CN116975925A - Safe preservation method, device, equipment and medium for important data - Google Patents
Safe preservation method, device, equipment and medium for important data Download PDFInfo
- Publication number
- CN116975925A CN116975925A CN202311017822.6A CN202311017822A CN116975925A CN 116975925 A CN116975925 A CN 116975925A CN 202311017822 A CN202311017822 A CN 202311017822A CN 116975925 A CN116975925 A CN 116975925A
- Authority
- CN
- China
- Prior art keywords
- user
- value
- fingerprint
- storage area
- important data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 38
- 238000004321 preservation Methods 0.000 title claims description 4
- 238000004422 calculation algorithm Methods 0.000 claims abstract description 56
- 238000012545 processing Methods 0.000 claims abstract description 7
- 238000004590 computer program Methods 0.000 claims description 4
- 238000004891 communication Methods 0.000 description 6
- 238000010586 diagram Methods 0.000 description 6
- 230000006870 function Effects 0.000 description 5
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 230000003993 interaction Effects 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 238000006467 substitution reaction Methods 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000003384 imaging method Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6227—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/22—Indexing; Data structures therefor; Storage structures
Abstract
The application relates to the technical field of data processing, in particular to a safe storage method, a device, equipment and a medium for important data, which are used for generating random numbers and filling the generated random numbers into a section of a fixed-length safe storage area opened in a memory; acquiring key information of a user or equipment, and generating a fingerprint of the user or equipment based on the key information; generating a digest value of the user or equipment fingerprint by adopting a digest algorithm, and serializing the digest value of the user or equipment fingerprint to generate an index sequence; and taking the generated index sequence as the address offset of the secure storage area to store the important data to be stored into the secure storage area in a byte-dispersed manner. Therefore, the aims of effectively protecting important data and improving safety are achieved under the condition of not improving the investment cost of users.
Description
Technical Field
The present application relates to the field of data processing technologies, and in particular, to a method, an apparatus, a device, and a medium for securely storing important data.
Background
With the development of informatization and electronics, user information stored on electronic devices is more and more diversified. Security events caused by information leakage are more and more, so that the protection of sensitive information is more and more important. Without dedicated security hardware, vendors typically store sensitive data such as user keys in a continuous storage medium, which is easily broken and stolen by hackers.
Disclosure of Invention
In order to overcome the defects in the prior art, the application provides a safe storage method, a device, equipment and a medium for important data, which can randomly and dispersedly store the important data into a configured storage area and improve the safety.
In a first aspect, the present application provides a method for securely storing important data, the method comprising the steps of:
generating a random number, and filling the generated random number into a section of fixed-length safe storage area opened up in a memory;
acquiring key information of a user or equipment, and generating a fingerprint of the user or equipment based on the key information;
generating a digest value of the user or equipment fingerprint by adopting a digest algorithm, and serializing the digest value of the user or equipment fingerprint to generate an index sequence;
and taking the generated index sequence as the address offset of the secure storage area to store the important data to be stored into the secure storage area in a byte-dispersed manner.
In one possible implementation, wherein a random number is cyclically generated and each byte in the secure memory area is padded with a different random number.
In one possible implementation, the key information includes a CPU ID, a memory serial number, a MAC address, and an operating system time zone; and generating an MD5 value as a user or device fingerprint using the combined string of the CPU ID, the memory serial number, the MAC address, and the operating system time zone.
In one possible implementation, the generating a digest value of the user or device fingerprint using a digest algorithm and serializing the digest value of the user or device fingerprint to generate an index sequence includes the steps of:
generating a 32-byte digest value of the user or device fingerprint by adopting an SHA-256 digest algorithm;
serializing the abstract value of the user or equipment fingerprint by adopting a serialization algorithm, and performing de-duplication processing to generate an index sequence containing 32 index values;
and if the newly generated index value is contained in the generated index value, adding one to the newly generated sequence value until no repeated value exists.
In a possible implementation manner, the serializing the digest value of the fingerprint of the user or the device by using the serialization algorithm includes the following steps:
setting an algorithm factor;
picking a 5-bit numerical value of any byte in the abstract value of the user or equipment fingerprint, wherein the 5-bit numerical value adopts bit 2-bit 6;
multiplying the 5-bit value by the algorithm factor, and adding any value smaller than the algorithm factor to obtain an index value smaller than the maximum byte value of the secure storage area space.
In one possible embodiment, the value of the algorithm factor is set to 32 when the space of the secure storage area opened up in the memory is 1 kbyte.
In one possible implementation manner, after the important data to be stored is stored in the secure storage area in a dispersed manner, the method further includes the following steps:
acquiring key information of a user or equipment, and generating a fingerprint of the user or equipment based on the key information;
generating a digest value of the user or equipment fingerprint by adopting a digest algorithm, and serializing the digest value of the user or equipment fingerprint to generate an index sequence;
reading the serialized byte data from the secure storage area by taking the generated index sequence as the address offset of the secure storage area;
and combining the read serialized byte data to obtain the important data stored in the safe storage area.
In a second aspect, the present application provides a secure storage device for important data, the device comprising:
the filling module is used for generating random numbers and filling the generated random numbers into a section of fixed-length safe storage area opened up in the memory;
the acquisition module is used for acquiring key information of a user or equipment and generating a fingerprint of the user or equipment based on the key information;
the generation module is used for generating the digest value of the user or equipment fingerprint by adopting a digest algorithm and serializing the digest value of the user or equipment fingerprint to generate an index sequence;
and the storage module is used for taking the generated index sequence as the address offset of the secure storage area so as to store the important data to be stored into the secure storage area in a byte-dispersed manner.
In a third aspect, the present application provides an electronic device comprising: a processor, a memory and a bus, said memory storing machine readable instructions executable by said processor, said processor and said memory communicating over the bus when the electronic device is running, said machine readable instructions when executed by said processor performing the steps of the method for secure preservation of important data as described in any one of the first aspects.
In a fourth aspect, the present application provides a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, performs the steps of the method for securely storing important data according to any of the first aspects.
The method, the device, the equipment and the medium for safely storing the important data provided by the embodiment generate the random number, and fill the generated random number into a section of a fixed-length safe storage area opened in the memory; acquiring key information of a user or equipment, and generating a fingerprint of the user or equipment based on the key information; generating a digest value of the user or equipment fingerprint by adopting a digest algorithm, and serializing the digest value of the user or equipment fingerprint to generate an index sequence; and taking the generated index sequence as the address offset of the secure storage area to store the important data to be stored into the secure storage area in a byte-dispersed manner. Therefore, the aims of effectively protecting important data and improving safety are achieved under the condition of not improving the investment cost of users.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the embodiments will be briefly described below, it being understood that the following drawings only illustrate some embodiments of the present application and therefore should not be considered as limiting the scope, and other related drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flow chart of a method for securely storing important data according to an embodiment of the present application;
FIG. 2 is a flow chart illustrating the generation of an index sequence according to one embodiment of the present application;
FIG. 3 is a flow chart illustrating serializing digest values of a fingerprint of a user or device using a serialization algorithm according to an embodiment of the present application;
FIG. 4 is a schematic diagram showing the decentralized storage of important data into a secure storage area according to one embodiment of the present application;
FIG. 5 is a flow chart illustrating reading important data from a secure storage area in accordance with an embodiment of the present application;
FIG. 6 is a schematic diagram of a device for securely storing important data according to an embodiment of the present application;
fig. 7 is a block diagram of an electronic device according to an embodiment of the application.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present application more apparent, the technical solutions of the embodiments of the present application will be clearly and completely described with reference to the accompanying drawings in the embodiments of the present application, and it should be understood that the drawings in the present application are for the purpose of illustration and description only and are not intended to limit the scope of the present application. In addition, it should be understood that the schematic drawings are not drawn to scale. A flowchart, as used in this disclosure, illustrates operations implemented according to some embodiments of the present application. It should be understood that the operations of the flow diagrams may be implemented out of order and that steps without logical context may be performed in reverse order or concurrently. Moreover, one or more other operations may be added to or removed from the flow diagrams by those skilled in the art under the direction of the present disclosure.
In addition, the described embodiments are only some, but not all, embodiments of the application. The components of the embodiments of the present application generally described and illustrated in the figures herein may be arranged and designed in a wide variety of different configurations. Thus, the following detailed description of the embodiments of the application, as presented in the figures, is not intended to limit the scope of the application, as claimed, but is merely representative of selected embodiments of the application. All other embodiments, which can be made by a person skilled in the art without making any inventive effort, are intended to be within the scope of the present application.
It should be noted that the term "comprising" will be used in embodiments of the application to indicate the presence of the features stated hereafter, but not to exclude the addition of other features.
At present, under the condition of no special safety hardware, sensitive or important data such as a user key and the like are generally continuously stored in a memory, and the mode has low safety level and is easy to be stolen maliciously. Based on the above, the application provides a safe storage method, a device, equipment and a medium for important data, which can randomly and dispersedly store the important data into a configured storage area to promote the safety of the data.
In an embodiment, referring to fig. 1 of the specification, the method for securely storing important data provided by the application includes the following steps:
s1, generating a random number, and filling the generated random number into a section of fixed-length safe storage area opened up in a memory;
s2, acquiring key information of a user or equipment, and generating a fingerprint of the user or equipment based on the key information;
s3, generating a digest value of the user or equipment fingerprint by adopting a digest algorithm, and serializing the digest value of the user or equipment fingerprint to generate an index sequence;
s4, taking the generated index sequence as the address offset of the secure storage area so as to store the important data to be stored into the secure storage area in a byte-dispersed manner.
In the embodiment of the application, the method for safely storing the important data can be operated on terminal equipment or a server; the terminal device may be local application software, and when the method for securely storing important data is run on the server, the method for securely storing important data may be implemented and executed based on a cloud interaction system, where the cloud interaction system at least includes the server and the client device (i.e., application software). Specifically, taking the application to the server as an example, when the method for safely storing the important data runs on the server, the important data can be randomly and dispersedly stored in a configured storage area, so as to abstract the security of the data.
Specifically, when executing step S1, a section of space can be opened in the memory according to the user' S needs and the size of the memory resource, as a secure storage area for important data, and each byte of the opened secure storage area is filled with a different random number.
For example, in the embodiment of the present application, a space of 1 kbyte is opened up in the memory as a secure storage area for storing important data according to the user's needs and the size of the memory resource. After the secure storage area is opened, it is also necessary to cyclically generate random numbers by using a random number generation function, and fill each byte of the 1K-byte secure storage area with the generated different random numbers.
In other embodiments, the size of the space of the secure storage area and the manner in which the secure storage area is filled with random numbers may be set according to the particular application, and the application is not limited and fixed.
In performing step S2, the key information of the user or device may include one or more of a CPU ID, a memory serial number, a MAC address, and an operating system time zone. And generating an MD5 value, which is identity information of the user or the device as a fingerprint of the user or the device, by using the combined character string of the CPUID, the memory serial number, the MAC address and the operating system time zone.
MD5 (Message Digest Algorithm, fifth edition of message digest algorithm) is a hash function widely used in the field of computer security, and is used to provide integrity protection for messages, so as to ensure complete and consistent information transmission. The algorithm has the characteristics of compressibility, easy calculation, modification resistance and strong collision resistance, and the algorithm principle is a technical means well known to those skilled in the art and is not described herein.
In performing step S3, referring to fig. 2 of the specification, in one embodiment, the generating a digest value of the user or device fingerprint using a digest algorithm, and serializing the digest value of the user or device fingerprint, generating an index sequence includes the following steps:
s301, generating a 32-byte digest value of the user or equipment fingerprint by adopting an SHA-256 digest algorithm;
s302, serializing the abstract value of the user or equipment fingerprint by adopting a serialization algorithm, and performing de-duplication processing to generate an index sequence containing 32 index values;
and if the newly generated index value is contained in the generated index value, adding one to the newly generated sequence value until no repeated value exists.
Specifically, in step S301-step S302, the SHA-256 digest algorithm is a cryptographic hash function, and for any message length, the SHA-256 digest algorithm generates a hash value with a length of 256 bits, i.e. 32 bytes, and has high security because the only way to obtain the same hash value is to input the same file or string, and even a small adjustment can completely change the output. In the embodiment of the application, the SHA-256 digest algorithm is utilized to generate the digest value of 32 bytes of user or equipment fingerprint;
and, after generating the digest value of the user or device fingerprint by using the SHA-256 digest algorithm, it is also necessary to serialize the digest value of the user or device fingerprint by using a serialization algorithm, thereby generating an index sequence containing 32 index values. When the digest value of the user or device fingerprint is serialized, a deduplication process is also required to avoid the collision of the serialized index value.
In one embodiment, the deduplication process is performed by: if the newly generated index value is already contained in the generated index value, adding one to the newly generated sequence value, and if the maximum value is reached, searching from the beginning until no repeated value exists.
Further, referring to fig. 3 of the specification, the serializing the digest value of the fingerprint of the user or the device by using the serialization algorithm includes the following steps:
s3021, setting an algorithm factor;
s3022, picking up a 5-bit numerical value of any byte in the digest value of the user or equipment fingerprint, wherein the 5-bit numerical value adopts bit 2-bit 6;
s3023, multiplying the 5-bit numerical value by the algorithm factor, and adding any numerical value smaller than the algorithm factor to obtain an index value smaller than the maximum byte value of the secure storage area space.
In the embodiment of the application, the set algorithm factor is 32, and the corresponding index value is obtained by multiplying the value of 5 bits of a certain byte in the digest value of the user or equipment fingerprint by 32 and adding any value smaller than 32, and the generated index value is always smaller than 1024, so that the requirement of a 1K-byte safe storage area is met.
In other embodiments, if important data needs to be stored in a decentralized manner to a larger space, it may be preferable to keep the 5-bit value unchanged and adjust the algorithm factor to meet the storage requirement.
After the index sequence is obtained, the index sequence is used as the address offset of the safe storage area, and then the important data to be stored are stored in the safe storage area opened by the memory in a scattered mode according to bytes. Because the index sequence is generated based on the identity information of the user or the equipment, on one hand, the binding between the important data to be stored and the identity information of the user or the equipment is realized, and on the other hand, the scattered storage and the relative randomness of the important data to be stored are realized, so that the aim of effectively protecting the important data is fulfilled, and the safety of the data is improved.
The schematic diagram of storing the important data to be stored in the secure storage area in a scattered manner according to bytes can be seen in fig. 4 of the specification.
In addition, referring to fig. 5 of the specification, after important data is stored in the secure storage area opened up by the storage area, it is further required to read the important data by the following steps:
p1, acquiring key information of a user or equipment, and generating a fingerprint of the user or equipment based on the key information;
p2, generating a digest value of the user or equipment fingerprint by adopting a digest algorithm, and serializing the digest value of the user or equipment fingerprint to generate an index sequence;
p3, taking the generated index sequence as the address offset of the secure storage area, and reading the serialized byte data from the secure storage area;
and P4, combining the read serialized byte data to obtain important data stored in the safe storage area.
Specifically, the step P1 is the same as the step S2, the step P2 is the same as the step S3, and the specific embodiments refer to the embodiments of the step S2 and the step S3, which are not described herein. The embodiment of the address offset of the generated index sequence as the secure storage area in step P3 is the same as that of step S4, but in step S4, important data is stored in the secure storage area in a byte-wise manner, and in step P3, the serialized byte data is read from the secure storage area, and in order to further execute step P4, the read serialized byte data is combined, and thus the important data stored in the secure storage area is obtained. That is, by the reverse operation, important data that is scattered and relatively randomly stored to the secure storage area is restored.
Therefore, the method for safely storing the important data provided by the application has the advantages that the important data is bound with the user identity, then the important data is split and stored in the safe storage area configured by the user in a scattered way, the storage position of each split important data is relatively random, and when the important data is needed to be used, the important data is read through reverse operation, so that the purposes of effectively protecting the important data and improving the safety are achieved.
Based on the same inventive concept, the embodiment of the present application further provides a device for securely storing important data, and since the principle of solving the problem by the device in the embodiment of the present application is similar to that of the method for securely storing important data in the embodiment of the present application, the implementation of the device may refer to the implementation of the method, and the repetition is omitted.
As shown in fig. 6 of the specification, the device for securely storing important data provided in the embodiment of the present application includes:
the filling module 601 is configured to generate a random number, and fill the generated random number into a section of a fixed-length secure storage area opened up in the memory;
an acquisition module 602, configured to acquire key information of a user or a device, and generate a fingerprint of the user or the device based on the key information;
a generating module 603, configured to generate a digest value of the user or device fingerprint by using a digest algorithm, and serialize the digest value of the user or device fingerprint to generate an index sequence;
and the storage module 604 is configured to use the generated index sequence as an address offset of the secure storage area, so as to store the important data to be stored in the secure storage area in a scattered manner according to bytes.
In one embodiment, the population module 601 loops generating random numbers and populating each byte in the secure memory area with a different random number.
In one embodiment, the key information of the user or the device acquired by the acquiring module 602 includes a CPU ID, a memory serial number, a MAC address, and an operating system time zone; and generating an MD5 value as a user or device fingerprint using the combined string of the CPU ID, the memory serial number, the MAC address, and the operating system time zone.
In one embodiment, the generating module 603 generates a digest value of the user or device fingerprint using a digest algorithm, and serializes the digest value of the user or device fingerprint, generating an index sequence, including:
generating a 32-byte digest value of the user or device fingerprint by adopting an SHA-256 digest algorithm;
serializing the abstract value of the user or equipment fingerprint by adopting a serialization algorithm, and performing de-duplication processing to generate an index sequence containing 32 index values;
and if the newly generated index value is contained in the generated index value, adding one to the newly generated sequence value until no repeated value exists.
In one embodiment, the generating module 603 uses a serialization algorithm to serialize the digest value of the user or device fingerprint, including:
setting an algorithm factor;
picking a 5-bit numerical value of any byte in the abstract value of the user or equipment fingerprint, wherein the 5-bit numerical value adopts bit 2-bit 6;
multiplying the 5-bit value by the algorithm factor, and adding any value smaller than the algorithm factor to obtain an index value smaller than the maximum byte value of the secure storage area space.
In one embodiment, when the space of the secure storage area opened up in the memory is 1 kbyte, the value of the algorithm factor set by the generating module 603 is 32.
In an embodiment, the device further comprises:
the reading module is used for acquiring key information of a user or equipment and generating a fingerprint of the user or the equipment based on the key information; generating a digest value of the user or equipment fingerprint by adopting a digest algorithm, and serializing the digest value of the user or equipment fingerprint to generate an index sequence; reading the serialized byte data from the secure storage area by taking the generated index sequence as the address offset of the secure storage area; and combining the read serialized byte data to obtain the important data stored in the safe storage area.
The application provides a safe storage device for important data, which generates random numbers through a filling module and fills the generated random numbers into a section of a safe storage area with fixed length opened in a memory; acquiring key information of a user or equipment through an acquisition module, and generating a fingerprint of the user or equipment based on the key information; generating a digest value of the user or equipment fingerprint by a generating module through a digest algorithm, and serializing the digest value of the user or equipment fingerprint to generate an index sequence; and taking the generated index sequence as the address offset of the secure storage area through a storage module so as to store the important data to be stored into the secure storage area in a scattered manner according to bytes. Therefore, the aims of effectively protecting important data and improving safety are achieved under the condition of not improving the investment cost of users.
Based on the same concept of the present application, fig. 7 of the present application shows a structure of an electronic device 700 according to an embodiment of the present application, where the electronic device 700 includes: at least one processor 701, at least one network interface 704 or other user interface 703, memory 705, at least one communication bus 702. The communication bus 702 is used to enable connected communications between these components. The electronic device 700 optionally includes a user interface 703 including a display (e.g., touch screen, LCD, CRT, holographic imaging (Holographic) or projection (Projector), etc.), keyboard or pointing device (e.g., mouse, trackball, touch pad or touch screen, etc.).
Memory 705 may include read-only memory and random access memory and provide instructions and data to the processor 701. A portion of the memory 705 may also include non-volatile random access memory (NVRAM).
In some implementations, the memory 705 stores the following elements, executable modules or data structures, or a subset thereof, or an extended set thereof:
the operating system 7051, which contains various system programs for implementing various basic services and handling hardware-based tasks;
the application program module 7052 contains various application programs such as a desktop (desktop), a Media Player (Media Player), a Browser (Browser), and the like for implementing various application services.
In the embodiment of the present application, the processor 701 is configured to execute steps in a method for securely storing important data, for example, by calling a program or an instruction stored in the memory 705, so that the important data can be randomly stored in a configured storage area in a scattered manner, thereby improving security.
The present application also provides a computer readable storage medium having stored thereon a computer program which when executed by a processor performs steps in a method for secure storage of important data, for example.
Specifically, the storage medium can be a general-purpose storage medium, such as a removable disk, a hard disk, or the like, and the computer program on the storage medium can execute the above-described method for securely storing important data when executed.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other manners. The above-described apparatus embodiments are merely illustrative, for example, the division of units is merely a logical function division, and there may be other manners of division in actual implementation, and for example, multiple units or components may be combined or integrated into another system, or some features may be omitted, or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be through some communication interface, device or unit indirect coupling or communication connection, which may be in electrical, mechanical or other form.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed over a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in the embodiments provided in the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a personal computer, a server, a network device, etc.) to perform all or part of the steps of the method of the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
Finally, it should be noted that: the above examples are only specific embodiments of the present application for illustrating the technical solution of the present application, but not for limiting the scope of the present application, and although the present application has been described in detail with reference to the foregoing examples, it will be understood by those skilled in the art that the present application is not limited thereto: any person skilled in the art may modify or easily conceive of the technical solution described in the foregoing embodiments, or perform equivalent substitution of some of the technical features, while remaining within the technical scope of the present disclosure; such modifications, changes or substitutions do not depart from the spirit and scope of the corresponding technical solutions. Are intended to be encompassed within the scope of the present application. Therefore, the protection scope of the application is subject to the protection scope of the claims.
Claims (10)
1. A method for securely storing important data, the method comprising the steps of:
generating a random number, and filling the generated random number into a section of fixed-length safe storage area opened up in a memory;
acquiring key information of a user or equipment, and generating a fingerprint of the user or equipment based on the key information;
generating a digest value of the user or equipment fingerprint by adopting a digest algorithm, and serializing the digest value of the user or equipment fingerprint to generate an index sequence;
and taking the generated index sequence as the address offset of the secure storage area to store the important data to be stored into the secure storage area in a byte-dispersed manner.
2. The method of claim 1, wherein random numbers are cyclically generated and each byte in the secure memory area is padded with a different random number.
3. The method for securely storing important data according to claim 2, wherein said key information includes a CPU ID, a memory serial number, a MAC address and an operating system time zone; and generating an MD5 value as a user or device fingerprint using the combined string of the CPU ID, the memory serial number, the MAC address, and the operating system time zone.
4. A method of securely storing important data according to claim 3, wherein said generating a digest value of said user or device fingerprint using a digest algorithm and serializing said digest value of said user or device fingerprint to generate an index sequence comprises the steps of:
generating a 32-byte digest value of the user or device fingerprint by adopting an SHA-256 digest algorithm;
serializing the abstract value of the user or equipment fingerprint by adopting a serialization algorithm, and performing de-duplication processing to generate an index sequence containing 32 index values;
and if the newly generated index value is contained in the generated index value, adding one to the newly generated sequence value until no repeated value exists.
5. The method for securely storing important data according to claim 4, wherein said serializing the digest value of the user or device fingerprint by using the serialization algorithm comprises the steps of:
setting an algorithm factor;
picking a 5-bit numerical value of any byte in the abstract value of the user or equipment fingerprint, wherein the 5-bit numerical value adopts bit 2-bit 6;
multiplying the 5-bit value by the algorithm factor, and adding any value smaller than the algorithm factor to obtain an index value smaller than the maximum byte value of the secure storage area space.
6. The method for securely storing important data according to claim 5, wherein the value of said algorithm factor is set to 32 when the space of the secure storage area opened up in the memory is 1 kbyte.
7. The method for securely storing important data according to claim 6, further comprising the steps of, after said storing important data to be stored in said secure storage area in bytes:
acquiring key information of a user or equipment, and generating a fingerprint of the user or equipment based on the key information;
generating a digest value of the user or equipment fingerprint by adopting a digest algorithm, and serializing the digest value of the user or equipment fingerprint to generate an index sequence;
reading the serialized byte data from the secure storage area by taking the generated index sequence as the address offset of the secure storage area;
and combining the read serialized byte data to obtain the important data stored in the safe storage area.
8. A device for securely storing important data, said device comprising:
the filling module is used for generating random numbers and filling the generated random numbers into a section of fixed-length safe storage area opened up in the memory;
the acquisition module is used for acquiring key information of a user or equipment and generating a fingerprint of the user or equipment based on the key information;
the generation module is used for generating the digest value of the user or equipment fingerprint by adopting a digest algorithm and serializing the digest value of the user or equipment fingerprint to generate an index sequence;
and the storage module is used for taking the generated index sequence as the address offset of the secure storage area so as to store the important data to be stored into the secure storage area in a byte-dispersed manner.
9. An electronic device, comprising: a processor, a memory and a bus, said memory storing machine readable instructions executable by said processor, said processor and said memory communicating over the bus when the electronic device is running, said machine readable instructions when executed by said processor performing the steps of the method for secure preservation of vital data according to any of claims 1 to 7.
10. A computer-readable storage medium, characterized in that the computer-readable storage medium has stored thereon a computer program which, when executed by a processor, performs the steps of the method for secure storage of important data according to any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311017822.6A CN116975925A (en) | 2023-08-11 | 2023-08-11 | Safe preservation method, device, equipment and medium for important data |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311017822.6A CN116975925A (en) | 2023-08-11 | 2023-08-11 | Safe preservation method, device, equipment and medium for important data |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116975925A true CN116975925A (en) | 2023-10-31 |
Family
ID=88481417
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311017822.6A Pending CN116975925A (en) | 2023-08-11 | 2023-08-11 | Safe preservation method, device, equipment and medium for important data |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116975925A (en) |
-
2023
- 2023-08-11 CN CN202311017822.6A patent/CN116975925A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9172533B2 (en) | Method and system for securing communication | |
| US9237011B2 (en) | Unique surrogate key generation using cryptographic hashing | |
| US11516236B2 (en) | Systems and methods for detection and mitigation of malicious encryption | |
| US7694147B2 (en) | Hashing method and system | |
| US20150302218A1 (en) | Method and system for file hiding | |
| Gutmann | Software Generation of Practically Strong Random Numbers. | |
| CN114124480B (en) | Communication authentication method, server, client, electronic device and storage medium | |
| CN111314069B (en) | Block chain-based shaking system and method, electronic device and storage medium | |
| US9002812B2 (en) | Checksum and hashing operations resilient to malicious input data | |
| CN103530535A (en) | Shell adding and removing method for Android platform application program protection | |
| CN115048658B (en) | System, method and computer readable medium for protecting distributed data using a latent name slicing technique | |
| US20160124983A1 (en) | Secure compression | |
| US8832450B2 (en) | Methods and apparatus for data hashing based on non-linear operations | |
| CN109190358B (en) | Site password generation method and system and password manager | |
| CN116975925A (en) | Safe preservation method, device, equipment and medium for important data | |
| CN114547653B (en) | Encryption method, decryption method, device, equipment and medium for development environment | |
| Vershinin et al. | Associative steganography of text messages | |
| Mukherjee et al. | A Secure Cloud Computing | |
| JP2005229178A (en) | System, method and program for secret information management and terminal program for secret information management system | |
| US11580091B2 (en) | Method of ensuring confidentiality and integrity of stored data and metadata in an untrusted environment | |
| CN110363000B (en) | Method, device, electronic equipment and storage medium for identifying malicious files | |
| CN111835706A (en) | Method and device for detecting malicious extension of browser and computer equipment | |
| CN112291355B (en) | Key backup and recovery method and device for block chain wallet | |
| Surmont | Length-preserving authenticated encryption of storage blocks | |
| CN112163224A (en) | Android software integrity verification method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |