CN101079698B - A file encryption method based on Linux operating system with CPK authentication - Google Patents

A file encryption method based on Linux operating system with CPK authentication Download PDF

Info

Publication number
CN101079698B
CN101079698B CN2007100484832A CN200710048483A CN101079698B CN 101079698 B CN101079698 B CN 101079698B CN 2007100484832 A CN2007100484832 A CN 2007100484832A CN 200710048483 A CN200710048483 A CN 200710048483A CN 101079698 B CN101079698 B CN 101079698B
Authority
CN
China
Prior art keywords
file
linux
suse
key data
cpk
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN2007100484832A
Other languages
Chinese (zh)
Other versions
CN101079698A (en
Inventor
南相浩
赵广宇
彭旭
赵建国
林容生
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SICHUAN YIHENG TECHNOLOGY DEVELOPMENT Co Ltd
Original Assignee
SICHUAN YIHENG TECHNOLOGY DEVELOPMENT Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by SICHUAN YIHENG TECHNOLOGY DEVELOPMENT Co Ltd filed Critical SICHUAN YIHENG TECHNOLOGY DEVELOPMENT Co Ltd
Priority to CN2007100484832A priority Critical patent/CN101079698B/en
Publication of CN101079698A publication Critical patent/CN101079698A/en
Application granted granted Critical
Publication of CN101079698B publication Critical patent/CN101079698B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Storage Device Security (AREA)

Abstract

The invention discloses a safety identifying technique of voice communication under network environment based on file coding method of Linux operational system with CPK identification, which comprises the following steps: 1) selecting the coded plaintext file; 2) generating a group of random key data; 3) coding the plaintext file according to the key data; forming the key data; 4) transmitting the key data into CPK identification system to do CPK coding; forming the identification head; 5) writing the identification head into the key data; forming new key file; 6) reserving the file into carrier; 7) decoding the CPK identification of the key file when using the file; extracting the key data; 8) decoding the key; obtaining the plaintext file; fitting for coding kinds of plaintext file.

Description

A kind of file encrypting method that authenticates based on the band CPK of (SuSE) Linux OS
Technical field
The present invention relates to information security technology, relate in particular to the security credential technology of file under the network environment.
Background technology
Along with computer technology develops rapidly, the particularly fast development of Internet technology, various documents can be shared in network, and the remote service that uses a computer is just as bringing great convenience to people on local computer.But, because sharing of file also makes its fail safe be difficult to obtain guarantee.For improving safety of files, at present widely used is the encryption method of customization key, and concrete encryption flow as shown in Figure 1.In addition, Chinese patent notification number CN1350382 discloses a kind of " based on the implementation method of the VPN cipher key change of PKI ".The shortcoming of this method is that the encryption energy is low, easily is decrypted, and needs the third party to authenticate, and authentication speed is slow.
Summary of the invention
The objective of the invention is to overcome the above-mentioned shortcoming of prior art, a kind of fail safe file encrypting method that the higher band CPK based on (SuSE) Linux OS authenticates is provided.
The objective of the invention is to realize by key encryption and decryption and this double-encryption technological means of file encryption.Constitute by following steps:
1), (SuSE) Linux OS is according to user's demand, need to select the clear text file of encrypting,
2), select files after, (SuSE) Linux OS produces one group of random key data thereupon;
3), (SuSE) Linux OS use key data is encrypted the generation encrypt data to selected clear text file;
4), (SuSE) Linux OS in addition carries out key data CPK authentication coding, constitutes a file identification head;
5), by (SuSE) Linux OS file identification head and encrypt data are integrated into a new cryptograph files again;
6), (SuSE) Linux OS stores above-mentioned cryptograph files in one carrier into again;
7), when using this document, (SuSE) Linux OS carries out CPK authentication decoding after extracting cryptograph files in the carrier, extracts the cryptograph files key data;
8), (SuSE) Linux OS uses key data that encrypt data is decrypted, thereby obtains clear text file.
Still after can finishing in each process, remove the operation vestige that in processing procedure, stays by (SuSE) Linux OS to file process thereupon.
The present invention is by being produced one group of random key data by (SuSE) Linux OS, adopting CPK authentication techniques (referring to Chinese patent publication number CN1832403A disclosed " CPK authentic authentication system ") that file is carried out random key encrypts, its key is integrated into a new file through CPK authentication coding with encrypt file again, and it encrypts energy can reach 10 44More than, far above 10 of the PKI technology that extensively adopts at present 4Energy level, thoroughly solved secret key safety hidden danger.The complete opening of (SuSE) Linux OS, comparing with Windows operating system does not have rear window suspicion, has guaranteed the bottom safety of system, thereby has guaranteed the fail safe of file encryption overall process.
This method is compared with existing customization key file encryption technology and is had the following advantages:
1, this method authentication capacity is huge, and (energy level can reach 10 to have improved the security classification of file data greatly 77, much larger than 10 of present PKI, IBE authentication techniques 4).And authentication speed fast (can reach the Millisecond authentication);
But complicated empowerment management system is supported in the authentication of 2 chip off lines; Can realize that point-to-point, point is to the authentic authentication in territory and do not need the ca authentication center;
3, this method is real-time encrypted to file enforcement, and can eliminate the operation vestige thereupon, has guaranteed the fail safe of system greatly;
4, can independently write the bottom program as required, guarantee bottom and application system security of operation;
Content of the present invention further illustrates with the following Examples, but content of the present invention is not limited only to content related among the embodiment.
Description of drawings
Fig. 1 is the existing logic diagram that file is encrypted, deciphered
Fig. 2 is the logic diagram of the inventive method
Embodiment
Referring to Fig. 2, this method is made of following steps:
1), (SuSE) Linux OS is according to user's demand, need to select the clear text file of encrypting,
2), select files after, (SuSE) Linux OS produces one group of random key data thereupon;
3), (SuSE) Linux OS use key data and aes algorithm carry out cryptographic calculation to selected clear text file, the generation encrypt data;
4), (SuSE) Linux OS in addition carries out key data CPK authentication coding, constitutes a file identification head;
5), by (SuSE) Linux OS file identification head and encrypt data are integrated into a new cryptograph files again;
6), (SuSE) Linux OS stores above-mentioned cryptograph files in one carrier into again;
7), when using this document, (SuSE) Linux OS carries out CPK authentication decoding after extracting cryptograph files in the carrier, extracts the cryptograph files key data;
8), (SuSE) Linux OS uses key data and aes algorithm that encrypt data is decrypted computing, thereby obtains clear text file.
After each above-mentioned processing procedure finished, (SuSE) Linux OS was removed the operation vestige that stays thereupon in processing procedure.
Clear text file described in the example can be text, multimedia file or other file.
Except that adopting aes algorithm that selected clear text file is carried out the cryptographic calculation, that also can adopt other carries out cryptographic calculation as the DES algorithm to selected clear text file.
Described carrier can be memory carriers such as memory device, memory.

Claims (2)

1. file encrypting method based on the band CPK of (SuSE) Linux OS authentication is characterized in that described file encrypting method is made of following steps:
1), (SuSE) Linux OS is according to user's demand, need to select the clear text file of encrypting,
2), select files after, (SuSE) Linux OS produces one group of random key data thereupon;
3), (SuSE) Linux OS use random key data are encrypted the generation encrypt data to selected clear text file;
4), (SuSE) Linux OS in addition carries out the random key data CPK authentication coding, constitutes a file identification head;
5), by (SuSE) Linux OS file identification head and encrypt data are integrated into a new cryptograph files again;
6), (SuSE) Linux OS stores above-mentioned cryptograph files in one carrier into again;
7), when using this document, (SuSE) Linux OS carries out CPK authentication decoding after extracting cryptograph files in the carrier, extracts the cryptograph files key data;
8), (SuSE) Linux OS uses the cryptograph files key data that encrypt data is decrypted, thereby obtains clear text file.
2. file encrypting method according to claim 1 is characterized in that (SuSE) Linux OS is removed the operation vestige that stays thereupon in processing procedure after each process of above-mentioned file process finishes.
CN2007100484832A 2007-02-14 2007-02-14 A file encryption method based on Linux operating system with CPK authentication Expired - Fee Related CN101079698B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2007100484832A CN101079698B (en) 2007-02-14 2007-02-14 A file encryption method based on Linux operating system with CPK authentication

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2007100484832A CN101079698B (en) 2007-02-14 2007-02-14 A file encryption method based on Linux operating system with CPK authentication

Publications (2)

Publication Number Publication Date
CN101079698A CN101079698A (en) 2007-11-28
CN101079698B true CN101079698B (en) 2011-05-11

Family

ID=38906953

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2007100484832A Expired - Fee Related CN101079698B (en) 2007-02-14 2007-02-14 A file encryption method based on Linux operating system with CPK authentication

Country Status (1)

Country Link
CN (1) CN101079698B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101350712B (en) * 2008-08-25 2013-01-23 华为终端有限公司 Data management method and terminal
CN103491384B (en) * 2013-09-09 2017-01-18 天脉聚源(北京)传媒科技有限公司 Encrypting method and device of video and decrypting method and device of video
CN105117666A (en) * 2015-07-21 2015-12-02 深圳市同创国芯电子有限公司 Encryption and decryption methods and devices for internet protocol (IP) configuration parameter of integrated circuit

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1710955A (en) * 2004-06-18 2005-12-21 罗姆股份有限公司 Apparatus key protection method, enciphering and deciphering apparatus and video transmitting receiving apparatus
CN1831865A (en) * 2006-04-24 2006-09-13 北京易恒信认证科技有限公司 Electronic bank safety authorization system and method based on CPK

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1710955A (en) * 2004-06-18 2005-12-21 罗姆股份有限公司 Apparatus key protection method, enciphering and deciphering apparatus and video transmitting receiving apparatus
CN1831865A (en) * 2006-04-24 2006-09-13 北京易恒信认证科技有限公司 Electronic bank safety authorization system and method based on CPK

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
JP特开2005-318299A 2005.11.10

Also Published As

Publication number Publication date
CN101079698A (en) 2007-11-28

Similar Documents

Publication Publication Date Title
CN201181472Y (en) Hardware key device and movable memory system
CN101350724B (en) Encrypting method base on biology characteristic information
CN103618607B (en) A kind of Security Data Transmission and key exchange method
CN101447870B (en) Safe storage method of private key based on technology of distributed password
CN104253694B (en) A kind of time slot scrambling for network data transmission
EP1866873B1 (en) Method, system, personal security device and computer program product for cryptographically secured biometric authentication
JP2007013433A (en) Method for transmitting/receiving encrypted data and information processing system
CN102664898A (en) Fingerprint identification-based encrypted transmission method, fingerprint identification-based encrypted transmission device and fingerprint identification-based encrypted transmission system
CN101196855A (en) Mobile encrypted memory device and cipher text storage area data encrypting and deciphering processing method
JP2014527787A (en) Communication method for authentication using fingerprint information
CN106411515B (en) The method and system for promoting key safety are split to key using cipher machine
CN104219044A (en) Key secret method for encrypting storing device
CN103971426A (en) PSAM safety control-based access control system and safe access control method using the same
CN102404337A (en) Data encryption method and device
WO2012053886A1 (en) A method and system for file encryption and decryption in a server
CN103338106A (en) Methods and devices for ciphering and deciphering file
CN106789977B (en) Method and system for realizing mobile phone token based on key segmentation
CN101079698B (en) A file encryption method based on Linux operating system with CPK authentication
CN107911221A (en) The key management method of solid-state disk data safety storage
CN105205407A (en) Electronic certificate encryption and decryption method
EP2065830B1 (en) System and method of controlling access to a device
CN102270182B (en) Encrypted mobile storage equipment based on synchronous user and host machine authentication
CN100464337C (en) Method and equipment for carrying out safety communication between USB device and host
CN108337233B (en) Method for encrypting content information, electronic equipment and storage medium
CN107276961A (en) A kind of method and device based on cipher algorithm encryption and ciphertext data

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
DD01 Delivery of document by public notice

Addressee: Dou Zhiqiang

Document name: Notification to Pay the Fees

DD01 Delivery of document by public notice

Addressee: Dou Zhiqiang

Document name: Notification of Termination of Patent Right

C17 Cessation of patent right
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20110511

Termination date: 20130214