CN101079698B - A file encryption method based on Linux operating system with CPK authentication - Google Patents
A file encryption method based on Linux operating system with CPK authentication Download PDFInfo
- Publication number
- CN101079698B CN101079698B CN2007100484832A CN200710048483A CN101079698B CN 101079698 B CN101079698 B CN 101079698B CN 2007100484832 A CN2007100484832 A CN 2007100484832A CN 200710048483 A CN200710048483 A CN 200710048483A CN 101079698 B CN101079698 B CN 101079698B
- Authority
- CN
- China
- Prior art keywords
- file
- linux
- suse
- key data
- cpk
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a safety identifying technique of voice communication under network environment based on file coding method of Linux operational system with CPK identification, which comprises the following steps: 1) selecting the coded plaintext file; 2) generating a group of random key data; 3) coding the plaintext file according to the key data; forming the key data; 4) transmitting the key data into CPK identification system to do CPK coding; forming the identification head; 5) writing the identification head into the key data; forming new key file; 6) reserving the file into carrier; 7) decoding the CPK identification of the key file when using the file; extracting the key data; 8) decoding the key; obtaining the plaintext file; fitting for coding kinds of plaintext file.
Description
Technical field
The present invention relates to information security technology, relate in particular to the security credential technology of file under the network environment.
Background technology
Along with computer technology develops rapidly, the particularly fast development of Internet technology, various documents can be shared in network, and the remote service that uses a computer is just as bringing great convenience to people on local computer.But, because sharing of file also makes its fail safe be difficult to obtain guarantee.For improving safety of files, at present widely used is the encryption method of customization key, and concrete encryption flow as shown in Figure 1.In addition, Chinese patent notification number CN1350382 discloses a kind of " based on the implementation method of the VPN cipher key change of PKI ".The shortcoming of this method is that the encryption energy is low, easily is decrypted, and needs the third party to authenticate, and authentication speed is slow.
Summary of the invention
The objective of the invention is to overcome the above-mentioned shortcoming of prior art, a kind of fail safe file encrypting method that the higher band CPK based on (SuSE) Linux OS authenticates is provided.
The objective of the invention is to realize by key encryption and decryption and this double-encryption technological means of file encryption.Constitute by following steps:
1), (SuSE) Linux OS is according to user's demand, need to select the clear text file of encrypting,
2), select files after, (SuSE) Linux OS produces one group of random key data thereupon;
3), (SuSE) Linux OS use key data is encrypted the generation encrypt data to selected clear text file;
4), (SuSE) Linux OS in addition carries out key data CPK authentication coding, constitutes a file identification head;
5), by (SuSE) Linux OS file identification head and encrypt data are integrated into a new cryptograph files again;
6), (SuSE) Linux OS stores above-mentioned cryptograph files in one carrier into again;
7), when using this document, (SuSE) Linux OS carries out CPK authentication decoding after extracting cryptograph files in the carrier, extracts the cryptograph files key data;
8), (SuSE) Linux OS uses key data that encrypt data is decrypted, thereby obtains clear text file.
Still after can finishing in each process, remove the operation vestige that in processing procedure, stays by (SuSE) Linux OS to file process thereupon.
The present invention is by being produced one group of random key data by (SuSE) Linux OS, adopting CPK authentication techniques (referring to Chinese patent publication number CN1832403A disclosed " CPK authentic authentication system ") that file is carried out random key encrypts, its key is integrated into a new file through CPK authentication coding with encrypt file again, and it encrypts energy can reach 10
44More than, far above 10 of the PKI technology that extensively adopts at present
4Energy level, thoroughly solved secret key safety hidden danger.The complete opening of (SuSE) Linux OS, comparing with Windows operating system does not have rear window suspicion, has guaranteed the bottom safety of system, thereby has guaranteed the fail safe of file encryption overall process.
This method is compared with existing customization key file encryption technology and is had the following advantages:
1, this method authentication capacity is huge, and (energy level can reach 10 to have improved the security classification of file data greatly
77, much larger than 10 of present PKI, IBE authentication techniques
4).And authentication speed fast (can reach the Millisecond authentication);
But complicated empowerment management system is supported in the authentication of 2 chip off lines; Can realize that point-to-point, point is to the authentic authentication in territory and do not need the ca authentication center;
3, this method is real-time encrypted to file enforcement, and can eliminate the operation vestige thereupon, has guaranteed the fail safe of system greatly;
4, can independently write the bottom program as required, guarantee bottom and application system security of operation;
Content of the present invention further illustrates with the following Examples, but content of the present invention is not limited only to content related among the embodiment.
Description of drawings
Fig. 1 is the existing logic diagram that file is encrypted, deciphered
Fig. 2 is the logic diagram of the inventive method
Embodiment
Referring to Fig. 2, this method is made of following steps:
1), (SuSE) Linux OS is according to user's demand, need to select the clear text file of encrypting,
2), select files after, (SuSE) Linux OS produces one group of random key data thereupon;
3), (SuSE) Linux OS use key data and aes algorithm carry out cryptographic calculation to selected clear text file, the generation encrypt data;
4), (SuSE) Linux OS in addition carries out key data CPK authentication coding, constitutes a file identification head;
5), by (SuSE) Linux OS file identification head and encrypt data are integrated into a new cryptograph files again;
6), (SuSE) Linux OS stores above-mentioned cryptograph files in one carrier into again;
7), when using this document, (SuSE) Linux OS carries out CPK authentication decoding after extracting cryptograph files in the carrier, extracts the cryptograph files key data;
8), (SuSE) Linux OS uses key data and aes algorithm that encrypt data is decrypted computing, thereby obtains clear text file.
After each above-mentioned processing procedure finished, (SuSE) Linux OS was removed the operation vestige that stays thereupon in processing procedure.
Clear text file described in the example can be text, multimedia file or other file.
Except that adopting aes algorithm that selected clear text file is carried out the cryptographic calculation, that also can adopt other carries out cryptographic calculation as the DES algorithm to selected clear text file.
Described carrier can be memory carriers such as memory device, memory.
Claims (2)
1. file encrypting method based on the band CPK of (SuSE) Linux OS authentication is characterized in that described file encrypting method is made of following steps:
1), (SuSE) Linux OS is according to user's demand, need to select the clear text file of encrypting,
2), select files after, (SuSE) Linux OS produces one group of random key data thereupon;
3), (SuSE) Linux OS use random key data are encrypted the generation encrypt data to selected clear text file;
4), (SuSE) Linux OS in addition carries out the random key data CPK authentication coding, constitutes a file identification head;
5), by (SuSE) Linux OS file identification head and encrypt data are integrated into a new cryptograph files again;
6), (SuSE) Linux OS stores above-mentioned cryptograph files in one carrier into again;
7), when using this document, (SuSE) Linux OS carries out CPK authentication decoding after extracting cryptograph files in the carrier, extracts the cryptograph files key data;
8), (SuSE) Linux OS uses the cryptograph files key data that encrypt data is decrypted, thereby obtains clear text file.
2. file encrypting method according to claim 1 is characterized in that (SuSE) Linux OS is removed the operation vestige that stays thereupon in processing procedure after each process of above-mentioned file process finishes.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2007100484832A CN101079698B (en) | 2007-02-14 | 2007-02-14 | A file encryption method based on Linux operating system with CPK authentication |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2007100484832A CN101079698B (en) | 2007-02-14 | 2007-02-14 | A file encryption method based on Linux operating system with CPK authentication |
Publications (2)
Publication Number | Publication Date |
---|---|
CN101079698A CN101079698A (en) | 2007-11-28 |
CN101079698B true CN101079698B (en) | 2011-05-11 |
Family
ID=38906953
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2007100484832A Expired - Fee Related CN101079698B (en) | 2007-02-14 | 2007-02-14 | A file encryption method based on Linux operating system with CPK authentication |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN101079698B (en) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101350712B (en) * | 2008-08-25 | 2013-01-23 | 华为终端有限公司 | Data management method and terminal |
CN103491384B (en) * | 2013-09-09 | 2017-01-18 | 天脉聚源(北京)传媒科技有限公司 | Encrypting method and device of video and decrypting method and device of video |
CN105117666A (en) * | 2015-07-21 | 2015-12-02 | 深圳市同创国芯电子有限公司 | Encryption and decryption methods and devices for internet protocol (IP) configuration parameter of integrated circuit |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1710955A (en) * | 2004-06-18 | 2005-12-21 | 罗姆股份有限公司 | Apparatus key protection method, enciphering and deciphering apparatus and video transmitting receiving apparatus |
CN1831865A (en) * | 2006-04-24 | 2006-09-13 | 北京易恒信认证科技有限公司 | Electronic bank safety authorization system and method based on CPK |
-
2007
- 2007-02-14 CN CN2007100484832A patent/CN101079698B/en not_active Expired - Fee Related
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1710955A (en) * | 2004-06-18 | 2005-12-21 | 罗姆股份有限公司 | Apparatus key protection method, enciphering and deciphering apparatus and video transmitting receiving apparatus |
CN1831865A (en) * | 2006-04-24 | 2006-09-13 | 北京易恒信认证科技有限公司 | Electronic bank safety authorization system and method based on CPK |
Non-Patent Citations (1)
Title |
---|
JP特开2005-318299A 2005.11.10 |
Also Published As
Publication number | Publication date |
---|---|
CN101079698A (en) | 2007-11-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN201181472Y (en) | Hardware key device and movable memory system | |
CN101350724B (en) | Encrypting method base on biology characteristic information | |
CN103618607B (en) | A kind of Security Data Transmission and key exchange method | |
CN101447870B (en) | Safe storage method of private key based on technology of distributed password | |
CN104253694B (en) | A kind of time slot scrambling for network data transmission | |
EP1866873B1 (en) | Method, system, personal security device and computer program product for cryptographically secured biometric authentication | |
JP2007013433A (en) | Method for transmitting/receiving encrypted data and information processing system | |
CN102664898A (en) | Fingerprint identification-based encrypted transmission method, fingerprint identification-based encrypted transmission device and fingerprint identification-based encrypted transmission system | |
CN101196855A (en) | Mobile encrypted memory device and cipher text storage area data encrypting and deciphering processing method | |
JP2014527787A (en) | Communication method for authentication using fingerprint information | |
CN106411515B (en) | The method and system for promoting key safety are split to key using cipher machine | |
CN104219044A (en) | Key secret method for encrypting storing device | |
CN103971426A (en) | PSAM safety control-based access control system and safe access control method using the same | |
CN102404337A (en) | Data encryption method and device | |
WO2012053886A1 (en) | A method and system for file encryption and decryption in a server | |
CN103338106A (en) | Methods and devices for ciphering and deciphering file | |
CN106789977B (en) | Method and system for realizing mobile phone token based on key segmentation | |
CN101079698B (en) | A file encryption method based on Linux operating system with CPK authentication | |
CN107911221A (en) | The key management method of solid-state disk data safety storage | |
CN105205407A (en) | Electronic certificate encryption and decryption method | |
EP2065830B1 (en) | System and method of controlling access to a device | |
CN102270182B (en) | Encrypted mobile storage equipment based on synchronous user and host machine authentication | |
CN100464337C (en) | Method and equipment for carrying out safety communication between USB device and host | |
CN108337233B (en) | Method for encrypting content information, electronic equipment and storage medium | |
CN107276961A (en) | A kind of method and device based on cipher algorithm encryption and ciphertext data |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
DD01 | Delivery of document by public notice |
Addressee: Dou Zhiqiang Document name: Notification to Pay the Fees |
|
DD01 | Delivery of document by public notice |
Addressee: Dou Zhiqiang Document name: Notification of Termination of Patent Right |
|
C17 | Cessation of patent right | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20110511 Termination date: 20130214 |