CN108768620A - A kind of data processing method and device - Google Patents
A kind of data processing method and device Download PDFInfo
- Publication number
- CN108768620A CN108768620A CN201810254719.6A CN201810254719A CN108768620A CN 108768620 A CN108768620 A CN 108768620A CN 201810254719 A CN201810254719 A CN 201810254719A CN 108768620 A CN108768620 A CN 108768620A
- Authority
- CN
- China
- Prior art keywords
- key
- data
- physical memory
- memory addresses
- ciphertext data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/002—Countermeasures against attacks on cryptographic mechanisms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0822—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Theoretical Computer Science (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Storage Device Security (AREA)
Abstract
The present invention relates to a kind of data processing method and devices;Wherein, data ciphering method includes the following steps:Obtain clear data and the physical memory addresses for storing ciphertext data;Physical memory addresses value for storing ciphertext data is subjected to operation with first key, obtains the second key;Operation is encrypted by the second key pair clear data, obtains ciphertext data;Ciphertext data are stored in the physical memory addresses for storing ciphertext data.The present invention converts after converting the physical memory addresses information for storing ciphertext data with the key used in symmetric encipherment algorithm, so that the address information that encrypted data is converted with participation is effectively increased the safety of data without apparent correlation.
Description
Technical field
The present invention relates to data processing method and devices, at a kind of data using key address mapping
Manage method and device.
Background technology
Existing processor is not encrypted the internal storage data used usually, but segment processor uses symmetric cryptography
Internal storage data is encrypted in algorithm.But under the premise of generating largely encrypted data using same key, attacker also may be used
With by detect ciphertext data collision, to find the correlation between clear data.
Address and clear data are converted, then carry out symmetric cryptography by the encryption mechanism that certain processors use, to a certain degree
On increase and crack difficulty.But attacker still can find change by being decrypted in different address to identical ciphertext data
Rule is changed, to make transposition encryption strength degradation at intensity identical with common symmetric cryptographic algorithm, to be attacked.
Invention content
The present invention converts after converting physical address information value with the key used in symmetric encipherment algorithm, to make
Encrypted data is obtained with the address information of participation transformation without apparent correlation, is effectively increased the safety of data.
To achieve the above object, first aspect present invention provides a kind of data processing method, includes the following steps:It obtains
Clear data and physical memory addresses for storing ciphertext data;By for store the physical memory addresses values of ciphertext data with
First key carries out operation, obtains the second key;Operation is encrypted by the second key pair clear data, obtains ciphertext number
According to;Ciphertext data are stored in the physical memory addresses for storing ciphertext data.
Preferably, the physical memory addresses value for storing ciphertext data is subjected to operation with first key, obtains second
Key step specifically includes:By for storing ciphertext data physical memory addresses value and first key carry out linear transformation, obtain
Obtain the second key.
Preferably, linear transformation is, by for storing ciphertext data physical memory addresses value and first key carry out it is different
Or operation.
Preferably, the physical memory addresses value for storing ciphertext data is subjected to operation with first key, obtains second
Key step specifically includes:By for storing ciphertext data physical memory addresses value and first key carry out nonlinear transformation,
Obtain the second key.
Preferably, nonlinear transformation is, will be for storing the physical memory addresses value of ciphertext data and the value of first key
It is ranked sequentially, obtains multidigit sequence;Operation is carried out to multidigit sequence using hash algorithm, obtains the Hash Value of multidigit sequence;It takes
Part Hash Value is as the second key.
Preferably, first key is the key of symmetric encipherment algorithm.
Preferably, symmetric encipherment algorithm is the close SM4 algorithms of state.
Second aspect of the present invention provides a kind of data processing method, includes the following steps:It obtains ciphertext data and is used for
Store the physical memory addresses of ciphertext data;Physical memory addresses value for storing ciphertext data is transported with first key
It calculates, obtains the second key;Operation is decrypted by the second key pair ciphertext data, obtains clear data.
Preferably, the physical memory addresses value for storing ciphertext data is subjected to operation with first key, obtains second
Key step specifically includes:By for storing ciphertext data physical memory addresses value and first key carry out linear transformation, obtain
Obtain the second key.
Preferably, linear transformation is, by for storing ciphertext data physical memory addresses value and first key carry out it is different
Or operation.
Preferably, the physical memory addresses value for storing ciphertext data is subjected to operation with first key, obtains second
Key step specifically includes:By for storing ciphertext data physical memory addresses value and first key carry out nonlinear transformation,
Obtain the second key.
Preferably, nonlinear transformation is, will be for storing the physical memory addresses value of ciphertext data and the value of first key
It is ranked sequentially, obtains multidigit sequence;Operation is carried out to multidigit sequence using hash algorithm, obtains the Hash Value of multidigit sequence;It takes
Part Hash Value is as the second key.
Preferably, first key is the key of symmetric encipherment algorithm.
Preferably, symmetric encipherment algorithm is the close SM4 algorithms of state.
Third aspect present invention provides a kind of data processing equipment, including:Acquisition module is encrypted when to data
When, the physical memory addresses for obtaining clear data and for storing ciphertext data;And when data are decrypted,
Physical memory addresses for obtaining ciphertext data and for storing ciphertext data.Computing module, for that will be used to store ciphertext
The physical memory addresses value of data carries out operation with first key, obtains the second key.Processing module is encrypted when to data
When, operation is encrypted for passing through the second key pair clear data, obtains ciphertext data;And it is decrypted when to data
When, operation is decrypted for passing through the second key pair ciphertext data, obtains clear data;Ciphertext data are stored in for storing
The physical memory addresses of ciphertext data.
Preferably, computing module is specifically used for:By the physical memory addresses value and first key for storing ciphertext data
Linear transformation is carried out, the second key is obtained.
Preferably, linear transformation is, by for storing ciphertext data physical memory addresses value and first key carry out it is different
Or operation.
Preferably, computing module is specifically used for:By the physical memory addresses value and first key for storing ciphertext data
Nonlinear transformation is carried out, the second key is obtained.
Preferably, nonlinear transformation is, will be for storing the physical memory addresses value of ciphertext data and the value of first key
It is ranked sequentially, obtains multidigit sequence;Operation is carried out to multidigit sequence using hash algorithm, obtains the Hash Value of multidigit sequence;It takes
Part Hash Value is as the second key.
Preferably, computing module is specifically used for carrying out operation by the first key that symmetric encipherment algorithm is applied.
Preferably, symmetric encipherment algorithm is the close SM4 algorithms of state.
When phase isolog, ciphertext data are entirely different under different address, even if ciphertext data are transported to oneself by attacker
Physical address, still can not push away transformation relation so that be encrypted data can only correctly be solved in encrypted address
Close, the cipher mode for embodying the present invention is better than existing internal storage data protection mechanism.
Description of the drawings
Fig. 1 is a kind of data encryption and decryption method schematic diagram that the prior art provides;
Fig. 2 is another data encryption and decryption method schematic diagram that the prior art provides;
Fig. 3 is a kind of encryption method flow diagram that data processing method is related to provided in an embodiment of the present invention;
Fig. 4 is a kind of decryption method flow diagram that data processing method is related to provided in an embodiment of the present invention;
Fig. 5 is a kind of data processing equipment schematic diagram provided in an embodiment of the present invention;
Fig. 6 is a kind of data processing method schematic diagram realized according to the embodiment of the present invention.
Specific implementation mode
Below by drawings and examples, technical scheme of the present invention will be described in further detail.
Key (Key) is a kind of parameter, and clear data is converted to ciphertext data by cryptographic algorithm when encryption, when decryption
Ciphertext data, which are converted to clear data, by cryptographic algorithm will use key.Using symmetric encipherment algorithm when, encryption and
It is identical to decrypt the key used.
In patent application document, clear data is converted to ciphertext data, and cryptographic algorithm is referred to as " Encryption Algorithm ", therewith
Accordingly, it is ciphertext data conversion clear data, cryptographic algorithm is referred to as " decipherment algorithm ", this is that those skilled in the art can be with
The term of understanding, a complete cryptographic algorithm includes Encryption Algorithm and decipherment algorithm, but in this field, " will generally also be added
Abbreviation of the close algorithm " as " cryptographic algorithm ", such as " symmetric encipherment algorithm " do not only have Encryption Algorithm, but include to add simultaneously
Close algorithm and decipherment algorithm.
Fig. 1 is a kind of data encryption and decryption method schematic diagram that the prior art provides.
As shown in Figure 1, it is assumed that storage is that attacker needs the user data obtained at physical memory addresses 0x8ea1a0,
And assume clear data be 16 systems 01,23,45,67,89, ab, cd, ef, fe, dc, ba, 98,76,54,32,10, it is assumed that
Attacker can read the ciphertext data of user's physical memory addresses storage, and can read and write physical memory addresses
0xdcfae0.A kind of existing scheme is as shown in Figure 1, in phase isolog, after the close SM4 algorithm for encryption of identical state, no
It is identical with ciphertext data under address.In other words, if ciphertext data are transported to another physical address by attacker, fortune
It is obtained in plain text with the close SM4 algorithms decryption of corresponding state then can directly obtain user data.
Fig. 2 is another data encryption and decryption method schematic diagram that the prior art provides.
Existing another kind scheme is as shown in Figure 2.Also assume that storage is attack at physical memory addresses 0x8ea1a0
Person needs the user data obtained, and assumes that clear data is 01,23,45,67,89, ab, cd, ef, fe, dc of 16 systems,
Ba, 98,76,54,32,10, it is assumed that attacker can read the ciphertext data of user's physical memory addresses storage, and can read
Write physical memory addresses 0xdcfae0.When phase isolog, re-encrypts, obtain after being converted with address by plaintext under different address
The ciphertext data arrived are entirely different.But attacker is transported to ciphertext data the physical address of oneself, can be according to not isolog
Difference it is counter release transformation relation, to difference caused by modified address difference so that it is as shown in Figure 1 that cipher round results, which are degenerated,
Method.
Fig. 3 is a kind of encryption method flow diagram that data processing method is related to provided in an embodiment of the present invention.Such as Fig. 3
It is shown, the method comprising the steps of S101-S103:
S101 obtains clear data and the physical memory addresses for storing ciphertext data;
Physical memory addresses for storing ciphertext data are carried out operation with first key, obtain the second key by S102;
Specifically, by for storing ciphertext data physical memory addresses value and first key carry out linear transformation, obtain
Second key.Linear transformation is, by the physical memory addresses value and first key progress XOR operation for storing ciphertext data.
Or by the physical memory addresses value and first key progress nonlinear transformation for storing ciphertext data, obtain the second key.It is non-
Linear transformation is to be ranked sequentially the value of physical memory addresses value and first key for storing ciphertext data, obtain multidigit
Sequence;Operation is carried out to multidigit sequence using hash algorithm, obtains the Hash Value of multidigit sequence;Take part Hash Value as second
Key.
S103 is encrypted operation by the second key pair clear data, obtains ciphertext data;Ciphertext data are stored in
Physical memory addresses for storing ciphertext data.First key is the first key of symmetric encipherment algorithm application.In a reality
It applies in example, symmetric encipherment algorithm is the close SM4 algorithms of state.The present invention is converted to key, and those skilled in the art should note
Meaning, the close SM4 algorithms of state also can be replaced other symmetric encipherment algorithms, for example aes algorithm (Advanced Encryption
Standard, Advanced Encryption Standardalgorithm).
The embodiment of the present invention after converting the physical memory addresses information for storing ciphertext data with symmetric cryptography by calculating
The key used in method converts, so that the address information that encrypted data is converted with participation has without apparent correlation
The safety for increasing data of effect.
Fig. 4 is a kind of decryption method flow diagram that data processing method is related to provided in an embodiment of the present invention.Such as Fig. 4
It is shown, the method comprising the steps of S201-S203:
S201 obtains ciphertext data and stores the physical memory addresses of ciphertext data;
Physical memory addresses value for storing ciphertext data is carried out operation with first key, it is close to obtain second by S202
Key;
Specifically, by for storing ciphertext data physical memory addresses value and first key carry out linear transformation, obtain
Second key.Linear transformation is, by the physical memory addresses value and first key progress XOR operation for storing ciphertext data.
Or by the physical memory addresses value and first key progress nonlinear transformation for storing ciphertext data, obtain the second key.It is non-
Linear transformation is to be ranked sequentially the value of physical memory addresses value and first key for storing ciphertext data, obtain multidigit
Sequence;Operation is carried out to multidigit sequence using hash algorithm, obtains the Hash Value of multidigit sequence;Take part Hash Value as second
Key.
S203 is decrypted operation by the second key pair ciphertext data, obtains clear data.First key is pair
Claim the first key of Encryption Algorithm application.In one embodiment, symmetric encipherment algorithm is the close SM4 algorithms of state.Art technology
Personnel should be noted that the close SM4 algorithms of state also can be replaced other symmetric encipherment algorithms, for example aes algorithm (Advanced
Encryption Standard, Advanced Encryption Standardalgorithm).
It should be noted that first key is the first key of symmetric encipherment algorithm application, wherein pair in the present embodiment
Symmetric encipherment algorithm in the encryption method of Encryption Algorithm as shown in figure 3 is referred to as same symmetric encipherment algorithm.It is related in decryption method
And to first key encryption method as shown in figure 3 in first key be same key.
The present invention physical memory addresses information for storing ciphertext data is converted after with use in symmetric encipherment algorithm
Key converts, so that the address information that encrypted data is converted with participation is effectively increased without apparent correlation
The safety of data.
Fig. 5 is a kind of data processing equipment schematic diagram provided in an embodiment of the present invention.As shown in figure 5, the device includes:
Acquisition module, when data are encrypted, the physics for obtaining clear data and for storing ciphertext data
Memory address;And when data are decrypted, the physical memory for obtaining ciphertext data and for storing ciphertext data
Address;
Computing module, the physical memory addresses value for that will be used to store ciphertext data carry out operation with first key, obtain
Obtain the second key;
Specifically, computing module by for storing ciphertext data physical memory addresses value and first key linearly become
It changes, obtains the second key.Linear transformation is, by the physical memory addresses value for storing ciphertext data and described first close
Key carries out XOR operation.Or computing module by for storing ciphertext data physical memory addresses value and first key carry out it is non-thread
Property transformation, obtain the second key.Nonlinear transformation is, by the physical memory addresses value and first key for storing ciphertext data
Value be ranked sequentially, obtain multidigit sequence;Operation is carried out to the multidigit sequence using hash algorithm, obtains the miscellaneous of multidigit sequence
Gather value;Take part Hash Value as the second key.First computing module is specifically used for applied by symmetric encipherment algorithm first
Key carries out operation.
Processing module is encrypted operation for passing through the second key pair clear data, obtains when data are encrypted
To ciphertext data;And when data are decrypted, operation is decrypted for passing through the second key pair ciphertext data, obtains
To clear data;Ciphertext data are stored in the physical memory addresses for storing ciphertext data.
Above-mentioned data encryption device will be written to after data encryption in memory, and those skilled in the art should be noted that encryption
Module can be Memory Controller Hub MMU, can also be integrated in CPU.The embodiment of the present invention will be by that will store the object of ciphertext data
Reason memory address information converts after converting with the key used in symmetric encipherment algorithm, so that encrypted data and ginseng
Address information with transformation is effectively increased the safety of data without apparent correlation.
Fig. 6 is a kind of data processing method schematic diagram realized according to the embodiment of the present invention.
As shown in fig. 6, the present embodiment provides a kind of specific data processing methods.Wherein Encryption Algorithm uses the close SM4 of state
Encryption, decipherment algorithm is using the close SM4 decryption of state.But it should be noted by those skilled in the art that can also use different symmetrical
Encryption Algorithm.And use a kind of simple address linear transformation.Assume to deposit at physical memory addresses 0x8ea1a0 in the present embodiment
It is that attacker needs the user data obtained, and assumes that clear data is 01,23,45,67,89, ab, cd of 16 systems to put,
Ef, fe, dc, ba, 98,76,54,32,10, it is assumed that attacker can read the ciphertext data of user's physical memory addresses storage,
And physical memory addresses 0xdcfae0 can be read and write.
First, under identical plaintext, in different physical address, obtained ciphertext data are entirely different.Such as the tops Fig. 6
Point, 01,23,45,67,89, ab, cd, ef, fe, dc, ba, 98 of 16 system of identical key, 76,54,32,10 from it is different
Address is converted, and obtained new key is entirely different.Plaintext is encrypted with new key by SM4 Encryption Algorithm again,
Obtained ciphertext data are also entirely different.When user is decrypted in correct physical address.It can be by identical
Method converts key and correct physical address, obtains correct new key.By SM4 decipherment algorithms by ciphertext number
It is decrypted according to correct new key, obtains correct clear data.And when ciphertext data are transported to oneself by attacker
When physical address, after password is converted by the physical address of same way and mistake, obtained key is also mistake,
Ciphertext data and the key of mistake are decrypted by SM4 decipherment algorithms again, the clear data of mistake will be obtained, and attack
Person can not be also modified by difference, can not release transformation relation.
In one embodiment, key and address are converted, specifically uses a kind of simple address linear change.If
64 bit address AD=of storage ciphertext data [A0, A1 ..., A63];If 128 key Key=[K0, K1 ..., K127].It calculates new
128 key NewKey=[K0 ⊕ A0, K1 ⊕ A1 ..., K62 ⊕ A62, K63 ⊕ A63, K64 ⊕ A0, K65 ⊕ A1 ...,
K127⊕A63];Finally, follow-up encryption and decryption operation is carried out to data using new key NewKey.
In another embodiment, key and physical address values are converted, specifically uses a kind of simple address non-
Linear transformation.If 64 physical address values AD=of storage ciphertext data [A0, A1 ..., A63];If 128 key Key=[K0,
K1,…,K127].By Key and AD form a 192 bit sequence Ka=[K0, K1 ..., K127, A0, A1 ..., A63].It is sharp later
The Hash Value Z=sm3 (Ka) of sequence Ka, wherein Z=[Z0, Z1 ..., Z255] are calculated with hash algorithm.Then before choosing Z
128 as new key NewKey=[Z0, Z1 ..., Z127].It can also take and be chosen arbitrary 128 in Z in another embodiment
Position is as new key.Finally, encryption and decryption operation is carried out to data using new key NewKey.It is worth noting that, encryption
The process converted between key and decruption key wants identical, and the key generated in this way can correctly carry out encryption and decryption operation.
Simultaneously according to different data, the digit for choosing key is also not limited to 128 in the present embodiment, can also appoint as needed
Meaning is chosen.Hash algorithm in the present embodiment can make the close SM3 algorithms of state.Those skilled in the art should be noted that SM3 is
A kind of asymmetric arithmetic, in the present embodiment, SM3 algorithms are used to carry out operation to key and physical address values to obtain new key,
New key is used to still be symmetry algorithm to the algorithm that data are encrypted and decrypted.
Meanwhile it should be noted by those skilled in the art that in addition to this, more complicated ground can also be used in practical application
Location conversion scheme.
Using method as shown in Figure 6, in phase isolog, ciphertext data are entirely different under different address, even if attacker
Ciphertext data are transported to the physical address of oneself, he still can not push away transformation relation, so that being encrypted data can only be
It is correctly decrypted encrypted address, it was demonstrated that the cipher mode of this method is better than existing internal storage data protection mechanism.
The present invention physical memory addresses information for storing ciphertext data is converted after with use in symmetric encipherment algorithm
Key converts, so that the address information that encrypted data is converted with participation is effectively increased without apparent correlation
The safety of data.
Above-described specific implementation mode has carried out further the purpose of the present invention, technical solution and advantageous effect
It is described in detail, it should be understood that the foregoing is merely the specific implementation mode of the present invention, is not intended to limit the present invention
Protection domain, all within the spirits and principles of the present invention, any modification, equivalent substitution, improvement and etc. done should all include
Within protection scope of the present invention.
Claims (21)
1. a kind of data processing method, which is characterized in that include the following steps:
Obtain clear data and the physical memory addresses for storing ciphertext data;
Physical memory addresses value for storing ciphertext data is subjected to operation with first key, obtains the second key;
Operation is encrypted by the second key pair clear data, obtains ciphertext data;The ciphertext data are stored in
The physical memory addresses for storing ciphertext data.
2. according to the method described in claim 1, it is characterized in that, the physical memory addresses by for storing ciphertext data
Value carries out operation with first key, obtains the second key step, specifically includes:
The physical memory addresses value for storing ciphertext data and the first key are subjected to linear transformation, obtain second
Key.
3. according to the method described in claim 2, it is characterized in that, the linear transformation is, by described for storing ciphertext number
According to physical memory addresses value and the first key carry out XOR operation.
4. according to the method described in claim 1, it is characterized in that, the physical memory addresses by for storing ciphertext data
Value carries out operation with first key, obtains the second key step, specifically includes:
The physical memory addresses value for storing ciphertext data and the first key are subjected to nonlinear transformation, obtain the
Two keys.
5. according to the method described in claim 4, it is characterized in that, the nonlinear transformation is, by described for storing ciphertext
The physical memory addresses value of data and the value of the first key are ranked sequentially, and obtain multidigit sequence;Using hash algorithm to institute
It states multidigit sequence and carries out operation, obtain the Hash Value of the multidigit sequence;Take part Hash Value as the second key.
6. according to the method described in claim 1 to 5 any claim, which is characterized in that the first key is symmetrical adds
The key of close algorithm.
7. according to the method described in claim 6, it is characterized in that, the symmetric encipherment algorithm is the close SM4 algorithms of state.
8. a kind of data processing method, which is characterized in that include the following steps:
Obtain ciphertext data and the physical memory addresses for storing ciphertext data;
Physical memory addresses value for storing ciphertext data is subjected to operation with first key, obtains the second key;
Operation is decrypted by the second key pair ciphertext data, obtains clear data.
9. according to the method described in claim 8, it is characterized in that, the physical memory addresses by for storing ciphertext data
Value carries out operation with first key, obtains the second key step, specifically includes:
The physical memory addresses value for storing ciphertext data and the first key are subjected to linear transformation, obtain second
Key.
10. according to the method described in claim 9, it is characterized in that, the linear transformation is, by described for storing ciphertext number
According to physical memory addresses value and the first key carry out XOR operation.
11. according to the method described in claim 8, it is characterized in that, the physical memory by for storing ciphertext data
Location value carries out operation with first key, obtains the second key step, specifically includes:
The physical memory addresses value for storing ciphertext data and the first key are subjected to nonlinear transformation, obtain the
Two keys.
12. according to the method for claim 11, which is characterized in that the nonlinear transformation is that described will be used to store close
The physical memory addresses value of literary data and the value of the first key are ranked sequentially, and obtain multidigit sequence;Utilize hash algorithm pair
The multidigit sequence carries out operation, obtains the Hash Value of the multidigit sequence;Take part Hash Value as the second key.
13. according to the method described in claim 8 to 12 any claim, which is characterized in that the first key is symmetrical
The key of Encryption Algorithm.
14. according to the method for claim 13, which is characterized in that the symmetric encipherment algorithm is the close SM4 algorithms of state.
15. a kind of data processing equipment, which is characterized in that including:
Acquisition module, when data are encrypted, the physical memory for obtaining clear data and for storing ciphertext data
Address;And when data are decrypted, physical memory for obtaining ciphertext data and for storing ciphertext data
Location;
Computing module carries out operation for that will be used to store the physical memory addresses values of ciphertext data with first key, obtains the
Two keys;
Processing module, for operation to be encrypted by the second key pair clear data, is obtained when data are encrypted
To ciphertext data;And when data are decrypted, for fortune to be decrypted by the second key pair ciphertext data
It calculates, obtains clear data;The ciphertext data are stored in the physical memory addresses for storing ciphertext data.
16. device according to claim 15, which is characterized in that the computing module is specifically used for:By described for depositing
The physical memory addresses value and the first key for storing up ciphertext data carry out linear transformation, obtain the second key.
17. device according to claim 16, which is characterized in that the linear transformation is, by described for storing ciphertext
The physical memory addresses value of data and the first key carry out XOR operation.
18. device according to claim 15, which is characterized in that the computing module is specifically used for:By described for depositing
The physical memory addresses value and the first key for storing up ciphertext data carry out nonlinear transformation, obtain the second key.
19. device according to claim 18, which is characterized in that the nonlinear transformation is that described will be used to store close
The physical memory addresses value of literary data and the value of the first key are ranked sequentially, and obtain multidigit sequence;Utilize hash algorithm pair
The multidigit sequence carries out operation, obtains the Hash Value of the multidigit sequence;Take part Hash Value as the second key.
20. according to the device described in claim 15 to 19 any claim, which is characterized in that the computing module, specifically
First key for being applied by symmetric encipherment algorithm carries out operation.
21. device according to claim 20, which is characterized in that the symmetric encipherment algorithm is the close SM4 algorithms of state.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810254719.6A CN108768620B (en) | 2018-03-26 | 2018-03-26 | Data processing method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810254719.6A CN108768620B (en) | 2018-03-26 | 2018-03-26 | Data processing method and device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108768620A true CN108768620A (en) | 2018-11-06 |
CN108768620B CN108768620B (en) | 2021-04-27 |
Family
ID=63980302
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810254719.6A Active CN108768620B (en) | 2018-03-26 | 2018-03-26 | Data processing method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108768620B (en) |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109635599A (en) * | 2018-12-07 | 2019-04-16 | 上海爱信诺航芯电子科技有限公司 | Data ciphering method, decryption method, protective device, on-chip memory and chip |
CN109656840A (en) * | 2018-12-21 | 2019-04-19 | 成都海光集成电路设计有限公司 | A kind of device of data encrypting and deciphering, method, storage medium and data-storage system |
CN110213052A (en) * | 2019-06-05 | 2019-09-06 | 海光信息技术有限公司 | Data processing method and device |
CN110287708A (en) * | 2018-03-19 | 2019-09-27 | 扬智科技股份有限公司 | One Time Programmable encryption device and its encryption method |
CN110298186A (en) * | 2019-07-02 | 2019-10-01 | 北京计算机技术及应用研究所 | A kind of non-key data encipher-decipher method based on dynamic reconfigurable crypto chip |
CN111130784A (en) * | 2019-12-25 | 2020-05-08 | 成都海光集成电路设计有限公司 | Key generation method and device, CPU chip and server |
CN112202546A (en) * | 2020-09-29 | 2021-01-08 | 山东华翼微电子技术股份有限公司 | SM3 cryptographic hash algorithm message expansion serial optimization system and method |
CN113434876A (en) * | 2021-06-22 | 2021-09-24 | 海光信息技术股份有限公司 | Data encryption method and device, memory controller, chip and electronic equipment |
CN113642051A (en) * | 2021-10-13 | 2021-11-12 | 广州匠芯创科技有限公司 | Encrypted data read-write method of SPI storage equipment and embedded processor chip |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102355352A (en) * | 2011-07-24 | 2012-02-15 | 哈尔滨工程大学 | Data confidentiality and integrity protection method |
-
2018
- 2018-03-26 CN CN201810254719.6A patent/CN108768620B/en active Active
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102355352A (en) * | 2011-07-24 | 2012-02-15 | 哈尔滨工程大学 | Data confidentiality and integrity protection method |
Cited By (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110287708B (en) * | 2018-03-19 | 2023-07-04 | 扬智科技股份有限公司 | One-time programmable encryption device and encryption method thereof |
CN110287708A (en) * | 2018-03-19 | 2019-09-27 | 扬智科技股份有限公司 | One Time Programmable encryption device and its encryption method |
CN109635599A (en) * | 2018-12-07 | 2019-04-16 | 上海爱信诺航芯电子科技有限公司 | Data ciphering method, decryption method, protective device, on-chip memory and chip |
CN109656840A (en) * | 2018-12-21 | 2019-04-19 | 成都海光集成电路设计有限公司 | A kind of device of data encrypting and deciphering, method, storage medium and data-storage system |
CN110213052A (en) * | 2019-06-05 | 2019-09-06 | 海光信息技术有限公司 | Data processing method and device |
CN110298186A (en) * | 2019-07-02 | 2019-10-01 | 北京计算机技术及应用研究所 | A kind of non-key data encipher-decipher method based on dynamic reconfigurable crypto chip |
CN110298186B (en) * | 2019-07-02 | 2021-04-06 | 北京计算机技术及应用研究所 | Non-key data encryption and decryption method based on dynamic reconfigurable cipher chip |
CN111130784A (en) * | 2019-12-25 | 2020-05-08 | 成都海光集成电路设计有限公司 | Key generation method and device, CPU chip and server |
CN111130784B (en) * | 2019-12-25 | 2023-08-08 | 成都海光集成电路设计有限公司 | Key generation method and device, CPU chip and server |
CN112202546A (en) * | 2020-09-29 | 2021-01-08 | 山东华翼微电子技术股份有限公司 | SM3 cryptographic hash algorithm message expansion serial optimization system and method |
CN112202546B (en) * | 2020-09-29 | 2023-06-23 | 山东华翼微电子技术股份有限公司 | SM3 cipher hash algorithm message expansion serial optimization system and method |
CN113434876A (en) * | 2021-06-22 | 2021-09-24 | 海光信息技术股份有限公司 | Data encryption method and device, memory controller, chip and electronic equipment |
CN113642051A (en) * | 2021-10-13 | 2021-11-12 | 广州匠芯创科技有限公司 | Encrypted data read-write method of SPI storage equipment and embedded processor chip |
Also Published As
Publication number | Publication date |
---|---|
CN108768620B (en) | 2021-04-27 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108768620A (en) | A kind of data processing method and device | |
Nkandeu et al. | An image encryption algorithm based on substitution technique and chaos mixing | |
JP6783877B2 (en) | Cryptographic text query methods and systems for fully homomorphic encryption | |
Zhang et al. | Chaotic image encryption based on circular substitution box and key stream buffer | |
Xu et al. | Image encryption based on synchronization of fractional chaotic systems | |
CN106850221B (en) | Information encryption and decryption method and device | |
Patel et al. | Image encryption using different techniques: A review | |
KR101324825B1 (en) | Message authentication code pre-computation with applications to secure memory | |
CN105722067B (en) | Data method for encryption/decryption and device on mobile terminal | |
CN107317666A (en) | A kind of parallel full homomorphism encipher-decipher method for supporting floating-point operation | |
Thangavel et al. | Enhanced DNA and ElGamal cryptosystem for secure data storage and retrieval in cloud | |
CN103532701A (en) | Encryption and decryption method for numeric type data | |
CN115801224B (en) | Fully homomorphic encryption method supporting floating point number operation in cloud computing environment | |
CN103051446A (en) | Key encryption and storage method | |
Gafsi et al. | High securing cryptography system for digital image transmission | |
JP6961324B2 (en) | Searchable cryptographic processing system | |
CN106941406B (en) | Identify-based encryption endorsement method, decryption sign test method and device thereof | |
US8804953B2 (en) | Extensive ciphertext feedback | |
Ahmad et al. | A secure network communication protocol based on text to barcode encryption algorithm | |
Behnia et al. | Applications of tripled chaotic maps in cryptography | |
Chen et al. | Information authentication using sparse representation of double random phase encoding in fractional Fourier transform domain | |
Ahmad Abusukhon et al. | A novel network security algorithm based on encrypting text into a white-page image | |
Gupta et al. | Enhancement of Cloud Security and removal of anti-patterns using multilevel encryption algorithms. | |
CN107342865B (en) | SM 4-based authentication encryption algorithm | |
Veeraragavan et al. | Enhanced encryption algorithm (EEA) for protecting users' credentials in public cloud |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB02 | Change of applicant information |
Address after: 300450 Tianjin Binhai New Area Huayuan Industrial Zone Haitai West Road 18 North 2-204 Industrial Incubation-3-8 Applicant after: Haiguang Information Technology Co., Ltd Address before: 300384 North 2-204 industrial hatching -3-8, No. 18, Hai Tai Road, Huayuan Industrial Zone, Xiqing District, Tianjin, Tianjin Applicant before: HAIGUANG INFORMATION TECHNOLOGY Co.,Ltd. |
|
CB02 | Change of applicant information | ||
GR01 | Patent grant | ||
GR01 | Patent grant |