CN114329510A - Digital authorization method, device, terminal equipment and storage medium - Google Patents

Digital authorization method, device, terminal equipment and storage medium Download PDF

Info

Publication number
CN114329510A
CN114329510A CN202111358191.5A CN202111358191A CN114329510A CN 114329510 A CN114329510 A CN 114329510A CN 202111358191 A CN202111358191 A CN 202111358191A CN 114329510 A CN114329510 A CN 114329510A
Authority
CN
China
Prior art keywords
digital authorization
private key
data
authorization device
encrypted
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111358191.5A
Other languages
Chinese (zh)
Inventor
姜虎
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Longsys Electronics Co Ltd
Original Assignee
Shenzhen Longsys Electronics Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Longsys Electronics Co Ltd filed Critical Shenzhen Longsys Electronics Co Ltd
Priority to CN202111358191.5A priority Critical patent/CN114329510A/en
Publication of CN114329510A publication Critical patent/CN114329510A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Storage Device Security (AREA)

Abstract

The application relates to the technical field of data processing, and discloses a digital authorization method, a digital authorization device, terminal equipment and a storage medium. The method comprises the following steps: acquiring a user name and a security code; sending the user name and the security code to a connected first digital authorization device so that the first digital authorization device generates a corresponding key pair according to the user name and the security code, wherein the key pair comprises a public key and a private key; acquiring a public key sent by a first digital authorization device; the public key is used for encrypting data, and the private key is used for decrypting the encrypted data. Through the mode, the terminal equipment and the digital authorization device can be authorized and the data can be decrypted, and the safety and the confidentiality of data sharing are improved.

Description

Digital authorization method, device, terminal equipment and storage medium
Technical Field
The present application relates to the field of data processing technologies, and in particular, to a digital authorization method, an apparatus, a terminal device, and a storage medium.
Background
With the rapid development of network technology, daily life, work, and the like gradually become informationized. The informatization can make life more convenient, but also has certain potential safety hazard, for example, important information such as bank card passwords, business secrets and the like can cause irreparable loss once being leaked. Therefore, the security of information is increasingly emphasized.
Data encryption technology is the core technology of data security. Encryption is the process of converting plaintext data, namely readable data, into ciphertext; decryption is the process of recovering the "ciphertext" to "plaintext". Encryption and decryption are both realized through a cryptographic algorithm, and the more complex the algorithm is, the safer the ciphertext is.
At present, many data encryption algorithms and software have been proposed by scientists to encrypt data, but the use of a software encryption system to encrypt data is vulnerable to network hackers and software cracking attacks, which results in data leakage and poor confidentiality.
Disclosure of Invention
The technical problem mainly solved by the application is to provide a digital authorization method, the user name and the security code are obtained and sent to a connected first digital authorization device, so that the first digital authorization device generates a corresponding key pair according to the user name and the security code, the key pair comprises a public key and a private key, the public key can be analyzed out of a plaintext and used by a terminal device, the private key can be analyzed out of the plaintext only inside the device and is not disclosed to the outside, wherein the public key is used for encrypting data, and the private key is used for decrypting encrypted data.
In order to solve the technical problem, the application adopts a technical scheme that: the method is applied to terminal equipment and specifically comprises the steps of obtaining a user name and a security code; sending the user name and the security code to a connected first digital authorization device so that the first digital authorization device generates a corresponding key pair according to the user name and the security code, wherein the key pair comprises a public key and a private key; acquiring a public key sent by a first digital authorization device; the public key is used for encrypting data, and the private key is used for decrypting the encrypted data.
Further, acquiring data to be encrypted; and encrypting the data to be encrypted by using the public key and adopting a first encryption algorithm.
Further, the method further comprises the steps of obtaining encrypted data; sending the encrypted data to a first digital authorization device so that the first digital authorization device decrypts the encrypted data by using a private key; and acquiring the decrypted data sent by the first digital authorization device.
The method further comprises the steps of obtaining an encrypted private key sent by the first digital authorization device, wherein the encrypted private key is obtained by encrypting the private key by the first digital authorization device through a second encryption algorithm; and storing the encrypted private key.
The method further comprises the steps of sending the user name, the security code and the encrypted private key to a second digital authorization device, so that the second digital authorization device constructs a decryption key corresponding to the encrypted private key by using the security code, decrypts the encrypted private key by using the decryption key to obtain a private key plaintext, and stores the private key plaintext; and the private key plaintext is used for decrypting the data encrypted by the public key.
Wherein the first encryption algorithm and the second encryption algorithm are different.
The method also comprises the steps of sending the user name to a first digital authorization device so that the first digital authorization device can compare the acquired user name with a pre-stored user name; receiving a comparison result sent by a first digital authorization device; and responding to the two user names being the same, and sending a reset instruction to the first digital authorization device to reset the first digital authorization device.
The terminal equipment is connected with the first digital authorization device through a data interface, and the data interface comprises any one of a USB interface, a Type-C interface, an SPI interface and a UART interface.
In order to solve the above problem, another technical solution adopted by the present application is: the method is applied to a first digital authorization device and comprises the steps of obtaining a user name and a security code sent by connected terminal equipment; generating a corresponding key pair according to the user name and the security code, wherein the key pair comprises a public key and a private key; storing the private key and sending the public key to the terminal equipment; the public key is used for encrypting data, and the key is used for decrypting the encrypted data.
In order to solve the above problem, another technical solution adopted by the present application is: the method is applied to a second digital authorization device and comprises the steps of receiving a user name, a security code and an encryption private key which are sent by terminal equipment; constructing a decryption key corresponding to the encrypted private key by using the security code; decrypting the encrypted private key by using the decryption key to obtain a private key plaintext; storing a plaintext of the private key; the private key plaintext is used for decrypting data encrypted by the public key bound with the encrypted private key.
In order to solve the above problem, another technical solution adopted by the present application is: there is provided a terminal device comprising a processor and a memory coupled to the processor, the memory having a computer program stored therein, the processor being configured to execute the computer program to implement the method.
In order to solve the above problem, another technical solution adopted by the present application is: there is provided a digital authorization apparatus comprising a processor and a memory coupled to the processor, the memory having a computer program stored therein, the processor being configured to execute the computer program to implement the above method.
In order to solve the above problem, another technical solution adopted by the present application is: a computer-readable storage medium is provided, in which program data are stored which, when being executed by a processor, are adapted to carry out the above-mentioned method.
The beneficial effect of this application is: in contrast to the prior art, the present application provides a digital authorization method. The method comprises the steps of obtaining a user name and a security code; sending the user name and the security code to a connected first digital authorization device so that the first digital authorization device generates a corresponding key pair according to the user name and the security code, wherein the key pair comprises a public key and a private key; acquiring a public key sent by a first digital authorization device; the public key is used for encrypting data, and the private key is used for decrypting the encrypted data. Through the mode, the digital authorization device can be authorized, cloned and reset, and the encrypted file can be kept secret, so that the safety and the confidentiality in the data sharing process are improved.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts. Wherein:
fig. 1 is a schematic flow chart of a first embodiment of a digital authorization method provided in the present application;
FIG. 2 is a schematic flow chart diagram illustrating an embodiment of a data encryption method provided herein;
FIG. 3 is a schematic flow chart diagram illustrating an embodiment of a data decryption method provided herein;
FIG. 4 is a flowchart illustrating an embodiment of a method for obtaining an encrypted private key provided herein;
FIG. 5 is a flowchart illustrating an embodiment of a digital authorization apparatus resetting method provided in the present application;
FIG. 6 is a flow chart illustrating a second embodiment of a digital authorization method provided by the present application;
FIG. 7 is a flow chart of a third embodiment of a digital authorization method provided by the present application;
FIG. 8 is a schematic flow chart diagram illustrating another embodiment of a data decryption method provided herein;
FIG. 9 is a flow chart illustrating another embodiment of a digital authorization apparatus resetting method provided in the present application;
fig. 10 is a schematic structural diagram of an embodiment of a terminal device provided in the present application;
FIG. 11 is a schematic structural diagram of an embodiment of a digital authorization apparatus provided in the present application;
FIG. 12 is a schematic structural diagram of an embodiment of a computer-readable storage medium provided in the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application. It is to be understood that the specific embodiments described herein are merely illustrative of the application and are not limiting of the application. It should also be noted that, for ease of description, only some, but not all, of the methods and processes associated with the present application are illustrated in the accompanying drawings. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The terms "comprising" and "having," as well as any variations thereof, in this application are intended to cover non-exclusive inclusions. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those steps or elements listed, but may alternatively include other steps or elements not listed, or inherent to such process, method, article, or apparatus.
Reference herein to "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment can be included in at least one embodiment of the application. The appearances of the phrase in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. It is explicitly and implicitly understood by one skilled in the art that the embodiments described herein can be combined with other embodiments.
In daily life, some important data or files such as business secrets and military secrets need to be saved and transmitted in a mode with extremely high confidentiality. In many cases, data is only transmitted to a certain person to be viewed, and the viewing of other persons is not allowed. If the data is encrypted in a software encryption and decryption mode, the data is easily attacked by a network, and finally, the password is cracked to cause data leakage. But this can be avoided by encrypting and decrypting the data by a digital authorization device. When viewing encrypted data is desired, a device that can unwrap the encrypted data must be available for viewing. On the basis, the application provides a digital authorization method for authorizing the digital authorization device, which is applied to terminal equipment.
Referring to fig. 1, fig. 1 is a schematic flow chart of a first embodiment of a digital authorization method provided in the present application. The digital authorization method of the embodiment specifically includes steps 11 to 13:
step 11: and acquiring a user name and a security code.
The digital authorization method in the embodiment is applied to the terminal equipment, and the terminal equipment is connected with the digital authorization device and can establish communication. When the digital authorization device is connected to the terminal equipment for the first time, the terminal equipment needs to authorize the digital authorization device, so that the user name and the security code to which the terminal equipment belongs are input into the terminal equipment for registration. The terminal device completes the process of acquiring the user name and the security code. The security code is a string of numeric characters, which is set and remembered by the user.
The terminal equipment related to the application is intelligent equipment with a networking function and capable of uploading data to the server. Mobile phones, computers, etc. are common.
Step 12: and sending the user name and the security code to a first digital authorization device connected to enable the digital authorization device to generate a corresponding key pair according to the user name and the security code, wherein the key pair comprises a public key and a private key.
The terminal device establishes communication connection with the digital authorization device, and sends the user name and the security code to the digital authorization device, so that the digital authorization device generates a public key and a private key according to the sent user name and the security code.
The public key and the private key are a key pair (namely a public key and a private key) obtained by an algorithm, wherein the clear text content of the public key can be disclosed to the outside; the content of the private key plaintext can be analyzed and stored only by the device. The key pair derived by such an algorithm can be guaranteed to be unique worldwide. Using this key pair, if a piece of data is encrypted with one of the keys, it must be decrypted with the other key. That is, if the encryption is performed using the public key, the decryption must be performed using the private key corresponding to the public key.
Step 13: acquiring a public key sent by a first digital authorization device; the public key is used for encrypting data, and the private key is used for decrypting the encrypted data.
After the terminal device makes the digital authorization device generate the public key and the private key, the public key generated in the digital authorization device needs to be acquired so as to encrypt data in the following process, and the public key is stored in the terminal device.
Through the embodiment, the user name and the security code are obtained; sending the user name and the security code to a connected first digital authorization device so that the first digital authorization device generates a corresponding key pair according to the user name and the security code, wherein the key pair comprises a public key and a private key; acquiring a public key sent by a first digital authorization device; the public key is used for encrypting data, the private key is used for decrypting the encrypted data, the communication connection between the terminal equipment and the digital authorization device is established, and the digital authorization device is authorized through the terminal equipment. Based on the method, the application provides a data encryption method.
Specifically, referring to fig. 2, fig. 2 is a schematic flowchart of an embodiment of a data encryption method provided in the present application. The present embodiment specifically includes steps 21 to 22:
step 21: and acquiring data to be encrypted.
Firstly, data can be acquired through file sharing of other terminal equipment, or data downloaded from a cloud or stored in the terminal equipment is used;
step 22: and encrypting the data to be encrypted by using the public key and adopting a first encryption algorithm.
In the terminal equipment, a public key is used for encrypting data to be encrypted by adopting an asymmetric encryption algorithm, and a private key corresponding to the public key is used for decrypting the data during decryption.
After the data is encrypted, if the terminal equipment wants to check the encrypted data, the terminal equipment needs to be connected with a digital authorization device to decrypt the data. Wherein, the private key in the digital authorization device is matched with the public key for encrypting the data. Therefore, the present application proposes a data decryption method.
Referring to fig. 3, fig. 3 is a schematic flowchart of an embodiment of a data decryption method provided in the present application. This embodiment specifically includes steps 23 to 25;
step 23: encrypted data is obtained.
Step 24: and sending the encrypted data to the first digital authorization device so that the first digital authorization device decrypts the encrypted data by using the private key.
Step 25: and acquiring the decrypted data sent by the first digital authorization device.
In this embodiment, the terminal device first obtains encrypted data, and the encrypted data is encrypted by the public key. The terminal device itself cannot decrypt the encrypted data, and therefore the encrypted data needs to be sent to the first digital authorization device, so that the first digital authorization device decrypts the encrypted data by using the private key corresponding to the encrypted public key, and decrypts the encrypted data into a data plaintext. The first digital authorization device sends the data plaintext to the terminal equipment, and the terminal equipment can check the data.
In many cases, after the original terminal device encrypts the data, the encrypted data is sent to other terminal devices, and if the other terminal devices want to check the encrypted data, the digital authorization device with the private key corresponding to the public key needs to be connected to successfully decrypt the encrypted data. In the first case, a first digital authorization device bound by an original user name and a security code can be connected to other terminal equipment to decrypt encrypted data; in the second case, the second digital authorization apparatus may be cloned by using the user name and security code bound to the original first digital authorization apparatus and the encryption private key, and the second digital authorization apparatus has the same key pair as the first digital authorization apparatus and the same function. Therefore, before cloning, the encrypted private key of the first digital authorization apparatus needs to be obtained.
Referring to fig. 4, fig. 4 is a schematic flowchart illustrating an embodiment of a method for obtaining an encrypted private key according to the present application. The present embodiment specifically includes steps 14 to 15:
step 14: and acquiring an encrypted private key sent by the first digital authorization device, wherein the encrypted private key is obtained by encrypting the private key by the first digital authorization device by adopting a second encryption algorithm.
The private key is private, so that only the first digital authorization device has a unique private key in plain text. When the terminal equipment communicates with the first digital authorization device, the terminal equipment acquires an encrypted private key obtained by encrypting the private key by the first digital authorization device through a symmetric encryption algorithm, the terminal equipment cannot crack the encrypted private key, and the encrypted private key is used for cloning the second digital authorization device.
Step 15: and storing the encrypted private key.
And storing the encrypted private key in the terminal equipment.
And then, cloning the second digital authorization device by utilizing the user name, the security code and the encryption private key corresponding to the first digital authorization device. With specific reference to step 81:
step 81: sending the user name, the security code and the encrypted private key to a second digital authorization device, so that the second digital authorization device constructs a decryption key corresponding to the encrypted private key by using the security code, decrypts the encrypted private key by using the decryption key to obtain a private key plaintext, and stores the private key plaintext; and the private key plaintext is used for decrypting the data encrypted by the public key.
The user name, the security code and the encryption private key are the user name, the security code and the encryption private key corresponding to the first digital authorization device. The encrypted private key can be only decoded by the digital authorization device, so that the second digital authorization device decrypts the encrypted private key to obtain a private key plaintext which is the same as the private key plaintext in the first digital authorization device, and the cloning process of the digital authorization device is completed.
Generally, a user name can bind a plurality of digital authorization devices, and the corresponding security code of each digital authorization device may be different. Only if the correct security code is used, the digital authorization device can be started, and if the security code is forgotten, the corresponding digital authorization device cannot be used. At this time, if the digital authorization apparatus in which the security code has been forgotten needs to be reused, the digital authorization apparatus needs to be reset, and all the information stored therein needs to be erased to be restored to an unused state. According to the above application, the present application provides a digital authorization apparatus reset method.
Specifically, referring to fig. 5, fig. 5 is a schematic flowchart illustrating an embodiment of a digital authorization device resetting method provided in the present application. The present embodiment specifically includes steps 31 to 33:
step 31: and sending the user name to the first digital authorization device so that the first digital authorization device compares the acquired user name with a pre-stored user name.
Firstly, according to the comparison between the user name and the user name stored in the first digital authorization device, whether the terminal equipment has the right to operate the first digital authorization device is judged.
Step 32: and receiving the comparison result sent by the first digital authorization device.
The comparison result indicates that the two user names are the same or different. If the operation instruction is the same, the instruction capable of continuing the operation is received, and if the operation instruction is different, the instruction incapable of continuing the operation is received.
Step 33: and responding to the two user names being the same, and sending a reset instruction to the first digital authorization device to reset the first digital authorization device.
When the two user names are the same, the terminal equipment receives an instruction capable of continuing operation, sends a reset instruction to the first digital authorization device, and restores the first digital authorization device to an unused state.
On the basis, the application provides a digital authorization method which is applied to a first digital authorization device. Referring to fig. 6, fig. 6 is a schematic flow chart of a digital authorization method according to a second embodiment of the present application. The present embodiment specifically includes steps 41 to 43:
step 41: and acquiring the user name and the security code sent by the connected terminal equipment.
Step 42: and generating a corresponding key pair according to the user name and the security code, wherein the key pair comprises a public key and a private key.
Step 43: storing the private key, and sending the public key and the encrypted private key to the terminal equipment; the public key is used for encrypting data, and the private key is used for decrypting data.
Firstly, the terminal device is connected with the first digital authorization apparatus through an interface, wherein the Type of the data interface can be any one of a USB interface, a Type-C interface, an SPI interface, and a UART interface. When the interface type is a USB interface, the digital authorization apparatus may be designed as a hid or ccid type device.
After the first digital authorization device is connected to the terminal equipment through the data interface, the communication connection with the terminal equipment can be established. Firstly, the user name and the security code sent by the terminal equipment are obtained, and then the key pair which is specially owned by the first digital authorization device is generated by using the user name and the security code. Wherein the public key and the private key are both stored in the first digital authorization apparatus. And sending the public key and the encrypted private key to the terminal equipment so that the terminal equipment can encrypt the data by using the public key. The terminal equipment cannot decrypt the encrypted private key and can only be stored in the terminal equipment so as to be used when other digital authorization devices are cloned.
Meanwhile, a digital authorization method is provided for the second digital authorization device. Referring to fig. 7 in particular, fig. 7 is a schematic flow chart of a third embodiment of a digital authorization method provided in the present application. The present embodiment specifically includes steps 51 to 54:
step 51: and receiving the user name, the security code and the encryption private key sent by the terminal equipment.
The user name, the security code and the encryption private key are bound to the first digital authorization device.
Step 52: and constructing a decryption key corresponding to the encryption private key by using the security code.
The first digital authorization device encrypts the private key by using a symmetric algorithm through the security code, and decrypts the private key by using the same symmetric algorithm through the security code in the second digital authorization device to obtain a clear text of the private key.
Step 53: and decrypting the encrypted private key by using the decryption key to obtain a private key plaintext.
Step 54: storing a plaintext of the private key; the private key plaintext is used for decrypting data encrypted by the public key bound with the encrypted private key.
The plain text of the private key in the second digital authorization device and the private key in the first digital authorization device are generated by the same security code, so the function and the function are the same. The above process is to complete the cloning process of the second digital authorization device, and the second digital authorization device can decrypt the data after the public key generated by the first digital authorization device is encrypted.
According to the method, the decryption operation of the data can be finished in the first digital authorization device and the second digital authorization device. Referring to fig. 8, fig. 8 is a schematic flowchart of another embodiment of a data decryption method provided in the present application. The present embodiment specifically includes steps 61 to 63:
step 61: acquiring encrypted data sent by terminal equipment; the terminal equipment encrypts the encrypted data by using a public key through a first encryption algorithm.
Step 62: the encrypted data is decrypted into data plaintext using the private key.
And step 63: and sending the data plaintext to the terminal equipment.
Similarly, the reset operation of the digital authorization device can be realized for the first digital authorization device and the second digital authorization device. Taking the first digital authorization apparatus as an example, referring to fig. 9 in particular, fig. 9 is a schematic flowchart of another embodiment of a digital authorization apparatus resetting method provided by the present application.
The present embodiment specifically includes steps 71 to 74:
step 71: and acquiring the user name sent by the terminal equipment.
Step 72: and comparing the acquired user name with a pre-stored user name.
Step 73: and responding to the condition that the two user names are the same, and sending a comparison result to the terminal equipment.
Step 74: and resetting the first digital authorization device in response to a reset instruction sent by the terminal equipment.
Firstly, a first digital authorization device acquires a user name sent by terminal equipment, compares the user name with the user name bound by the first digital authorization device, and sends a command capable of continuing operation to the terminal equipment if the two user names are the same; and if the operation modes are different, sending an operation incapability instruction to the terminal equipment. And when the two user names are the same and a reset instruction sent by the terminal equipment is received, resetting the first digital authorization device and restoring the first digital authorization device to an unused state.
According to the above embodiments, the present application provides a terminal device. Specifically, referring to fig. 10, fig. 10 is a schematic structural diagram of an embodiment of a terminal device provided in the present application.
The terminal device 100 includes a processor 110 and a memory 120 therein. Wherein the processor 110 and the memory 120 are coupled. The memory 120 stores therein a computer program for executing the above-described digital authorization method.
Referring to fig. 11 in particular, fig. 11 is a schematic structural diagram of an embodiment of a digital authorization apparatus provided in the present application.
Digital authorization apparatus 200 includes a processor 210 and a memory 220. The processor 210 is coupled to the memory 220. The memory 220 stores therein a computer program for executing the above-described digital authorization method.
Referring to fig. 12 in particular, fig. 12 is a schematic structural diagram of an embodiment of a computer-readable storage medium provided in the present application.
Program data 310 is included in computer-readable storage medium 300. Program data 310, when executed by a processor, may implement the digital authorization methods described above.
Different from the prior art, the digital authorization method includes the steps of obtaining a user name and a security code, and sending the user name and the security code to a connected first digital authorization device, so that the digital authorization device generates a corresponding key pair according to the user name and the security code, wherein the key pair includes a public key and a private key. By adopting the mode, the data can be successfully decrypted only by using the private key matched with the public key, and meanwhile, the private key is in the digital authorization device, and the digital authorization device has uniqueness and irreplaceability, so that the number of the devices is limited although the devices can be cloned, and the safety and confidentiality in the data sharing process are greatly improved. In conclusion, the method and the device have the advantages of improving the safety and the confidentiality in the data sharing process.
The above description is only an example of the present application and is not intended to limit the scope of the present application, and all modifications of equivalent structures and equivalent processes, which are made by the contents of the specification and the drawings, or which are directly or indirectly applied to other related technical fields, are intended to be included within the scope of the present application.

Claims (13)

1. A digital authorization method is characterized in that the method is applied to a terminal device, and the method comprises the following steps:
acquiring a user name and a security code;
sending the user name and the security code to a connected first digital authorization device so that the first digital authorization device generates a corresponding key pair according to the user name and the security code, wherein the key pair comprises a public key and a private key;
acquiring the public key sent by the first digital authorization device; the public key is used for encrypting data, and the private key is used for decrypting the encrypted data.
2. The method of claim 1, further comprising:
acquiring data to be encrypted;
and encrypting the data to be encrypted by using the public key and adopting a first encryption algorithm.
3. The method of claim 2, further comprising:
acquiring encrypted data;
sending the encrypted data to the first digital authorization device so that the first digital authorization device decrypts the encrypted data by using the private key;
and acquiring the decrypted data sent by the first digital authorization device.
4. The method of claim 1, further comprising:
acquiring an encrypted private key sent by the first digital authorization device, wherein the encrypted private key is obtained by encrypting the private key by the first digital authorization device by adopting a second encryption algorithm;
and storing the encryption private key.
5. The method of claim 4, further comprising:
sending the user name, the security code and the encrypted private key to a second digital authorization device, so that the second digital authorization device constructs a decryption key corresponding to the encrypted private key by using the security code, decrypts the encrypted private key by using the decryption key to obtain a private key plaintext, and stores the private key plaintext;
and the plaintext of the private key is used for decrypting the data encrypted by the public key.
6. The method according to claims 2 and 4, characterized in that the method further comprises:
the first encryption algorithm and the second encryption algorithm are different.
7. The method of claim 1, further comprising:
sending a user name to the first digital authorization device so that the first digital authorization device compares the acquired user name with the user name stored in advance;
receiving a comparison result sent by the first digital authorization device;
and responding to the two user names being the same, sending a reset instruction to the first digital authorization device to reset the first digital authorization device.
8. The method of claim 1,
the terminal equipment is connected with the first digital authorization device through a data interface, and the data interface comprises any one of a USB interface, a Type-C interface, an SPI interface and a UART interface.
9. A digital authorization method, wherein the method is applied to a first digital authorization apparatus, and wherein the method comprises:
acquiring a user name and a security code sent by connected terminal equipment;
generating a corresponding key pair according to the user name and the security code, wherein the key pair comprises a public key and a private key;
storing the private key, and sending the public key and the encrypted private key to the terminal equipment; the public key is used for encrypting data, and the private key is used for decrypting the encrypted data.
10. A digital authorization method, wherein the method is applied to a second digital authorization apparatus, and wherein the method comprises:
receiving a user name, a security code and an encrypted private key which are sent by terminal equipment;
constructing a decryption key corresponding to the encryption private key by using the security code;
decrypting the encrypted private key by using the decryption key to obtain a private key plaintext;
storing the plaintext of the private key; and the clear text of the private key is used for decrypting the data encrypted by the public key bound with the encrypted private key.
11. A terminal device, characterized in that the terminal device comprises a processor and a memory coupled to the processor, in which memory a computer program is stored, the processor being configured to execute the computer program to implement the method according to any of claims 1-10.
12. A digital authorization device, characterized in that the digital authorization device comprises a processor and a memory coupled to the processor, in which memory a computer program is stored, the processor being adapted to execute the computer program for implementing the method according to any of the claims 1-10.
13. A computer-readable storage medium, in which program data are stored which, when being executed by a processor, are adapted to carry out the method of any one of claims 1-10.
CN202111358191.5A 2021-11-16 2021-11-16 Digital authorization method, device, terminal equipment and storage medium Pending CN114329510A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111358191.5A CN114329510A (en) 2021-11-16 2021-11-16 Digital authorization method, device, terminal equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111358191.5A CN114329510A (en) 2021-11-16 2021-11-16 Digital authorization method, device, terminal equipment and storage medium

Publications (1)

Publication Number Publication Date
CN114329510A true CN114329510A (en) 2022-04-12

Family

ID=81045850

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111358191.5A Pending CN114329510A (en) 2021-11-16 2021-11-16 Digital authorization method, device, terminal equipment and storage medium

Country Status (1)

Country Link
CN (1) CN114329510A (en)

Similar Documents

Publication Publication Date Title
EP3451575B1 (en) Methods, systems and computer program product for providing encryption on a plurality of devices
US20180082050A1 (en) Method and a system for secure login to a computer, computer network, and computer website using biometrics and a mobile computing wireless electronic communication device
CN108566381A (en) A kind of security upgrading method, device, server, equipment and medium
KR101381789B1 (en) Method for web service user authentication
US20180091487A1 (en) Electronic device, server and communication system for securely transmitting information
CN108199847B (en) Digital security processing method, computer device, and storage medium
CN114788226A (en) Unmanaged tool for building decentralized computer applications
US7913096B2 (en) Method and system for the cipher key controlled exploitation of data resources, related network and computer program products
CN108900296B (en) Secret key storage method based on biological feature identification
CN110868291B (en) Data encryption transmission method, device, system and storage medium
CN103701596A (en) Document access method, system and equipment and document access request response method, system and equipment
US11677546B2 (en) Methods and systems of securely transferring data
CN112307488A (en) Authentication credential protection method and system
KR100954841B1 (en) Method and Apparatus of managing unity data on mobile device and Recording medium using this
CN115150180A (en) Storage device management method, storage device, management device, and storage medium
CN110519222B (en) External network access identity authentication method and system based on disposable asymmetric key pair and key fob
KR101479290B1 (en) Agent for providing security cloud service, security token device for security cloud service
CN112003697A (en) Encryption and decryption method and device for cryptographic module, electronic equipment and computer storage medium
JP2022117456A (en) Message transmission system with hardware security module
CN112199730A (en) Method and device for processing application data on terminal and electronic equipment
CN105072136A (en) Method and system for security authentication between devices based on virtual drive
CN110968878A (en) Information transmission method, system, electronic device and readable medium
CN114079568B (en) Information transmission encryption protection method and implementation system thereof
CN114329510A (en) Digital authorization method, device, terminal equipment and storage medium
CN112637140A (en) Password transmission method, terminal, server and readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination