CN107707347A - The backup method and device of user key, the introduction method and device of user key - Google Patents
The backup method and device of user key, the introduction method and device of user key Download PDFInfo
- Publication number
- CN107707347A CN107707347A CN201711026840.5A CN201711026840A CN107707347A CN 107707347 A CN107707347 A CN 107707347A CN 201711026840 A CN201711026840 A CN 201711026840A CN 107707347 A CN107707347 A CN 107707347A
- Authority
- CN
- China
- Prior art keywords
- user key
- key
- random number
- dispersion factor
- character
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0822—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The invention belongs to encryption technology field, more particularly to the introduction method and device of the backup method of user key and device and user key, by obtaining user key and generating the random number of presetting digit capacity;According to default algorithm, it is determined that dispersion factor corresponding with the random number;Dispersion factor is disperseed by built-in key, generates temporary encryption keys;The user key is encrypted based on the temporary encryption keys, generates user key ciphertext;According to the random number and the dispersion factor, it is determined that simultaneously display reminding information, so that user is when needing to import user key to plaintext decryption, the dispersion factor of complexity can be found out by way of remembering a small amount of character, both the security of user key ciphertext had been ensure that, user is remembered the dispersion factor of large amount of complex again, improve the convenience that user uses user key.
Description
Technical field
The invention belongs to encryption technology field, more particularly to the backup method of user key and device and user key are led
Enter method and device.
Background technology
Private key is the key factor decrypted and signed in security fields, generally, is signed in high safety field, such as network bank business
Deng in order to ensure the safety of private key, private key must generate in key safety means, and private key can not be from key safety means
Export.However, if the key safety means of user are once lose, in some application scenarios, such as bit coin private key, just again
It can not give for change, so as to cause user's massive losses.
The content of the invention
In view of this, the embodiments of the invention provide the backup method of user key and device, the importing side of user key
Method and device, security and convenience to solve existing user key encryption and leading-in technique be present and can not meet user's need simultaneously
The problem of asking.
The first aspect of the embodiment of the present invention provides a kind of backup method of user key, including:
Obtain user key and generate the random number of presetting digit capacity;According to default algorithm, it is determined that with the random number pair
The dispersion factor answered;Dispersion factor is disperseed by built-in key, generates temporary encryption keys;Based on the ephemeral encryption
The user key is encrypted key, generates user key ciphertext;According to the random number and the dispersion factor, really
Fixed and display reminding information.
The second aspect of the embodiment of the present invention provides a kind of introduction method of user key, including:
Obtain user key ciphertext and character;The coding of preset kind corresponding to the character of preset byte is intercepted,
As dispersion factor;The dispersion factor is disperseed by built-in key, generates temporary decryption key;Based on described interim
The user key ciphertext is decrypted decruption key, to generate user key.
The third aspect of the embodiment of the present invention provides a kind of back-up device of user key, including:
Acquisition module, for obtaining user key and generating the random number of presetting digit capacity;Determining module, for according to default
Algorithm, it is determined that dispersion factor corresponding with the random number;First encrypting module, for by built-in key to dispersion factor
Disperseed, generate temporary encryption keys;Second encrypting module, for based on the temporary encryption keys to the user key
It is encrypted, generates user key ciphertext;Display module, for according to the random number and the dispersion factor, it is determined that simultaneously
Display reminding information.
The fourth aspect of the embodiment of the present invention provides a kind of gatherer of user key, including:
Data obtaining module, for obtaining user key ciphertext and character;Generation module is encoded, for intercepting predetermined word
The coding of preset kind corresponding to the character of section, as dispersion factor;Encrypting module, for by built-in key to described
Dispersion factor is disperseed, and generates temporary encryption keys;Deciphering module, for based on the temporary decryption key to the user
Key ciphertext is decrypted, to generate user key.
5th aspect of the embodiment of the present invention provides a kind of back-up terminals of user key, including memory, processor
And it is stored in the computer program that can be run in the memory and on the processor, it is characterised in that the processing
The step of device realizes the backup method of following user key when performing the computer program:
Obtain user key and generate the random number of presetting digit capacity;According to default algorithm, it is determined that with the random number pair
The dispersion factor answered;Dispersion factor is disperseed by built-in key, generates temporary encryption keys;Based on the ephemeral encryption
The user key is encrypted key, generates user key ciphertext;According to the random number and the dispersion factor, really
Fixed and display reminding information.
It is described according to the random number and the dispersion factor, it is determined that simultaneously display reminding information, including:According to default
Corresponding relation, searches the character of predetermined number corresponding with the random number, and shows the character, and the corresponding relation includes
Numeral and the corresponding relation of character.
It is described that the character of predetermined number corresponding with the random number is searched according to default corresponding relation, including:By institute
The numeral in random number per preset byte is stated as a call number, each index is sequentially searched in default character library table
Chinese character corresponding to number.
It is described according to default algorithm, it is determined that dispersion factor corresponding with the random number includes:By in the random number
Numeral per preset byte in default character library table search and is converted to the coding of corresponding Chinese character, intercepted as a call number
The coding of preset byte is as dispersion factor.
6th aspect of the embodiment of the present invention provides a kind of importing terminal of user key, including memory, processor
And it is stored in the computer program that can be run in the memory and on the processor, it is characterised in that the processing
The step of device realizes the backup method of following user key when performing the computer program:
Obtain user key ciphertext and character;The coding of preset kind corresponding to the character of preset byte is intercepted,
As dispersion factor;The dispersion factor is disperseed by built-in key, generates temporary decryption key;Based on described interim
The user key ciphertext is decrypted decruption key, to generate user key.
The built-in key when built-in key generates with the user key ciphertext is identical.
7th aspect of the embodiment of the present invention provides a kind of computer-readable recording medium, the computer-readable storage
Media storage has computer program, it is characterised in that the computer program realizes following user key when being executed by processor
Backup method the step of:
Obtain user key and generate the random number of presetting digit capacity;According to default algorithm, it is determined that with the random number pair
The dispersion factor answered;Dispersion factor is disperseed by built-in key, generates temporary encryption keys;Based on the ephemeral encryption
The user key is encrypted key, generates user key ciphertext;According to the random number and the dispersion factor, really
Fixed and display reminding information.
It is described according to the random number and the dispersion factor, it is determined that simultaneously display reminding information, including:According to default
Corresponding relation, searches the character of predetermined number corresponding with the random number, and shows the character, and the corresponding relation includes
Numeral and the corresponding relation of character.
It is described that the character of predetermined number corresponding with the random number is searched according to default corresponding relation, including:By institute
The numeral in random number per preset byte is stated as a call number, each index is sequentially searched in default character library table
Chinese character corresponding to number.
It is described according to default algorithm, it is determined that dispersion factor corresponding with the random number includes:By in the random number
Numeral per preset byte in default character library table search and is converted to the coding of corresponding Chinese character, intercepted as a call number
The coding of preset byte is as dispersion factor.
Obtain user key ciphertext and character;The coding of preset kind corresponding to the character of preset byte is intercepted,
As dispersion factor;The dispersion factor is disperseed by built-in key, generates temporary decryption key;Based on described interim
The user key ciphertext is decrypted decruption key, to generate user key.
Existing beneficial effect is the embodiment of the present invention compared with prior art:Generate the random number of presetting digit capacity;According to
Default corresponding relation, search the character of predetermined number corresponding with the random number;Intercept the present count of preset byte
The coding of preset kind is as dispersion factor corresponding to the character of amount;By built-in symmetric encipherment algorithm key to dispersion factor
It is encrypted, generates temporary encryption keys;It is finally based on the temporary encryption keys user key is encrypted, generates
User key ciphertext, so that user is when needing to import user key to plaintext decryption, can be by remembering a small amount of character
Mode finds out the dispersion factor of complexity, both ensure that the security of user key ciphertext, and solving to lose because of private key again causes user
The problem of loss.
Brief description of the drawings
Technical scheme in order to illustrate the embodiments of the present invention more clearly, below will be to embodiment or description of the prior art
In the required accompanying drawing used be briefly described, it should be apparent that, drawings in the following description be only the present invention some
Embodiment, for those of ordinary skill in the art, without having to pay creative labor, can also be according to these
Accompanying drawing obtains other accompanying drawings.
Fig. 1 is the implementation process figure of the backup method for the user key that the embodiment of the present invention one provides;
Fig. 2 is the implementation process figure of the introduction method for the user key that the embodiment of the present invention two provides;
Fig. 3 is the structured flowchart of the back-up device for the user key that the embodiment of the present invention three provides;
Fig. 4 is the structured flowchart of the gatherer for the user key that the embodiment of the present invention four provides;
Fig. 5 is the schematic diagram of the back-up terminals of user key provided in an embodiment of the present invention;
Fig. 6 is the schematic diagram of the importing terminal of user key provided in an embodiment of the present invention.
Embodiment
In describing below, in order to illustrate rather than in order to limit, it is proposed that such as tool of particular system structure, technology etc
Body details, thoroughly to understand the embodiment of the present invention.However, it will be clear to one skilled in the art that there is no these specific
The present invention can also be realized in the other embodiments of details.In other situations, omit to well-known system, device, electricity
Road and the detailed description of method, in case unnecessary details hinders description of the invention.
In order to illustrate technical solutions according to the invention, illustrated below by specific embodiment.
Embodiment one
Fig. 1 shows the implementation process of the backup method for the user key that the embodiment of the present invention one provides, including step
S101-S105, details are as follows:
Step S101, obtain user key and generate the random number of presetting digit capacity.
In embodiments of the present invention, the method and steps of encryption is primarily directed to user key, it is possible to understand that ground, a lot
In AES, such as some rivest, shamir, adelmans such as SM2, ECC, RSA are required for a user key to go to complete in plain text
Encryption, due to user key be to plaintext encryption key factor, once therefore user key intercepted and captured by other people, then may be right
Encrypted plaintext is cracked, so needing to carry out certain safeguard protection in itself to user key.
In embodiments of the present invention, after user triggers the export mechanism of user key by dependent instruction, user key
Back-up device obtain user key to be encrypted first and generate the random number of presetting digit capacity.Alternatively, dependent instruction can be with
Sent by equipment such as PC equipment, bluetooth equipment, audio frequency apparatus and near-field communication equipments to the back-up device of user key.
In embodiments of the present invention, for being exactly according to above-mentioned random number to the encryption key that user key is encrypted
Generation, specific generation method will be explained below.It is interesting to note that the digit of random number is according to specific for close to user
The species for the AES that key is encrypted and determine, such as:If subsequently user key be encrypted using SM4 algorithms,
So because algorithm packet corresponding to SM4 algorithms is 16 bytes, then just need to generate the random number of 18 bytes;It is if follow-up
User key is encrypted using 3Des algorithms, then because algorithm packet is 8 bytes corresponding to 3Des algorithms, then only need
Want the random number of 9 bytes.The method that specific random number is converted into encryption key be will be explained below, and citing herein is only used for
Illustrate the digit of random number according to different AESs, can by user manually or device automatically generate corresponding digit with
Machine number.
Step S102, according to default algorithm, it is determined that dispersion factor corresponding with the random number.
It is interesting to note that provided in an embodiment of the present invention is user key to be encrypted to generate user key ciphertext
Method, in order that user is easier to remember the dispersion factor for decrypted user key ciphertext, therefore in embodiments of the present invention
Random number described above is converted into character first.Alternatively, the character can be Chinese character.
Specifically, according to default corresponding relation, the character of predetermined number corresponding with the random number is searched, it is described right
The corresponding relation including numeral with character should be related to.
Further, using the numeral in the random number per preset byte as a call number, in default character library table
Inside sequentially search Chinese character corresponding to each call number..
Alternatively, in embodiments of the present invention, it is each random using the random number of each two byte as a random array
Call number of the array as a Chinese character.For example, the random number of 12 bytes is generated in S101, by random number in order
It is divided into 6 random arrays, each random array has the numeral of 2 bytes.
Specifically, according to the default corresponding relation, Chinese character corresponding to the numeral in each random array is searched,
Generate the Chinese character of the predetermined number.As described above, each random call number of the array as a Chinese character, is deposited in systems
Contain numeral and the corresponding relation of Chinese character, it is possible to understand that ground, by the corresponding relation, it is corresponding that each random array can be found out
Chinese character., then can be with using each two byte as a random array it is to be appreciated that it is 12 bytes that if random number, which has altogether,
Generate 6 Chinese characters, user need to only write down this six Chinese characters, it is possible to inputted in decrypted user key ciphertext correctly it is scattered because
Son, so as to carry out successful decryption to user key ciphertext to import user key, therefore improve user and use user key
Convenience.
Alternatively, the Chinese character of the predetermined number is shown, and judges whether to receive confirmation of the user to the Chinese character.
Alternatively, if being not received by confirmation of the user to the Chinese character, exit this time operate and regenerate it is new
Random number.
It is to be appreciated that if the user sees that after the Chinese character that the back-up device of user key is shown, this is not confirmed
A little Chinese characters, then it can prove that user thinks that current caused Chinese character is not easy to remember, this time operate and regenerate so exiting
New random number.
Alternatively, if receiving confirmation of the user to the Chinese character, by the numeral in the random number per preset byte
As a call number, in default character library table search and the coding of corresponding Chinese character is converted to, intercepts the volume of preset byte
Code is used as dispersion factor.
It is to be appreciated that according to method as described above, Chinese character corresponding to random number has been calculated, as described above, has been produced
The purpose of Chinese character is easy for user's memory, but Chinese character can not add directly as what user key was encrypted in itself
Key, so also needing to do a series of data conversion to the Chinese character of step S102 generations.
Alternatively, the coding of the preset kind in the embodiment of the present invention can be that UTF8 is encoded.Specifically, will be according to random
Chinese character caused by number is converted into UTF8 codings.UTF8 codings are that a kind of variable length character for Unicode encodes, in this hair
In bright embodiment, a Chinese character correspond to unique UTF8 codings of 3 bytes.For example, if 6 are generated in step s 102
Individual Chinese character, the then UTF8 that 6 Chinese characters are converted into 18 bytes in this step are encoded.
It is to be appreciated that because the byte of the dispersion factor of different AES needs is different, for example, SM4 algorithms need
The dispersion factor wanted is 16 bytes;And the dispersion factor that 3Des algorithms need is 8 bytes, so needing 18 bytes to generation
UTF8 coding intercepted, generation meet follow-up Cryptographic Algorithm Requirements preset byte UTF8 coding be used as dispersion factor.
Step S103, dispersion factor is disperseed by built-in key, generate temporary encryption keys.
Alternatively, dispersion factor is disperseed using SM4 AESs, the dispersion factor is the Chinese character of preset byte
The coding of corresponding preset kind.By the calculating of SM4 algorithms, it is close that dispersion factor can be converted to ephemeral encryption by built-in key
Key.Alternatively, the coding of the preset kind in the embodiment of the present invention can be that UTF8 is encoded.
It is interesting to note that the back-up device memory storage of user key a built-in key, the built-in key is used at this
Dispersion factor is disperseed in step.Further, user key back-up device memory storage built-in key with being used for
It is identical to the built-in key of the gatherer memory storage of the user key of user key ciphertext decryption.
Step S104, the user key is encrypted based on the temporary encryption keys, generates user key ciphertext.
Alternatively, the user key obtained in step S101 is encrypted using SM4 AESs, the key used is
The temporary encryption keys generated in step S103.
Further, after user key ciphertext is generated, the user key ciphertext can be stored in local storage
In, it can also upload onto the server interior.It is to be appreciated that if user key ciphertext is stored in home server, facilitate user
Quick calling and off-line operation;If user key ciphertext is stored in server, is advantageous to user and is remotely subsequently solved
Close operation.
Step S105, according to the random number and the dispersion factor, it is determined that simultaneously display reminding information.
Alternatively, in embodiments of the present invention, prompt message can be the information of many types, such as back-up device is initial
The random number of generation, or dispersion factor.
Preferably, remember for the ease of people, the Chinese character that can select to generate above is as prompt message.
It is to be appreciated that the embodiment of the present invention is by generating the random number of presetting digit capacity;According to default corresponding relation, look into
Look for the character of predetermined number corresponding with the random number;Intercept and preset corresponding to the character of the predetermined number of preset byte
The coding of type is as dispersion factor;Dispersion factor is encrypted by built-in symmetric encipherment algorithm key, generation is interim
Encryption key;It is finally based on the temporary encryption keys user key is encrypted, generates user key ciphertext, so that
User is being needed to plaintext decryption when importing user key, and the scattered of complexity can be found out by way of remembering a small amount of character
The factor, both ensure that the security of user key ciphertext, user is remembered the dispersion factor of large amount of complex again, improves
User uses the convenience of user key.
Embodiment two
Fig. 2 shows the introduction method for the user key that the embodiment of the present invention two provides, including step S201-S204, in detail
State as follows:
Step S201, obtain user key ciphertext and character.
In embodiments of the present invention, after user triggers the importing mechanism of user key by dependent instruction, user key
Gatherer obtain user key ciphertext and character first.Alternatively, dependent instruction can be set by PC equipment, bluetooth
The equipment such as standby, audio frequency apparatus and near-field communication equipment is sent to the gatherer of user key.
It is to be appreciated that the importing process of user key exactly user key ciphertext is decrypted it is close so as to generate user
The process of key.Therefore in embodiments of the present invention, user needs the use that input first generates by the back-up device of user key
Family key ciphertext and character.
Step S202, the coding of preset kind corresponding to the character of preset byte is intercepted, as dispersion factor.
Alternatively, alternatively, the coding of the preset kind in the embodiment of the present invention can be that UTF8 is encoded.Specifically, will
The character of user's input is converted into UTF8 codings.UTF8 codings are that a kind of variable length character for Unicode encodes, at this
In inventive embodiments, a character correspond to unique UTF8 codings of 3 bytes.If for example, generate in step s 102
6 characters, the then UTF8 that 6 characters are converted into 18 bytes in this step are encoded.
It is to be appreciated that because the byte of the dispersion factor of different AES needs is different, for example, SM4 algorithms need
The dispersion factor wanted is 16 bytes;And the dispersion factor that 3Des algorithms need is 8 bytes, so needing 18 bytes to generation
UTF8 coding intercepted, generation meet follow-up Cryptographic Algorithm Requirements preset byte UTF8 coding be used as dispersion factor.
If it is to be appreciated that user input character be not user key caused character in ciphering process, that
The dispersion factor generated in this step is also just different from the dispersion factor in the ciphering process of user key, then follow-up
In step, necessarily can not correctly decrypted user key ciphertext, correct user key can not be generated.
Step S203, the dispersion factor is disperseed by built-in key, generate temporary decryption key.
Alternatively, dispersion factor is disperseed using SM4 algorithms, the dispersion factor is that the character of user's input is corresponding
Preset kind coding.By the calculating of SM4 algorithms, it is close that the dispersion factor converted by character is converted into temporary decryption
Key exports.
It is interesting to note that the gatherer memory storage of user key a built-in key, the built-in key is used at this
Dispersion factor is disperseed in step.
Further, built-in key when built-in key generates with the user key ciphertext is identical.
Step S204, the user key ciphertext is decrypted based on the temporary decryption key, it is close to generate user
Key.
Alternatively, user key ciphertext is decrypted using the inverse step of SM4 AESs, the key used is step
The temporary decryption key generated in S203.
It is to be appreciated that the embodiment of the present invention intercepts the institute of preset byte by obtaining user key ciphertext and character
The coding of preset kind corresponding to character is stated, as dispersion factor;Dispersion factor is disperseed by built-in key, generation is faced
When encryption key;The user key ciphertext is decrypted based on the temporary encryption keys, to generate user key, so that
User is being needed to plaintext decryption when importing user key, and the scattered of complexity can be found out by way of remembering a small amount of character
The factor, both ensure that the security of user key ciphertext, user is remembered the dispersion factor of large amount of complex again, improves
User uses the convenience of user key.
Embodiment three
Corresponding to the backup method of user key above, Fig. 3 shows the user key that the embodiment of the present invention three provides
Back-up device structured flowchart.
Reference picture 3, the device include:
Acquisition module 301, for obtaining user key and generating the random number of presetting digit capacity;
Determining module 302, for according to default algorithm, it is determined that dispersion factor corresponding with the random number;
First encrypting module 303, for disperseing by built-in key to dispersion factor, generate temporary encryption keys;
Second encrypting module 304, for the user key to be encrypted based on the temporary encryption keys, generation is used
Family user key ciphertext;
Display module 305, for according to the random number and the dispersion factor, it is determined that simultaneously display reminding information.
Further, display module includes:
Chinese disply submodule:For according to default corresponding relation, searching predetermined number corresponding with the random number
Character, the corresponding relation includes numeral and the corresponding relation of character..
Further, the chinese disply submodule, is specifically used for:
Using the numeral in the random number per preset byte as a call number, sequentially searched in default character library table
Chinese character corresponding to each call number.
Example IV
Corresponding to the introduction method of user key above, Fig. 4 shows the user key that the embodiment of the present invention four provides
Gatherer structured flowchart.
Reference picture 4, the device include:
Data obtaining module 401, for obtaining user key ciphertext and character;
Encode generation module 402, for intercepting the coding of preset kind corresponding to the character of preset byte, as point
Dissipate the factor;
Encrypting module 403, for disperseing by built-in key to dispersion factor, generate temporary encryption keys;
Built-in symmetric cryptography when the built-in symmetric encipherment algorithm key generates with the user key ciphertext is calculated
Method key is identical.
Deciphering module 404, for the user key ciphertext to be decrypted based on the temporary encryption keys, with generation
User key.
Fig. 5 is the schematic diagram of the back-up terminals for the user key that one embodiment of the invention provides.As shown in figure 5, the implementation
The back-up device of the user key of example includes:Processor 50, memory 51 and it is stored in the memory 51 and can be in institute
State the computer program 52 run on processor 50, such as the encipheror of user key.The processor 50 performs the meter
The step in the backup method embodiment of above-mentioned each user key, such as the step shown in Fig. 1 are realized during calculation machine program 52
S101 to S105.Or the processor 50 realizes each mould in above-mentioned each device embodiment when performing the computer program 52
The function of block/unit, such as the function of module 301 to 305 shown in Fig. 3.
Exemplary, the computer program 52 can be divided into one or more module/units, it is one or
Multiple module/units are stored in the memory 51, and are performed by the processor 50, to complete the present invention.Described one
Individual or multiple module/units can be the series of computation machine programmed instruction section that can complete specific function, and the instruction segment is used for
Implementation procedure of the computer program 52 in the back-up device 5 of the user key is described.For example, the computer program
52 can be divided into acquisition module, determining module, the first encrypting module, the second encrypting module and display module, each module
Concrete function is as follows:
Acquisition module, for obtaining user key and generating the random number of presetting digit capacity;
Determining module, for according to default algorithm, it is determined that dispersion factor corresponding with the random number;
First encrypting module, for disperseing by built-in key to dispersion factor, generate temporary encryption keys;
Second encrypting module, for the user key to be encrypted based on the temporary encryption keys, generate user
Key ciphertext;
Display module, for according to the random number and the dispersion factor, it is determined that simultaneously display reminding information.
The back-up device 5 of the user key can be desktop PC, notebook, palm PC and cloud server
Deng computing device.The back-up device of the user key may include, but be not limited only to, processor 50, memory 51.This area skill
Art personnel are appreciated that Fig. 5 is only the example of the back-up device 5 of user key, do not form the backup dress to user key
5 restriction is put, can be included than illustrating more or less parts, either combines some parts or different parts, such as
The back-up device of the user key can also include input-output equipment, network access equipment, bus etc..
Alleged processor 50 can be CPU (Central Processing Unit, CPU), can also be
Other general processors, digital signal processor (Digital Signal Processor, DSP), application specific integrated circuit
(Application Specific Integrated Circuit, ASIC), ready-made programmable gate array (Field-
Programmable Gate Array, FPGA) either other PLDs, discrete gate or transistor logic,
Discrete hardware components etc..General processor can be microprocessor or the processor can also be any conventional processor
Deng.The processor 50 calls the step of backup method of the user key of memory execution as follows:
Obtain user key and generate the random number of presetting digit capacity;According to default corresponding relation, search and described random
The character of predetermined number corresponding to number, the corresponding relation include numeral and the corresponding relation of character;Intercept the institute of preset byte
The coding of preset kind corresponding to the character of predetermined number is stated, as dispersion factor;Dispersion factor is carried out by built-in key
It is scattered, generate temporary encryption keys;The user key is encrypted based on the temporary encryption keys, generates user key
Ciphertext.
It is described that the character of predetermined number corresponding with the random number is searched according to default corresponding relation, including:By institute
State the random array that random number is divided into predetermined number;According to the default corresponding relation, each random array is searched
In numeral corresponding to character, generate the character of the predetermined number.
After the character of the generation predetermined number, in addition to:Show the character of the predetermined number.
The memory 51 can be the internal storage unit of the back-up device of the user key, such as user key
The hard disk or internal memory of back-up device 5.The memory 51 can also be the outside of back-up device/device 5 of the user key
The plug-in type hard disk being equipped with storage device, such as back-up device/device 5 of the user key, intelligent memory card (Smart
Media Card, SMC), secure digital (Secure Digital, SD) card, flash card (Flash Card) etc..Further,
The memory 51 can also both include the internal storage unit of back-up device/device 5 of the user key or including outside
Storage device.The memory 51 is used to store its needed for the back-up device of the computer program and the user key
His program and data.The memory 51 can be also used for temporarily storing the data that has exported or will export.
Fig. 6 is the schematic diagram of the importing terminal for the user key that one embodiment of the invention provides.As shown in fig. 6, the implementation
The gatherer of the user key of example includes:Processor 60, memory 61 and it is stored in the memory 61 and can be in institute
State the computer program 62 run on processor 60, such as the encipheror of user key.The processor 60 performs the meter
The step in the introduction method embodiment of above-mentioned each user key, such as the step shown in Fig. 2 are realized during calculation machine program 62
S201 to S204.Or the processor 60 realizes each mould in above-mentioned each device embodiment when performing the computer program 62
The function of block/unit, such as the function of module 401 to 404 shown in Fig. 4.
Exemplary, the computer program 62 can be divided into one or more module/units, it is one or
Multiple module/units are stored in the memory 61, and are performed by the processor 60, to complete the present invention.Described one
Individual or multiple module/units can be the series of computation machine programmed instruction section that can complete specific function, and the instruction segment is used for
Implementation procedure of the computer program 62 in the gatherer 6 of the user key is described.For example, the computer program
62 can be divided into data obtaining module, coding generation module, encrypting module and deciphering module, and each module concrete function is such as
Under:
Data obtaining module, for obtaining user key ciphertext and character;
Generation module is encoded, for intercepting the coding of preset kind corresponding to the character of preset byte, as scattered
The factor;
Encrypting module, for disperseing by built-in key to dispersion factor, generate temporary encryption keys;
Deciphering module, for the user key ciphertext to be decrypted based on the temporary encryption keys, to generate use
Family key.
The gatherer 6 of the user key can be desktop PC, notebook, palm PC and cloud server
Deng computing device.The gatherer of the user key may include, but be not limited only to, processor 60, memory 61.This area skill
Art personnel are appreciated that Fig. 6 is only the example of the gatherer 6 of user key, do not form the importing dress to user key
6 restriction is put, can be included than illustrating more or less parts, either combines some parts or different parts, such as
The gatherer of the user key can also include input-output equipment, network access equipment, bus etc..
Alleged processor 60 can be CPU (Central Processing Unit, CPU), can also be
Other general processors, digital signal processor (Digital Signal Processor, DSP), application specific integrated circuit
(Application Specific Integrated Circuit, ASIC), ready-made programmable gate array (Field-
Programmable Gate Array, FPGA) either other PLDs, discrete gate or transistor logic,
Discrete hardware components etc..General processor can be microprocessor or the processor can also be any conventional processor
Deng.The processor 60 calls the step of introduction method of the user key of memory execution as follows:
Obtain user key ciphertext and character;The coding of preset kind corresponding to the character of preset byte is intercepted,
As dispersion factor;Dispersion factor is disperseed by built-in key, generates temporary encryption keys;Based on the ephemeral encryption
The user key ciphertext is decrypted key, to generate user key.
Built-in symmetric cryptography when the built-in symmetric encipherment algorithm key generates with the user key ciphertext is calculated
Method key is identical.
The memory 61 can be the internal storage unit of the gatherer of the user key, such as user key
The hard disk or internal memory of gatherer 6.The memory 61 can also be the outside of gatherer/device 6 of the user key
The plug-in type hard disk being equipped with storage device, such as gatherer/device 6 of the user key, intelligent memory card (Smart
Media Card, SMC), secure digital (Secure Digital, SD) card, flash card (Flash Card) etc..Further,
The memory 61 can also both include the internal storage unit of gatherer/device 6 of the user key or including outside
Storage device.The memory 61 is used to store its needed for the gatherer of the computer program and the user key
His program and data.The memory 61 can be also used for temporarily storing the data that has exported or will export.
It is apparent to those skilled in the art that for convenience of description and succinctly, only with above-mentioned each work(
Can unit, module division progress for example, in practical application, can be as needed and by above-mentioned function distribution by different
Functional unit, module are completed, i.e., the internal structure of described device are divided into different functional units or module, more than completion
The all or part of function of description.Each functional unit, module in embodiment can be integrated in a processing unit, also may be used
To be that unit is individually physically present, can also two or more units it is integrated in a unit, it is above-mentioned integrated
Unit can both be realized in the form of hardware, can also be realized in the form of SFU software functional unit.In addition, each function list
Member, the specific name of module are not limited to the protection domain of the application also only to facilitate mutually distinguish.Said system
The specific work process of middle unit, module, the corresponding process in preceding method embodiment is may be referred to, will not be repeated here.
In the above-described embodiments, the description to each embodiment all emphasizes particularly on different fields, and is not described in detail or remembers in some embodiment
The part of load, it may refer to the associated description of other embodiments.
Those of ordinary skill in the art are it is to be appreciated that the list of each example described with reference to the embodiments described herein
Member and algorithm steps, it can be realized with the combination of electronic hardware or computer software and electronic hardware.These functions are actually
Performed with hardware or software mode, application-specific and design constraint depending on technical scheme.Professional and technical personnel
Described function can be realized using distinct methods to each specific application, but this realization is it is not considered that exceed
The scope of the present invention.
In embodiment provided by the present invention, it should be understood that disclosed device/apparatus and method, can pass through
Other modes are realized.For example, device/device embodiment described above is only schematical, for example, the module or
The division of unit, only a kind of division of logic function, can there are other dividing mode, such as multiple units when actually realizing
Or component can combine or be desirably integrated into another system, or some features can be ignored, or not perform.It is another, institute
Display or the mutual coupling discussed or direct-coupling or communication connection can be by some interfaces, device or unit
INDIRECT COUPLING or communication connection, can be electrical, mechanical or other forms.
The unit illustrated as separating component can be or may not be physically separate, show as unit
The part shown can be or may not be physical location, you can with positioned at a place, or can also be distributed to multiple
On NE.Some or all of unit therein can be selected to realize the mesh of this embodiment scheme according to the actual needs
's.
In addition, each functional unit in each embodiment of the present invention can be integrated in a processing unit, can also
That unit is individually physically present, can also two or more units it is integrated in a unit.Above-mentioned integrated list
Member can both be realized in the form of hardware, can also be realized in the form of SFU software functional unit.
If the integrated module/unit realized in the form of SFU software functional unit and as independent production marketing or
In use, it can be stored in a computer read/write memory medium.Based on such understanding, the present invention realizes above-mentioned implementation
All or part of flow in example method, by computer program the hardware of correlation can also be instructed to complete, described meter
Calculation machine program can be stored in a computer-readable recording medium, and the computer program can be achieved when being executed by processor
The step of stating each embodiment of the method..Wherein, the computer program includes computer program code, the computer program
Code can be source code form, object identification code form, executable file or some intermediate forms etc..Computer-readable Jie
Matter can include:Can carry any entity or device of the computer program code, recording medium, USB flash disk, mobile hard disk,
Magnetic disc, CD, computer storage, read-only storage (ROM, Read-Only Memory), random access memory (RAM,
Random Access Memory), electric carrier signal, telecommunication signal and software distribution medium etc..It is it should be noted that described
The content that computer-readable medium includes can carry out appropriate increasing according to legislation in jurisdiction and the requirement of patent practice
Subtract, such as in some jurisdictions, electric carrier signal and electricity are not included according to legislation and patent practice, computer-readable medium
Believe signal.
Embodiment described above is merely illustrative of the technical solution of the present invention, rather than its limitations;Although with reference to foregoing reality
Example is applied the present invention is described in detail, it will be understood by those within the art that:It still can be to foregoing each
Technical scheme described in embodiment is modified, or carries out equivalent substitution to which part technical characteristic;And these are changed
Or replace, the essence of appropriate technical solution is departed from the spirit and scope of various embodiments of the present invention technical scheme, all should
Within protection scope of the present invention.
Claims (10)
- A kind of 1. backup method of user key, it is characterised in that including:Obtain user key and generate the random number of presetting digit capacity;According to default algorithm, it is determined that dispersion factor corresponding with the random number;Dispersion factor is disperseed by built-in key, generates temporary encryption keys;The user key is encrypted based on the temporary encryption keys, generates user key ciphertext;According to the random number and the dispersion factor, it is determined that simultaneously display reminding information.
- 2. the backup method of user key as claimed in claim 1, it is characterised in that described according to the random number and institute Dispersion factor is stated, it is determined that simultaneously display reminding information, including:According to default corresponding relation, the character of predetermined number corresponding with the random number is searched, and shows the character, institute Stating corresponding relation includes numeral and the corresponding relation of character.
- 3. the backup method of user key as claimed in claim 2, it is characterised in that it is described according to default corresponding relation, The character of predetermined number corresponding with the random number is searched, including:Using the numeral in the random number per preset byte as a call number, sequentially searched in default character library table each Chinese character corresponding to the call number.
- 4. the backup method of user key as claimed in claim 1, it is characterised in that it is described according to default algorithm, it is determined that Dispersion factor corresponding with the random number includes:Using the numeral in the random number per preset byte as a call number, in default character library table search and be converted to pair The coding of Chinese character is answered, intercepts the coding of preset byte as dispersion factor.
- A kind of 5. introduction method of user key, it is characterised in that including:Obtain user key ciphertext and character;The coding of preset kind corresponding to the character of preset byte is intercepted, as dispersion factor;The dispersion factor is disperseed by built-in key, generates temporary decryption key;The user key ciphertext is decrypted based on the temporary decryption key, to generate user key.
- A kind of 6. back-up device of user key, it is characterised in that including:Acquisition module, for obtaining user key and generating the random number of presetting digit capacity;Determining module, for according to default algorithm, it is determined that dispersion factor corresponding with the random number;First encrypting module, for disperseing by built-in key to dispersion factor, generate temporary encryption keys;Second encrypting module, for the user key to be encrypted based on the temporary encryption keys, generate user key Ciphertext;Display module, for according to the random number and the dispersion factor, it is determined that simultaneously display reminding information.
- A kind of 7. gatherer of user key, it is characterised in that including:Data obtaining module, for obtaining user key ciphertext and character;Generation module is encoded, for intercepting the coding of preset kind corresponding to the character of preset byte, as dispersion factor;Encrypting module, for disperseing by built-in key to the dispersion factor, generate temporary decryption key;Deciphering module, it is close to generate user for the user key ciphertext to be decrypted based on the temporary decryption key Key.
- 8. a kind of back-up terminals of user key, including memory, processor and it is stored in the memory and can be in institute State the computer program run on processor, it is characterised in that realized described in the computing device during computer program as weighed Profit requires the step of any one of 1 to 4 methods described.
- 9. a kind of importing terminal of user key, including memory, processor and it is stored in the memory and can be in institute State the computer program run on processor, it is characterised in that realized described in the computing device during computer program as weighed Profit requires the step of 5 methods described.
- 10. a kind of computer-readable recording medium, the computer-readable recording medium storage has computer program, and its feature exists In when the computer program is executed by processor the step of realization such as any one of claim 1 to 5 methods described.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711026840.5A CN107707347B (en) | 2017-10-27 | 2017-10-27 | User key backup method and device and user key importing method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711026840.5A CN107707347B (en) | 2017-10-27 | 2017-10-27 | User key backup method and device and user key importing method and device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN107707347A true CN107707347A (en) | 2018-02-16 |
CN107707347B CN107707347B (en) | 2020-10-23 |
Family
ID=61176307
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711026840.5A Active CN107707347B (en) | 2017-10-27 | 2017-10-27 | User key backup method and device and user key importing method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107707347B (en) |
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109446752A (en) * | 2018-12-13 | 2019-03-08 | 苏州科达科技股份有限公司 | Rights file management method, system, equipment and storage medium |
CN109544747A (en) * | 2018-11-20 | 2019-03-29 | 北京千丁互联科技有限公司 | Encryption key update method, system and the computer storage medium of intelligent door lock |
CN109600224A (en) * | 2018-11-06 | 2019-04-09 | 卓望数码技术(深圳)有限公司 | A kind of SM2 key generation, endorsement method, terminal, server and storage medium |
CN110324143A (en) * | 2019-05-24 | 2019-10-11 | 平安科技(深圳)有限公司 | Data transmission method, electronic equipment and storage medium |
CN111385084A (en) * | 2018-12-27 | 2020-07-07 | 中国电信股份有限公司 | Key management method and device for digital assets and computer readable storage medium |
CN111666558A (en) * | 2020-04-30 | 2020-09-15 | 平安科技(深圳)有限公司 | Key alternation method, key alternation device, computer equipment and storage medium |
CN113127911A (en) * | 2021-05-06 | 2021-07-16 | 国网河北省电力有限公司信息通信分公司 | Electric power data encryption method and device and terminal |
CN113326518A (en) * | 2021-06-09 | 2021-08-31 | 深圳前海微众银行股份有限公司 | Data processing method and device |
WO2022001689A1 (en) * | 2020-06-29 | 2022-01-06 | 中兴通讯股份有限公司 | User data recovery method and apparatus, terminal and computer storage medium |
CN114465720A (en) * | 2022-01-25 | 2022-05-10 | 中国工商银行股份有限公司 | Key migration method and device, storage medium and electronic equipment |
CN115348578A (en) * | 2022-10-13 | 2022-11-15 | 芯昇科技有限公司 | Method and device for tracking contacter |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1702999A (en) * | 2005-03-15 | 2005-11-30 | 联想(北京)有限公司 | A method for backup and recovery of encryption key |
CN102769525A (en) * | 2011-05-04 | 2012-11-07 | 国民技术股份有限公司 | Backup and recovery method of user key of TCM (Trusted Cryptography Module) |
CN103580872A (en) * | 2013-11-11 | 2014-02-12 | 北京华大智宝电子系统有限公司 | System and method for generating and managing secret key |
US20150365385A1 (en) * | 2014-06-11 | 2015-12-17 | Bijit Hore | Method and apparatus for securing sensitive data in a cloud storage system |
CN105933113A (en) * | 2016-06-13 | 2016-09-07 | 北京三未信安科技发展有限公司 | Secret key backup recovering method and system, and related devices |
CN105978686A (en) * | 2016-05-10 | 2016-09-28 | 杭州海兴电力科技股份有限公司 | Key management method and system |
US20170085377A1 (en) * | 2015-09-21 | 2017-03-23 | Oracle International Corporation | Encryption system with key recovery and double aead key wrapping |
CN107171796A (en) * | 2017-06-27 | 2017-09-15 | 济南浪潮高新科技投资发展有限公司 | A kind of many KMC key recovery methods |
-
2017
- 2017-10-27 CN CN201711026840.5A patent/CN107707347B/en active Active
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1702999A (en) * | 2005-03-15 | 2005-11-30 | 联想(北京)有限公司 | A method for backup and recovery of encryption key |
CN102769525A (en) * | 2011-05-04 | 2012-11-07 | 国民技术股份有限公司 | Backup and recovery method of user key of TCM (Trusted Cryptography Module) |
CN103580872A (en) * | 2013-11-11 | 2014-02-12 | 北京华大智宝电子系统有限公司 | System and method for generating and managing secret key |
US20150365385A1 (en) * | 2014-06-11 | 2015-12-17 | Bijit Hore | Method and apparatus for securing sensitive data in a cloud storage system |
US20170085377A1 (en) * | 2015-09-21 | 2017-03-23 | Oracle International Corporation | Encryption system with key recovery and double aead key wrapping |
CN105978686A (en) * | 2016-05-10 | 2016-09-28 | 杭州海兴电力科技股份有限公司 | Key management method and system |
CN105933113A (en) * | 2016-06-13 | 2016-09-07 | 北京三未信安科技发展有限公司 | Secret key backup recovering method and system, and related devices |
CN107171796A (en) * | 2017-06-27 | 2017-09-15 | 济南浪潮高新科技投资发展有限公司 | A kind of many KMC key recovery methods |
Cited By (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109600224A (en) * | 2018-11-06 | 2019-04-09 | 卓望数码技术(深圳)有限公司 | A kind of SM2 key generation, endorsement method, terminal, server and storage medium |
CN109544747A (en) * | 2018-11-20 | 2019-03-29 | 北京千丁互联科技有限公司 | Encryption key update method, system and the computer storage medium of intelligent door lock |
CN109446752A (en) * | 2018-12-13 | 2019-03-08 | 苏州科达科技股份有限公司 | Rights file management method, system, equipment and storage medium |
CN111385084A (en) * | 2018-12-27 | 2020-07-07 | 中国电信股份有限公司 | Key management method and device for digital assets and computer readable storage medium |
CN110324143B (en) * | 2019-05-24 | 2022-03-11 | 平安科技(深圳)有限公司 | Data transmission method, electronic device and storage medium |
CN110324143A (en) * | 2019-05-24 | 2019-10-11 | 平安科技(深圳)有限公司 | Data transmission method, electronic equipment and storage medium |
CN111666558A (en) * | 2020-04-30 | 2020-09-15 | 平安科技(深圳)有限公司 | Key alternation method, key alternation device, computer equipment and storage medium |
CN111666558B (en) * | 2020-04-30 | 2023-08-01 | 平安科技(深圳)有限公司 | Key rotation method, device, computer equipment and storage medium |
WO2022001689A1 (en) * | 2020-06-29 | 2022-01-06 | 中兴通讯股份有限公司 | User data recovery method and apparatus, terminal and computer storage medium |
CN113127911A (en) * | 2021-05-06 | 2021-07-16 | 国网河北省电力有限公司信息通信分公司 | Electric power data encryption method and device and terminal |
CN113326518A (en) * | 2021-06-09 | 2021-08-31 | 深圳前海微众银行股份有限公司 | Data processing method and device |
WO2022257411A1 (en) * | 2021-06-09 | 2022-12-15 | 深圳前海微众银行股份有限公司 | Data processing method and apparatus |
CN113326518B (en) * | 2021-06-09 | 2024-02-02 | 深圳前海微众银行股份有限公司 | Data processing method and device |
CN114465720A (en) * | 2022-01-25 | 2022-05-10 | 中国工商银行股份有限公司 | Key migration method and device, storage medium and electronic equipment |
CN115348578A (en) * | 2022-10-13 | 2022-11-15 | 芯昇科技有限公司 | Method and device for tracking contacter |
Also Published As
Publication number | Publication date |
---|---|
CN107707347B (en) | 2020-10-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107707347A (en) | The backup method and device of user key, the introduction method and device of user key | |
CN106850221B (en) | Information encryption and decryption method and device | |
CN107819569B (en) | The encryption method and terminal device of log-on message | |
CN109040076B (en) | Data processing method, system, device, equipment and medium | |
CN109214201A (en) | A kind of data sharing method, terminal device and computer readable storage medium | |
CN107483432A (en) | File encryption processing method and processing device | |
CN109257162A (en) | The method and apparatus of Encryption Algorithm whitepack | |
CN109547201A (en) | A kind of encryption method of root key, computer readable storage medium and terminal device | |
CN108038128A (en) | A kind of search method, system, terminal device and storage medium for encrypting file | |
CN108923907A (en) | A kind of homomorphism Inner product method based on the fault-tolerant problem concerning study of mould | |
CN109687966A (en) | Encryption method and its system | |
CN110245520A (en) | A kind of file enciphering method, file encryption device and terminal device | |
CN113434906B (en) | Data query method, device, computer equipment and storage medium | |
CN110336661A (en) | AES-GCM data processing method, device, electronic equipment and storage medium | |
CN107248914B (en) | Novel symmetric encryption system and encryption method on iOS device | |
CN110598427B (en) | Data processing method, system and storage medium | |
CN116861477A (en) | Data processing method, system, terminal and storage medium based on privacy protection | |
CN110166234A (en) | A kind of creation of business cipher key and business datum encryption method, apparatus and system | |
CN115909560A (en) | Data encryption method, data decryption method and door lock system | |
CN115426111A (en) | Data encryption method and device, electronic equipment and storage medium | |
CN107395350A (en) | The generation method of key and key handles, system and intelligent key safety means | |
CN112580061B (en) | Calling method of quantum encryption and decryption application interface and related equipment | |
CN113645025A (en) | Data encryption storage method, storage device, user equipment and storage medium | |
CN108418826A (en) | Video file processing method, device, server and storage medium | |
CN110458566A (en) | A kind of account address generating method, system, device and the computer readable storage medium of block chain |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |