CN108768620A - A kind of data processing method and device - Google Patents

A kind of data processing method and device Download PDF

Info

Publication number
CN108768620A
CN108768620A CN201810254719.6A CN201810254719A CN108768620A CN 108768620 A CN108768620 A CN 108768620A CN 201810254719 A CN201810254719 A CN 201810254719A CN 108768620 A CN108768620 A CN 108768620A
Authority
CN
China
Prior art keywords
key
data
physical memory
memory addresses
ciphertext data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810254719.6A
Other languages
Chinese (zh)
Other versions
CN108768620B (en
Inventor
王鹏飞
应志伟
杜朝晖
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Haiguang Information Technology Co Ltd
Original Assignee
Haiguang Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Haiguang Information Technology Co Ltd filed Critical Haiguang Information Technology Co Ltd
Priority to CN201810254719.6A priority Critical patent/CN108768620B/en
Publication of CN108768620A publication Critical patent/CN108768620A/en
Application granted granted Critical
Publication of CN108768620B publication Critical patent/CN108768620B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/002Countermeasures against attacks on cryptographic mechanisms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention relates to a kind of data processing method and devices;Wherein, data ciphering method includes the following steps:Obtain clear data and the physical memory addresses for storing ciphertext data;Physical memory addresses value for storing ciphertext data is subjected to operation with first key, obtains the second key;Operation is encrypted by the second key pair clear data, obtains ciphertext data;Ciphertext data are stored in the physical memory addresses for storing ciphertext data.The present invention converts after converting the physical memory addresses information for storing ciphertext data with the key used in symmetric encipherment algorithm, so that the address information that encrypted data is converted with participation is effectively increased the safety of data without apparent correlation.

Description

A kind of data processing method and device
Technical field
The present invention relates to data processing method and devices, at a kind of data using key address mapping Manage method and device.
Background technology
Existing processor is not encrypted the internal storage data used usually, but segment processor uses symmetric cryptography Internal storage data is encrypted in algorithm.But under the premise of generating largely encrypted data using same key, attacker also may be used With by detect ciphertext data collision, to find the correlation between clear data.
Address and clear data are converted, then carry out symmetric cryptography by the encryption mechanism that certain processors use, to a certain degree On increase and crack difficulty.But attacker still can find change by being decrypted in different address to identical ciphertext data Rule is changed, to make transposition encryption strength degradation at intensity identical with common symmetric cryptographic algorithm, to be attacked.
Invention content
The present invention converts after converting physical address information value with the key used in symmetric encipherment algorithm, to make Encrypted data is obtained with the address information of participation transformation without apparent correlation, is effectively increased the safety of data.
To achieve the above object, first aspect present invention provides a kind of data processing method, includes the following steps:It obtains Clear data and physical memory addresses for storing ciphertext data;By for store the physical memory addresses values of ciphertext data with First key carries out operation, obtains the second key;Operation is encrypted by the second key pair clear data, obtains ciphertext number According to;Ciphertext data are stored in the physical memory addresses for storing ciphertext data.
Preferably, the physical memory addresses value for storing ciphertext data is subjected to operation with first key, obtains second Key step specifically includes:By for storing ciphertext data physical memory addresses value and first key carry out linear transformation, obtain Obtain the second key.
Preferably, linear transformation is, by for storing ciphertext data physical memory addresses value and first key carry out it is different Or operation.
Preferably, the physical memory addresses value for storing ciphertext data is subjected to operation with first key, obtains second Key step specifically includes:By for storing ciphertext data physical memory addresses value and first key carry out nonlinear transformation, Obtain the second key.
Preferably, nonlinear transformation is, will be for storing the physical memory addresses value of ciphertext data and the value of first key It is ranked sequentially, obtains multidigit sequence;Operation is carried out to multidigit sequence using hash algorithm, obtains the Hash Value of multidigit sequence;It takes Part Hash Value is as the second key.
Preferably, first key is the key of symmetric encipherment algorithm.
Preferably, symmetric encipherment algorithm is the close SM4 algorithms of state.
Second aspect of the present invention provides a kind of data processing method, includes the following steps:It obtains ciphertext data and is used for Store the physical memory addresses of ciphertext data;Physical memory addresses value for storing ciphertext data is transported with first key It calculates, obtains the second key;Operation is decrypted by the second key pair ciphertext data, obtains clear data.
Preferably, the physical memory addresses value for storing ciphertext data is subjected to operation with first key, obtains second Key step specifically includes:By for storing ciphertext data physical memory addresses value and first key carry out linear transformation, obtain Obtain the second key.
Preferably, linear transformation is, by for storing ciphertext data physical memory addresses value and first key carry out it is different Or operation.
Preferably, the physical memory addresses value for storing ciphertext data is subjected to operation with first key, obtains second Key step specifically includes:By for storing ciphertext data physical memory addresses value and first key carry out nonlinear transformation, Obtain the second key.
Preferably, nonlinear transformation is, will be for storing the physical memory addresses value of ciphertext data and the value of first key It is ranked sequentially, obtains multidigit sequence;Operation is carried out to multidigit sequence using hash algorithm, obtains the Hash Value of multidigit sequence;It takes Part Hash Value is as the second key.
Preferably, first key is the key of symmetric encipherment algorithm.
Preferably, symmetric encipherment algorithm is the close SM4 algorithms of state.
Third aspect present invention provides a kind of data processing equipment, including:Acquisition module is encrypted when to data When, the physical memory addresses for obtaining clear data and for storing ciphertext data;And when data are decrypted, Physical memory addresses for obtaining ciphertext data and for storing ciphertext data.Computing module, for that will be used to store ciphertext The physical memory addresses value of data carries out operation with first key, obtains the second key.Processing module is encrypted when to data When, operation is encrypted for passing through the second key pair clear data, obtains ciphertext data;And it is decrypted when to data When, operation is decrypted for passing through the second key pair ciphertext data, obtains clear data;Ciphertext data are stored in for storing The physical memory addresses of ciphertext data.
Preferably, computing module is specifically used for:By the physical memory addresses value and first key for storing ciphertext data Linear transformation is carried out, the second key is obtained.
Preferably, linear transformation is, by for storing ciphertext data physical memory addresses value and first key carry out it is different Or operation.
Preferably, computing module is specifically used for:By the physical memory addresses value and first key for storing ciphertext data Nonlinear transformation is carried out, the second key is obtained.
Preferably, nonlinear transformation is, will be for storing the physical memory addresses value of ciphertext data and the value of first key It is ranked sequentially, obtains multidigit sequence;Operation is carried out to multidigit sequence using hash algorithm, obtains the Hash Value of multidigit sequence;It takes Part Hash Value is as the second key.
Preferably, computing module is specifically used for carrying out operation by the first key that symmetric encipherment algorithm is applied.
Preferably, symmetric encipherment algorithm is the close SM4 algorithms of state.
When phase isolog, ciphertext data are entirely different under different address, even if ciphertext data are transported to oneself by attacker Physical address, still can not push away transformation relation so that be encrypted data can only correctly be solved in encrypted address Close, the cipher mode for embodying the present invention is better than existing internal storage data protection mechanism.
Description of the drawings
Fig. 1 is a kind of data encryption and decryption method schematic diagram that the prior art provides;
Fig. 2 is another data encryption and decryption method schematic diagram that the prior art provides;
Fig. 3 is a kind of encryption method flow diagram that data processing method is related to provided in an embodiment of the present invention;
Fig. 4 is a kind of decryption method flow diagram that data processing method is related to provided in an embodiment of the present invention;
Fig. 5 is a kind of data processing equipment schematic diagram provided in an embodiment of the present invention;
Fig. 6 is a kind of data processing method schematic diagram realized according to the embodiment of the present invention.
Specific implementation mode
Below by drawings and examples, technical scheme of the present invention will be described in further detail.
Key (Key) is a kind of parameter, and clear data is converted to ciphertext data by cryptographic algorithm when encryption, when decryption Ciphertext data, which are converted to clear data, by cryptographic algorithm will use key.Using symmetric encipherment algorithm when, encryption and It is identical to decrypt the key used.
In patent application document, clear data is converted to ciphertext data, and cryptographic algorithm is referred to as " Encryption Algorithm ", therewith Accordingly, it is ciphertext data conversion clear data, cryptographic algorithm is referred to as " decipherment algorithm ", this is that those skilled in the art can be with The term of understanding, a complete cryptographic algorithm includes Encryption Algorithm and decipherment algorithm, but in this field, " will generally also be added Abbreviation of the close algorithm " as " cryptographic algorithm ", such as " symmetric encipherment algorithm " do not only have Encryption Algorithm, but include to add simultaneously Close algorithm and decipherment algorithm.
Fig. 1 is a kind of data encryption and decryption method schematic diagram that the prior art provides.
As shown in Figure 1, it is assumed that storage is that attacker needs the user data obtained at physical memory addresses 0x8ea1a0, And assume clear data be 16 systems 01,23,45,67,89, ab, cd, ef, fe, dc, ba, 98,76,54,32,10, it is assumed that Attacker can read the ciphertext data of user's physical memory addresses storage, and can read and write physical memory addresses 0xdcfae0.A kind of existing scheme is as shown in Figure 1, in phase isolog, after the close SM4 algorithm for encryption of identical state, no It is identical with ciphertext data under address.In other words, if ciphertext data are transported to another physical address by attacker, fortune It is obtained in plain text with the close SM4 algorithms decryption of corresponding state then can directly obtain user data.
Fig. 2 is another data encryption and decryption method schematic diagram that the prior art provides.
Existing another kind scheme is as shown in Figure 2.Also assume that storage is attack at physical memory addresses 0x8ea1a0 Person needs the user data obtained, and assumes that clear data is 01,23,45,67,89, ab, cd, ef, fe, dc of 16 systems, Ba, 98,76,54,32,10, it is assumed that attacker can read the ciphertext data of user's physical memory addresses storage, and can read Write physical memory addresses 0xdcfae0.When phase isolog, re-encrypts, obtain after being converted with address by plaintext under different address The ciphertext data arrived are entirely different.But attacker is transported to ciphertext data the physical address of oneself, can be according to not isolog Difference it is counter release transformation relation, to difference caused by modified address difference so that it is as shown in Figure 1 that cipher round results, which are degenerated, Method.
Fig. 3 is a kind of encryption method flow diagram that data processing method is related to provided in an embodiment of the present invention.Such as Fig. 3 It is shown, the method comprising the steps of S101-S103:
S101 obtains clear data and the physical memory addresses for storing ciphertext data;
Physical memory addresses for storing ciphertext data are carried out operation with first key, obtain the second key by S102;
Specifically, by for storing ciphertext data physical memory addresses value and first key carry out linear transformation, obtain Second key.Linear transformation is, by the physical memory addresses value and first key progress XOR operation for storing ciphertext data. Or by the physical memory addresses value and first key progress nonlinear transformation for storing ciphertext data, obtain the second key.It is non- Linear transformation is to be ranked sequentially the value of physical memory addresses value and first key for storing ciphertext data, obtain multidigit Sequence;Operation is carried out to multidigit sequence using hash algorithm, obtains the Hash Value of multidigit sequence;Take part Hash Value as second Key.
S103 is encrypted operation by the second key pair clear data, obtains ciphertext data;Ciphertext data are stored in Physical memory addresses for storing ciphertext data.First key is the first key of symmetric encipherment algorithm application.In a reality It applies in example, symmetric encipherment algorithm is the close SM4 algorithms of state.The present invention is converted to key, and those skilled in the art should note Meaning, the close SM4 algorithms of state also can be replaced other symmetric encipherment algorithms, for example aes algorithm (Advanced Encryption Standard, Advanced Encryption Standardalgorithm).
The embodiment of the present invention after converting the physical memory addresses information for storing ciphertext data with symmetric cryptography by calculating The key used in method converts, so that the address information that encrypted data is converted with participation has without apparent correlation The safety for increasing data of effect.
Fig. 4 is a kind of decryption method flow diagram that data processing method is related to provided in an embodiment of the present invention.Such as Fig. 4 It is shown, the method comprising the steps of S201-S203:
S201 obtains ciphertext data and stores the physical memory addresses of ciphertext data;
Physical memory addresses value for storing ciphertext data is carried out operation with first key, it is close to obtain second by S202 Key;
Specifically, by for storing ciphertext data physical memory addresses value and first key carry out linear transformation, obtain Second key.Linear transformation is, by the physical memory addresses value and first key progress XOR operation for storing ciphertext data. Or by the physical memory addresses value and first key progress nonlinear transformation for storing ciphertext data, obtain the second key.It is non- Linear transformation is to be ranked sequentially the value of physical memory addresses value and first key for storing ciphertext data, obtain multidigit Sequence;Operation is carried out to multidigit sequence using hash algorithm, obtains the Hash Value of multidigit sequence;Take part Hash Value as second Key.
S203 is decrypted operation by the second key pair ciphertext data, obtains clear data.First key is pair Claim the first key of Encryption Algorithm application.In one embodiment, symmetric encipherment algorithm is the close SM4 algorithms of state.Art technology Personnel should be noted that the close SM4 algorithms of state also can be replaced other symmetric encipherment algorithms, for example aes algorithm (Advanced Encryption Standard, Advanced Encryption Standardalgorithm).
It should be noted that first key is the first key of symmetric encipherment algorithm application, wherein pair in the present embodiment Symmetric encipherment algorithm in the encryption method of Encryption Algorithm as shown in figure 3 is referred to as same symmetric encipherment algorithm.It is related in decryption method And to first key encryption method as shown in figure 3 in first key be same key.
The present invention physical memory addresses information for storing ciphertext data is converted after with use in symmetric encipherment algorithm Key converts, so that the address information that encrypted data is converted with participation is effectively increased without apparent correlation The safety of data.
Fig. 5 is a kind of data processing equipment schematic diagram provided in an embodiment of the present invention.As shown in figure 5, the device includes:
Acquisition module, when data are encrypted, the physics for obtaining clear data and for storing ciphertext data Memory address;And when data are decrypted, the physical memory for obtaining ciphertext data and for storing ciphertext data Address;
Computing module, the physical memory addresses value for that will be used to store ciphertext data carry out operation with first key, obtain Obtain the second key;
Specifically, computing module by for storing ciphertext data physical memory addresses value and first key linearly become It changes, obtains the second key.Linear transformation is, by the physical memory addresses value for storing ciphertext data and described first close Key carries out XOR operation.Or computing module by for storing ciphertext data physical memory addresses value and first key carry out it is non-thread Property transformation, obtain the second key.Nonlinear transformation is, by the physical memory addresses value and first key for storing ciphertext data Value be ranked sequentially, obtain multidigit sequence;Operation is carried out to the multidigit sequence using hash algorithm, obtains the miscellaneous of multidigit sequence Gather value;Take part Hash Value as the second key.First computing module is specifically used for applied by symmetric encipherment algorithm first Key carries out operation.
Processing module is encrypted operation for passing through the second key pair clear data, obtains when data are encrypted To ciphertext data;And when data are decrypted, operation is decrypted for passing through the second key pair ciphertext data, obtains To clear data;Ciphertext data are stored in the physical memory addresses for storing ciphertext data.
