described, it should be apparent that, drawings in the following description be only the present invention some Embodiment, for those of ordinary skill in the art, without having to pay creative labor, can also be according to these Accompanying drawing obtains other accompanying drawings.
Fig. 1 is the implementation process figure of the backup method for the user key that the embodiment of the present invention one provides;
Fig. 2 is the implementation process figure of the introduction method for the user key that the embodiment of the present invention two provides;
Fig. 3 is the structured flowchart of the back-up device for the user key that the embodiment of the present invention three provides;
Fig. 4 is the structured flowchart of the gatherer for the user key that the embodiment of the present invention four provides;
Fig. 5 is the schematic diagram of the back-up terminals of user key provided in an embodiment of the present invention;
Fig. 6 is the schematic diagram of the importing terminal of user key provided in an embodiment of the present invention.
Embodiment
In describing below, in order to illustrate rather than in order to limit, it is proposed that such as tool of particular system structure, technology etc Body details, thoroughly to understand the embodiment of the present invention.However, it will be clear to one skilled in the art that there is no these specific The present invention can also be realized in the other embodiments of details.In other situations, omit to well-known system, device, electricity Road and the detailed description of method, in case unnecessary details hinders description of the invention.
In order to illustrate technical solutions according to the invention, illustrated below by specific embodiment.
Embodiment one
Fig. 1 shows the implementation process of the backup method for the user key that the embodiment of the present invention one provides, including step S101-S105, details are as follows:
Step S101, obtain user key and generate the random number of presetting digit capacity.
In embodiments of the present invention, the method and steps of encryption is primarily directed to user key, it is possible to understand that ground, a lot In AES, such as some rivest, shamir, adelmans such as SM2, ECC, RSA are required for a user key to go to complete in plain text Encryption, due to user key be to plaintext encryption key factor, once therefore user key intercepted and captured by other people, then may be right Encrypted plaintext is cracked, so needing to carry out certain safeguard protection in itself to user key.
In embodiments of the present invention, after user triggers the export mechanism of user key by dependent instruction, user key Back-up device obtain user key to be encrypted first and generate the random number of presetting digit capacity.Alternatively, dependent instruction can be with Sent by equipment such as PC equipment, bluetooth equipment, audio frequency apparatus and near-field communication equipments to the back-up device of user key.
In embodiments of the present invention, for being exactly according to above-mentioned random number to the encryption key that user key is encrypted Generation, specific generation method will be explained below.It is interesting to note that the digit of random number is according to specific for close to user The species for the AES that key is encrypted and determine, such as:If subsequently user key be encrypted using SM4 algorithms, So because algorithm packet corresponding to SM4 algorithms is 16 bytes, then just need to generate the random number of 18 bytes;It is if follow-up User key is encrypted using 3Des algorithms, then because algorithm packet is 8 bytes corresponding to 3Des algorithms, then only need Want the random number of 9 bytes.The method that specific random number is converted into encryption key be will be explained below, and citing herein is only used for Illustrate the digit of random number according to different AESs, can by user manually or device automatically generate corresponding digit with Machine number.
Step S102, according to default algorithm, it is determined that dispersion factor corresponding with the random number.
It is interesting to note that provided in an embodiment of the present invention is user key to be encrypted to generate user key ciphertext Method, in order that user is easier to remember the dispersion factor for decrypted user key ciphertext, therefore in embodiments of the present invention Random number described above is converted into character first.Alternatively, the character can be Chinese character.
Specifically, according to default corresponding relation, the character of predetermined number corresponding with the random number is searched, it is described right The corresponding relation including numeral with character should be related to.
Further, using the numeral in the random number per preset byte as a call number, in default character library table Inside sequentially search Chinese character corresponding to each call number..
Alternatively, in embodiments of the present invention, it is each random using the random number of each two byte as a random array Call number of the array as a Chinese character.For example, the random number of 12 bytes is generated in S101, by random number in order It is divided into 6 random arrays, each random array has the numeral of 2 bytes.
Specifically, according to the default corresponding relation, Chinese character corresponding to the numeral in each random array is searched, Generate the Chinese character of the predetermined number.As described above, each random call number of the array as a Chinese character, is deposited in systems Contain numeral and the corresponding relation of Chinese character, it is possible to understand that ground, by the corresponding relation, it is corresponding that each random array can be found out Chinese character., then can be with using each two byte as a random array it is to be appreciated that it is 12 bytes that if random number, which has altogether, Generate 6 Chinese characters, user need to only write down this six Chinese characters, it is possible to inputted in decrypted user key ciphertext correctly it is scattered because Son, so as to carry out successful decryption to user key ciphertext to import user key, therefore improve user and use user key Convenience.
Alternatively, the Chinese character of the predetermined number is shown, and judges whether to receive confirmation of the user to the Chinese character.
Alternatively, if being not received by confirmation of the user to the Chinese character, exit this time operate and regenerate it is new Random number.
It is to be appreciated that if the user sees that after the Chinese character that the back-up device of user key is shown, this is not confirmed A little Chinese characters, then it can prove that user thinks that current caused Chinese character is not easy to remember, this time operate and regenerate so exiting New random number.
Alternatively, if receiving confirmation of the user to the Chinese character, by the numeral in the random number per preset byte As a call number, in default character library table search and the coding of corresponding Chinese character is converted to, intercepts the volume of preset byte Code is used as dispersion factor.
It is to be appreciated that according to method as described above, Chinese character corresponding to random number has been calculated, as described above, has been produced The purpose of Chinese character is easy for user's memory, but Chinese character can not add directly as what user key was encrypted in itself Key, so also needing to do a series of data conversion to the Chinese character of step S102 generations.
Alternatively, the coding of the preset kind in the embodiment of the present invention can be that UTF8 is encoded.Specifically, will be according to random Chinese character caused by number is converted into UTF8 codings.UTF8 codings are that a kind of variable length character for Unicode encodes, in this hair In bright embodiment, a Chinese character correspond to unique UTF8 codings of 3 bytes.For example, if 6 are generated in step s 102 Individual Chinese character, the then UTF8 that 6 Chinese characters are converted into 18 bytes in this step are encoded.
It is to be appreciated that because the byte of the dispersion factor of different AES needs is different, for example, SM4 algorithms need The dispersion factor wanted is 16 bytes;And the dispersion factor that 3Des algorithms need is 8 bytes, so needing 18 bytes to generation UTF8 coding intercepted, generation meet follow-up Cryptographic Algorithm Requirements preset byte UTF8 coding be used as dispersion factor.
Step S103, dispersion factor is disperseed by built-in key, generate temporary encryption keys.
Alternatively, dispersion factor is disperseed using SM4 AESs, the dispersion factor is the Chinese character of preset byte The coding of corresponding preset kind.By the calculating of SM4 algorithms, it is close that dispersion factor can be converted to ephemeral encryption by built-in key Key.Alternatively, the coding of the preset kind in the embodiment of the present invention can be that UTF8 is encoded.
It is interesting to note that the back-up device memory storage of user key a built-in key, the built-in key is used at this Dispersion factor is disperseed in step.Further, user key back-up device memory storage built-in key with being used for It is identical to the built-in key of the gatherer memory storage of the user key of user key ciphertext decryption.
Step S104, the user key is encrypted based on the temporary encryption keys, generates user key ciphertext.
Alternatively, the user key obtained in step S101 is encrypted using SM4 AESs, the key used is The temporary encryption keys generated in step S103.
Further, after user key ciphertext is generated, the user key ciphertext can be stored in local storage In, it can also upload onto the server interior.It is to be appreciated that if user key ciphertext is stored in home server, facilitate user Quick calling and off-line operation;If user key ciphertext is stored in server, is advantageous to user and is remotely subsequently solved Close operation.
Step S105, according to the random number and the dispersion factor, it is determined that simultaneously display reminding information.
Alternatively, in embodiments of the present invention, prompt message can be the information of many types, such as back-up device is initial The random number of generation, or dispersion factor.
Preferably, remember for the ease of people, the Chinese character that can select to generate above is as prompt message.
It is to be appreciated that the embodiment of the present invention is by generating the random number of presetting digit capacity;According to default corresponding relation, look into Look for the character of predetermined number corresponding with the random number;Intercept and preset corresponding to the character of the predetermined number of preset byte The coding of type is as dispersion factor;Dispersion factor is encrypted by built-in symmetric encipherment algorithm key, generation is interim Encryption key;It is finally based on the temporary encryption keys user key is encrypted, generates user key ciphertext, so that User is being needed to plaintext decryption when importing user key, and the scattered of complexity can be found out by way of remembering a small amount of character The factor, both ensure that the security of user key ciphertext, user is remembered the dispersion factor of large amount of complex again, improves User uses the convenience of user key.
Embodiment two
Fig. 2 shows the introduction method for the user key that the embodiment of the present invention two provides, including step S201-S204, in detail State as follows:
Step S201, obtain user key ciphertext and character.
In embodiments of the present invention, after user triggers the importing mechanism of user key by dependent instruction, user key Gatherer obtain user key ciphertext and character first.Alternatively, dependent instruction can be set by PC equipment, bluetooth The equipment such as standby, audio frequency apparatus and near-field communication equipment is sent to the gatherer of user key.
It is to be appreciated that the importing process of user key exactly user key ciphertext is decrypted it is close so as to generate user The process of key.Therefore in embodiments of the present invention, user needs the use that input first generates by the back-up device of user key Family key ciphertext and character.
Step S202, the coding of preset kind corresponding to the character of preset byte is intercepted, as dispersion factor.
Alternatively, alternatively, the coding of the preset kind in the embodiment of the present invention can be that UTF8 is encoded.Specifically, will The character of user's input is converted into UTF8 codings.UTF8 codings are that a kind of variable length character for Unicode encodes, at this In inventive embodiments, a character correspond to unique UTF8 codings of 3 bytes.If for example, generate in step s 102 6 characters, the then UTF8 that 6 characters are converted into 18 bytes in this step are encoded.
It is to be appreciated that because the byte of the dispersion factor of different AES needs is different, for example, SM4 algorithms need The dispersion factor wanted is 16 bytes;And the dispersion factor that 3Des algorithms need is 8 bytes, so needing 18 bytes to generation UTF8 coding intercepted, generation meet follow-up Cryptographic Algorithm Requirements preset byte UTF8 coding be used as dispersion factor.
If it is to be appreciated that user input character be not user key caused character in ciphering process, that The dispersion factor generated in this step is also just different from the dispersion factor in the ciphering process of user key, then follow-up In step, necessarily can not correctly decrypted user key ciphertext, correct user key can not be generated.
Step S203, the dispersion factor is disperseed by built-in key, generate temporary decryption key.
Alternatively, dispersion factor is disperseed using SM4 algorithms, the dispersion factor is that the character of user's input is corresponding Preset kind coding.By the calculating of SM4 algorithms, it is close that the dispersion factor converted by character is converted into temporary decryption Key exports.
It is interesting to note that the gatherer memory storage of user key a built-in key, the built-in key is used at this Dispersion factor is disperseed in step.
Further, built-in key when built-in key generates with the user key ciphertext is identical.
Step S204, the user key ciphertext is decrypted based on the temporary decryption key, it is close to generate user Key.
Alternatively, user key ciphertext is decrypted using the inverse step of SM4 AESs, the key used is step The temporary decryption key generated in S203.
It is to be appreciated that the embodiment of the present invention intercepts the institute of preset byte by obtaining user key ciphertext and character The coding of preset kind corresponding to character is stated, as dispersion factor;Dispersion factor is disperseed by built-in key, generation is faced When encryption key;The user key ciphertext is decrypted based on the temporary encryption keys, to generate user key, so that User is being needed to plaintext decryption when importing user key, and the scattered of complexity can be found out by way of remembering a small amount of character The factor, both ensure that the security of user key ciphertext, user is remembered the dispersion factor of large amount of complex again, improves User uses the convenience of user key.
Embodiment three
Corresponding to the backup method of user key above, Fig. 3 shows the user key that the embodiment of the present invention three provides Back-up device structured flowchart.
Reference picture 3, the device include:
Acquisition module 301, for obtaining user key and generating the random number of presetting digit capacity;
Determining module 302, for according to default algorithm, it is determined that dispersion factor corresponding with the random number;
First encrypting module 303, for disperseing by built-in key to dispersion factor, generate temporary encryption keys;
Second encrypting module 304, for the user key to be encrypted based on the temporary encryption keys, generation is used Family user key ciphertext;
Display module 305, for according to the random number and the dispersion factor, it is determined that simultaneously display reminding information.
Further, display module includes:
Chinese disply submodule:For according to default corresponding relation, searching predetermined number corresponding with the random number Character, the corresponding relation includes numeral and the corresponding relation of character..
Further, the chinese disply submodule, is specifically used for:
Using the numeral in the random number per preset byte as a call number, sequentially searched in default character library table Chinese character corresponding to each call number.
Example IV
Corresponding to the introduction method of user key above, Fig. 4 shows the user key that the embodiment of the present invention four provides Gatherer structured flowchart.
Reference picture 4, the device include:
Data obtaining module 401, for obtaining user key ciphertext and character;
Encode generation module 402, for intercepting the coding of preset kind corresponding to the character of preset byte, as point Dissipate the factor;
Encrypting module 403, for disperseing by built-in key to dispersion factor, generate temporary encryption keys;
Built-in symmetric cryptography when the built-in symmetric encipherment algorithm key generates with the user key ciphertext is calculated Method key is identical.
Deciphering module 404, for the user key ciphertext to be decrypted based on the temporary encryption keys, with generation User key.
Fig. 5 is the schematic diagram of the back-up terminals for the user key that one embodiment of the invention provides.As shown in figure 5, the implementation The back-up device of the user key of example includes:Processor 50, memory 51 and it is stored in the memory 51 and can be in institute State the computer program 52 run on processor 50, such as the encipheror of user key.The processor 50 performs the meter The step in the backup method embodiment of above-mentioned each user key, such as the step shown in Fig. 1 are realized during calculation machine program 52 S101 to S105.Or the processor 50 realizes each mould in above-mentioned each device embodiment when performing the computer program 52 The function of block/unit, such as the function of module 301 to 305 shown in Fig. 3.
Exemplary, the computer program 52 can be divided into one or more module/units, it is one or Multiple module/units are stored in the memory 51, and are performed by the processor 50, to complete the present invention.Described one Individual or multiple module/units can be the series of computation machine programmed instruction section that can complete specific function, and the instruction segment is used for Implementation procedure of the computer program 52 in the back-up device 5 of the user key is described.For example, the computer program 52 can be divided into acquisition module, determining module, the first encrypting module, the second encrypting module and display module, each module Concrete function is as follows:
Acquisition module, for obtaining user key and generating the random number of presetting digit capacity;
Determining module, for according to default algorithm, it is determined that dispersion factor corresponding with the random number;
First encrypting module, for disperseing by built-in key to dispersion factor, generate temporary encryption keys;
Second encrypting module, for the user key to be encrypted based on the temporary encryption keys, generate user Key ciphertext;
Display module, for according to the random number and the dispersion factor, it is determined that simultaneously display reminding information.
The back-up device 5 of the user key can be desktop PC, notebook, palm PC and cloud server Deng computing device.The back-up device of the user key may include, but be not limited only to, processor 50, memory 51.This area skill Art personnel are appreciated that Fig. 5 is only the example of the back-up device 5 of user key, do not form the backup dress to user key 5 restriction is put, can be included than illustrating more or less parts, either combines some parts or different parts, such as The back-up device of the user key can also include input-output equipment, network access equipment, bus etc..
Alleged processor 50 can be CPU (Central Processing Unit, CPU), can also be Other general processors, digital signal processor (Digital Signal Processor, DSP), application specific integrated circuit (Application Specific Integrated Circuit, ASIC), ready-made programmable gate array (Field- Programmable Gate Array, FPGA) either other PLDs, discrete gate or transistor logic, Discrete hardware components etc..General processor can be microprocessor or the processor can also be any conventional processor Deng.The processor 50 calls the step of backup method of the user key of memory execution as follows:
Obtain user key and generate the random number of presetting digit capacity;According to default corresponding relation, search and described random The character of predetermined number corresponding to number, the corresponding relation include numeral and the corresponding relation of character;Intercept the institute of preset byte The coding of preset kind corresponding to the character of predetermined number is stated, as dispersion factor;Dispersion factor is carried out by built-in key It is scattered, generate temporary encryption keys;The user key is encrypted based on the temporary encryption keys, generates user key Ciphertext.
It is described that the character of predetermined number corresponding with the random number is searched according to default corresponding relation, including:By institute State the random array that random number is divided into predetermined number;According to the default corresponding relation, each random array is searched In numeral corresponding to character, generate the character of the predetermined number.
After the character of the generation predetermined number, in addition to:Show the character of the predetermined number.
The memory 51 can be the internal storage unit of the back-up device of the user key, such as user key The hard disk or internal memory of back-up device 5.The memory 51 can also be the outside of back-up device/device 5 of the user key The plug-in type hard disk being equipped with storage device, such as back-up device/device 5 of the user key, intelligent memory card (Smart Media Card, SMC), secure digital (Secure Digital, SD) card, flash card (Flash Card) etc..Further, The memory 51 can also both include the internal storage unit of back-up device/device 5 of the user key or including outside Storage device.The memory 51 is used to store its needed for the back-up device of the computer program and the user key His program and data.The memory 51 can be also used for temporarily storing the data that has exported or will export.
Fig. 6 is the schematic diagram of the importing terminal for the user key that one embodiment of the invention provides.As shown in fig. 6, the implementation The gatherer of the user key of example includes:Processor 60, memory 61 and it is stored in the memory 61 and can be in institute State the computer program 62 run on processor 60, such as the encipheror of user key.The processor 60 performs the meter The step in the introduction method embodiment of above-mentioned each user key, such as the step shown in Fig. 2 are realized during calculation machine program 62 S201 to S204.Or the processor 60 realizes each mould in above-mentioned each device embodiment when performing the computer program 62 The function of block/unit, such as the function of module 401 to 404 shown in Fig. 4.
Exemplary, the computer program 62 can be divided into one or more module/units, it is one or Multiple module/units are stored in the memory 61, and are performed by the processor 60, to complete the present invention.Described one Individual or multiple module/units can be the series of computation machine programmed instruction section that can complete specific function, and the instruction segment is used for Implementation procedure of the computer program 62 in the gatherer 6 of the user key is described.For example, the computer program 62 can be divided into data obtaining module, coding generation module, encrypting module and deciphering module, and each module concrete function is such as Under:
Data obtaining module, for obtaining user key ciphertext and character;
Generation module is encoded, for intercepting the coding of preset kind corresponding to the character of preset byte, as scattered The factor;
Encrypting module, for disperseing by built-in key to dispersion factor, generate temporary encryption keys;
Deciphering module, for the user key ciphertext to be decrypted based on the temporary encryption keys, to generate use Family key.
The gatherer 6 of the user key can be desktop PC, notebook, palm PC and cloud server Deng computing device.The gatherer of the user key may include, but be not limited only to, processor 60, memory 61.This area skill Art personnel are appreciated that Fig. 6 is only the example of the gatherer 6 of user key, do not form the importing dress to user key 6 restriction is put, can be included than illustrating more or less parts, either combines some parts or different parts, such as The gatherer of the user key can also include input-output equipment, network access equipment, bus etc..
Alleged processor 60 can be CPU (Central Processing Unit, CPU), can also be Other general processors, digital signal processor (Digital Signal Processor, DSP), application specific integrated circuit (Application Specific Integrated Circuit, ASIC), ready-made programmable gate array (Field- Programmable Gate Array, FPGA) either other PLDs, discrete gate or transistor logic, Discrete hardware components etc..General processor can be microprocessor or the processor can also be any conventional processor Deng.The processor 60 calls the step of introduction method of the user key of memory execution as follows:
Obtain user key ciphertext and character;The coding of preset kind corresponding to the character of preset byte is intercepted, As dispersion factor;Dispersion factor is disperseed by built-in key, generates temporary encryption keys;Based on the ephemeral encryption The user key ciphertext is decrypted key, to generate user key.
Built-in symmetric cryptography when the built-in symmetric encipherment algorithm key generates with the user key ciphertext is calculated Method key is identical.
The memory 61 can be the internal storage unit of the gatherer of the user key, such as user key The hard disk or internal memory of gatherer 6.The memory 61 can also be the outside of gatherer/device 6 of the user key The plug-in type hard disk being equipped with storage device, such as gatherer/device 6 of the user key, intelligent memory card (Smart Media Card, SMC), secure digital (Secure Digital, SD) card, flash card (Flash Card) etc..Further, The memory 61 can also both include the internal storage unit of gatherer/device 6 of the user key or including outside Storage device.The memory 61 is used to store its needed for the gatherer of the computer program and the user key His program and data.The memory 61 can be also used for temporarily storing the data that has exported or will export.
It is apparent to those skilled in the art that for convenience of description and succinctly, only with above-mentioned each work( Can unit, module division progress for example, in practical application, can be as needed and by above-mentioned function distribution by different Functional unit, module are completed, i.e., the internal structure of described device are divided into different functional units or module, more than completion The all or part of function of description.Each functional unit, module in embodiment can be integrated in a processing unit, also may be used To be that unit is individually physically present, can also two or more units it is integrated in a unit, it is above-mentioned integrated Unit can both be realized in the form of hardware, can also be realized in the form of SFU software functional unit.In addition, each function list Member, the specific name of module are not limited to the protection domain of the application also only to facilitate mutually distinguish.Said system The specific work process of middle unit, module, the corresponding process in preceding method embodiment is may be referred to, will not be repeated here.
In the above-described embodiments, the description to each embodiment all emphasizes particularly on different fields, and is not described in detail or remembers in some embodiment The part of load, it may refer to the associated description of other embodiments.
Those of ordinary skill in the art are it is to be appreciated that the list of each example described with reference to the embodiments described herein Member and algorithm steps, it can be realized with the combination of electronic hardware or computer software and electronic hardware.These functions are actually Performed with hardware or software mode, application-specific and design constraint depending on technical scheme.Professional and technical personnel Described function can be realized using distinct methods to each specific application, but this realization is it is not considered that exceed The scope of the present invention.
In embodiment provided by the present invention, it should be understood that disclosed device/apparatus and method, can pass through Other modes are realized.For example, device/device embodiment described above is only schematical, for example, the module or The division of unit, only a kind of division of logic function, can there are other dividing mode, such as multiple units when actually realizing Or component can combine or be desirably integrated into another system, or some features can be ignored, or not perform.It is another, institute Display or the mutual coupling discussed or direct-coupling or communication connection can be by some interfaces, device or unit INDIRECT COUPLING or communication connection, can be electrical, mechanical or other forms.
The unit illustrated as separating component can be or may not be physically separate, show as unit The part shown can be or may not be physical location, you can with positioned at a place, or can also be distributed to multiple On NE.Some or all of unit therein can be selected to realize the mesh of this embodiment scheme according to the actual needs 's.
In addition, each functional unit in each embodiment of the present invention can be integrated in a processing unit, can also That unit is individually physically present, can also two or more units it is integrated in a unit.Above-mentioned integrated list Member can both be realized in the form of hardware, can also be realized in the form of SFU software functional unit.
If the integrated module/unit realized in the form of SFU software functional unit and as independent production marketing or In use, it can be stored in a computer read/write memory medium.Based on such understanding, the present invention realizes above-mentioned implementation All or part of flow in example method, by computer program the hardware of correlation can also be instructed to complete, described meter Calculation machine program can be stored in a computer-readable recording medium, and the computer program can be achieved when being executed by processor The step of stating each embodiment of the method..Wherein, the computer program includes computer program code, the computer program Code can be source code form, object identification code form, executable file or some intermediate forms etc..Computer-readable Jie Matter can include:Can carry any entity or device of the computer program code, recording medium, USB flash disk, mobile hard disk, Magnetic disc, CD, computer storage, read-only storage (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), electric carrier signal, telecommunication signal and software distribution medium etc..It is it should be noted that described The content that computer-readable medium includes can carry out appropriate increasing according to legislation in jurisdiction and the requirement of patent practice Subtract, such as in some jurisdictions, electric carrier signal and electricity are not included according to legislation and patent practice, computer-readable medium Believe signal.
Embodiment described above is merely illustrative of the technical solution of the present invention, rather than its limitations;Although with reference to foregoing reality Example is applied the present invention is described in detail, it will be understood by those within the art that:It still can be to foregoing each Technical scheme described in embodiment is modified, or carries out equivalent substitution to which part technical characteristic;And these are changed Or replace, the essence of appropriate technical solution is departed from the spirit and scope of various embodiments of the present invention technical scheme, all should Within protection scope of the present invention.

Claims (10)

  1. A kind of 1. backup method of user key, it is characterised in that including:
    Obtain user key and generate the random number of presetting digit capacity;
    According to default algorithm, it is determined that dispersion factor corresponding with the random number;
    Dispersion factor is disperseed by built-in key, generates temporary encryption keys;
    The user key is encrypted based on the temporary encryption keys, generates user key ciphertext;
    According to the random number and the dispersion factor, it is determined that simultaneously display reminding information.
  2. 2. the backup method of user key as claimed in claim 1, it is characterised in that described according to the random number and institute Dispersion factor is stated, it is determined that simultaneously display reminding information, including:
    According to default corresponding relation, the character of predetermined number corresponding with the random number is searched, and shows the character, institute Stating corresponding relation includes numeral and the corresponding relation of character.
  3. 3. the backup method of user key as claimed in claim 2, it is characterised in that it is described according to default corresponding relation, The character of predetermined number corresponding with the random number is searched, including:
    Using the numeral in the random number per preset byte as a call number, sequentially searched in default character library table each Chinese character corresponding to the call number.
  4. 4. the backup method of user key as claimed in claim 1, it is characterised in that it is described according to default algorithm, it is determined that Dispersion factor corresponding with the random number includes:
    Using the numeral in the random number per preset byte as a call number, in default character library table search and be converted to pair The coding of Chinese character is answered, intercepts the coding of preset byte as dispersion factor.
  5. A kind of 5. introduction method of user key, it is characterised in that including:
    Obtain user key ciphertext and character;
    The coding of preset kind corresponding to the character of preset byte is intercepted, as dispersion factor;
    The dispersion factor is disperseed by built-in key, generates temporary decryption key;
    The user key ciphertext is decrypted based on the temporary decryption key, to generate user key.
  6. A kind of 6. back-up device of user key, it is characterised in that including:
    Acquisition module, for obtaining user key and generating the random number of presetting digit capacity;
    Determining module, for according to default algorithm, it is determined that dispersion factor corresponding with the random number;
    First encrypting module, for disperseing by built-in key to dispersion factor, generate temporary encryption keys;
    Second encrypting module, for the user key to be encrypted based on the temporary encryption keys, generate user key Ciphertext;
    Display module, for according to the random number and the dispersion factor, it is determined that simultaneously display reminding information.
  7. A kind of 7. gatherer of user key, it is characterised in that including:
    Data obtaining module, for obtaining user key ciphertext and character;
    Generation module is encoded, for intercepting the coding of preset kind corresponding to the character of preset byte, as dispersion factor;
    Encrypting module, for disperseing by built-in key to the dispersion factor, generate temporary decryption key;
    Deciphering module, it is close to generate user for the user key ciphertext to be decrypted based on the temporary decryption key Key.
  8. 8. a kind of back-up terminals of user key, including memory, processor and it is stored in the memory and can be in institute State the computer program run on processor, it is characterised in that realized described in the computing device during computer program as weighed Profit requires the step of any one of 1 to 4 methods described.
  9. 9. a kind of importing terminal of user key, including memory, processor and it is stored in the memory and can be in institute State the computer program run on processor, it is characterised in that realized described in the computing device during computer program as weighed Profit requires the step of 5 methods described.
  10. 10. a kind of computer-readable recording medium, the computer-readable recording medium storage has computer program, and its feature exists In when the computer program is executed by processor the step of realization such as any one of claim 1 to 5 methods described.
CN201711026840.5A 2017-10-27 2017-10-27 User key backup method and device and user key importing method and device Active CN107707347B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711026840.5A CN107707347B (en) 2017-10-27 2017-10-27 User key backup method and device and user key importing method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711026840.5A CN107707347B (en) 2017-10-27 2017-10-27 User key backup method and device and user key importing method and device

