CN102377560A - Data encryption method and device for mobile communication terminal - Google Patents
Data encryption method and device for mobile communication terminal Download PDFInfo
- Publication number
- CN102377560A CN102377560A CN2010102593588A CN201010259358A CN102377560A CN 102377560 A CN102377560 A CN 102377560A CN 2010102593588 A CN2010102593588 A CN 2010102593588A CN 201010259358 A CN201010259358 A CN 201010259358A CN 102377560 A CN102377560 A CN 102377560A
- Authority
- CN
- China
- Prior art keywords
- encryption
- symmetric key
- mobile communication
- communication terminal
- aes
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention provides a data encryption method for a mobile communication terminal. The method comprises the following steps of: calling a block encryption algorithm according to a user instruction, and generating a symmetric key for block encryption by utilizing the block encryption algorithm; encrypting a clear text by utilizing the symmetric key to generate a cipher text; calling an asymmetric encryption algorithm, and generating a public key of an asymmetric encryption key by utilizing the asymmetric encryption algorithm; and encrypting the symmetric key by using the public key. The invention also provides a data encryption device for the mobile communication terminal. By the method and the device, the combined encryption of data in the mobile communication terminal is realized; and by the combined encryption, the dual encryption of the data and the encryption key is realized, so the security of the data in the mobile communication terminal is ensured.
Description
Technical field
The present invention relates to the data encryption technology field, relate in particular to a kind of mobile communication terminal data encryption method and device.
Background technology
Now, various types of mobile communication terminals have almost spreaded all over the every nook and cranny of people's life.Mobile communication terminal has developed into that people are requisite in daily life to be used to handle multiple information processing terminal.
In recent ten years; Along with the development of information technology, as present most widely used mobile communication terminal, the function of mobile phone from before single make a phone call, sending short messages to develop into becomes the multimedia processing terminal that can handle multiple information now; Its application surmounts its basic function far away; Its processing capacity comprises word processing, bank account authentication, web page browsing, receiving and dispatching mail and other many functions, and along with continuous advancement in technology, its application will be more and more widely.
Yet a large amount of uses of smart mobile phone have but brought new risk, and promptly sensitive data is stolen or lose.In non intelligent mobile phone period, the data security of mobile phone is mainly encrypted data by protocol layer when communicating between the terminal and is ensured; But because the ground of the significant data magnanimity on the current smart mobile phone occurs, this cipher mode has its tangible limitation, and it can only guarantee the safety of data in communication process, and can not guarantee the safety of data in this ground of mobile phone terminal.
Whether the key that the data encryption mode is used during by encryption and decryption identical is divided into symmetric cryptography and asymmetric is encrypted, and wherein symmetric cryptography can be divided into stream encryption and block encryption according to the object size of encrypting is whether fixing.Block cipher mode commonly used has DES, 3DES, AES etc., and the asymmetric cipher mode often uses has RSA, elliptic curve cryptography etc.Because it is too slow that asymmetric is encrypted, nor be fit to this encryption in full, so text encryption mainly uses the symmetric cryptography mode, and the asymmetric encryption generally just is used in the small-sized data encryption.
At present; The encryption method that most of mobile communication terminals adopt is through third party software data or file to be encrypted; But because extensive the popularizing of mobile communication terminal just just begins; Cipher mode single in the encryption technology that third party software is provided at present is more common, uses multiple encryption algorithms that data are carried out complex encryption and still belongs to blank.This single cipher mode only carries out symmetric cryptography to data; And encryption key is not carried out encipherment protection; Its relative confidentiality is relatively poor; The method that cracks that uses force is removed to crack encryption key and also is easier to, and possibly cause the disabled user more easily data or the file of encrypting in the smart mobile phone to be cracked, with the purpose that reaches illegal steal information or file carried out illegal operation.
Summary of the invention
An object of the present invention is to provide a kind of mobile communication terminal data encryption method, do not carry out the problem of encipherment protection to solve that at present single cipher mode only carries out block encryption to data and to encryption key.
Another object of the present invention is that a kind of mobile communication terminal data encryption device that can carry out complex encryption to mobile communication terminal data will be provided.
To achieve these goals, mobile communication terminal data encryption method of the present invention comprises following steps:
According to user instruction invoking block AES, utilize the block encryption algorithm to obtain symmetric key;
Come encrypting plaintext to generate ciphertext with symmetric key;
Call the asymmetric AES, utilize the asymmetric AES to obtain the PKI of asymmetric encryption key;
Come encrypted symmetric key with this PKI.
This encryption method adopts the complex encryption mode, comprises with unsymmetrical key coming encrypted symmetric key and coming encrypting plaintext with symmetric key.The block encryption algorithm that this kind complex encryption mode is given tacit consent to support is 3DES and AES AES, and the user also can use other block encryption algorithm or self-defining block encryption algorithm according to actual needs; The asymmetric AES that acquiescence is supported is RSA and elliptic curve cryptography method, and the user also can select other asymmetric AESs as required.If XML is encrypted, comprise that also from XML document extraction needs the step of ciphered data.In addition; Also can compress ciphertext through complex encryption; The data compression algorithm that compress mode is adopted international standards, like the ZIP data compressing module of standard, the user also can select other compression algorithms according to actual needs or consider the processing time and move without compression algorithm.
To achieve these goals, the present invention has proposed a kind of mobile communication terminal data encryption device on the other hand, and it comprises with lower module:
Symmetric key generation module: be used for according to user instruction invoking block AES, utilize the block encryption algorithm to generate the symmetric key that is used for block encryption;
Unsymmetrical key generation module: be used to call the asymmetric AES, generate the PKI of asymmetric encryption key;
Symmetric key encryption module: be used for through the said symmetric key of said public key encryption;
Data encryption module: be used to utilize said symmetric key encryption expressly to generate ciphertext.
Mobile communication terminal data encryption method provided by the invention and device; Adopt the complex encryption mode; To expressly carrying out block encryption, encryption key to be carried out asymmetric encrypt, this complex encryption mode has not only guaranteed the safety of data in the mobile communication terminal; And the protection encryption key is not stolen; The disabled user can't illegally be obtained and destroy data and file wherein, solved the relatively poor problem of the relative confidentiality of single cipher mode, improved safety of data in the mobile communication terminal greatly.
Description of drawings
Fig. 1 is a mobile communication terminal data encryption method flow chart;
Fig. 2 is single data encryption module;
Fig. 3 is the XML document encrypting module.
Embodiment
Below, will be elaborated to embodiments of the invention with reference to accompanying drawing.
Fig. 1 is a mobile communication terminal data encryption method flow chart.As shown in Figure 1, this mobile communication terminal data encryption method comprises the encryption and the deciphering of single data and XML document.Wherein, Single data encryption is used to protect the safety of mobile communication terminal local data; When being used to protect online, XML document transmits the safety of data; Two kinds of cipher modes can separately move, and all adopt the complex encryption mode that data are encrypted, and promptly come enciphered data and come encrypted symmetric key with the PKI of unsymmetrical key with symmetric key.Single data decryption is the reverse flow processs of single data for encrypting, and the XML document deciphering is the reverse flow process of XML document for encrypting.
Fig. 2 is single data encryption module.As shown in Figure 2, this single data encryption module comprises data encryption module, symmetric key generation module, unsymmetrical key generation module, symmetric key encryption module.Wherein, The symmetric key generation module is used to generate and is used for the symmetric key of encrypting plaintext; The unsymmetrical key generation module is used to generate and is used for the PKI of unsymmetrical key of encrypted symmetric key; The symmetric key encryption module is come encrypted symmetric key with unsymmetrical key, and data encryption module utilizes said symmetric key encryption expressly to generate ciphertext.The concrete workflow of this single data encryption module is following:
Step 1: call corresponding block encryption algorithm according to user's selection, the symmetric key generation module generates the symmetric key that is used for block encryption automatically;
The block encryption algorithm that acquiescence is supported is 3DES or AES AES, also can select other calibrated bolck AESs or user-defined block encryption algorithm, and this algorithm is kept in the module, uses during for deciphering;
Step 2: the symmetric key that data encryption module utilizes step 1 to generate produces ciphertext to expressly carrying out block encryption;
Step 3: call unsymmetrical key generation module in the local system, generate the PKI of unsymmetrical key automatically;
Step 4: the symmetric key encryption module is come encrypted symmetric key with the PKI of unsymmetrical key;
The asymmetric AES is defaulted as RSA or elliptic curve encryption algorithm, and the user also can select other asymmetric AESs as required;
In order data encrypted better to be managed and to protect, can also encrypt the ciphertext that produces to this single data encryption module and adopt data compressing module to compress.The data compression algorithm that data compressing module is adopted international standards, like the ZIP data compressing module, the user also can select other compression algorithms according to actual needs or consider the processing time and move without compression algorithm.
Single data decryption method is the reverse flow process of above-mentioned single data ciphering method.
Fig. 3 is the XML document encrypting module.As shown in Figure 3, this XML document encrypting module comprises XML PARSING module, symmetric key generation module, unsymmetrical key generation module, symmetric key encryption module, data encryption module and XML and encrypts editor module.Wherein XML PARSING module is used to explain XML document and extracts and will carry out ciphered data; The symmetric key generation module is used to generate and is used for the symmetric key of enciphered data; The unsymmetrical key generation module is used to generate and is used for the PKI of unsymmetrical key of encrypted symmetric key; The symmetric key encryption module is used for encrypted symmetric key, and data encryption module is used for data are carried out block encryption, and the symmetric key that XML encryption editor module is used for editing ciphered data and encryption is to XML document.The concrete performing step of this XML document encrypting module is following:
Step 1:XML PARSING module makes an explanation to XML document and extracts and wherein want ciphered data;
Step 1.1: convert XML document to the DOM object;
Step 1.2: utilize the XPath definition and need to point out ciphered data, can select that XML document is carried out part and encrypt or encrypt in full;
Step 2: call corresponding block encryption algorithm according to user's selection, the symmetric key generation module generates symmetric key automatically;
Can select 3DES, AES AES, also can select other calibrated bolck AESs or user-defined block encryption algorithm, and this algorithm is kept in the module, use during for deciphering; The key of block encryption since directly after by asymmetric encryption along with XML document sends together, so the user needn't know the key information of block encryption;
Step 3: data encryption module is carried out block encryption to the ciphered data of being extracted of wanting;
Step 4: call unsymmetrical key generation module in the local system, generate the PKI of the unsymmetrical key that is used for encrypted symmetric key;
Step 5: the symmetric key encryption module is carried out the asymmetric encryption to symmetric key, and adds to it in XML document of encryption according to the standard among the W3C;
The asymmetric AES is defaulted as RSA or elliptic curve encryption algorithm, and the user also can select other asymmetric AESs as required;
Step 6:XML encrypts editor module and uses the data that produce through step 6 encryption to replace primary data generation XML ciphertext.
The XML document decryption method is the reverse flow process of above-mentioned XML document encryption method.
Single data encryption module is included in the XML document encrypting module, and when needs were encrypted data, at first to need ciphered data be local data or the data that need transmit on the net in judgement, selects corresponding encrypting module to carry out data encryption then.
A kind of mobile communication terminal data encryption method provided by the invention and device can use multiple encryption algorithms that single data and XML document are carried out complex encryption, comprise with symmetric key coming enciphered data and coming encrypted symmetric key with unsymmetrical key.This complex encryption mode has been guaranteed the safety of data in the mobile communication terminal through the double-encryption to data and encryption key.
Claims (10)
1. a mobile communication terminal data encryption method is characterized in that, comprises following steps:
According to user instruction invoking block AES, utilize the block encryption algorithm to generate the symmetric key that is used for block encryption;
Come encrypting plaintext to generate ciphertext with said symmetric key;
Call the asymmetric AES, utilize the asymmetric AES to generate the PKI of asymmetric encryption key;
Encrypt said symmetric key with said PKI.
2. mobile communication terminal data encryption method according to claim 1 is characterized in that, described block encryption algorithm is 3DES or AES AES.
3. mobile communication terminal data encryption method according to claim 1 is characterized in that, described asymmetric AES is RSA or elliptic curve encryption algorithm.
4. mobile communication terminal data encryption method according to claim 1; It is characterized in that; Said according to user instruction invoking block AES before; Comprise that also extraction needs the step of ciphered data as said plaintext from destination document, then after the said PKI of said usefulness is encrypted said symmetric key, also comprise adding the step in the said destination document through the symmetric key and the said ciphertext of encrypting.
5. according to each described mobile communication terminal data encryption method in the claim 1 to 4, it is characterized in that, also comprise said ciphertext is carried out the step that the ZIP compression obtains compressed file.
6. a mobile communication terminal data encryption device is characterized in that, comprising:
Symmetric key generation module: be used for according to user instruction invoking block AES, utilize the block encryption algorithm to generate the symmetric key that is used for block encryption;
Unsymmetrical key generation module: be used to call the asymmetric AES, generate the PKI of asymmetric encryption key;
Symmetric key encryption module: be used for encrypting said symmetric key through said PKI;
Data encryption module: be used to utilize said symmetric key encryption expressly to generate ciphertext.
7. mobile communication terminal data encryption device according to claim 5 is characterized in that, said symmetric key generation module is configured to use 3DES or AES AES to generate said symmetric key.
8. mobile communication terminal data encryption device according to claim 5 is characterized in that, said unsymmetrical key generation module is configured to use RSA or elliptic curve encryption algorithm to generate said PKI.
9. mobile communication terminal data encryption device according to claim 5 is characterized in that, also comprises:
Extraction module, it is configured to, and extraction needs ciphered data as said plaintext from destination document; And
Editor module, it is configured to adding in the said destination document through the symmetric key and the said ciphertext of encrypting.
10. mobile communication terminal data encryption device according to claim 5 is characterized in that, also comprises data compressing module, and it is configured to said ciphertext is carried out the ZIP compression to obtain compressed file.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010102593588A CN102377560A (en) | 2010-08-19 | 2010-08-19 | Data encryption method and device for mobile communication terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010102593588A CN102377560A (en) | 2010-08-19 | 2010-08-19 | Data encryption method and device for mobile communication terminal |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102377560A true CN102377560A (en) | 2012-03-14 |
Family
ID=45795587
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2010102593588A Pending CN102377560A (en) | 2010-08-19 | 2010-08-19 | Data encryption method and device for mobile communication terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102377560A (en) |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103401680A (en) * | 2013-07-24 | 2013-11-20 | 大连理工大学 | Matrix rotation displacement digital encryption method |
| CN104868996A (en) * | 2014-02-25 | 2015-08-26 | 中兴通讯股份有限公司 | Data encryption and decryption method, device thereof, and terminal |
| CN106506523A (en) * | 2016-11-29 | 2017-03-15 | 济南恒大视讯科技有限公司 | A kind of processing system and method for ensureing electronic vote data safety |
| CN107070856A (en) * | 2015-12-16 | 2017-08-18 | 尤尼因弗株式会社 | Encryption/decryption speed improvement method of encryption is applied compoundly |
| CN107645488A (en) * | 2017-05-27 | 2018-01-30 | 安徽师范大学 | Web data storage and data transmission method based on U-shield |
| WO2018039979A1 (en) * | 2016-08-31 | 2018-03-08 | 大宏数创意股份有限公司 | Data encryption and decryption method and system |
| CN108563927A (en) * | 2018-04-26 | 2018-09-21 | 惠州市德赛西威汽车电子股份有限公司 | A kind of packaging ciphering method of host upgrading software |
| WO2018176781A1 (en) * | 2017-04-01 | 2018-10-04 | 广东欧珀移动通信有限公司 | Information sending method, information receiving method, apparatus, and system |
| CN109344641A (en) * | 2018-08-20 | 2019-02-15 | 广州飞硕信息科技股份有限公司 | A kind of processing method of local data, device and storage medium |
| CN109460993A (en) * | 2018-09-04 | 2019-03-12 | 咪咕文化科技有限公司 | Information processing method, device and storage medium |
| CN113761543A (en) * | 2020-06-01 | 2021-12-07 | 菜鸟智能物流控股有限公司 | Data processing method, device, equipment and machine readable medium based on alliance chain |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1448851A (en) * | 2003-04-24 | 2003-10-15 | 上海交通大学 | Virtual private network applying hardware encipher/decipher |
| CN1632738A (en) * | 2003-12-23 | 2005-06-29 | 联想(北京)有限公司 | Print control method for ensuring data transmission security |
| US20080104417A1 (en) * | 2006-10-25 | 2008-05-01 | Nachtigall Ernest H | System and method for file encryption and decryption |
-
2010
- 2010-08-19 CN CN2010102593588A patent/CN102377560A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1448851A (en) * | 2003-04-24 | 2003-10-15 | 上海交通大学 | Virtual private network applying hardware encipher/decipher |
| CN1632738A (en) * | 2003-12-23 | 2005-06-29 | 联想(北京)有限公司 | Print control method for ensuring data transmission security |
| US20080104417A1 (en) * | 2006-10-25 | 2008-05-01 | Nachtigall Ernest H | System and method for file encryption and decryption |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103401680B (en) * | 2013-07-24 | 2016-06-15 | 大连理工大学 | A kind of matrix rotation displacement digital encryption method |
| CN103401680A (en) * | 2013-07-24 | 2013-11-20 | 大连理工大学 | Matrix rotation displacement digital encryption method |
| CN104868996A (en) * | 2014-02-25 | 2015-08-26 | 中兴通讯股份有限公司 | Data encryption and decryption method, device thereof, and terminal |
| CN107070856A (en) * | 2015-12-16 | 2017-08-18 | 尤尼因弗株式会社 | Encryption/decryption speed improvement method of encryption is applied compoundly |
| WO2018039979A1 (en) * | 2016-08-31 | 2018-03-08 | 大宏数创意股份有限公司 | Data encryption and decryption method and system |
| CN106506523A (en) * | 2016-11-29 | 2017-03-15 | 济南恒大视讯科技有限公司 | A kind of processing system and method for ensureing electronic vote data safety |
| WO2018176781A1 (en) * | 2017-04-01 | 2018-10-04 | 广东欧珀移动通信有限公司 | Information sending method, information receiving method, apparatus, and system |
| CN107645488A (en) * | 2017-05-27 | 2018-01-30 | 安徽师范大学 | Web data storage and data transmission method based on U-shield |
| CN108563927A (en) * | 2018-04-26 | 2018-09-21 | 惠州市德赛西威汽车电子股份有限公司 | A kind of packaging ciphering method of host upgrading software |
| CN109344641A (en) * | 2018-08-20 | 2019-02-15 | 广州飞硕信息科技股份有限公司 | A kind of processing method of local data, device and storage medium |
| CN109460993A (en) * | 2018-09-04 | 2019-03-12 | 咪咕文化科技有限公司 | Information processing method, device and storage medium |
| CN113761543A (en) * | 2020-06-01 | 2021-12-07 | 菜鸟智能物流控股有限公司 | Data processing method, device, equipment and machine readable medium based on alliance chain |
| CN113761543B (en) * | 2020-06-01 | 2024-04-02 | 菜鸟智能物流控股有限公司 | Data processing method, device, equipment and machine-readable medium based on alliance chain |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102377560A (en) | Data encryption method and device for mobile communication terminal | |
| CN103338437B (en) | The encryption method of a kind of mobile instant message and system | |
| JPH0823330A (en) | Safe data communication | |
| CN102333093A (en) | Data encryption transmission method and system | |
| CN102664898A (en) | Fingerprint identification-based encrypted transmission method, fingerprint identification-based encrypted transmission device and fingerprint identification-based encrypted transmission system | |
| CN106533656B (en) | A kind of key multilayer mixing method for encryption/decryption based on WSN | |
| CN102638459A (en) | Authentication information transmission system, authentication information transmission service platform and authentication information transmission method | |
| CN100426718C (en) | A secure transmission method for media content | |
| CN107306254B (en) | Digital copyright protection method and system based on double-layer encryption | |
| CN101150397B (en) | Method and mobile terminal for secure communication between mobile terminal and computer | |
| CN104009842A (en) | Communication data encryption and decryption method based on DES encryption algorithm, RSA encryption algorithm and fragile digital watermarking | |
| CN105357007A (en) | Encryption communication method and communication terminal | |
| CN102752314A (en) | Multimedia internet of thing secure communication method based on information hiding technology | |
| CN202818612U (en) | System capable of blocking unauthorized SMS text messages or bulk SMS text messages | |
| CN105407467A (en) | Short message encryption methods, devices and system | |
| CN102104844A (en) | Mobile phone encrypted short message structure and method for transmitting and receiving mobile phone encrypted short message by applying same | |
| CN104602208B (en) | A kind of SMS encryption communication means based on mobile network | |
| CN102231883A (en) | Teledata transmission content encrypting system and method based on RFID (radio frequency identification)-SIM (subscriber identity module) card | |
| CN103458401B (en) | A kind of voice encryption communication system and communication means | |
| CN103945348A (en) | Asymmetrical secret key short message encryption method and system | |
| CN108390755A (en) | The safe input method of SIM pasting cards based on built-in security chip | |
| CN101478733B (en) | Method, network device and network system for short message transmission | |
| CN103916834A (en) | Short message encryption method and system allowing user to have exclusive secret key | |
| CN114697008B (en) | Communication system and method based on quantum security SIM card, quantum security SIM card and key service platform | |
| CN105262759A (en) | Method and system for encrypted communication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20120314 |