Above-mentioned data encryption device will be written to after data encryption in memory, and those skilled in the art should be noted that encryption Module can be Memory Controller Hub MMU, can also be integrated in CPU.The embodiment of the present invention will be by that will store the object of ciphertext data Reason memory address information converts after converting with the key used in symmetric encipherment algorithm, so that encrypted data and ginseng Address information with transformation is effectively increased the safety of data without apparent correlation.
Fig. 6 is a kind of data processing method schematic diagram realized according to the embodiment of the present invention.
As shown in fig. 6, the present embodiment provides a kind of specific data processing methods.Wherein Encryption Algorithm uses the close SM4 of state Encryption, decipherment algorithm is using the close SM4 decryption of state.But it should be noted by those skilled in the art that can also use different symmetrical Encryption Algorithm.And use a kind of simple address linear transformation.Assume to deposit at physical memory addresses 0x8ea1a0 in the present embodiment It is that attacker needs the user data obtained, and assumes that clear data is 01,23,45,67,89, ab, cd of 16 systems to put, Ef, fe, dc, ba, 98,76,54,32,10, it is assumed that attacker can read the ciphertext data of user's physical memory addresses storage, And physical memory addresses 0xdcfae0 can be read and write.
First, under identical plaintext, in different physical address, obtained ciphertext data are entirely different.Such as the tops Fig. 6 Point, 01,23,45,67,89, ab, cd, ef, fe, dc, ba, 98 of 16 system of identical key, 76,54,32,10 from it is different Address is converted, and obtained new key is entirely different.Plaintext is encrypted with new key by SM4 Encryption Algorithm again, Obtained ciphertext data are also entirely different.When user is decrypted in correct physical address.It can be by identical Method converts key and correct physical address, obtains correct new key.By SM4 decipherment algorithms by ciphertext number It is decrypted according to correct new key, obtains correct clear data.And when ciphertext data are transported to oneself by attacker When physical address, after password is converted by the physical address of same way and mistake, obtained key is also mistake, Ciphertext data and the key of mistake are decrypted by SM4 decipherment algorithms again, the clear data of mistake will be obtained, and attack Person can not be also modified by difference, can not release transformation relation.
In one embodiment, key and address are converted, specifically uses a kind of simple address linear change.If 64 bit address AD=of storage ciphertext data [A0, A1 ..., A63];If 128 key Key=[K0, K1 ..., K127].It calculates new 128 key NewKey=[K0 ⊕ A0, K1 ⊕ A1 ..., K62 ⊕ A62, K63 ⊕ A63, K64 ⊕ A0, K65 ⊕ A1 ..., K127⊕A63];Finally, follow-up encryption and decryption operation is carried out to data using new key NewKey.
In another embodiment, key and physical address values are converted, specifically uses a kind of simple address non- Linear transformation.If 64 physical address values AD=of storage ciphertext data [A0, A1 ..., A63];If 128 key Key=[K0, K1,…,K127].By Key and AD form a 192 bit sequence Ka=[K0, K1 ..., K127, A0, A1 ..., A63].It is sharp later The Hash Value Z=sm3 (Ka) of sequence Ka, wherein Z=[Z0, Z1 ..., Z255] are calculated with hash algorithm.Then before choosing Z 128 as new key NewKey=[Z0, Z1 ..., Z127].It can also take and be chosen arbitrary 128 in Z in another embodiment Position is as new key.Finally, encryption and decryption operation is carried out to data using new key NewKey.It is worth noting that, encryption The process converted between key and decruption key wants identical, and the key generated in this way can correctly carry out encryption and decryption operation. Simultaneously according to different data, the digit for choosing key is also not limited to 128 in the present embodiment, can also appoint as needed Meaning is chosen.Hash algorithm in the present embodiment can make the close SM3 algorithms of state.Those skilled in the art should be noted that SM3 is A kind of asymmetric arithmetic, in the present embodiment, SM3 algorithms are used to carry out operation to key and physical address values to obtain new key, New key is used to still be symmetry algorithm to the algorithm that data are encrypted and decrypted.
Meanwhile it should be noted by those skilled in the art that in addition to this, more complicated ground can also be used in practical application Location conversion scheme.
Using method as shown in Figure 6, in phase isolog, ciphertext data are entirely different under different address, even if attacker Ciphertext data are transported to the physical address of oneself, he still can not push away transformation relation, so that being encrypted data can only be It is correctly decrypted encrypted address, it was demonstrated that the cipher mode of this method is better than existing internal storage data protection mechanism.
The present invention physical memory addresses information for storing ciphertext data is converted after with use in symmetric encipherment algorithm Key converts, so that the address information that encrypted data is converted with participation is effectively increased without apparent correlation The safety of data.
Above-described specific implementation mode has carried out further the purpose of the present invention, technical solution and advantageous effect It is described in detail, it should be understood that the foregoing is merely the specific implementation mode of the present invention, is not intended to limit the present invention Protection domain, all within the spirits and principles of the present invention, any modification, equivalent substitution, improvement and etc. done should all include Within protection scope of the present invention.

Claims (21)

1. a kind of data processing method, which is characterized in that include the following steps:
Obtain clear data and the physical memory addresses for storing ciphertext data;
Physical memory addresses value for storing ciphertext data is subjected to operation with first key, obtains the second key;
Operation is encrypted by the second key pair clear data, obtains ciphertext data;The ciphertext data are stored in The physical memory addresses for storing ciphertext data.
2. according to the method described in claim 1, it is characterized in that, the physical memory addresses by for storing ciphertext data Value carries out operation with first key, obtains the second key step, specifically includes:
The physical memory addresses value for storing ciphertext data and the first key are subjected to linear transformation, obtain second Key.
3. according to the method described in claim 2, it is characterized in that, the linear transformation is, by described for storing ciphertext number According to physical memory addresses value and the first key carry out XOR operation.
4. according to the method described in claim 1, it is characterized in that, the physical memory addresses by for storing ciphertext data Value carries out operation with first key, obtains the second key step, specifically includes:
The physical memory addresses value for storing ciphertext data and the first key are subjected to nonlinear transformation, obtain the Two keys.
5. according to the method described in claim 4, it is characterized in that, the nonlinear transformation is, by described for storing ciphertext The physical memory addresses value of data and the value of the first key are ranked sequentially, and obtain multidigit sequence;Using hash algorithm to institute It states multidigit sequence and carries out operation, obtain the Hash Value of the multidigit sequence;Take part Hash Value as the second key.
6. according to the method described in claim 1 to 5 any claim, which is characterized in that the first key is symmetrical adds The key of close algorithm.
7. according to the method described in claim 6, it is characterized in that, the symmetric encipherment algorithm is the close SM4 algorithms of state.
8. a kind of data processing method, which is characterized in that include the following steps:
Obtain ciphertext data and the physical memory addresses for storing ciphertext data;
Physical memory addresses value for storing ciphertext data is subjected to operation with first key, obtains the second key;
Operation is decrypted by the second key pair ciphertext data, obtains clear data.
9. according to the method described in claim 8, it is characterized in that, the physical memory addresses by for storing ciphertext data Value carries out operation with first key, obtains the second key step, specifically includes:
The physical memory addresses value for storing ciphertext data and the first key are subjected to linear transformation, obtain second Key.
10. according to the method described in claim 9, it is characterized in that, the linear transformation is, by described for storing ciphertext number According to physical memory addresses value and the first key carry out XOR operation.
11. according to the method described in claim 8, it is characterized in that, the physical memory by for storing ciphertext data Location value carries out operation with first key, obtains the second key step, specifically includes:
The physical memory addresses value for storing ciphertext data and the first key are subjected to nonlinear transformation, obtain the Two keys.
12. according to the method for claim 11, which is characterized in that the nonlinear transformation is that described will be used to store close The physical memory addresses value of literary data and the value of the first key are ranked sequentially, and obtain multidigit sequence;Utilize hash algorithm pair The multidigit sequence carries out operation, obtains the Hash Value of the multidigit sequence;Take part Hash Value as the second key.
13. according to the method described in claim 8 to 12 any claim, which is characterized in that the first key is symmetrical The key of Encryption Algorithm.
14. according to the method for claim 13, which is characterized in that the symmetric encipherment algorithm is the close SM4 algorithms of state.
15. a kind of data processing equipment, which is characterized in that including:
Acquisition module, when data are encrypted, the physical memory for obtaining clear data and for storing ciphertext data Address;And when data are decrypted, physical memory for obtaining ciphertext data and for storing ciphertext data Location;
Computing module carries out operation for that will be used to store the physical memory addresses values of ciphertext data with first key, obtains the Two keys;
Processing module, for operation to be encrypted by the second key pair clear data, is obtained when data are encrypted To ciphertext data;And when data are decrypted, for fortune to be decrypted by the second key pair ciphertext data It calculates, obtains clear data;The ciphertext data are stored in the physical memory addresses for storing ciphertext data.
16. device according to claim 15, which is characterized in that the computing module is specifically used for:By described for depositing The physical memory addresses value and the first key for storing up ciphertext data carry out linear transformation, obtain the second key.
17. device according to claim 16, which is characterized in that the linear transformation is, by described for storing ciphertext The physical memory addresses value of data and the first key carry out XOR operation.
18. device according to claim 15, which is characterized in that the computing module is specifically used for:By described for depositing The physical memory addresses value and the first key for storing up ciphertext data carry out nonlinear transformation, obtain the second key.
19. device according to claim 18, which is characterized in that the nonlinear transformation is that described will be used to store close The physical memory addresses value of literary data and the value of the first key are ranked sequentially, and obtain multidigit sequence;Utilize hash algorithm pair The multidigit sequence carries out operation, obtains the Hash Value of the multidigit sequence;Take part Hash Value as the second key.
20. according to the device described in claim 15 to 19 any claim, which is characterized in that the computing module, specifically First key for being applied by symmetric encipherment algorithm carries out operation.
21. device according to claim 20, which is characterized in that the symmetric encipherment algorithm is the close SM4 algorithms of state.
CN201810254719.6A 2018-03-26 2018-03-26 Data processing method and device Active CN108768620B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810254719.6A CN108768620B (en) 2018-03-26 2018-03-26 Data processing method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810254719.6A CN108768620B (en) 2018-03-26 2018-03-26 Data processing method and device

Publications (2)

Publication Number Publication Date
CN108768620A true CN108768620A (en) 2018-11-06
CN108768620B CN108768620B (en) 2021-04-27

Family

ID=63980302

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810254719.6A Active CN108768620B (en) 2018-03-26 2018-03-26 Data processing method and device

Country Status (1)

Country Link
CN (1) CN108768620B (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109635599A (en) * 2018-12-07 2019-04-16 上海爱信诺航芯电子科技有限公司 Data ciphering method, decryption method, protective device, on-chip memory and chip
CN109656840A (en) * 2018-12-21 2019-04-19 成都海光集成电路设计有限公司 A kind of device of data encrypting and deciphering, method, storage medium and data-storage system
CN110213052A (en) * 2019-06-05 2019-09-06 海光信息技术有限公司 Data processing method and device
CN110287708A (en) * 2018-03-19 2019-09-27 扬智科技股份有限公司 One Time Programmable encryption device and its encryption method
CN110298186A (en) * 2019-07-02 2019-10-01 北京计算机技术及应用研究所 A kind of non-key data encipher-decipher method based on dynamic reconfigurable crypto chip
CN111130784A (en) * 2019-12-25 2020-05-08 成都海光集成电路设计有限公司 Key generation method and device, CPU chip and server
CN112202546A (en) * 2020-09-29 2021-01-08 山东华翼微电子技术股份有限公司 SM3 cryptographic hash algorithm message expansion serial optimization system and method
CN113434876A (en) * 2021-06-22 2021-09-24 海光信息技术股份有限公司 Data encryption method and device, memory controller, chip and electronic equipment
CN113642051A (en) * 2021-10-13 2021-11-12 广州匠芯创科技有限公司 Encrypted data read-write method of SPI storage equipment and embedded processor chip

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102355352A (en) * 2011-07-24 2012-02-15 哈尔滨工程大学 Data confidentiality and integrity protection method

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102355352A (en) * 2011-07-24 2012-02-15 哈尔滨工程大学 Data confidentiality and integrity protection method

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110287708B (en) * 2018-03-19 2023-07-04 扬智科技股份有限公司 One-time programmable encryption device and encryption method thereof
CN110287708A (en) * 2018-03-19 2019-09-27 扬智科技股份有限公司 One Time Programmable encryption device and its encryption method
CN109635599A (en) * 2018-12-07 2019-04-16 上海爱信诺航芯电子科技有限公司 Data ciphering method, decryption method, protective device, on-chip memory and chip
CN109656840A (en) * 2018-12-21 2019-04-19 成都海光集成电路设计有限公司 A kind of device of data encrypting and deciphering, method, storage medium and data-storage system
CN110213052A (en) * 2019-06-05 2019-09-06 海光信息技术有限公司 Data processing method and device
CN110298186A (en) * 2019-07-02 2019-10-01 北京计算机技术及应用研究所 A kind of non-key data encipher-decipher method based on dynamic reconfigurable crypto chip
CN110298186B (en) * 2019-07-02 2021-04-06 北京计算机技术及应用研究所 Non-key data encryption and decryption method based on dynamic reconfigurable cipher chip
CN111130784A (en) * 2019-12-25 2020-05-08 成都海光集成电路设计有限公司 Key generation method and device, CPU chip and server
CN111130784B (en) * 2019-12-25 2023-08-08 成都海光集成电路设计有限公司 Key generation method and device, CPU chip and server
CN112202546A (en) * 2020-09-29 2021-01-08 山东华翼微电子技术股份有限公司 SM3 cryptographic hash algorithm message expansion serial optimization system and method
CN112202546B (en) * 2020-09-29 2023-06-23 山东华翼微电子技术股份有限公司 SM3 cipher hash algorithm message expansion serial optimization system and method
CN113434876A (en) * 2021-06-22 2021-09-24 海光信息技术股份有限公司 Data encryption method and device, memory controller, chip and electronic equipment
CN113642051A (en) * 2021-10-13 2021-11-12 广州匠芯创科技有限公司 Encrypted data read-write method of SPI storage equipment and embedded processor chip

Also Published As

Publication number Publication date
CN108768620B (en) 2021-04-27

Similar Documents

Publication Publication Date Title
CN108768620A (en) A kind of data processing method and device
Nkandeu et al. An image encryption algorithm based on substitution technique and chaos mixing
JP6783877B2 (en) Cryptographic text query methods and systems for fully homomorphic encryption
Zhang et al. Chaotic image encryption based on circular substitution box and key stream buffer
Xu et al. Image encryption based on synchronization of fractional chaotic systems
CN106850221B (en) Information encryption and decryption method and device
Patel et al. Image encryption using different techniques: A review
KR101324825B1 (en) Message authentication code pre-computation with applications to secure memory
CN105722067B (en) Data method for encryption/decryption and device on mobile terminal
CN107317666A (en) A kind of parallel full homomorphism encipher-decipher method for supporting floating-point operation
Thangavel et al. Enhanced DNA and ElGamal cryptosystem for secure data storage and retrieval in cloud
CN103532701A (en) Encryption and decryption method for numeric type data
CN115801224B (en) Fully homomorphic encryption method supporting floating point number operation in cloud computing environment
CN103051446A (en) Key encryption and storage method
Gafsi et al. High securing cryptography system for digital image transmission
JP6961324B2 (en) Searchable cryptographic processing system
CN106941406B (en) Identify-based encryption endorsement method, decryption sign test method and device thereof
US8804953B2 (en) Extensive ciphertext feedback
Ahmad et al. A secure network communication protocol based on text to barcode encryption algorithm
Behnia et al. Applications of tripled chaotic maps in cryptography
Chen et al. Information authentication using sparse representation of double random phase encoding in fractional Fourier transform domain
Ahmad Abusukhon et al. A novel network security algorithm based on encrypting text into a white-page image
Gupta et al. Enhancement of Cloud Security and removal of anti-patterns using multilevel encryption algorithms.
CN107342865B (en) SM 4-based authentication encryption algorithm
Veeraragavan et al. Enhanced encryption algorithm (EEA) for protecting users' credentials in public cloud

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information

Address after: 300450 Tianjin Binhai New Area Huayuan Industrial Zone Haitai West Road 18 North 2-204 Industrial Incubation-3-8

Applicant after: Haiguang Information Technology Co., Ltd

Address before: 300384 North 2-204 industrial hatching -3-8, No. 18, Hai Tai Road, Huayuan Industrial Zone, Xiqing District, Tianjin, Tianjin

Applicant before: HAIGUANG INFORMATION TECHNOLOGY Co.,Ltd.

CB02 Change of applicant information
GR01 Patent grant
GR01 Patent grant