Publications (2)

Publication Number Publication Date
CN107707347A true CN107707347A (en) 2018-02-16
CN107707347B CN107707347B (en) 2020-10-23

Family

ID=61176307

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711026840.5A Active CN107707347B (en) 2017-10-27 2017-10-27 User key backup method and device and user key importing method and device

Country Status (1)

Country Link
CN (1) CN107707347B (en)

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109446752A (en) * 2018-12-13 2019-03-08 苏州科达科技股份有限公司 Rights file management method, system, equipment and storage medium
CN109544747A (en) * 2018-11-20 2019-03-29 北京千丁互联科技有限公司 Encryption key update method, system and the computer storage medium of intelligent door lock
CN109600224A (en) * 2018-11-06 2019-04-09 卓望数码技术(深圳)有限公司 A kind of SM2 key generation, endorsement method, terminal, server and storage medium
CN110324143A (en) * 2019-05-24 2019-10-11 平安科技(深圳)有限公司 Data transmission method, electronic equipment and storage medium
CN111385084A (en) * 2018-12-27 2020-07-07 中国电信股份有限公司 Key management method and device for digital assets and computer readable storage medium
CN111666558A (en) * 2020-04-30 2020-09-15 平安科技(深圳)有限公司 Key alternation method, key alternation device, computer equipment and storage medium
CN113127911A (en) * 2021-05-06 2021-07-16 国网河北省电力有限公司信息通信分公司 Electric power data encryption method and device and terminal
CN113326518A (en) * 2021-06-09 2021-08-31 深圳前海微众银行股份有限公司 Data processing method and device
WO2022001689A1 (en) * 2020-06-29 2022-01-06 中兴通讯股份有限公司 User data recovery method and apparatus, terminal and computer storage medium
CN114465720A (en) * 2022-01-25 2022-05-10 中国工商银行股份有限公司 Key migration method and device, storage medium and electronic equipment
CN115348578A (en) * 2022-10-13 2022-11-15 芯昇科技有限公司 Method and device for tracking contacter

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1702999A (en) * 2005-03-15 2005-11-30 联想(北京)有限公司 A method for backup and recovery of encryption key
CN102769525A (en) * 2011-05-04 2012-11-07 国民技术股份有限公司 Backup and recovery method of user key of TCM (Trusted Cryptography Module)
CN103580872A (en) * 2013-11-11 2014-02-12 北京华大智宝电子系统有限公司 System and method for generating and managing secret key
US20150365385A1 (en) * 2014-06-11 2015-12-17 Bijit Hore Method and apparatus for securing sensitive data in a cloud storage system
CN105933113A (en) * 2016-06-13 2016-09-07 北京三未信安科技发展有限公司 Secret key backup recovering method and system, and related devices
CN105978686A (en) * 2016-05-10 2016-09-28 杭州海兴电力科技股份有限公司 Key management method and system
US20170085377A1 (en) * 2015-09-21 2017-03-23 Oracle International Corporation Encryption system with key recovery and double aead key wrapping
CN107171796A (en) * 2017-06-27 2017-09-15 济南浪潮高新科技投资发展有限公司 A kind of many KMC key recovery methods

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1702999A (en) * 2005-03-15 2005-11-30 联想(北京)有限公司 A method for backup and recovery of encryption key
CN102769525A (en) * 2011-05-04 2012-11-07 国民技术股份有限公司 Backup and recovery method of user key of TCM (Trusted Cryptography Module)
CN103580872A (en) * 2013-11-11 2014-02-12 北京华大智宝电子系统有限公司 System and method for generating and managing secret key
US20150365385A1 (en) * 2014-06-11 2015-12-17 Bijit Hore Method and apparatus for securing sensitive data in a cloud storage system
US20170085377A1 (en) * 2015-09-21 2017-03-23 Oracle International Corporation Encryption system with key recovery and double aead key wrapping
CN105978686A (en) * 2016-05-10 2016-09-28 杭州海兴电力科技股份有限公司 Key management method and system
CN105933113A (en) * 2016-06-13 2016-09-07 北京三未信安科技发展有限公司 Secret key backup recovering method and system, and related devices
CN107171796A (en) * 2017-06-27 2017-09-15 济南浪潮高新科技投资发展有限公司 A kind of many KMC key recovery methods

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109600224A (en) * 2018-11-06 2019-04-09 卓望数码技术(深圳)有限公司 A kind of SM2 key generation, endorsement method, terminal, server and storage medium
CN109544747A (en) * 2018-11-20 2019-03-29 北京千丁互联科技有限公司 Encryption key update method, system and the computer storage medium of intelligent door lock
CN109446752A (en) * 2018-12-13 2019-03-08 苏州科达科技股份有限公司 Rights file management method, system, equipment and storage medium
CN111385084A (en) * 2018-12-27 2020-07-07 中国电信股份有限公司 Key management method and device for digital assets and computer readable storage medium
CN110324143B (en) * 2019-05-24 2022-03-11 平安科技(深圳)有限公司 Data transmission method, electronic device and storage medium
CN110324143A (en) * 2019-05-24 2019-10-11 平安科技(深圳)有限公司 Data transmission method, electronic equipment and storage medium
CN111666558A (en) * 2020-04-30 2020-09-15 平安科技(深圳)有限公司 Key alternation method, key alternation device, computer equipment and storage medium
CN111666558B (en) * 2020-04-30 2023-08-01 平安科技(深圳)有限公司 Key rotation method, device, computer equipment and storage medium
WO2022001689A1 (en) * 2020-06-29 2022-01-06 中兴通讯股份有限公司 User data recovery method and apparatus, terminal and computer storage medium
CN113127911A (en) * 2021-05-06 2021-07-16 国网河北省电力有限公司信息通信分公司 Electric power data encryption method and device and terminal
CN113326518A (en) * 2021-06-09 2021-08-31 深圳前海微众银行股份有限公司 Data processing method and device
WO2022257411A1 (en) * 2021-06-09 2022-12-15 深圳前海微众银行股份有限公司 Data processing method and apparatus
CN113326518B (en) * 2021-06-09 2024-02-02 深圳前海微众银行股份有限公司 Data processing method and device
CN114465720A (en) * 2022-01-25 2022-05-10 中国工商银行股份有限公司 Key migration method and device, storage medium and electronic equipment
CN115348578A (en) * 2022-10-13 2022-11-15 芯昇科技有限公司 Method and device for tracking contacter

Also Published As

Publication number Publication date
CN107707347B (en) 2020-10-23

Similar Documents

Publication Publication Date Title
CN107707347A (en) The backup method and device of user key, the introduction method and device of user key
CN106850221B (en) Information encryption and decryption method and device
CN107819569B (en) The encryption method and terminal device of log-on message
CN109040076B (en) Data processing method, system, device, equipment and medium
CN109214201A (en) A kind of data sharing method, terminal device and computer readable storage medium
CN107483432A (en) File encryption processing method and processing device
CN109257162A (en) The method and apparatus of Encryption Algorithm whitepack
CN109547201A (en) A kind of encryption method of root key, computer readable storage medium and terminal device
CN108038128A (en) A kind of search method, system, terminal device and storage medium for encrypting file
CN108923907A (en) A kind of homomorphism Inner product method based on the fault-tolerant problem concerning study of mould
CN109687966A (en) Encryption method and its system
CN110245520A (en) A kind of file enciphering method, file encryption device and terminal device
CN113434906B (en) Data query method, device, computer equipment and storage medium
CN110336661A (en) AES-GCM data processing method, device, electronic equipment and storage medium
CN107248914B (en) Novel symmetric encryption system and encryption method on iOS device
CN110598427B (en) Data processing method, system and storage medium
CN116861477A (en) Data processing method, system, terminal and storage medium based on privacy protection
CN110166234A (en) A kind of creation of business cipher key and business datum encryption method, apparatus and system
CN115909560A (en) Data encryption method, data decryption method and door lock system
CN115426111A (en) Data encryption method and device, electronic equipment and storage medium
CN107395350A (en) The generation method of key and key handles, system and intelligent key safety means
CN112580061B (en) Calling method of quantum encryption and decryption application interface and related equipment
CN113645025A (en) Data encryption storage method, storage device, user equipment and storage medium
CN108418826A (en) Video file processing method, device, server and storage medium
CN110458566A (en) A kind of account address generating method, system, device and the computer readable storage medium of block chain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant