CN104363091A - Encryption and decryption method capable of automatically retrieving keys and selecting algorithms - Google Patents
Encryption and decryption method capable of automatically retrieving keys and selecting algorithms Download PDFInfo
- Publication number
- CN104363091A CN104363091A CN201410717255.XA CN201410717255A CN104363091A CN 104363091 A CN104363091 A CN 104363091A CN 201410717255 A CN201410717255 A CN 201410717255A CN 104363091 A CN104363091 A CN 104363091A
- Authority
- CN
- China
- Prior art keywords
- key
- encryption
- data
- sequence number
- algorithm
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses an encryption and decryption method capable of automatically retrieving keys and selecting algorithms, which comprises the following steps: generating a keystore used by a cryptographic object; extracting the data characteristic of an encrypted object, thereby obtaining the processed data first byte; according to the extracted data characteristic, automatically retrieving the keystore; according to the data feature, selecting an encryption algorithm; according to different encryption scenes, carrying out user-defining on an additional expansion scheme; and performing an encryption and decryption algorithm on the encrypted object. Based on the existing encryption algorithm, the keystore is used for replacing the traditional single key, so that the safety of key management is enhanced, the key is selected according to the data characteristic, an appropriate encryption algorithm is selected to play the best encryption performance, and the additional expansion scheme can be supported to meet the specific encryption scene, therefore, the method has very high practicality and adaptability, and has very wide application scenarios.
Description
Technical field
The invention belongs to data encryption security technology area, specifically the encipher-decipher method of a kind of automatic retrieval key and selection algorithm.
Background technology
Existing normal encrypt algorithm, there are DES (full name is: Data Encryption Standard), AES (full name is: Advanced Encryption Standard), RC4 (also referred to as ARC4, Alleged RC4) and RSA, wherein RSA public key encryption algorithm is proposed together by Peter Lonard Lee Vista (Ron Rivest), A Di Shamir (Adi Shamir) and Leonard A Deman (Leonard Adleman) for 1977, and RSA is the alphabetical compositions that are stitched together of their three people's surname beginnings.
The each have their own good and bad point of existing normal encrypt algorithm, DES and aes algorithm complexity high, although level of security can ensure, but it is based on the feature of data block, it is made to there is blind area: directly cannot be encrypted the data that length is less than data block unit size, the data block unit size of DES algorithm is 64bit, the data block unit size of aes algorithm is 128bit; And when data length is not the integral multiple of data block unit size, need by filling and additional information to complete encryption;
RC4 algorithm complex is low, and the data going for random length are encrypted, and data are longer, and level of security is higher, but it is based on the feature of XOR encryption, makes its coefficient of safety when encrypting low volume data very low;
RSA Algorithm is rivest, shamir, adelman, and his advantage is the cipher key separation of encryption and decryption, effectively can improve level of security, but its principle of decomposing based on large number, make it can only be used for the encryption and decryption of low volume data, when data length is enough large, exponentially increases by arithmetic speed.
Meanwhile, above cryptographic algorithm all uses single key, is applicable to data and encrypts in transmitting procedure, and encryption frequency is few and immediately decipher, without the need to preserving the situation of key for a long time.
But when mass data needs to store after encryption, the data structure of cryptographic object is complicated and changeable, and time delay deciphering, need to preserve key for a long time.Single cryptographic algorithm just cannot meet changeable data structure, adopts unique secret key encryption, will make to store this key for a long time and there is potential safety hazard.Therefore how effective Choice encryption algorithm managing keys become a difficult problem urgently to be resolved hurrily.
Summary of the invention
The present invention is directed to the problem how effective retrieval key and selection algorithm are attached to the data encryption stored, provide the encipher-decipher method of a kind of automatic retrieval key and selection algorithm.
Concrete steps comprise generation cipher key store, and extract data characteristics, automatic retrieval key storehouse, Choice encryption algorithm, revises and enlarges expansion scheme and encryption and decryption computing.
The cipher key store that step one, generation cryptographic object use;
Cipher key store is by all keys for encrypting, deciphering, and key head and key tooth is organically combined by the special number of taking out algorithm, forms a cipher key store being easy to retrieve overall, carrys out retrieval key for the feature according to data.
The processing method generating cipher key store is: key is by sequence number ordered arrangement, encryption key and decruption key are set to pair of secret keys, by the pairwise key of some, according to specific mapping relations, combine formation cipher key store, the capacity of cipher key store sets size according to actual needs.
Step 2, extract the data characteristics of encrypted object, obtain data first byte after treatment;
The method that the data acquisition bit of encrypted object is out of order, out of order to data Content Implementation part, the data characteristics of the multibyte position of distribution is focused on first byte, forms the condition code of these data.
The automatic retrieval key storehouse of data characteristics that step 3, foundation are extracted;
Be relation one to one according to the sequence number extracting the first byte after data characteristics and cipher key store, by the value of first byte as the sequence number in retrieval key storehouse, remove the key of this sequence number in automatic retrieval key storehouse, thus selected key, as the key that encryption and decryption uses.
Step 4, foundation data characteristic Choice encryption algorithm;
Suitable cryptographic algorithm is selected according to the encryption scene of reality and the data characteristics of cryptographic object.
Step 5, revise and enlarge expansion scheme according to different encryption scenes is self-defined;
Two kinds are expanded schemes for isometric and variable length two kinds of applicable Scenario Designs before and after data encryption;
Ciphertext after the encryption of encryption scene requirement, when keeping original data length, adopt RC4 algorithm or aes algorithm, concerning aes algorithm, when enciphered data is not the integral multiple of 128bit, encryption method is: after the plaintext being first 128bit integral multiple to length before enciphered data does AES encryption, from the end of front ciphertext expressly, get suitable length, and expressly less than the part polishing 128bit of 128bit, try again AES encryption.
Ciphertext after encryption scene Password-Enabled, during variable-length, for aes algorithm, then fill plaintext end, the integral multiple of polishing 128bit, the content of filling is the value lacking length.
Step 6, encryption and decryption computing is carried out to encrypted object;
Described cryptographic calculation adopts the key automatically retrieved and the cryptographic algorithm automatically selected, and carries out the data after extracting data characteristics and revising and enlarging the operation of expansion scheme be encrypted computing to encrypted object;
Computing is decrypted to ciphertext, then the data after deciphering is performed to the inverse operation revised and enlarged expansion scheme and extract data characteristics, restore the decipher operation of initial data.
According to the data characteristics of the cryptographic object that step 2 is extracted, as the first byte of retrieval key storehouse sequence number, in encryption and decryption computing, and the key head of the key obtained that is retrieved, carry out XOR, obtain the first byte after encryption and decryption.Remainder byte, in encryption and decryption computing, the key tooth of the key obtained being retrieved, as computing key, adopts by the algorithm selected, carries out encryption and decryption computing, obtains the remainder byte after encryption and decryption.
The invention has the advantages that:
(1) encipher-decipher method for automatic retrieval key and selection algorithm, relates to the encryption and decryption to sensitive information, and possesses good autgmentability, goes for the sensitive information of the Various types of data structure of random length.
(2) encipher-decipher method for automatic retrieval key and selection algorithm, in conjunction with multiple encryption algorithms and expansion thereof, can improve fail safe.
(3) encipher-decipher method for automatic retrieval key and selection algorithm, in existing famous cryptographic algorithm, introduces cipher key store, substitutes traditional unique key, improves the fail safe of data encryption;
(4) encipher-decipher method for automatic retrieval key and selection algorithm, according to the architectural feature of data, automatically selects different cryptographic algorithm, reaches best encryption performance and level of security with the advantage playing algorithm.
(5) encipher-decipher method for automatic retrieval key and selection algorithm, based on the design considerations of this method, can effectively expand, and can be applicable to many encryption and decryption scenes having particular/special requirement, possess good portability.
Accompanying drawing explanation
Fig. 1 is the encipher-decipher method flow chart of a kind of automatic retrieval key of the present invention and selection algorithm;
Fig. 2 is the method schematic diagram that the present invention generates the cipher key store sequence number with mapping relations and takes;
Fig. 3 is the schematic diagram of the present invention according to cipher key store serial number gencration key;
Fig. 4 is the out of order method schematic diagram of bit that the present invention extracts data characteristics;
Fig. 5 is the schematic diagram of cryptographic calculation of the present invention;
Fig. 6 is the schematic diagram of decrypt operation of the present invention.
Embodiment
Below in conjunction with drawings and Examples, the present invention is described in further detail.
The encipher-decipher method of a kind of automatic retrieval key of the present invention and selection algorithm, specifically a kind of according to the key in sensitive information characteristic key cipher key store and Choice encryption algorithm carries out the method for encryption and decryption.
Concrete steps are as follows: as shown in Figure 1, comprise generation cipher key store, extract data characteristics, automatic retrieval key storehouse, Choice encryption algorithm, increase and surely expand scheme and corresponding encryption and decryption computing.
The cipher key store that step one, generation cryptographic object use,
Independent one is made up of key key head and key tooth two parts, key head is foundation mapping relations, of taking out mark, and key toothed portion is effective key part of enciphering and deciphering algorithm, stochastic generation or artificially set; The length of key tooth determines according to algorithm used with value: the paired key tooth of symmetry algorithm is identical, and the paired key tooth of asymmetric arithmetic is respectively PKI and private key.
Cipher key store is by all keys for encrypting, deciphering, and key head and key tooth is organically combined by the special number of taking out algorithm, forms a cipher key store being easy to retrieve overall, carrys out retrieval key for the feature according to data.Data characteristics cardinal index is according to type, length, data value and meaning.
Cipher key store itself is artificial setting or stochastic generation.
The method that concrete cipher key store generates is: encryption key and decruption key are set to pair of secret keys, and in a symmetric encryption algorithm, the key of encryption and decryption is identical, and in rivest, shamir, adelman, the key of encryption and decryption is then not identical.By the pairwise key of some, according to specific mapping relations, combine formation cipher key store, the capacity of cipher key store sets size according to actual needs.The cipher key store of final generation, key is by sequence number ordered arrangement, and unduplicated pair of secret keys each other between two, in surjective relation one to one.
The present invention is 128 pairs of keys for database volume, the mapping relations adopted are based on the principle of XOR, specifically provide a kind of can the method for cipher key store of stochastic generation containment mapping relation, by a series of keys that 256 cipher key settings one-tenth are ordered arrangements, often key there is a unique sequence number; The value of two sequence number XORs of pairwise key, as this key head to key, is mapped mutually by key head, and any one the sequence number of key and its key head XOR, and result is the sequence number of another key.
Concrete step is as follows:
Step 101: for cryptographic object pre-creates the cipher key store that a size is the two-dimensional array of 256*17 byte;
As shown in Figure 2,256 is the capacity of cipher key store, and 17 is key length, comprises the key head of 1 byte and the key tooth of 16 bytes.
Step 102: the sequence number generating pair of secret keys in cipher key store;
Be in the array S of element with sequence number at one, array S initial size is 256, initial value is followed successively by 0 to 255, first a sequence number of pair of secret keys is randomly drawed: the method for extraction is generation random number R andom, to current array size 256 delivery, such as, after delivery, value is for 0x02, then will be designated as the element of 0x02 under in S array, as first sequence number, be labeled as sequence number 0x02.Then this sequence number rejected from sequence number array S, array size becomes 255.
Extract this another sequence number to key, the method extracted is regeneration random number R andom, to current array size 255 delivery, such as, after delivery, value is for 0x90, then by being designated as the element of 0x90 under in S array, as another sequence number, be labeled as sequence number 0x91, because sequence number 0x02 has been taken out, and rejected from sequence number array S by sequence number 0x91, array size becomes 254.
Step 103: first pair of Key Sequence Number is generated pair of secret keys;
As shown in Figure 3, a pair sequence number 0x02 and 0x91 has been generated in step 102, then sequence number makes the result 0x93 after XOR, it is the key head of the key of 0x02 and 0x91 as sequence number, stochastic generation length is the key tooth of key 128bit_randomkeys as the key of 0x02 and 0x91 of 128bit again, the present invention selects symmetric encipherment algorithm RC4 and AES, and share a cipher key store, therefore this is identical to the key tooth of key, also namely encryption and decryption use identical key, if select RSA rivest, shamir, adelman, then sequence number is the key toothed portion of 0x02 and 0x91, be respectively PKI and private key.
Step 104: repeat step 102 and 103, the remaining key of stochastic generation, amounts to generation 128 pairs of keys.
Step 2, extract the data characteristics of encrypted object, obtain data first byte after treatment;
The foundation of automatic retrieval key is the data value based on data characteristics, and the data value of data characteristics refers to the binary form of data.Be the form of character visible for data content, data characteristics is confined to ACK (Acknowledgement) code of character visible, and its feature is not obvious, therefore needs to take someway, allows these data have more personalization.
The method that the present invention takes is out of order to data Content Implementation part, and the data characteristics of the multibyte position of distribution is focused on first byte, and the condition code forming these data carrys out retrieval key.
Extracting the processing method of data characteristics is the out of order method of bit, out of order including but not limited to bit, as shown in Figure 4, steps of the method are:
Step 201: data data length being greater than to 4 bytes, does the out of order process of bit, and this method is for digital 1963xxxx, and in conjunction with ASCII character Biao Ke get, front four byte hexadecimals are expressed as 0x31393633.
Step 202: the 5th, 6 bits 10 of the 1st of the first byte the, 2 bits 00 and the second byte are exchanged; By the 3rd of the first byte the, the 6th, 7 bits 10 of 4 bits 11 and the 3rd byte exchange; By the 5th of the first byte the, the 7th, 8 bits 11 of 6 bits 00 and nybble exchange; Retain the 7th of the first byte the, 8 bits 01 are constant.
Step 203: the data hexadecimal representation after exchange is 0xad313730, data first byte 0xad after out of order is the data characteristics extracting encrypted object, more can show the feature of this data 1963xxxx, thus when retrieval key, the key that sequence number is 0xad can be retrieved.
If do not do data feature extraction, then with the data of numeral beginning, only the key that sequence number is 0x30 to 0x39 may be retrieved.
To sum up, the data characteristics of encrypted object, result be out of order after data first byte;
The automatic retrieval key storehouse of data characteristics that step 3, foundation are extracted;
Be relation one to one according to the sequence number extracting the first byte after data characteristics and cipher key store, go the sequence number in automatic retrieval key storehouse by the value of first byte as sequence number, thus selected key.
Step 4, foundation data characteristic Choice encryption algorithm;
Encryption scene according to reality selects suitable cryptographic algorithm, and the data characteristics of the cryptographic object that the present invention selects is data length, and the method taked carrys out automatic Choice encryption algorithm according to the length of data.
The present invention is described with aes algorithm and RC4 algorithm, aes algorithm Cipher Strength is high, but the data that length is less than 128bit can not be applicable to, therefore when data length is less than 128bit, adopt RC4 algorithm, when data length is greater than 128bit, adopt aes algorithm encryption, aes algorithm and RC4 algorithm share a group key storehouse or use a group key storehouse respectively.RC4 algorithm in the present invention, instead can not push away key, therefore shares same group key.
Because different cryptographic algorithm cuts both ways, therefore carry out Choice encryption algorithm according to the characteristic of data, thus play best encryption performance;
Step 5, revise and enlarge expansion scheme according to different encryption scenes is self-defined;
Some special encryption scene has special requirement to ciphering process, and in order to adapt to different encryption scenes, self-defined extending method meets encryption needs.
The present invention for isometric before and after data encryption and variable length two kinds of applicable scenes, devises two kinds of expansion schemes respectively respectively.
Ciphertext after the encryption of encryption scene requirement, when keeping original data length, for RC4 algorithm, inherently isometric encryption, for aes algorithm, require that encryption length is the integral multiple of 128bit, therefore when enciphered data is not the integral multiple of 128bit, encryption method is: after the plaintext being first 128bit integral multiple to length before enciphered data does AES encryption, from the end of front ciphertext expressly, get suitable length, and expressly less than the part polishing 128bit of 128bit, try again AES encryption.
Ciphertext after encryption scene Password-Enabled, during variable-length, for aes algorithm, then fill plaintext end, the integral multiple of polishing 128bit, the content of filling is the value lacking length, such as lack 8Byte and then fill 8 0x08, even if data are less than 128bit like this, also without the need to adopting low intensive RC4 algorithm, improve overall security performance.
Step 6, encryption and decryption computing is carried out to encrypted object;
Encryption and decryption computing comprises cryptographic calculation and decrypt operation;
Described cryptographic calculation adopts the key automatically retrieved and the cryptographic algorithm automatically selected, and carries out the data after extracting data characteristics and revising and enlarging the operation of expansion scheme be encrypted computing to encrypted object;
Computing is decrypted to ciphertext, be to deciphering after data perform and revise and enlarge expansion scheme and extract the inverse operation of data characteristics, restore the decipher operation of initial data.
With initial data be 1963xxx... the isometric encryption and decryption of totally 24 byte be example, steps of the method are:
Step 601: be encrypted computing, as shown in Figure 5, the initial data length of encrypted object is greater than 4 bytes, first carries out extraction data characteristics, and adopt the out of order method of bit, out of order rear data become 0xad313730xxxx... totally 24 bytes.
Step 602: according to the value 0xad of first byte, in retrieval key storehouse, sequence number is the key of 0xad, assuming that in cipher key store, sequence number 0xad and sequence number 0x01 is pair of secret keys, XOR is carried out after converting two sequence numbers to binary system, obtain XOR value 0xac, as key head, key tooth is the random number 128bit_randomkeys generated in advance.
Step 603: data length is 24 bytes, be greater than 16 bytes, select AES encryption algorithm, by the key head 0xac XOR of the first byte 0xad of data and key, obtain the first byte 0x01 of ciphertext, by the integral multiple of 16 bytes of data except first byte, with key tooth 128bit_randomkeys as AES key, carry out aes algorithm encryption.
Step 604: initial data end also has 7 bytes not encrypted, belongs to expressly; Data end after being encrypted from step 603, takes out 9 byte cryptogram, and 7 of initial data bytes expressly, polishing 16 byte, uses key tooth 128bit_randomkeys to do AES encryption again, obtains 24 final byte cryptogram; Cryptographic calculation completes.
Step 605: be decrypted computing, as shown in Figure 6, the data ciphertext after encryption is the ciphertext of 24 bytes, first according to the first byte 0x01 of ciphertext, in cipher key store, retrieve the key that sequence number is 0x01, then key head is 0xac, and key tooth is the 128bit_randomkeys of stochastic generation in advance.
Step 606: ciphertext length is 24 bytes, selection aes algorithm is decrypted, and except first byte, other 23 bytes are not the integral multiples of 16, then first to ciphertext most end 16 byte, carry out AES deciphering with key tooth 128bit_randomkeys, obtain the initial data of end 9 byte cryptogram and 7 bytes.
Step 607: by the data ciphertext first byte 0x01 after encryption and key head 0xac XOR, obtain the first byte 0xad of initial data, by the integral multiple of 16 bytes of data ciphertext except first byte 0x01 after encryption, with key tooth 128bit_randomkeys as AES key, carry out aes algorithm deciphering, obtain the initial data of interlude 16 byte.
Step 608: data length is greater than 4 bytes, also needs to perform the inverse operation extracting data characteristics, makes inverse bit out of order, obtain front 4 byte 0x31393633 of initial data to front 4 byte 0xad313730.Obtain 24 final byte initial data.
The encipher-decipher method of automatic retrieval key provided by the invention and selection algorithm, on the basis of existing cryptographic algorithm, cipher key store is adopted to substitute traditional single key, enhance the fail safe of key management, choose key according to data characteristics, and select suitable cryptographic algorithm to play best encryption performance, can support that revising and enlarging expansion scheme specifically encrypts scene to meet, therefore, the method has very strong practicality and adaptability, has application scenarios very widely.
Claims (6)
1. an encipher-decipher method for automatic retrieval key and selection algorithm, is characterized in that: specifically comprise the following steps,
The cipher key store that step one, generation cryptographic object use;
Encryption key and decruption key, by sequence number ordered arrangement, are set to pair of secret keys, by pairwise key, according to mapping relations, combine formation cipher key store by key;
Step 2, extract the data characteristics of encrypted object, obtain data first byte after treatment;
The method that the data acquisition bit of encrypted object is out of order, out of order to data Content Implementation part, the data characteristics of the multibyte position of distribution is focused on first byte, forms the condition code of these data;
The automatic retrieval key storehouse of data characteristics that step 3, foundation are extracted;
Extract the sequence number one_to_one corresponding of the first byte after data characteristics and cipher key store, by the value of the first byte sequence number as retrieval key storehouse, the key of this sequence number in automatic retrieval key storehouse, as the key that encryption and decryption uses;
Step 4, foundation data characteristic Choice encryption algorithm;
According to the data characteristics Choice encryption algorithm encrypting scene and cryptographic object;
Step 5, revise and enlarge expansion scheme according to different encryption scenes is self-defined;
Two kinds are expanded schemes for isometric and variable length two kinds of applicable Scenario Designs before and after data encryption;
Ciphertext after the encryption of encryption scene requirement, when keeping original data length, adopt RC4 algorithm or aes algorithm, for aes algorithm, when enciphered data is not the integral multiple of 128bit, encryption method is: after the plaintext being first 128bit integral multiple to length before enciphered data does AES encryption, from the end of ciphertext, polishing 128bit, try again AES encryption;
Ciphertext after encryption scene Password-Enabled, during variable-length, for aes algorithm, fill plaintext end, the integral multiple of polishing 128bit, the content of filling is the value lacking length;
Step 6, encryption and decryption computing is carried out to encrypted object;
Described cryptographic calculation adopts the key automatically retrieved and the cryptographic algorithm automatically selected, and carries out the data after extracting data characteristics and revising and enlarging the operation of expansion scheme be encrypted computing to encrypted object;
Computing is decrypted to ciphertext, then the data after deciphering is performed to the inverse operation revised and enlarged expansion scheme and extract data characteristics, restore initial data;
According to the data characteristics of the cryptographic object that step 2 is extracted, as the first byte of retrieval key storehouse sequence number, in encryption and decryption computing, and the key head of the key obtained that is retrieved, carry out XOR, obtain the first byte after encryption and decryption; Remainder byte, in encryption and decryption computing, the key tooth of the key obtained being retrieved, as computing key, adopts by the algorithm selected, carries out encryption and decryption computing, obtains the remainder byte after encryption and decryption.
2. the encipher-decipher method of a kind of automatic retrieval key as claimed in claim 1 and selection algorithm, it is characterized in that: described key is made up of key head and key tooth, key head is according to mapping relations, the mark taken out, key toothed portion is effective key part of enciphering and deciphering algorithm, stochastic generation or artificially set; The length of key tooth determines according to algorithm used with value: the paired key tooth of symmetry algorithm is identical, and the paired key tooth of asymmetric arithmetic is respectively PKI and private key.
3. the encipher-decipher method of a kind of automatic retrieval key as claimed in claim 1 and selection algorithm, is characterized in that: described cipher key store is artificial setting or stochastic generation.
4. the encipher-decipher method of a kind of automatic retrieval key as claimed in claim 1 and selection algorithm, is characterized in that: described data characteristics refers to data type, length, data value and meaning.
5. the encipher-decipher method of a kind of automatic retrieval key as claimed in claim 1 and selection algorithm, is characterized in that: described step one is specific as follows:
Step 101: for cryptographic object pre-creates the cipher key store of a two-dimensional array;
Step 102: the sequence number generating pair of secret keys in cipher key store;
Be in the array S of element with sequence number at one, first a sequence number of pair of secret keys is randomly drawed: the method for extraction is generation random number R andom, after current array size S delivery, then will be designated as the element of delivery value under in array S, as first sequence number, then this sequence number rejected from sequence number array S, array size becomes S-1;
Extract this another sequence number to key, the method extracted is regeneration random number R andom, after current array size S-1 delivery, then will be designated as the element of delivery value under in S array, as another sequence number, be labeled as second sequence number, and this sequence number is rejected from sequence number array S-1, array size becomes S-2;
Step 103: first pair of Key Sequence Number is generated pair of secret keys;
Generated a pair sequence number in step 102, then sequence number makes the result after mapping operations as this key head to the key of sequence number, then the key tooth of a stochastic generation key;
Step 104: repeat step 102 and 103, the remaining key of stochastic generation, amounts to and generates cipher key store.
6. the encipher-decipher method of a kind of automatic retrieval key as claimed in claim 1 and selection algorithm, is characterized in that: described step 6 is specific as follows:
Step 601: computing is encrypted to initial data, the initial data length of encrypted object is greater than specified byte length, adopts the out of order method of bit to carry out extraction data characteristics, obtains data first byte;
Step 602: according to the value of the data first byte after out of order, the key of corresponding sequence number in retrieval key storehouse, the key head of key and first byte, according to mapping relations during serial number gencration, obtain another sequence number as ciphertext first byte;
Step 603: select to revise and enlarge expansion scheme according to encryption scene, isometric AES encryption adopts end superencipher method, elongated AES encryption adopts fills encryption method, and the content of filling is the value lacking length;
Step 604: select corresponding cryptographic algorithm according to data length, uses key tooth to be encrypted computing;
Step 605: be decrypted computing, first according to the first byte of ciphertext, retrieves the key of corresponding sequence number in cipher key store, and key head and ciphertext first byte, according to mapping relations during serial number gencration, obtain another sequence number as first byte after deciphering;
Step 606: select decipherment algorithm according to ciphertext length, uses key tooth to be decrypted computing;
Step 607: be selected revise and enlarge expansion scheme according to encryption, carries out inverse operation, if the isometric encryption of AES, then first deciphers end data, then decipher interlude data, if the elongated encryption of AES, remove the padding data at end after deciphering;
Step 608: the data being greater than specified byte length for data length, performs the inverse operation extracting data characteristics, makes inverse bit out of order, obtain the specified byte of initial data, obtain final initial data specified byte.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410717255.XA CN104363091B (en) | 2014-12-01 | 2014-12-01 | A kind of encipher-decipher method of automatically retrieval key and selection algorithm |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410717255.XA CN104363091B (en) | 2014-12-01 | 2014-12-01 | A kind of encipher-decipher method of automatically retrieval key and selection algorithm |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104363091A true CN104363091A (en) | 2015-02-18 |
| CN104363091B CN104363091B (en) | 2017-09-12 |
Family
ID=52530319
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410717255.XA Active CN104363091B (en) | 2014-12-01 | 2014-12-01 | A kind of encipher-decipher method of automatically retrieval key and selection algorithm |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104363091B (en) |
Cited By (22)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105025036A (en) * | 2015-08-07 | 2015-11-04 | 北京环度智慧智能技术研究所有限公司 | Cognitive ability test value encryption and transmission method based on internet |
| CN105429749A (en) * | 2015-10-28 | 2016-03-23 | 袁超 | Separated feature data encryption and decryption method and system |
| CN105426445A (en) * | 2015-11-06 | 2016-03-23 | 天津佳宁坤祥科技有限公司 | Format-preserving data desensitization method |
| CN105760765A (en) * | 2016-02-04 | 2016-07-13 | 北京致远协创软件有限公司 | Data encrypting method and device and data decrypting method and device |
| CN105897406A (en) * | 2016-06-02 | 2016-08-24 | 北京赛思信安技术股份有限公司 | AES encryption and decryption device having equal-length plaintexts and ciphertexts |
| CN106973044A (en) * | 2017-03-15 | 2017-07-21 | 成都比特信安科技有限公司 | A kind of recognition methods for realizing data owner in big data transaction |
| CN107332661A (en) * | 2017-06-29 | 2017-11-07 | 环球智达科技(北京)有限公司 | The method of data encryption |
| CN108304740A (en) * | 2017-06-02 | 2018-07-20 | 深圳三诺信息科技有限公司 | A kind of method of burning digital product key |
| CN109391607A (en) * | 2017-08-14 | 2019-02-26 | 北京京东尚科信息技术有限公司 | Data encryption/decryption method and device, system |
| CN109474429A (en) * | 2018-12-24 | 2019-03-15 | 无锡市同威科技有限公司 | A kind of cipher key configuration strategy process towards FC storage encryption gateway |
| CN109714291A (en) * | 2017-10-25 | 2019-05-03 | 普天信息技术有限公司 | A kind of data transmission method and device |
| CN109885769A (en) * | 2019-02-22 | 2019-06-14 | 内蒙古大学 | A kind of active recommender system and device based on difference privacy algorithm |
| CN110611568A (en) * | 2019-09-20 | 2019-12-24 | 天翼电子商务有限公司 | Dynamic encryption and decryption method, device and equipment based on multiple encryption and decryption algorithms |
| CN110650148A (en) * | 2019-09-30 | 2020-01-03 | 广西科技大学 | Information security transmission system based on random encryption |
| CN110896387A (en) * | 2018-09-12 | 2020-03-20 | 宁德时代新能源科技股份有限公司 | Data transmission method, battery management system and storage medium |
| CN112953705A (en) * | 2019-12-10 | 2021-06-11 | 中国电信股份有限公司 | Key selection method and device and computer storage medium |
| CN113505377A (en) * | 2021-05-25 | 2021-10-15 | 重庆沄析工业互联网有限公司 | Method for integrating SM4 data encryption and decryption technology based on software framework |
| CN113792305A (en) * | 2021-08-18 | 2021-12-14 | 广州城建职业学院 | Encryption and decryption method, system, equipment and computer readable storage medium |
| CN114554486A (en) * | 2022-01-06 | 2022-05-27 | 北京全路通信信号研究设计院集团有限公司 | Key management method and system for information secure transmission |
| CN116455884A (en) * | 2023-04-04 | 2023-07-18 | 河南驰诚电气股份有限公司 | Remote debugging and upgrading method in wireless cascading mode |
| CN117454397A (en) * | 2023-10-25 | 2024-01-26 | 金田产业发展(山东)集团有限公司 | File secure transmission interactive system based on cloud computing |
| CN117857078A (en) * | 2023-11-23 | 2024-04-09 | 烟台新韦达智慧科技有限公司 | Variable-length hybrid dynamic transmission encryption and decryption method and device |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080104417A1 (en) * | 2006-10-25 | 2008-05-01 | Nachtigall Ernest H | System and method for file encryption and decryption |
| CN101183419A (en) * | 2007-12-07 | 2008-05-21 | 武汉达梦数据库有限公司 | Data-base storage ciphering method based on conversation |
| CN102307096A (en) * | 2011-08-26 | 2012-01-04 | 武汉理工大学 | Pseudo-Rivest, Shamir and Adleman (RSA)-key-based application method for recent public key cryptography algorithm |
| CN103927357A (en) * | 2014-04-15 | 2014-07-16 | 上海新炬网络技术有限公司 | Data encryption and retrieval method for database |
| CN104022872A (en) * | 2014-04-09 | 2014-09-03 | 广州赛意信息科技有限公司 | Data encryption method |
-
2014
- 2014-12-01 CN CN201410717255.XA patent/CN104363091B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080104417A1 (en) * | 2006-10-25 | 2008-05-01 | Nachtigall Ernest H | System and method for file encryption and decryption |
| CN101183419A (en) * | 2007-12-07 | 2008-05-21 | 武汉达梦数据库有限公司 | Data-base storage ciphering method based on conversation |
| CN102307096A (en) * | 2011-08-26 | 2012-01-04 | 武汉理工大学 | Pseudo-Rivest, Shamir and Adleman (RSA)-key-based application method for recent public key cryptography algorithm |
| CN104022872A (en) * | 2014-04-09 | 2014-09-03 | 广州赛意信息科技有限公司 | Data encryption method |
| CN103927357A (en) * | 2014-04-15 | 2014-07-16 | 上海新炬网络技术有限公司 | Data encryption and retrieval method for database |
Cited By (35)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105025036B (en) * | 2015-08-07 | 2018-08-17 | 北京环度智慧智能技术研究所有限公司 | A kind of Cognitive Aptitude Test value Internet-based encryption and transmission method |
| CN105025036A (en) * | 2015-08-07 | 2015-11-04 | 北京环度智慧智能技术研究所有限公司 | Cognitive ability test value encryption and transmission method based on internet |
| CN105429749A (en) * | 2015-10-28 | 2016-03-23 | 袁超 | Separated feature data encryption and decryption method and system |
| CN105426445A (en) * | 2015-11-06 | 2016-03-23 | 天津佳宁坤祥科技有限公司 | Format-preserving data desensitization method |
| CN105760765A (en) * | 2016-02-04 | 2016-07-13 | 北京致远协创软件有限公司 | Data encrypting method and device and data decrypting method and device |
| CN105760765B (en) * | 2016-02-04 | 2019-03-26 | 北京致远互联软件股份有限公司 | Data ciphering method, device and data decryption method, device |
| CN105897406A (en) * | 2016-06-02 | 2016-08-24 | 北京赛思信安技术股份有限公司 | AES encryption and decryption device having equal-length plaintexts and ciphertexts |
| CN105897406B (en) * | 2016-06-02 | 2019-04-12 | 北京赛思信安技术股份有限公司 | A kind of device for the AES encryption and decryption that bright ciphertext is isometric |
| CN106973044A (en) * | 2017-03-15 | 2017-07-21 | 成都比特信安科技有限公司 | A kind of recognition methods for realizing data owner in big data transaction |
| CN106973044B (en) * | 2017-03-15 | 2020-09-18 | 成都比特信安科技有限公司 | Method for identifying data owner in big data transaction |
| CN108304740A (en) * | 2017-06-02 | 2018-07-20 | 深圳三诺信息科技有限公司 | A kind of method of burning digital product key |
| CN107332661A (en) * | 2017-06-29 | 2017-11-07 | 环球智达科技(北京)有限公司 | The method of data encryption |
| CN109391607A (en) * | 2017-08-14 | 2019-02-26 | 北京京东尚科信息技术有限公司 | Data encryption/decryption method and device, system |
| CN109714291A (en) * | 2017-10-25 | 2019-05-03 | 普天信息技术有限公司 | A kind of data transmission method and device |
| CN110896387A (en) * | 2018-09-12 | 2020-03-20 | 宁德时代新能源科技股份有限公司 | Data transmission method, battery management system and storage medium |
| CN110896387B (en) * | 2018-09-12 | 2021-01-01 | 宁德时代新能源科技股份有限公司 | Data transmission method, battery management system and storage medium |
| CN109474429B (en) * | 2018-12-24 | 2022-02-15 | 无锡市同威科技有限公司 | Key configuration strategy method facing FC storage encryption gateway |
| CN109474429A (en) * | 2018-12-24 | 2019-03-15 | 无锡市同威科技有限公司 | A kind of cipher key configuration strategy process towards FC storage encryption gateway |
| CN109885769A (en) * | 2019-02-22 | 2019-06-14 | 内蒙古大学 | A kind of active recommender system and device based on difference privacy algorithm |
| CN110611568A (en) * | 2019-09-20 | 2019-12-24 | 天翼电子商务有限公司 | Dynamic encryption and decryption method, device and equipment based on multiple encryption and decryption algorithms |
| CN110650148B (en) * | 2019-09-30 | 2021-09-21 | 广西科技大学 | Information security transmission system based on random encryption |
| CN110650148A (en) * | 2019-09-30 | 2020-01-03 | 广西科技大学 | Information security transmission system based on random encryption |
| CN112953705A (en) * | 2019-12-10 | 2021-06-11 | 中国电信股份有限公司 | Key selection method and device and computer storage medium |
| CN112953705B (en) * | 2019-12-10 | 2022-12-30 | 中国电信股份有限公司 | Key selection method and device and computer storage medium |
| CN113505377A (en) * | 2021-05-25 | 2021-10-15 | 重庆沄析工业互联网有限公司 | Method for integrating SM4 data encryption and decryption technology based on software framework |
| CN113792305B (en) * | 2021-08-18 | 2023-11-14 | 广州城建职业学院 | Encryption and decryption method, system, equipment and computer readable storage medium |
| CN113792305A (en) * | 2021-08-18 | 2021-12-14 | 广州城建职业学院 | Encryption and decryption method, system, equipment and computer readable storage medium |
| CN114554486A (en) * | 2022-01-06 | 2022-05-27 | 北京全路通信信号研究设计院集团有限公司 | Key management method and system for information secure transmission |
| CN114554486B (en) * | 2022-01-06 | 2024-04-30 | 北京全路通信信号研究设计院集团有限公司 | Secret key management method and system for information security transmission |
| CN116455884A (en) * | 2023-04-04 | 2023-07-18 | 河南驰诚电气股份有限公司 | Remote debugging and upgrading method in wireless cascading mode |
| CN116455884B (en) * | 2023-04-04 | 2023-12-29 | 河南驰诚电气股份有限公司 | Remote debugging and upgrading method in wireless cascading mode |
| CN117454397A (en) * | 2023-10-25 | 2024-01-26 | 金田产业发展(山东)集团有限公司 | File secure transmission interactive system based on cloud computing |
| CN117454397B (en) * | 2023-10-25 | 2024-06-07 | 金田产业发展(山东)集团有限公司 | File secure transmission interactive system based on cloud computing |
| CN117857078A (en) * | 2023-11-23 | 2024-04-09 | 烟台新韦达智慧科技有限公司 | Variable-length hybrid dynamic transmission encryption and decryption method and device |
| CN117857078B (en) * | 2023-11-23 | 2024-06-11 | 烟台新韦达智慧科技有限公司 | Variable-length hybrid dynamic transmission encryption and decryption method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104363091B (en) | 2017-09-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104363091B (en) | A kind of encipher-decipher method of automatically retrieval key and selection algorithm | |
| KR101516574B1 (en) | Variable length block cipher apparatus for providing the format preserving encryption, and the method thereof | |
| US8942371B2 (en) | Method and system for a symmetric block cipher using a plurality of symmetric algorithms | |
| US10009170B2 (en) | Apparatus and method for providing Feistel-based variable length block cipher | |
| CN108023724B (en) | Data transmission method and device | |
| CN115276989B (en) | Serialized data encryption method based on directional scrambling | |
| CN102012993A (en) | Methods and devices for selectively encrypting and decrypting data | |
| CN107135062A (en) | A kind of encryption method of improved big file | |
| CN106598882A (en) | Secure memory data protection method and device | |
| Abusukhon et al. | New direction of cryptography: A review on text-to-image encryption algorithms based on RGB color value | |
| CN106685980A (en) | Cryptographic method of large files | |
| Asaad et al. | Partial image encryption using RC4 stream cipher approach and embedded in an image | |
| Tunga et al. | A new modified Playfair algorithm based on frequency analysis | |
| JP7226829B2 (en) | Data processing apparatus, method and computer program | |
| CN104794243B (en) | Third party's cipher text retrieval method based on filename | |
| US20140223194A1 (en) | Cryptographic System of Symmetric-Key Encryption using Large Permutation Vector Keys | |
| CN105959106A (en) | Low-complexity digital encryption method | |
| JP2017527225A (en) | Cryptographic system reproducible random sequence | |
| CN111314052B (en) | Data encryption and decryption method | |
| CN108270565A (en) | A kind of data mixing encryption method | |
| CN105429749A (en) | Separated feature data encryption and decryption method and system | |
| Deore et al. | Hybrid encryption for database security | |
| KR101148560B1 (en) | Apparatus and method for encryption using mixture of bit data | |
| KR101548654B1 (en) | Apparatus and method for database query using ordered bucket with secure encryption | |
| KR101076747B1 (en) | Method and apparatus for random accessible encryption and decryption by using a hierarchical tree structure of stream cipher module |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |