CN111414635A - File encryption and decryption method, device, equipment and storage medium - Google Patents
File encryption and decryption method, device, equipment and storage medium Download PDFInfo
- Publication number
- CN111414635A CN111414635A CN202010203402.7A CN202010203402A CN111414635A CN 111414635 A CN111414635 A CN 111414635A CN 202010203402 A CN202010203402 A CN 202010203402A CN 111414635 A CN111414635 A CN 111414635A
- Authority
- CN
- China
- Prior art keywords
- encryption
- encrypted
- file
- data
- length
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 86
- 238000004422 calculation algorithm Methods 0.000 claims abstract description 32
- 230000015654 memory Effects 0.000 claims description 16
- 238000004590 computer program Methods 0.000 claims description 3
- 230000000875 corresponding effect Effects 0.000 description 15
- 238000010586 diagram Methods 0.000 description 14
- 238000013467 fragmentation Methods 0.000 description 4
- 238000006062 fragmentation reaction Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 3
- 238000004458 analytical method Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 2
- 238000004364 calculation method Methods 0.000 description 2
- 244000035744 Hura crepitans Species 0.000 description 1
- 238000003491 array Methods 0.000 description 1
- 230000002596 correlated effect Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000008707 rearrangement Effects 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Abstract
The invention discloses a file encryption and decryption method, device, equipment and storage medium, wherein the method comprises the following steps: selecting at least two encrypted data blocks from a file to be encrypted; acquiring the encryption position and the encryption length of each encrypted data block; and encrypting the file data in each encrypted data block according to the encryption position and the encryption length and a preset encryption algorithm. According to the technical scheme of the embodiment of the invention, the encryption data block in the file to be encrypted is determined, and the file to be encrypted is encrypted according to the encryption position and the encryption length of the encryption data block, so that the encryption speed of the large file is increased, and the user experience degree is improved on the premise of ensuring the file security.
Description
Technical Field
The embodiment of the invention relates to the technical field of data security, in particular to a file encryption and decryption method, device, equipment and storage medium.
Background
Data security of mobile devices has become an increasing concern for users, and when we use apps, apps download and store many user data in mobile phone files. Some data is very relevant for privacy, such as mail, chat logs, photos, etc. Once the data file is stored in the mobile phone, the data file is in danger of leakage. Although the iOS/Android platform has the concept of App sandbox, ordinary users cannot directly see the files, but hacker technology can still easily obtain the data.
In order to ensure data security, more and more apps encrypt files stored on the mobile phone. After downloading the file, the App encrypts the file in the memory and stores the encrypted file in the mobile phone. When reading the file, the App needs to load the file into the memory first, decrypt the file, and then use the file. The intermediate addition of the encryption-decryption process requires a lot of time. For example, on a common Android phone, it takes about 1s to decrypt one 10M picture with a common encryption algorithm. Imagine that there are 30 pictures on a picture management App home page, and 30s are required to fully display the 30 pictures. For another example, an App, a piece of mail may also have a size of several M. 1s of katton is a poor user experience when the user clicks on a piece of mail from the mailing list. In order to shorten the encryption and decryption time of the file, a simpler encryption algorithm or a way of compressing the size of the file is often adopted, however, the simple encryption algorithm can reduce the security of the file, the file can be cracked more easily, and in addition, the integrity of the file can be sacrificed by compressing the size of the file, for example, the picture file can be reduced in size in a way of sacrificing the definition.
Disclosure of Invention
The invention provides a file encryption and decryption method, device, equipment and storage medium, which realize the rapid encryption and decryption of large files and improve the processing efficiency of the file encryption and decryption process on the premise of file security.
In a first aspect, an embodiment of the present invention provides a file encryption method, where the method includes:
dividing a file to be encrypted into at least two encrypted data blocks;
acquiring the encryption position and the encryption length of each encrypted data block;
and encrypting the file data in each encrypted data block according to the encryption position and the encryption length and a preset encryption algorithm.
In a second aspect, an embodiment of the present invention provides a file decryption method, where the method includes:
acquiring an encryption position and an encryption length of an encryption data block in an encryption file;
and decrypting the encrypted file according to the encryption position and the encryption length.
In a third aspect, an embodiment of the present invention provides a file encryption apparatus, where the apparatus includes:
the data block module is used for dividing the file to be encrypted into at least two encrypted data blocks;
the encryption parameter module is used for acquiring the encryption position and the encryption length of each encrypted data block;
and the file encryption module is used for encrypting the file data in each encrypted data block according to the encryption position and the encryption length and a preset encryption algorithm.
In a fourth aspect, an embodiment of the present invention provides a file decryption apparatus, where the apparatus includes:
the decryption parameter module is used for acquiring the encryption position and the encryption length of the encryption data block in the encryption file;
and the file decryption module is used for decrypting the encrypted file according to the encryption position and the encryption length.
In a fifth aspect, an embodiment of the present invention provides an apparatus, where the apparatus includes:
one or more processors;
a memory for storing one or more programs,
when executed by the one or more processors, cause the one or more processors to implement a file encryption method and/or a file decryption method as described in any of the embodiments of the invention.
In a sixth aspect, an embodiment of the present invention provides a storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements a file encryption method and/or a file decryption method according to any one of the embodiments of the present invention.
According to the technical scheme of the embodiment of the invention, the encrypted data blocks are divided from the file to be encrypted, the encryption position and the encryption length of each encrypted data block are obtained, and the file data in each encrypted data block is encrypted according to the encryption position and the encryption length and the preset encryption algorithm, so that the data file is quickly encrypted, the processing speed of the data file is increased, and the user experience degree can be increased on the premise of ensuring the file security.
Drawings
Fig. 1 is a flowchart of a file encryption method according to an embodiment of the present invention;
fig. 2 is a flowchart of a file encryption method according to a second embodiment of the present invention;
FIG. 3 is a schematic structural diagram of a file feature array according to a second embodiment of the present invention;
FIG. 4 is an exemplary diagram of an encryption feature generation provided by the second embodiment of the present invention;
FIG. 5 is a diagram illustrating an example of a file encryption process according to a second embodiment of the present invention;
fig. 6 is a flowchart of a file decryption method according to a third embodiment of the present invention;
fig. 7 is an exemplary diagram of a file decryption method according to a third embodiment of the present invention;
fig. 8 is a schematic structural diagram of a file encryption apparatus according to a fourth embodiment of the present invention;
fig. 9 is a schematic structural diagram of a file decryption apparatus according to a fifth embodiment of the present invention;
fig. 10 is a schematic structural diagram of an apparatus according to a sixth embodiment of the present invention.
Detailed Description
The present invention will be described in further detail with reference to the accompanying drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the invention and are not limiting of the invention. It should be further noted that, for the convenience of description, only some of the structures related to the present invention are shown in the drawings, not all of the structures.
The embodiment of the invention is suitable for the situation of encrypted storage of user data on mobile equipment, for example, the user data needs to be encrypted during storage and decrypted during use due to privacy safety, and when the user data is large in volume and the encrypted user data is accessed, the encryption process of the data file needs to be optimized to improve the encryption speed. According to the technical scheme of the embodiment of the invention, the time consumption in the encryption and/or decryption process is reduced by using the encrypted data block, the reading capability of the streaming file is provided on the basis of the algorithm complexity of the original encryption algorithm, and the reading efficiency of the data file is enhanced.
Example one
Fig. 1 is a flowchart of a file encryption method according to an embodiment of the present invention, where this embodiment is applicable to a case of encrypting large file data, and the method may be executed by a file encryption apparatus, and the apparatus may be implemented by software and/or hardware, and referring to fig. 1, the method according to the embodiment of the present invention includes:
The file to be encrypted can be data which needs privacy protection and can be stored in the intelligent terminal, the data volume corresponding to the file to be encrypted is high, and high time can be spent in data encryption. The encrypted data block may be file data in the file to be encrypted, or may be a part of the file to be encrypted that is encrypted. It will be appreciated that the greater the number of encrypted data blocks in a file to be encrypted, the longer the encryption time that the file to be encrypted can take.
Specifically, the encrypted data block to be encrypted is selected from the file to be encrypted, the encrypted data block may be selected from the file to be encrypted according to the data volume of the file to be encrypted, and the larger the data volume of the file to be encrypted is, the fewer encrypted data blocks may be selected from the file to be encrypted.
And 102, acquiring the encryption position and the encryption length of each encryption data block.
The encryption position may be a start address position of the encrypted data block, and may specifically include a physical address and a logical address, for example, a physical storage address of the encryption position in the hardware storage, or a relative position offset of the encrypted data block with respect to the encrypted file header. The encryption length may represent a data amount of the encrypted data block, and specifically may be a length value of a storage location occupied by the encrypted data block or a distance value from an end of the encrypted data block to a start of the encrypted data block.
In the embodiment of the present invention, for each encrypted data block, the encryption position of the start position of each data block and the encryption length of the number of data blocks can be obtained, and it can be understood that the encryption lengths of the encrypted data blocks may be different, and the data amounts of the encrypted data blocks may be different.
And 103, encrypting the file data in each encrypted data block according to the encryption position and the encryption length and a preset encryption algorithm.
The preset encryption algorithm may be a predetermined encryption algorithm, and may include a symmetric encryption algorithm and an asymmetric encryption algorithm, and may specifically be an existing encryption algorithm.
Specifically, the position of an encrypted data block in the file to be encrypted can be determined according to the encryption position and the encryption length, the encrypted data block in the file to be encrypted can be encrypted according to a preset encryption algorithm to realize the encryption process of the file to be encrypted, further, the encrypted data block can be subjected to parallel encryption or serial encryption according to the preset encryption algorithm, the encrypted data block in the file to be encrypted can be sequentially processed, the file data can be read in a streaming mode, and the reading efficiency of the file data is improved.
According to the technical scheme of the embodiment of the invention, at least two encrypted data blocks are selected from the file to be encrypted, the encryption position and the encryption length of each encrypted data block are determined, and the file data in each encrypted data block is encrypted according to the encryption position and the encryption length and a preset encryption algorithm, so that the data file is quickly encrypted, the reading efficiency of the data file is enhanced on the premise of ensuring the data security, and the user experience degree can be improved.
Further, on the basis of the above embodiment of the invention, the method further includes: and determining the encrypted length of each encrypted data block after encryption, and recording the encrypted length.
Specifically, the encrypted length may be a length that the encrypted data block occupies a storage location after being encrypted, and may identify a file data amount of the encrypted data block after being encrypted. The encrypted length can be determined by calculation through a preset encryption algorithm and an encryption length, and different encrypted lengths can be determined according to different preset encryption algorithms. The encrypted length of each encrypted data block can be stored after the file to be encrypted is encrypted, so that the encrypted data blocks can be conveniently obtained in the decryption process, and the file decryption speed can be improved.
Example two
Fig. 2 is a flowchart of a file encryption method according to a second embodiment of the present invention, which is embodied based on the above embodiment of the present invention, and the embodiment of the present invention selects an encrypted data block in a file to be encrypted in an encryption proportion manner, and sequentially encrypts the file to be encrypted according to an appearance sequence of an encryption position in the file to be encrypted, so as to implement streaming processing of file encryption, referring to fig. 2, the method according to the second embodiment of the present invention includes:
The encryption ratio may be a total ratio of the encrypted file data to the file data of the file to be encrypted, and may be set by a user as needed, for example, the encryption ratio is encrypted data size/data size of the file to be encrypted. The number of the encryption blocks may be the number of the encryption data blocks to be encrypted in the file to be encrypted, the number of the encryption blocks may be related to the data scale of the file to be encrypted, and when the data scale of the file to be encrypted is larger, the number of the encryption blocks may be smaller.
Specifically, the encryption proportion and the number of encryption blocks input by a user can be obtained, illustratively, the encryption proportion and the number of encryption blocks can be related to the data volume of a file to be encrypted, different encryption proportions and different numbers of encryption blocks can be recommended to the user according to different data specifications of the file to be encrypted, the user can select the encryption proportion and the encryption number of the file to be encrypted according to different self requirements, and it can be understood that the encryption proportion and the number of encryption blocks of the file to be encrypted can be the same or different in the same intelligent terminal.
The partial encryption file can be a part for encrypting data in the file to be encrypted, and the data processing amount in the encryption process can be further reduced by selecting a partial file in the file to be encrypted, so that the encryption efficiency is improved.
Specifically, the data size of the file data to be encrypted in the file to be encrypted may be determined according to the encryption ratio, the file data may be selected as the partially encrypted file from the file to be encrypted depending on the encryption ratio, and for example, the product of the data size and the ratio of the file to be encrypted may be used as the data size of the partially encrypted file, and the file data of the data size may be continuously selected as the partially encrypted file from the beginning of the file to be encrypted.
And 203, splitting the part of the encrypted file into encrypted data blocks according to the number of the encrypted blocks.
In the embodiment of the invention, the part of the encrypted file can be split, the encrypted file can be uniformly split into the encrypted data blocks with the same size, and the part of the encrypted file can be split into the encrypted data blocks with random sizes.
And 204, determining the data position of the encrypted data block in the file to be encrypted as an encryption position for each encrypted data block.
The data location may be a physical address or a logical address of the encrypted data block in the file to be encrypted, and specifically, the data location may be a storage location corresponding to data at the beginning of the encrypted data block.
In the embodiment of the present invention, the data address of the file data at the beginning of each encrypted data block may be obtained, specifically, the data address may include a physical address and a logical address of the file data, and the obtained data address may be used as an encryption position corresponding to each encrypted data block. It can be understood that after the encrypted data blocks are subjected to the encryption operation, the encryption position of each encrypted data block can be the same as the starting position before the encrypted data blocks are encrypted or can be determined by calculation through an encryption algorithm, and when the encrypted data blocks are decrypted, the position of each encrypted data block in the encrypted file to be encrypted can be determined according to the encryption position.
Specifically, the file length may be a data amount representing the encrypted data block, the larger the data amount of the encrypted data block is, the higher the length of the storage location occupied by the file data in the encrypted data block is, and the length of the location of the storage control occupied by the file data in the encrypted data block may be taken as the encryption length of each encrypted data block.
And step 206, sequentially acquiring the file data of the file to be encrypted.
Specifically, the file data in the file to be encrypted is read sequentially, and for example, the file data may be read according to a preset data block, or the file to be encrypted is read according to a storage address sequence of the file data.
In the embodiment of the present invention, all the file data in the file to be encrypted may not need to be encrypted, only the file data in the encrypted data block is encrypted, specifically, it may be determined whether the read file data belongs to the encrypted data block, if so, the file data may be encrypted, if not, the file data is not encrypted, it may be understood that the preset encrypted file may be generated by encrypting the file to be encrypted, the preset encrypted file may be the same file as the original file to be encrypted, or may be a regenerated file, when the file data does not belong to the encrypted data block, the file data may be directly stored in the preset encrypted file, otherwise, the file data may be encrypted according to a preset determined encryption algorithm, the encrypted file data may be stored in the preset encrypted file, when the file to be encrypted, the encryption process of each file data can be processed in parallel, so that the efficiency of the encryption process is improved, and it can be understood that different encryption keys can be selected for different encrypted data blocks to further improve the security of file encryption.
According to the technical scheme of the embodiment of the invention, the encryption proportion and the number of the encryption blocks of the file to be encrypted are encrypted, part of the encrypted file in the file to be encrypted is determined according to the encryption proportion, the part of the encrypted file is divided into the encryption data blocks corresponding to the number of the encryption blocks, the data position of each encryption data block in the file to be encrypted is taken as the encryption position, the file length of each encryption data block is taken as the encryption length, and the file to be encrypted is encrypted according to the encryption position and the encryption length according to the preset encryption algorithm.
Further, on the basis of the above embodiment of the invention, the method further includes: and recording the encryption position and the encryption length of each encrypted data block.
In the embodiment of the present invention, after the encryption position and the encryption length of each encrypted data block are determined, the encryption position and the encryption length may also be recorded, and may be used in a decryption process after the file is encrypted, specifically, the encryption position and the encryption length of each encrypted data block may be stored in a file generated by encrypting the file to be encrypted in an associated manner, or the encryption position and the encryption length of the encrypted data block may be stored separately.
Further, on the basis of the above embodiment of the present invention, the recording the encryption position and the encryption length of each of the encrypted data blocks includes:
and encrypting the encryption position and the encryption length of each encrypted data block and recording the encrypted position and the encrypted length of each encrypted data block in a file characteristic array of a preset encrypted file head, wherein the file characteristic array comprises a position array and a length array, and the encryption position and the encryption length of each encrypted data block are stored in a position array and a length array in a correlation manner.
The file feature array may store a data structure of an encryption position and an encryption length, the file feature array may be located in a preset encrypted file, the preset encrypted file may be generated by encrypting the file to be encrypted, may be generated by modifying the file to be encrypted based on the file to be encrypted, or may be generated by recreating the file, and the encryption position and the encryption length in the file feature array may be used for decrypting the file.
Specifically, after the encryption length and the encryption degree of each encrypted data block are obtained, the encryption position, the encryption length and the encrypted data block can be stored in a file feature array in an associated manner, it can be understood that the file feature array can be located at the file head of a preset encrypted file, and data decryption can be performed according to the file feature array during decryption. For example, fig. 3 is a schematic structural diagram of a file feature array according to a second embodiment of the present invention, and referring to fig. 3, the file feature array may be generated by a position array and a length array, and each group of file feature arrays may correspond to different encrypted data blocks.
Further, on the basis of the above embodiment of the present invention, the determining whether the file data is encrypted according to the encryption position and the encryption length includes:
acquiring the storage position of the data to be encrypted in the file to be encrypted; and if the storage position is located between the encryption position and the sum of the encryption position and the encryption length, determining that the data to be encrypted is encrypted, otherwise, determining that the data to be encrypted is not encrypted.
In the embodiment of the invention, whether the file data needs to be encrypted or not can be determined through the sequential relation between the storage position and the encryption position address of each file data, when the storage position of the file data is between the encryption position and the encryption length sum of the encryption data block, the storage address of the file data is in the storage address range of the encryption data block, the file data is determined to belong to the encryption data block, the file data needs to be encrypted, if the storage position of the file data does not belong to the encryption position and the encryption length sum of the encryption data block, the storage address of the file data does not belong to the storage address range of the encryption data block, and the file data does not need to be encrypted if the storage position of the file data does not belong to the encryption position and the encryption length sum of the encryption data block.
For example, the file encryption method provided by the embodiment of the present invention may include an encryption feature generation process and a file encryption process, fig. 4 is an exemplary diagram of an encryption feature generation process provided by the second embodiment of the present invention, referring to fig. 4, a source file size, an encryption algorithm, an encryption ratio, and a fragmentation factor may be used as inputs of the encryption feature generation process, where the fragmentation factor may be the number of encrypted blocks in the embodiment of the present invention, a data size S2 that needs to be encrypted may be calculated according to the source file size S1 and the encryption ratio F, an interval G between encrypted data blocks may be determined according to the source file size S1 and the fragmentation factor N, S2 may be randomly split into N encrypted data blocks, and a data amount of each data block may be less than or equal to the interval G. The encryption length and encryption position may be determined for each encrypted data block and stored in the encryption feature array N x 2. Fig. 5 is an exemplary diagram of a file encryption process according to a second embodiment of the present invention, and after determining an encryption feature array, a source file may be encrypted, referring to fig. 5, the encryption feature array may be first written into a file as an encryption file header, each encrypted data block may be sequentially encrypted, and data that is not encrypted may be written into the end of the file to implement an encryption process of the file to be encrypted.
EXAMPLE III
Fig. 6 is a flowchart of a file decryption method provided in a third embodiment of the present invention, where this embodiment is applicable to the case of decrypting large file data, and the method may be executed by a file decryption apparatus, and the apparatus may be implemented by software and/or hardware, and referring to fig. 6, the method provided in the third embodiment of the present invention includes:
The encrypted file may be a data file encrypted by the encryption method according to the embodiment of the present invention, the encrypted file may include an encrypted file portion and an unencrypted file portion, the encrypted data block may be a data file encrypted in the encrypted file, and the encrypted file may include a plurality of encrypted data blocks. The encryption position may be a start position of file data of the encrypted data block, the encryption length may be a length of the storage position occupied by the encrypted data block, the encryption length may include a length before the encrypted data block is encrypted and a length after the encrypted data block is encrypted, and it is understood that the length before the encrypted data block is encrypted and the length after the encrypted data block is encrypted may be converted according to an encryption algorithm.
Specifically, the encryption position and the encryption length of the encrypted data block in the encrypted file can be obtained, the encryption position and the encryption length of each encrypted data block can be stored in the encrypted file in a correlated manner, the corresponding encryption position and the corresponding encryption length can be directly extracted when the encrypted file needs to be decrypted, further, the encryption position and the encryption length corresponding to the encrypted file can be stored separately from the encrypted file, and when the encrypted file is decrypted, a request can be sent to obtain the encryption position and the encryption length corresponding to the encrypted file.
And 302, decrypting the encrypted file according to the encryption position and the encryption length.
Specifically, the position of the encrypted data block in the encrypted file can be determined according to the encryption position and the encryption length, the file data in each encrypted data block can be decrypted respectively, the decryption process of the encrypted file is realized, and it can be understood that each encrypted data block can be processed in parallel, and the confidentiality process of the encrypted file is further improved.
According to the technical scheme of the embodiment of the invention, the encryption position and the encryption length of the encryption data block in the encrypted file are obtained, the encrypted file is analyzed through the encryption position and the encryption length, the file data volume required to be processed in the decryption process is reduced through the encryption data block, and the user experience degree is improved on the premise of ensuring the file data security.
Further, on the basis of the above embodiment of the present invention, the acquiring the encryption position and the encryption length of the encrypted data block in the encrypted file includes:
acquiring the number of encrypted blocks of encrypted data blocks in the encrypted file; reading a file feature array at the head of the encrypted file according to the number of the encrypted blocks; and decrypting the file characteristic array and acquiring the encryption position and the encryption length of each encrypted data block.
The number of the encrypted blocks may be the number of the encrypted data blocks in the encrypted file, and the number of the encrypted blocks may be stored in the header of the encrypted file in advance. The file characteristic array can be a data structure for storing the encryption position and the encryption length of the encryption block and can comprise the encryption position and the encryption length of each encryption data block, and the file characteristic array is stored in the encryption file in an encryption mode.
Specifically, the number of encrypted blocks of the encrypted data blocks in the encrypted file can be obtained, and the file feature array of the header of the encrypted file can be read according to the number of the encrypted blocks, wherein the file feature array is in an encrypted state, and after the file feature array is obtained, the file feature array can be decrypted to obtain the encrypted position and the encrypted length of each encrypted data block.
Further, on the basis of the above embodiment of the present invention, the decrypting the encrypted file according to the encryption position and the encryption length includes:
sequentially acquiring file data of the encrypted file; and determining whether the file data is decrypted according to the encryption position and the encryption length, if so, decrypting the encrypted data and then storing the decrypted data in a preset decryption file, and if not, storing the encrypted data in the preset decryption file.
In the embodiment of the present invention, the file data in the encrypted file can be read sequentially, wherein the reading can be read according to the predetermined threshold length, after reading the file data, it can be determined whether the file data belongs to the encrypted data block, and if so, the file data needs to be decrypted, if not, the file data can be used as the decrypted file data, it is understood that the predetermined decrypted file may be generated by decrypting the encrypted file, the predetermined decrypted file may be the same file as the encrypted file, further, the predetermined decrypted file may also be different file from the encrypted file, when decryption is performed, a preset decryption file can be regenerated, and it is understood that, in the initial stage, the preset decryption file can be a blank file, the decrypted file data may be stored to the preset decrypted file in the original order in the encrypted file.
Further, on the basis of the above embodiment of the present invention, the determining whether to decrypt the file data according to the encryption position and the encryption length includes:
acquiring a storage position of the encrypted data in the confidential file; and if the storage position is located between the encryption position and the sum of the encryption position and the encryption length, determining that the data to be encrypted is decrypted, otherwise, determining that the data to be encrypted is not decrypted.
In the embodiment of the invention, whether the file data needs to be encrypted or not can be determined through the storage position of each file data, when the storage position of the file data is between the encryption position and the encryption length sum of the encryption data block, the file data is determined to belong to the encryption data block, the file data needs to be decrypted, and if the storage position of the file data does not belong to the encryption position and the encryption length sum of the encryption data block, the file data is determined not to belong to the encryption data block, and the file data can not be decrypted.
For example, fig. 7 is an exemplary diagram of a file decryption method provided by the third embodiment of the present invention, referring to fig. 7, an encryption algorithm and a key may be used as input information of the file decryption method, an encrypted file header may be read first to obtain a fragmentation factor, that is, the number of encrypted blocks in the present invention, and header data of an encrypted file may be obtained according to the number of encrypted blocks, where the header data may include an encryption position and an encryption length of each encrypted data block, an encryption characteristic T of each encrypted data block may be obtained by decrypting the header data, the encryption characteristic T may include an encryption position and an encryption length of a corresponding data block, a decryption operation may be performed on each encrypted data block, and the decrypted file data is obtained to implement a decryption process of the encrypted file.
Example four
Fig. 8 is a schematic structural diagram of a file encryption apparatus according to a fourth embodiment of the present invention, which is capable of executing a file encryption method according to any embodiment of the present invention, and includes functional modules corresponding to the execution method and beneficial effects. The apparatus may be implemented by software and/or hardware, see fig. 7, and specifically includes:
a data block module 401, configured to select at least two encrypted data blocks in a file to be encrypted.
An encryption parameter module 402, configured to obtain an encryption position and an encryption length of each encrypted data block.
A file encryption module 403, configured to encrypt file data in each encrypted data block according to a preset encryption algorithm according to the encryption position and the encryption length.
According to the technical scheme of the embodiment of the invention, at least two encrypted data blocks are selected from the file to be encrypted through the data block module, the encryption parameter module determines the encryption position and the encryption length of the encrypted data blocks, and the file encryption module encrypts the file data in each encrypted data block according to the encryption position and the encryption length and a preset encryption algorithm, so that the data file is quickly encrypted, the reading efficiency of the data file is enhanced on the premise of ensuring the data security, and the user experience degree can be improved.
Further, on the basis of the above embodiment of the present invention, the data block module 401 includes:
and the parameter acquisition unit is used for acquiring the encryption proportion and the number of the encrypted blocks for encrypting the file to be encrypted.
And the encrypted file unit is used for determining part of encrypted files in the files to be encrypted according to the encryption proportion.
And the block splitting unit is used for splitting the part of the encrypted file into encrypted data blocks according to the number of the encrypted blocks.
Further, on the basis of the above embodiment of the present invention, the encryption parameter module 402 includes:
and the position determining unit is used for determining the data position of the encrypted data block in the file to be encrypted as an encrypted position aiming at each encrypted data block.
And the length determining unit is used for determining the file length of each encrypted data block as the encryption length corresponding to the encrypted data block.
Further, on the basis of the above embodiment of the present invention, the file encryption module 403 includes:
and the data reading unit is used for sequentially acquiring the file data of the file to be encrypted.
And the file encryption unit is used for determining whether the file data is encrypted according to the encryption position and the encryption length, if so, encrypting the file data and then storing the encrypted file data in a preset encryption file, and if not, storing the file data in the preset encryption file.
Further, on the basis of the above embodiment of the present invention, the file encryption unit is specifically configured to:
acquiring the storage position of the data to be encrypted in the file to be encrypted;
and if the storage position is located between the encryption position and the sum of the encryption position and the encryption length, determining that the data to be encrypted is encrypted, otherwise, determining that the data to be encrypted is not encrypted.
Further, on the basis of the above embodiment of the present invention, the file encryption apparatus further includes:
and the data recording module is used for recording the encryption position and the encryption length of each encrypted data block.
Further, on the basis of the embodiment of the present invention, the data recording module is further configured to determine an encrypted length of each encrypted data block after encryption, and record the encrypted length.
Further, on the basis of the embodiment of the present invention, the data recording module is specifically configured to record the encrypted position and the encrypted length of each encrypted data block in a file feature array of a preset encrypted file header after encryption, where the file feature array includes a position array and a length array, and the location array and the length array stored in the encrypted position and the encrypted length of the encrypted data block are stored in an associated manner.
EXAMPLE five
Fig. 9 is a schematic structural diagram of a file decryption device according to a fifth embodiment of the present invention, which is capable of executing a file decryption method according to any embodiment of the present invention, and has functional modules and beneficial effects corresponding to the execution method. The apparatus may be implemented by software and/or hardware, see fig. 9, and specifically includes:
and the decryption parameter module 501 is configured to obtain an encryption position and an encryption length of an encrypted data block in the encrypted file.
A file decryption module 502, configured to decrypt the encrypted file according to the encrypted position and the encrypted length.
According to the technical scheme of the embodiment of the invention, the encryption position and the encryption length of the encryption data block in the encrypted file are obtained through the decryption parameter module, the file decryption module decrypts the encrypted file through the encryption position and the encryption length, the file data amount required to be processed in the decryption process is reduced through the encryption data block, and the user experience degree is improved on the premise of ensuring the file data security.
Further, on the basis of the above embodiment of the present invention, the decryption parameter module 501 includes:
and the parameter acquisition unit is used for acquiring the number of the encrypted blocks of the encrypted data blocks in the encrypted file.
And the characteristic array unit is used for reading a file characteristic array at the head of the encrypted file according to the number of the encrypted blocks.
And the file analysis unit is used for decrypting the file characteristic array and acquiring the encryption position and the encryption length of each encrypted data block.
Further, on the basis of the above embodiment of the present invention, the file decryption module 502 includes:
and the file reading unit is used for sequentially acquiring the file data of the encrypted file.
And the file analysis unit is used for determining whether the file data is decrypted according to the encryption position and the encryption length, if so, decrypting the encrypted data and then storing the decrypted data in a preset decryption file, and if not, storing the encrypted data in the preset decryption file.
Further, on the basis of the above embodiment of the present invention, the file parsing unit is specifically configured to obtain a storage location of the encrypted data in the confidential file; and if the storage position is located between the encryption position and the sum of the encryption position and the encryption length, determining that the data to be encrypted is decrypted, otherwise, determining that the data to be encrypted is not decrypted.
EXAMPLE six
Fig. 10 is a schematic structural diagram of an apparatus according to a sixth embodiment of the present invention, as shown in fig. 10, the apparatus includes a processor 610, a memory 620, an input device 630, and an output device 640; the number of processors 610 in the device may be one or more, and one processor 610 is taken as an example in fig. 10; the processor 610, the memory 620, the input device 630 and the output device 640 in the apparatus may be connected by a bus or other means, and fig. 10 illustrates the example of connection by a bus.
The memory 620 may be used as a computer-readable storage medium for storing software programs, computer-executable programs, and modules, such as program instructions/modules corresponding to the file encryption method and/or the file decryption method in the embodiments of the present invention (e.g., the data block module 401, the encryption parameter module 402, and the file encryption module 403 in the file encryption apparatus, or the decryption parameter module 501 and the file decryption module 502 in the file decryption apparatus). The processor 6100 executes various functional applications of the device and data processing, i.e., implements the file encryption method and/or the file decryption method described above, by executing software programs, instructions, and modules stored in the memory 620.
The memory 620 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the storage data area may store data created according to the use of the terminal, and the like. Further, the memory 620 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid state storage device. In some examples, the memory 620 may further include memory located remotely from the processor 610, which may be connected to the device/terminal/server via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The input means 630 may be used to receive input numeric or character information and generate key signal inputs related to user settings and function controls of the device. The output device 640 may include a display device such as a display screen.
EXAMPLE seven
The seventh embodiment of the present invention further provides a storage medium containing computer-executable instructions, which when executed by a computer processor, are configured to perform a file encryption method and/or a file decryption method, where the file encryption method includes:
selecting at least two encrypted data blocks from a file to be encrypted;
acquiring the encryption position and the encryption length of each encrypted data block;
and encrypting the file data in each encrypted data block according to the encryption position and the encryption length and a preset encryption algorithm.
The file decryption method comprises the following steps:
acquiring an encryption position and an encryption length of an encryption data block in an encryption file;
and decrypting the encrypted file according to the encryption position and the encryption length.
Of course, the storage medium provided by the embodiment of the present invention contains computer-executable instructions, and the computer-executable instructions are not limited to the operations of the method described above, and may also perform related operations in the file encryption method and/or the file decryption method provided by any embodiment of the present invention.
Based on the understanding that the technical solutions of the present invention can be embodied in the form of software products, such as floppy disks, Read-Only memories (ROMs), Random Access Memories (RAMs), flash memories (F L ASHs), hard disks or optical disks of a computer, etc., and include instructions for enabling a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the methods according to the embodiments of the present invention.
It should be noted that, in the embodiment of the file encryption apparatus and/or the file decryption apparatus, the included units and modules are only divided according to the functional logic, but are not limited to the above division, as long as the corresponding functions can be implemented; in addition, specific names of the functional units are only for convenience of distinguishing from each other, and are not used for limiting the protection scope of the present invention.
It is to be noted that the foregoing is only illustrative of the preferred embodiments of the present invention and the technical principles employed. It will be understood by those skilled in the art that the present invention is not limited to the particular embodiments described herein, but is capable of various obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the invention. Therefore, although the present invention has been described in greater detail by the above embodiments, the present invention is not limited to the above embodiments, and may include other equivalent embodiments without departing from the spirit of the present invention, and the scope of the present invention is determined by the scope of the appended claims.
Claims (16)
1. A method for encrypting a file, comprising:
selecting at least two encrypted data blocks from a file to be encrypted;
acquiring the encryption position and the encryption length of each encrypted data block;
and encrypting the file data in each encrypted data block according to the encryption position and the encryption length and a preset encryption algorithm.
2. The method according to claim 1, wherein the selecting at least two encrypted data blocks in the file to be encrypted comprises:
acquiring an encryption proportion and an encryption block number for encrypting the file to be encrypted;
determining a part of encrypted files in the files to be encrypted according to the encryption proportion;
and splitting the part of the encrypted file into encrypted data blocks according to the number of the encrypted blocks.
3. The method according to claim 1 or 2, wherein the obtaining of the encryption position and the encryption length of each encrypted data block comprises:
for each encrypted data block, determining the data position of the encrypted data block in the file to be encrypted as an encryption position;
and determining the file length of each encrypted data block as the corresponding encryption length of the encrypted data block.
4. The method according to claim 3, wherein encrypting the file data in each encrypted data block according to the encryption position and the encryption length and according to a preset encryption algorithm comprises:
sequentially acquiring file data of the file to be encrypted;
and determining whether the file data is encrypted according to the encryption position and the encryption length, if so, encrypting the file data and then storing the encrypted file data in a preset encryption file, and if not, storing the file data in the preset encryption file.
5. The method of claim 4, wherein the determining whether the file data is encrypted according to the encryption position and the encryption length comprises:
acquiring the storage position of the data to be encrypted in the file to be encrypted;
and if the storage position is located between the encryption position and the sum of the encryption position and the encryption length, determining that the data to be encrypted is encrypted, otherwise, determining that the data to be encrypted is not encrypted.
6. The method of claim 3, further comprising recording an encryption position and an encryption length for each of the encrypted data blocks.
7. The method of claim 1, further comprising: and determining the encrypted length of each encrypted data block after encryption, and recording the encrypted length.
8. The method of claim 6, wherein said recording the encryption position and the encryption length of each of said encrypted data blocks comprises:
and encrypting the encryption position and the encryption length of each encrypted data block and recording the encrypted position and the encrypted length of each encrypted data block in a file characteristic array of a preset encrypted file head, wherein the file characteristic array comprises a position array and a length array, and the encryption position and the encryption length of each encrypted data block are stored in a position array and a length array in a correlation manner.
9. A method for decrypting a file, comprising:
acquiring an encryption position and an encryption length of an encryption data block in an encryption file;
and decrypting the encrypted file according to the encryption position and the encryption length.
10. The method of claim 9, wherein obtaining the encryption position and the encryption length of the encrypted data block in the encrypted file comprises:
acquiring the number of encrypted blocks of encrypted data blocks in the encrypted file;
reading a file feature array at the head of the encrypted file according to the number of the encrypted blocks;
and decrypting the file characteristic array and acquiring the encryption position and the encryption length of each encrypted data block.
11. The method according to claim 9 or 10, wherein said decrypting the encrypted file according to the encryption position and the encryption length comprises:
sequentially acquiring the encrypted data of the encrypted file;
and determining whether the encrypted data is decrypted according to the encryption position and the encryption length, if so, decrypting the encrypted data and then storing the decrypted data in a preset decryption file, and if not, storing the encrypted data in the preset decryption file.
12. The method of claim 11, wherein said determining whether to decrypt the encrypted data according to the encryption position and the encryption length comprises:
acquiring a storage position of the encrypted data in the confidential file;
and if the storage position is located between the encryption position and the sum of the encryption position and the encryption length, determining that the data to be encrypted is decrypted, otherwise, determining that the data to be encrypted is not decrypted.
13. A file encryption apparatus, comprising:
the data block module is used for selecting at least two encrypted data blocks in a file to be encrypted;
the encryption parameter module is used for acquiring the encryption position and the encryption length of each encrypted data block;
and the file encryption module is used for encrypting the file data in each encrypted data block according to the encryption position and the encryption length and a preset encryption algorithm.
14. A file decryption apparatus, comprising:
the decryption parameter module is used for acquiring the encryption position and the encryption length of the encryption data block in the encryption file;
and the file decryption module is used for decrypting the encrypted file according to the encryption position and the encryption length.
15. An apparatus, characterized in that the apparatus comprises:
one or more processors;
a memory for storing one or more programs,
when executed by the one or more processors, cause the one or more processors to implement the file encryption method and/or the file decryption method of any one of claims 1-12.
16. A storage medium, on which a computer program is stored, characterized in that the program, when executed by a processor, implements a file encryption method and/or a file decryption method according to any one of claims 1 to 12.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010203402.7A CN111414635A (en) | 2020-03-20 | 2020-03-20 | File encryption and decryption method, device, equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010203402.7A CN111414635A (en) | 2020-03-20 | 2020-03-20 | File encryption and decryption method, device, equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111414635A true CN111414635A (en) | 2020-07-14 |
Family
ID=71493091
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010203402.7A Pending CN111414635A (en) | 2020-03-20 | 2020-03-20 | File encryption and decryption method, device, equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111414635A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112612499A (en) * | 2020-12-31 | 2021-04-06 | 京东数科海益信息科技有限公司 | Application program upgrading method and device, electronic equipment and storage medium |
| CN113139195A (en) * | 2021-04-21 | 2021-07-20 | 统信软件技术有限公司 | Data encryption method and computing device |
| CN113297611A (en) * | 2021-02-08 | 2021-08-24 | 阿里云计算有限公司 | Data processing method, data encryption storage method, data reading method, data processing equipment, data encryption storage equipment, data reading equipment and storage medium |
| CN114979717A (en) * | 2022-07-25 | 2022-08-30 | 广州万协通信息技术有限公司 | Differential video encryption method based on equipment decoding capability and security chip device |
| CN114978573A (en) * | 2022-03-30 | 2022-08-30 | 潍柴动力股份有限公司 | OTA data encryption method, device and system |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102254127A (en) * | 2011-08-11 | 2011-11-23 | 华为技术有限公司 | Method, device and system for encrypting and decrypting files |
| CN102402670A (en) * | 2011-08-03 | 2012-04-04 | 广东欧珀移动通信有限公司 | File encryption and decryption method |
| CN105260668A (en) * | 2015-10-10 | 2016-01-20 | 北京搜狗科技发展有限公司 | File encryption method and electronic device |
-
2020
- 2020-03-20 CN CN202010203402.7A patent/CN111414635A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102402670A (en) * | 2011-08-03 | 2012-04-04 | 广东欧珀移动通信有限公司 | File encryption and decryption method |
| CN102254127A (en) * | 2011-08-11 | 2011-11-23 | 华为技术有限公司 | Method, device and system for encrypting and decrypting files |
| CN105260668A (en) * | 2015-10-10 | 2016-01-20 | 北京搜狗科技发展有限公司 | File encryption method and electronic device |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112612499A (en) * | 2020-12-31 | 2021-04-06 | 京东数科海益信息科技有限公司 | Application program upgrading method and device, electronic equipment and storage medium |
| CN113297611A (en) * | 2021-02-08 | 2021-08-24 | 阿里云计算有限公司 | Data processing method, data encryption storage method, data reading method, data processing equipment, data encryption storage equipment, data reading equipment and storage medium |
| CN113139195A (en) * | 2021-04-21 | 2021-07-20 | 统信软件技术有限公司 | Data encryption method and computing device |
| CN113139195B (en) * | 2021-04-21 | 2023-10-13 | 统信软件技术有限公司 | Data encryption method and computing device |
| CN114978573A (en) * | 2022-03-30 | 2022-08-30 | 潍柴动力股份有限公司 | OTA data encryption method, device and system |
| CN114978573B (en) * | 2022-03-30 | 2024-02-20 | 潍柴动力股份有限公司 | Encryption method, device and system of OTA data |
| CN114979717A (en) * | 2022-07-25 | 2022-08-30 | 广州万协通信息技术有限公司 | Differential video encryption method based on equipment decoding capability and security chip device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111414635A (en) | File encryption and decryption method, device, equipment and storage medium | |
| CN109474423B (en) | Data encryption and decryption method, server and storage medium | |
| CN107612683B (en) | Encryption and decryption method, device, system, equipment and storage medium | |
| CN108259171B (en) | Shader file protection method and device | |
| CN110266682B (en) | Data encryption method and device, mobile terminal and decryption method | |
| CA2293684A1 (en) | Secure deterministic encryption key generator system and method | |
| CN105577379A (en) | Information processing method and apparatus thereof | |
| US20090141889A1 (en) | Data processing apparatus | |
| US20230027142A1 (en) | Method and apparatus for encrypting and decrypting and reading and writing messages, computer device, and storage medium | |
| CN111310222A (en) | File encryption method | |
| CN104063672A (en) | Data security storage method | |
| CN115208701B (en) | Data packet selective encryption method and device | |
| US20180123789A1 (en) | Apparatus and method for generating a key in a programmable hardware module | |
| CN116488814A (en) | FPGA-based data encryption secure computing method | |
| WO2017067513A1 (en) | Data processing method and storage gateway | |
| CN106919348A (en) | Distributed memory system and storage method that anti-violence is cracked | |
| CN102142072A (en) | Encryption processing and decryption processing method and device of electronic files | |
| CN106100829B (en) | Method and device for encrypted storage | |
| CN112039876A (en) | Data ferrying method, device, equipment and medium | |
| CN111090616A (en) | File management method, corresponding device, equipment and storage medium | |
| CN116455572A (en) | Data encryption method, device and equipment | |
| WO2019184741A1 (en) | Application program information storing method and apparatus, and application program information processing method and apparatus | |
| CN116455555A (en) | Data encryption method and device and electronic equipment | |
| CN110880965A (en) | Outgoing electronic document encryption method, system, terminal and storage medium | |
| CN115603907A (en) | Method, device, equipment and storage medium for encrypting storage data |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200714 |
|
| RJ01 | Rejection of invention patent application after publication |