CN101388776B - Ciphering and deciphering method and device for printed written files - Google Patents
Ciphering and deciphering method and device for printed written files Download PDFInfo
- Publication number
- CN101388776B CN101388776B CN2008101973718A CN200810197371A CN101388776B CN 101388776 B CN101388776 B CN 101388776B CN 2008101973718 A CN2008101973718 A CN 2008101973718A CN 200810197371 A CN200810197371 A CN 200810197371A CN 101388776 B CN101388776 B CN 101388776B
- Authority
- CN
- China
- Prior art keywords
- key
- user
- information
- error correction
- parameter
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention relates to an enciphering and deciphering method and a device aiming at printing edition written documents, the method thereof comprises the three steps of key generating, enciphering protection and deciphering reading, wherein the key generating step is characterized by generating a deciphering private key which is only known by a user-self through the cooperation of a key-issuing mechanism and a user and is composed of identify recognition information and the public key parameter, wherein the enciphering public key capable of being opened, which steps can be carried out during the register of the user, the enciphering protection step is characterized by enabling the user to carry out the enciphering protection to key areas of specific documents and to print and output the documents, and the deciphering reading step is characterized by enabling a legal user to read the printing-edition written documents which are received and are processed after the enciphering protection. The device of the invention comprises a key management unit, a data enciphering unit, a data deciphering unit and an operation management unit. The invention has the advantages of low cost, strong safety, high efficiency, easy to use, convenient operation and the like, and the method and the device combine the advantages of the existing cryptography and have a good prospect of application.
Description
Technical field
The invention belongs to electronic information technology and field of computer information security, is a kind of encipher-decipher method and device at the printing edition written document specifically.
Background technology
In actual life, be a significant problem at carrying out encipherment protection based on the content of the written document of paper always.In order to protect the content of written document; various content protecting methods towards written document have appearred; these methods mainly contain three classes: first kind method is based on the conventional cipher technology; instruments such as basis or password table access to your password; by the content of written document being carried out operations such as literal, phrase replacement and displacement, realize encipherment protection to the written document content.Because these class methods are based on the conventional cipher technology, so its fail safe is not strong, inefficiency, method is loaded down with trivial details, and application surface is extremely narrow.Second class methods generally need to specify by the special messenger file that needs protection to be managed based on dependent manual operation and strict management system, and use special equipment such as safety cabinet, need special-purpose place deposit these data.Shortcomings such as therefore, these class methods depend on administrative staff and specialized security device, have to cost dearly, and efficient is very low, if but safety management put in place, therefore at present these class methods have still possessed fail safe preferably so, use commonplace.The 3rd class methods are based on the physical/chemical principle, write or use the paper media of special use to come stored information as the chemicals that uses special use such as concealed fluorescent liquid, utilize special-purpose special installation such as ultra-violet lamp to read file content.This class guard method depends critically upon maintaining secrecy of technological means such as chemicals, fetch equipment itself, if these means itself are divulged a secret, adopts the file of this class methods protection will all lose protection so, and is therefore also impracticable.
On the other hand; though the modern cryptographic technique that occurs along with the development of information technology has advantages such as high safety, efficient height; but can only be applied to electronic document; and be not suitable for the written document of printing edition, therefore can not solve at the content of the written document of printing edition and carry out this problem of encipherment protection.
Before describing the present invention, relational language as used in this specification is described as follows:
Identity identification information: be used to describe user identity for information about.For the personal user, identity identification information comprises that the scope of application of valid expiration date, this information of name, telephone number, address, identification card number, contact person and address thereof, this information of identification sequence number, user and restriction and key sign and issue the contents such as information of mechanism.For legal person user, identity identification information comprises that the scope of application of valid expiration date, this information of organization's sign indicating number of identification sequence number, organization, WorkPhone, the contact person of unit and contact details thereof, unit address, unit and legal person's code, unit network address, this information and restriction and key sign and issue the contents such as information of mechanism.
Decrypted private key: be used to finish the private cipher key of decrypting process, generated by user oneself, thereby have only user oneself to know this key, need keep properly, can not reveal, anyone not will be appreciated that the value of this key for other.
Encrypted public key: encrypted public key is based on user's identity identification information, sign and issue mechanism and user's cooperation generation by key, it comprises identity identification information and PKI parameter two parts of user, can be used for file being encrypted for any third party, the user that file after the encryption only has the decrypted private key corresponding with encrypted public key could decipher, thereby can openly issue by all means.
High-Dimensional Bar Code: stored information is different in one direction with bar code, and High-Dimensional Bar Code can make full use of the bar code pattern space, stored information on a plurality of directions.Known High-Dimensional Bar Code comprises types such as 1.5 dimension bar codes, two-dimensional bar, colorful two-dimensional bar code, three-dimensional barcode at present.
Key area: need to carry out one group of important area of content-encrypt protection in the file, selected voluntarily by the sender.
Agreement: the rule of the common requirement of encryption and decryption two parties institute.
Sequential cascade: refer to a plurality of bar codes according to the order of certain agreement continuously, stacked arrangement.
Summary of the invention
The object of the invention is to solve the content protecting problem of printing edition written document, and a kind of encipher-decipher method and device at the printing edition written document is provided at the deficiency of existing written document content-encrypt resist technology and method.
For achieving the above object, method of the present invention comprises key generation, encipherment protection and deciphering reading three phases, wherein, the key generation phase is to sign and issue mechanism by key to cooperate with user, the decrypted private key that generation has only user oneself to know, and form by identity identification information and PKI parameter, can disclosed encrypted public key, this stage can carry out when the user registers; The encipherment protection stage is to make the user to carry out encipherment protection to the key area of specific file, and printout; And the deciphering reading phase be validated user can be read received, through the printing edition written document of encipherment protection.
Above-mentioned key generation phase concrete steps are as follows:
According to can disclosed identity identification information SI, sign and issue mechanism through key and cooperate with user, generation PKI check code PS, decrypted private key SK and encrypted public key PK, wherein, PKI check code PS is used to check the true and false of encrypted public key; And decrypted private key SK has only user oneself to know, need keep properly to leak; Encrypted public key PK is then combined by identity identification information SI and PKI parameter PI, can openly issue by all means.
Above-mentioned encipherment protection stage concrete steps are as follows:
When user A need carry out encipherment protection to certain file, carry out following operation:
First step:, identify the key area KA that wherein needs to carry out the content-encrypt protection for the original document of the electronic edition that needs encipherment protection;
Second step: the compression method by agreement carries out compressed encoding to information KI such as the formatted text among the key area KA, chart and images, gets compressed information CI;
Third step: obtain the encrypted public key PK of legitimate receiver, compressed information CI is encrypted, obtain ciphertext CM by the data ciphering method of agreement;
The 4th step: utilize the error correction coding rule of agreement that ciphertext CM is divided into groups and the error correction computing, generate additional error correction information AI;
The 5th step: rule process ciphertext CM according to a preconcerted arrangement and additional error correction information AI thereof, generate High-Dimensional Bar Code picture HP, HP may comprise one or more bar code;
The 6th step: with the content of the key area KA of need to be keep secret in the High-Dimensional Bar Code picture HP replacement original document, part and High-Dimensional Bar Code picture HP mixing with not need to be keep secret in the original document form confidential document CD;
The 7th step: utilize equipment such as printer, printing machine,, then finish ciphering process, obtain carrying out the printing edition written document PD that encipherment protection is exported at the content of original document at original document with confidential document CD printout.
Above-mentioned deciphering reading phase concrete steps are as follows:
Validated user B is receiving that protected printing edition written document PD (can be original paper, also can be copy) afterwards, can be decrypted reading as follows:
The first step: utilize image input device that the encryption section among the file PD is handled, obtain High-Dimensional Bar Code picture HP;
Second step: rule according to a preconcerted arrangement, from High-Dimensional Bar Code picture HP, isolate secret information CM ' and additional error correction information AI;
The 3rd step:, utilize the error correction decoding algorithm of agreement that secret information CM ' is carried out error correction and merge handling the ciphertext CM that obtains including based on additional error correction information AI;
The 4th step: use the decrypted private key SK of oneself, ciphertext CM is decrypted, obtain compressed information CI by the data decryption method of prior agreement;
The 5th step: use the decompression method of agreement that compressed information CI is decompressed, obtain the content KI of key area KA;
The 6th the step: with among KI and the PD not the content of encrypted protection merge, can finish decrypting process at file PD, obtain initial original document, for reading.
In addition, the present invention also provides a kind of ciphering and deciphering device of printing edition written document, comprising:
Cipher key management unit: management is as the encryption key and the decruption key of operation validity voucher;
DEU data encryption unit:, according to encryption key, finish whole work of carrying out encrypted content file at the printing edition written document automatically, and output on the output equipment of appointment by method as described above;
Data decryption unit: by method as described above,, obtain necessary information, finish the whole work that are decrypted at the printing edition written document automatically, and send computer equipment to, perhaps directly read from input equipment according to decruption key;
Operational administrative unit: management input/output information, and the operation of coordinating above-mentioned three unit.
This device can be positioned over the inside of input-output equipment such as printer, plotter, facsimile machine, mimeograph, digital camera and scanner, also can be used as individual components and is placed between computer and the above-mentioned input-output equipment.This device can obtain under the situation of legal authorization, encrypts automatically at all contents of preparing output print, perhaps deciphers automatically at the written document of encrypted printing edition.
The content that the present invention is directed to the written document of printing edition is carried out the encipherment protection problem; by modern cryptographic technique and High-Dimensional Bar Code technology are combined, proposed a kind of at method and device thereof the printing edition written document, that have the encrypted content file defencive function.This method need not the trusted third party authentication center and the network on-line authentication is supported, can carry out fast encrypt and deciphering to the printing edition written document, has successfully solved the existing existing deficiency of all kinds of resist technologies.
Obviously; carry out the method for encipherment protection compares with the content of present written document at printing edition; this method combines the advantage of modern cryptographic technique; need not special material, need not dedicated channel; have with low cost; high safety, efficient height, be simple and easy to be widely used in occasions such as military affairs, national defence, diplomacy, administration and commerce, have good application prospects with, numerous advantages such as easy to operate.
Description of drawings
Fig. 1 is an encrypting and protecting files stage flow chart of the present invention.
Fig. 2 is a file decryption reading phase flow chart of the present invention.
Fig. 3 is the overall structure block diagram of ciphering and deciphering device of the present invention.
Fig. 4 is the last bar code figure that generates in the embodiment of the invention 1.
Fig. 5 is an original mechanical schematic to be encrypted in the embodiments of the invention 2.
Fig. 6 is the last protected printing edition mechanical schematic that generates in the embodiments of the invention 2.
Embodiment
For convenience of the understanding of the present invention, the invention will be further described below in conjunction with drawings and Examples, but these embodiment should not be construed as limitation of the present invention.
Embodiment 1:
The background of present embodiment is that hypothesis user A need carry out encipherment protection to the key plank in the business procurement contract of a printing edition, makes these key planks to be checked by the opposing party B of contract, reaches the purpose of protection trade secret.Described as can be known by summary of the invention of the present invention, present embodiment is read three phases by key generation, encipherment protection and deciphering and is formed.
In the present embodiment, selected is elliptic curve cryptosystem, and its cryptographic system parameter is as follows:
Selected at random 192 big prime number p, elliptic curve E (GF (p)): y
2=x
3+ ax+b (mod p) is a safety elliptic curve that is defined on the finite field gf (p), on it basic point of picked at random be G=(x, y), the rank of elliptic curve E are n=#E (GF (p)), r is the big prime factor of n.
Wherein,
p=6277101735386680763835789423207666416083908700390324961279
a=592616546630905635115220920655548752905575269097021663719
b=4804233895280899388319973107961190048453702796229268188014
n=165186887773333704311468142720121385129365739211127201127
r=165186887773333704311468142720121385129365739211127201127
X=767497456867608967492675205059054232203172713727662547906
y=773339505718536040565224929606618157393578012863049959916
Here, present embodiment supposes that it is SK that key is signed and issued the private key of mechanism
SA, be positive integer at random, the PKI PK that it is corresponding less than r-1
SA=SK
SA* G.
Key generation phase: its objective is that signing and issuing mechanism by key cooperates with user, the decrypted private key SK that generation has only user oneself to know, and be made up of identity identification information SI and PKI parameter PI can disclosed encrypted public key PK, finish registration process, concrete operations are as follows:
A, user generate can disclosed personally identifiable information ID, and content comprises: the contents such as valid expiration date of user's name, telephone number, address, identification card number, contact person and address thereof, this information;
B, positive integer k less than r-1 of user's picked at random are calculated registration parameter K A=k * G, and it is sent to key together with personally identifiable information ID sign and issue mechanism;
C, key are signed and issued mechanism after having examined the request registration information of being received of being submitted to by the user, positive integer k less than r-1 of picked at random
s, calculating user's PKI parameter PI=k
s* G+K
A
D, key are signed and issued mechanism according to the in-line coding rule, for the key that will sign and issue is issued identification sequence number sn;
E, key are signed and issued mechanism and are signed and issued contents such as the self information SA of mechanism according to user's personally identifiable information ID, identification sequence number sn and key, generate relevant user's identity identification information SI, promptly SI=(ID, sn, SA);
F, key are signed and issued mechanism and are used SHA-1 hash digest algorithm Hash (), and calculating PKI check code PS=(Hash (SI, PI) * k
s+ SK
SA) mod r, and with key parameter SP=(SI, PI PS) send to the user;
G, user receive sign and issue the key parameter SP that mechanism sends by key after, therefrom separate out oneself PKI parameter PI and the key PKI PK that signs and issues mechanism
SAEtc. information, use SHA-1 hash digest algorithm Hash (), checking equation PS * G=Ha sh (SI, PI) * (PI-K
A)+PK
SAWhether set up; If be false, should require key to sign and issue mechanism and resend key parameter; If set up, then carry out the H step of this step;
H, user after the correctness of the key parameter SP that has confirmed to be received, calculate oneself decrypted private key SK=PS+Hash (SI, PI) * k and encrypted public key PK=(SI, PI); Wherein decrypted private key SK can only be known by user oneself, need keep properly and can not leak, and encrypted public key PK then can openly issue by all means.
When user A need carry out encipherment protection to the key plank in the procurement contract, carry out following operation and finish the encipherment protection stage:
A, the key plank that needs to carry out the content-encrypt protection in the procurement contract is designated key area KA;
B, employing ZIP compression method carry out compressed encoding to information KI such as the formatted text among the key area KA, chart and images, get compressed information CI;
C, according to the encrypted public key PK of legitimate receiver B
B, by the XHES data ciphering method compressed information CI is encrypted, obtain ciphertext CM;
D, use forward error correction algorithm FEC, ciphertext CM is divided into groups and the error correction computing, generate additional error correction information AI by the byte length of 1K;
E, according to DataMatrix bar code create-rule, handle ciphertext CM and additional error correction information AI thereof, generate one group of DataMatrix bar code;
F, make up all DataMatrix bar codes, generate bar code picture HP according to the mode of sequential cascade;
G, usefulness bar code picture HP replace the content of the key area KA of need to be keep secret in the procurement contract, and part and bar code picture HP mixing with not need to be keep secret in the procurement contract form confidential document CD;
H, utilize printer apparatus,, then finish ciphering process, obtain carrying out the written procurement contract PD of printing edition that encipherment protection is exported at the content of original procurement contract at original procurement contract with confidential document CD printout.
In this stage, the bar code picture sample of Sheng Chenging as shown in Figure 4 at last.
The deciphering reading phase: validated user B is receiving that the written procurement contract PD of protected printing edition (can be original paper, also can be copy) afterwards, can be decrypted reading as follows:
The mobile phone of I, utilization band camera function is taken pictures to the position that comprises the bar code picture in the procurement contract, obtains bar code picture HP;
II, handle DataMatrix bar code among the bar code picture HP successively, isolate secret information CM ' and additional error correction information AI according to the mode of sequential cascade;
III, based on additional error correction information AI, utilize forward error correction algorithm FEC secret information CM ' to be carried out error correction and merge to handle, the ciphertext CM that obtains including;
IV, validated user B use the decrypted private key SK of oneself
B, by the XHES data decryption method ciphertext CM is decrypted, obtain compressed information CI;
V, validated user B use the ZIP decompression method that compressed information CI is decompressed, and obtain the content KI of key area KA;
VI, with among KI and the PD not the content of encrypted protection merge, can finish decrypting process at the written procurement contract PD of printing edition, obtain initial procurement contract, for reading.
Embodiment 2:
The background of present embodiment is that hypothesis user A need carry out encipherment protection to the information such as structure, size, processing method and specification requirement of the critical component in the portion mechanical drawing as shown in Figure 5; make these key messages to check, reach the purpose of resist technology secret and intellectual property by validated user B.Similarly, present embodiment is made up of key generation, encipherment protection and deciphering reading three phases, and selected elliptic curve cryptosystem parameter is identical with embodiment 1.
Key generation phase: its objective is that signing and issuing mechanism by key cooperates with user, the decrypted private key SK that generation has only user oneself to know, and be made up of identity identification information SI and PKI parameter PI can disclosed encrypted public key PK, finish registration process, concrete operations are as follows:
A, user generate can disclosed personally identifiable information ID, and content comprises: the contents such as valid expiration date of user's name, telephone number, address, identification card number, contact person and address thereof, this information;
B, positive integer k less than r-1 of user's picked at random are calculated the registration parameter K
A=k * G, and it is sent to key together with personally identifiable information ID sign and issue mechanism;
C, key are signed and issued mechanism after having examined the request registration information of being received of being submitted to by the user, positive integer k less than r-1 of picked at random
s, calculating user's PKI parameter PI=k
s* G+K
A
D, key are signed and issued mechanism according to the in-line coding rule, for the key that will sign and issue is issued identification sequence number sn;
E, key are signed and issued mechanism and are signed and issued contents such as the self information SA of mechanism according to user's personally identifiable information ID, identification sequence number sn and key, generate relevant user's identity identification information SI, promptly SI=(ID, sn, SA);
F, key are signed and issued mechanism and are used SHA-1 hash digest algorithm Hash (), and calculating PKI check code PS=(Hash (SI, PI) * k
s+ SK
SA* PI) mod r, and with key parameter SP=(SI, PI PS) send to the user;
G, user receive sign and issue the key parameter SP that mechanism sends by key after, therefrom separate out oneself PKI parameter PI and the key PKI PK that signs and issues mechanism
SAEtc. information, use SHA-1 hash digest algorithm Hash (), checking equation PS * G=Hash (SI, PI) * (PI-K
A)+PK
SAWhether * PI sets up; If be false, should require key to sign and issue mechanism and resend key parameter; If set up, then carry out the H step;
H, user after the correctness of the key parameter SP that has confirmed to be received, calculate oneself decrypted private key SK=PS+Hash (SI, PI) * k and encrypted public key PK=(SI, PI); Wherein decrypted private key SK can only be known by user oneself, need keep properly and can not leak, and encrypted public key PK then can openly issue by all means.
The encipherment protection stage: when user A need carry out encipherment protection to the key message in the mechanical drawing as shown in Figure 5, carry out following operation and finish the encipherment protection stage:
A, the key plank that needs to carry out the content-encrypt protection in the mechanical drawing is designated key area KA;
B, employing LZMA compression method carry out compressed encoding to information KI such as the formatted text among the key area KA, data, form and figures, get compressed information CI;
C, according to the encrypted public key PK of legitimate receiver B
B, by the XHES data ciphering method compressed information CI is encrypted, obtain ciphertext CM;
D, use Alternant error correction algorithm divide into groups and the error correction computing to ciphertext CM, generate additional error correction information AI;
E, according to the modified model high density two-dimensional bar code generating algorithm of QR-Code thought, handle ciphertext CM and additional error correction information AI thereof, generate one group of QR-Code bar code;
F, make up all QR-Code bar codes, generate bar code picture HP according to the mode of sequential cascade;
G, replace the content of the key area KA of need to be keep secret in the mechanical drawing, the part and the bar code picture HP of not need to be keep secret in the procurement contract mixed, form secret drawing document CD with bar code picture HP;
H, on plotter with secret drawing document CD printout, then finish ciphering process at original mechanical drawing, the key content that obtains at original mechanical drawing carries out the printing edition machinery drawing PD that encipherment protection is exported.
In this stage, the drawing sample of Sheng Chenging as shown in Figure 6 at last.
The deciphering reading phase: validated user B is receiving that protected printing edition machinery drawing PD (can be original paper, also can be copy) afterwards, can be decrypted reading as follows:
I, utilize scanner that mechanical drawing is scanned, from the position that comprises the bar code picture, be partitioned into bar code picture HP;
II, handle QR-Code bar code among the bar code picture HP successively, isolate secret information CM ' and additional error correction information AI according to the mode of sequential cascade;
III, based on additional error correction information AI, utilize the Alternant error correction algorithm secret information CM ' to be carried out error correction and merge to handle, the ciphertext CM that obtains including;
IV, validated user B use the decrypted private key SK of oneself
B, by the XHES data decryption method ciphertext CM is decrypted, obtain compressed information CI;
V, validated user B use the LZMA decompression method that compressed information CI is decompressed, and obtain the content KI of key area KA;
VI, with among KI and the PD not the content of encrypted protection merge, can finish decrypting process at printing edition machinery drawing PD, obtain initial mechanical drawing, for reading.
Clearly, the present invention is not limited to the foregoing description, but can change under the situation that does not break away from invention scope and thought and revise.
The content that this specification is not described in detail belongs to and well known to a person skilled in the art prior art.
Claims (2)
1. the encipher-decipher method of a printing edition written document, comprise key generation, encipherment protection and deciphering reading three phases, wherein, the key generation phase is to sign and issue mechanism by key to cooperate with user, the decrypted private key that generation has only user oneself to know, and the disclosed encrypted public key of forming by identity identification information and PKI parameter, this stage carries out when the user registers; The encipherment protection stage, to be the user carried out encipherment protection to the key area of file, and printout; And the deciphering reading phase is to allow printing edition written document that the validated user reading is received, the process encipherment protection, and concrete steps are:
The key generation phase:
Its objective is that signing and issuing mechanism by key cooperates with user, generate the decrypted private key SK that has only user oneself to know, and, finish registration process that concrete operations are as follows by the public encryption PKI PK that identity identification information SI and PKI parameter PI form:
A, determine system parameters, definite method of system parameters is: selected big prime number p, elliptic curve E (GF (p)): y
2=x
3+ ax+b (modp) is a safety elliptic curve that is defined on the finite field gf (p), and basic point of picked at random is G on it, and n=#E (GF (p)) is the rank of elliptic curve E, and r is the big prime factor of n, and the private key that key is signed and issued mechanism is SK
SA, SK
SABe positive integer at random, the PKI PK that it is corresponding less than r-1
SA=SK
SA* G;
B, user generate disclosed personally identifiable information ID;
Positive integer k less than r-1 of user's picked at random is calculated the registration parameter K
A=k * G, and it is sent to key together with personally identifiable information ID sign and issue mechanism;
C, key are signed and issued mechanism after having examined the request registration information of being received of being submitted to by the user, positive integer k less than r-1 of picked at random
s, calculating user's PKI parameter PI=k
s* G+K
A
D, key are signed and issued mechanism according to the in-line coding rule, for the key that will sign and issue is issued identification sequence number sn;
E, key are signed and issued mechanism and are signed and issued the self information SA of mechanism content according to user's personally identifiable information ID, identification sequence number sn and key, generate relevant user's identity identification information SI, promptly SI=(ID, sn, SA);
F, key are signed and issued mechanism and are used SHA-1 hash digest algorithm Hash (), and calculating PKI check code PS=(Hash (SI, PI) * k
s+ SK
SA* PI) mod r, and with key parameter SP=(SI, PI PS) send to the user;
G, user receive sign and issue the key parameter SP that mechanism sends by key after, therefrom separate out oneself PKI parameter PI and the key PKI PK that signs and issues mechanism
SAInformation is used SHA-1 hash digest algorithm Hash (), and checking equation PS * G=Hash (SI, PI) * (PI-K
A)+PK
SAWhether * PI sets up; If be false, should require key to sign and issue mechanism and resend key parameter; If set up, then carry out the H step;
H, user after the correctness of the key parameter SP that has confirmed to be received, calculate oneself decrypted private key SK=PS+Hash (SI, PI) * k and encrypted public key PK=(SI, PI); Wherein decrypted private key SK can only be known by user oneself, need keep properly and can not leak, and encrypted public key PK then can openly issue by all means;
The encipherment protection stage:
First step:, identify the key area KA that wherein needs to carry out the content-encrypt protection for the original document of the electronic edition that needs encipherment protection;
Second step: the compression method by agreement carries out compressed encoding to the content information KI among the key area KA, gets compressed information CI;
Third step: obtain the encrypted public key PK of legitimate receiver, compressed information CI is encrypted, obtain ciphertext CM by the data ciphering method of agreement;
The 4th step: utilize the error correction coding rule of agreement that ciphertext CM is divided into groups and the error correction computing, generate additional error correction information AI;
The 5th step: rule process ciphertext CM according to a preconcerted arrangement and additional error correction information AI thereof, generate High-Dimensional Bar Code picture HP, HP comprises one or more bar code;
The 6th step: with the content of the key area KA of need to be keep secret in the High-Dimensional Bar Code picture HP replacement original document, part and High-Dimensional Bar Code picture HP mixing with not need to be keep secret in the original document form confidential document CD;
The 7th step: utilize printer, printing machine equipment,, then finish ciphering process, obtain carrying out the printing edition written document PD that encipherment protection is exported at the content of original document at original document with confidential document CD printout;
The deciphering reading phase:
Legitimate receiver is decrypted reading as follows after receiving protected printing edition written document PD:
The first step: utilize image input device that the encryption section among the file PD is handled, obtain High-Dimensional Bar Code picture HP;
Second step: rule according to a preconcerted arrangement, from High-Dimensional Bar Code picture HP, isolate secret information CM ' and additional error correction information AI;
The 3rd step:, utilize the error correction decoding algorithm of agreement that secret information CM ' is carried out error correction and merge handling the ciphertext CM that obtains including based on additional error correction information AI;
The 4th step: use the decrypted private key SK of oneself, ciphertext CM is decrypted, obtain compressed information CI by the data decryption method of prior agreement;
The 5th step: use the decompression method of agreement that compressed information CI is decompressed, obtain the content information KI of key area KA;
The 6th the step: with among KI and the PD not the content of encrypted protection merge, can finish decrypting process at file PD, obtain initial original document, for reading.
2. the encipher-decipher method of printing edition written document as claimed in claim 1, its device of realizing this method comprises:
Cipher key management unit: management is as the encrypted public key and the decrypted private key of operation validity voucher;
DEU data encryption unit: according to encrypted public key, finish whole work of carrying out encrypted content file at the printing edition written document automatically, and output on the output equipment of appointment;
Data decryption unit: according to decrypted private key, obtain necessary information, finish the whole work that are decrypted at the printing edition written document automatically, and send computer equipment to, perhaps directly read from input equipment;
Operational administrative unit: management input/output information, and the operation of coordinating above three unit of cipher key management unit, DEU data encryption unit and data decryption unit.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2008101973718A CN101388776B (en) | 2008-10-23 | 2008-10-23 | Ciphering and deciphering method and device for printed written files |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2008101973718A CN101388776B (en) | 2008-10-23 | 2008-10-23 | Ciphering and deciphering method and device for printed written files |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101388776A CN101388776A (en) | 2009-03-18 |
| CN101388776B true CN101388776B (en) | 2011-08-24 |
Family
ID=40477972
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2008101973718A Expired - Fee Related CN101388776B (en) | 2008-10-23 | 2008-10-23 | Ciphering and deciphering method and device for printed written files |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101388776B (en) |
Families Citing this family (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102567673A (en) * | 2012-01-16 | 2012-07-11 | 浪潮(北京)电子信息产业有限公司 | Data safety protection method and device |
| CN103905187B (en) * | 2012-12-26 | 2018-04-03 | 厦门雅迅网络股份有限公司 | A kind of network service encryption method based on content |
| CN103489017A (en) * | 2013-09-23 | 2014-01-01 | 深圳市海云天科技股份有限公司 | Electronic examination paper handling method and system based on two-dimension codes |
| CN105893861A (en) * | 2014-09-28 | 2016-08-24 | 伊姆西公司 | Method and system for generating two-dimensional codes |
| CN105809044A (en) * | 2016-03-07 | 2016-07-27 | 武汉华工安鼎信息技术有限责任公司 | Security transmission system and method with function of encryption by utilizing paper medium information |
| CN107545048B (en) * | 2017-08-18 | 2020-04-07 | 奇安信科技集团股份有限公司 | Processing method and device for encrypted compressed file |
| CN108093031A (en) * | 2017-12-01 | 2018-05-29 | 北京海泰方圆科技股份有限公司 | A kind of page data processing method and device |
| CN113312327A (en) * | 2021-05-24 | 2021-08-27 | 何细妹 | Cloud storage file sharing system suitable for mobile terminal |
| CN114338241B (en) * | 2022-03-10 | 2023-01-24 | 成都网讯优速信息技术有限公司 | Data encryption and decryption method and device and network router adopting device |
| CN115208623B (en) * | 2022-05-31 | 2024-02-13 | 长城信息股份有限公司 | Data security transmission method and system for print job |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5388158A (en) * | 1992-11-20 | 1995-02-07 | Pitney Bowes Inc. | Secure document and method and apparatus for producing and authenticating same |
| CN1588351A (en) * | 2004-08-27 | 2005-03-02 | 北京北大方正电子有限公司 | Method for encrypting and discriminating real and false for electronic document or file |
-
2008
- 2008-10-23 CN CN2008101973718A patent/CN101388776B/en not_active Expired - Fee Related
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5388158A (en) * | 1992-11-20 | 1995-02-07 | Pitney Bowes Inc. | Secure document and method and apparatus for producing and authenticating same |
| CN1588351A (en) * | 2004-08-27 | 2005-03-02 | 北京北大方正电子有限公司 | Method for encrypting and discriminating real and false for electronic document or file |
Non-Patent Citations (1)
| Title |
|---|
| 肖攸安,周祖德.一种基于椭圆曲线的高效自证明密钥分配协议.《大连海事大学学报》.2007,第33卷(第4期),57. * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101388776A (en) | 2009-03-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101388776B (en) | Ciphering and deciphering method and device for printed written files | |
| Menezes et al. | Handbook of applied cryptography | |
| CN101459661B (en) | Electronic document protection system and method | |
| CN1161922C (en) | Document authentication system and method | |
| US8285991B2 (en) | Electronically signing a document | |
| US20110145576A1 (en) | Secure method of data transmission and encryption and decryption system allowing such transmission | |
| CN101136046B (en) | Electric signing verification system and method thereof | |
| CN1299545A (en) | User authentication using a virtual private key | |
| US20130028419A1 (en) | System and a method for use in a symmetric key cryptographic communications | |
| CN1689297A (en) | Method of preventing unauthorized distribution and use of electronic keys using a key seed | |
| US20080130876A1 (en) | Method for Private-Key Encryption of Messages, and Application to an Installation | |
| Patel | Information security: theory and practice | |
| CN102073977A (en) | Methods and equipment for generating and authenticating digital signatures and digital signature system | |
| CN112564906A (en) | Block chain-based data security interaction method and system | |
| CN101145230B (en) | Enciphered sign board and composite encryption signing method | |
| CN102752111A (en) | Method and system for preventing electronic signature from being tampered of work form system | |
| Gligoroski et al. | Cryptcoding-Encryption and Error-Correction Coding in a Single Step. | |
| Jueneman | Electronic document authentication | |
| CN101859360A (en) | File security processing method, corresponding software and decryption reading device | |
| Saepulrohman et al. | Data integrity and security of digital signatures on electronic systems using the digital signature algorithm (DSA) | |
| Kasodhan et al. | A new approach of digital signature verification based on BioGamal algorithm | |
| CN101009548A (en) | Data encryption method based on encryption technology | |
| CN115022042A (en) | Compliance code verification method for protecting data privacy and computer readable medium | |
| CN1722656B (en) | A digital signature method and digital signature tool | |
| CN100369405C (en) | Authentication receipt |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20110824 Termination date: 20141023 |
|
| EXPY | Termination of patent right or utility model |