CN104408374A - File encryption method applied to data acquisition workstation - Google Patents
File encryption method applied to data acquisition workstation Download PDFInfo
- Publication number
- CN104408374A CN104408374A CN201410548933.4A CN201410548933A CN104408374A CN 104408374 A CN104408374 A CN 104408374A CN 201410548933 A CN201410548933 A CN 201410548933A CN 104408374 A CN104408374 A CN 104408374A
- Authority
- CN
- China
- Prior art keywords
- row
- key
- state
- bits
- byte
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6209—Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to a data encryption method, in particular to a file encryption method applied to a data acquisition workstation. When a user operates according to the method, a drive accessed into a data acquisition workstation recorder can be hidden, and meanwhile, data in the recorder can be encrypted. The file encryption method has a unique characteristic that an encryption function of the acquisition workstation is enhanced.
Description
Technical field
The present invention relates to a kind of method to data encryption, particularly a kind of file encrypting method being applied to data collection task station.
Background technology
Data collection task station as herein described, can the registering instrument of Admission eontrol system, automatically uploads electronic evidence to data server by USB port.When registering instrument is connected in system, system can identify and the drive of display recorder, simultaneously the data of registering instrument, and has uploaded to the data of acquisition workstation, and be easy to maliciously be revised, the security of such acquisition workstation can not be guaranteed.
Summary of the invention
The object of the present invention is to provide a kind of encryption method, the drive of access data acquisition workstation registering instrument can be hidden according to the method operation, to the data encryption in registering instrument, the function of keeping secret of acquisition workstation can also be strengthened simultaneously.
The technical scheme realizing the object of the invention is: a kind of file encrypting method being applied to data collection task station, its hardware components comprises acquisition workstation, display, and the registering instrument of acquisition workstation is linked into by USB port, it is characterized in that: comprise the following steps:
Enter the software development environment of Windows operating system;
Initialization system IO and all external devices;
In software development environment, start command window API in Windows system; The path of registration table drive driver is set, opens registration table drive driving N oDrives file;
Amendment NoDrives value, arranges the binary digit 1 of corresponding drive; The amendment of preserving registration table is arranged;
Restart acquisition workstation;
Byte is replaced, by input or each byte of intermediate state by tabling look-up, using the row value of the Gao Siwei of input byte as S box, low four as train value, the element then taking out row and column corresponding in S box, as output, is mapped as another byte;
Row displacement, the 0th row is motionless, the first row ring shift left byte, second ring shift left two bytes, the third line ring shift left three bytes;
Row mixing, converts by column to middle state matrix state;
InvAddRoundKey, each row of input or intermediate state S are carried out step-by-step XOR with a key word ki, and each round key is made up of Nb word;
Cipher key spreading, produce Nr+1 round key by maker, each round key is made up of Nb word, total Nb(Nr+1) individual word, 1.13. replaces against byte, and using train value as low four, row value is as high four;
Retrograde transposition, rear three row of state state are carried out shifting function by contrary direction, and namely the 0th row remains unchanged, and the 1st row circulation moves right a byte, and the 2nd row circulation moves right two bytes, and the 3rd row circulation moves right three bytes;
Each row is all exchanged by being multiplied with fixing polynomial expression d (x) by inverse row mixing;
Data are encrypted.
And in step 1.11, need Nr+1 round key, and need to construct 4(Nr+1) individual 32 words, first 4 bytes of input are directly copied in front 4 words of expanded keys array, obtain W [0], W [1], W [2], W [3]; Then fill the part of expanded keys number remainder with 4 words at every turn.
And step 1.16 comprises the following steps:
The length (128 bits, 192 bits, 256 bits) of input key K and key;
By cipher key spreading program, key is expanded, 128 bits, 192 bits, 256 bit keys corresponding KeyExpansion128 (key) respectively, KeyExpansion192 (key), KeyExpansion256 (key), generate 72bytes respectively, the expanded keys of 204bytes, 236bytes;
Create encryption and store with text formatting;
From wait encrypt file, take out 16 bytes, just terminate if do not take out 16 byte file, then put on EOF in end, the data of taking out are put into intermediate variable (state);
Length according to key is encrypted the data in state, 128 bits, 192 bits, 256 bits corresponding Cipher128 (InvCipher128) respectively, Cipher192 (InvCipher192), Cipher256 (In2vCipher256), and the data after encryption are kept in state, in the data write encrypt file in state.
And command window API is application programming interface in step 1.3.
And NoDrives is drive driver number in step 1.4,1.5.
The invention has the advantages that: 1. by the path of amendment Windows operating system registration table drive driver, hide the drive adding acquisition workstation registering instrument, make external staff cannot data directly in amendment record instrument, safety coefficient be high.2. the data in pair registering instrument are encrypted, and further increase the security of the data collected in acquisition workstation.
Accompanying drawing explanation
Fig. 1 is the workflow of hiding drive;
Fig. 2 is the workflow to data encryption.
Embodiment
See Fig. 1 ~ 2, below with reference to embodiment, the present invention will be further described.
A kind of method to data encryption, particularly a kind of file encrypting method being applied to data collection task station, its hardware components comprises acquisition workstation, display, and is linked into the registering instrument of acquisition workstation by USB port, it is characterized in that: comprise the following steps:
Enter the software development environment of Windows operating system;
Initialization system IO and all external devices;
In software development environment, start command window API in Windows system; The path of registration table drive driver is set, opens registration table drive driving N oDrives file;
Amendment NoDrives value, arranges the binary digit 1 of corresponding drive; The amendment of preserving registration table is arranged;
Restart acquisition workstation;
Byte is replaced, by input or each byte of intermediate state by tabling look-up, using the row value of the Gao Siwei of input byte as S box, low four as train value, the element then taking out row and column corresponding in S box, as output, is mapped as another byte;
Row displacement, the 0th row is motionless, the first row ring shift left byte, second ring shift left two bytes, the third line ring shift left three bytes;
Row mixing, converts by column to middle state matrix state;
InvAddRoundKey, each row of input or intermediate state S are carried out step-by-step XOR with a key word ki, and each round key is made up of Nb word;
Cipher key spreading, produce Nr+1 round key by maker, each round key is made up of Nb word, total Nb(Nr+1) individual word;
Inverse byte is replaced, and using train value as low four, row value is as high four;
Retrograde transposition, rear three row of state state are carried out shifting function by contrary direction, and namely the 0th row remains unchanged, and the 1st row circulation moves right a byte, and the 2nd row circulation moves right two bytes, and the 3rd row circulation moves right three bytes;
Each row is all exchanged by being multiplied with fixing polynomial expression d (x) by inverse row mixing;
Data are encrypted.
And in step 1.11, need Nr+1 round key, and need to construct 4(Nr+1) individual 32 words, first 4 bytes of input are directly copied in front 4 words of expanded keys array, obtain W [0], W [1], W [2], W [3]; Then fill the part of expanded keys number remainder with 4 words at every turn.
And step 1.16 comprises the following steps:
The length (128 bits, 192 bits, 256 bits) of input key K and key;
By cipher key spreading program, key is expanded, 128 bits, 192 bits, 256 bit keys corresponding KeyExpansion128 (key) respectively, KeyExpansion192 (key), KeyExpansion256 (key), generate 72bytes respectively, the expanded keys of 204bytes, 236bytes;
Create encryption and store with text formatting;
From wait encrypt file, take out 16 bytes, just terminate if do not take out 16 byte file, then put on EOF in end.The data of taking out are put into intermediate variable (state);
Length according to key is encrypted the data in state, 128 bits, 192 bits, 256 bits corresponding Cipher128 (InvCipher128) respectively, Cipher192 (InvCipher192), Cipher256 (In2vCipher256), and the data after encryption are kept in state, in the data write encrypt file in state.
Further technical scheme can be that in step 1.3, command window API is application programming interface.
And NoDrives is drive driver number in step 1.4,1.5.
When the Host Detection at data collection task station is to when having registering instrument to be accessed successfully by USB, while software administration platform control system uploads the electronic evidence in registering instrument automatically, system hides the drive being linked into registering instrument on main frame, and the quantity hiding drive can be arranged arbitrarily according to the number of the registering instrument of access; In addition, can according to actual needs, this software also can arrange the drive of registering instrument on display access acquisition workstation, easy to operate.
What the present invention adopted is advanced file cryptographic algorithm, is encrypted the data in registering instrument and the data uploaded.Be on the basis based on this canonical algorithm, the figure place of the enciphered data returned by block cipher is identical with input data.Iterative cryptographic uses a loop structure, repeats displacement in the cycle and replaces input data, thus reach the object to file encryption.
Embodiment
Cipher key spreading Round key:
ef a8 b6 db
44 52 71 0b
a5 5b 25 ad
41 7f 3b 00
addroundkey 5 :
e0 c8 d9 85
92 63 b1 b8
7f 63 35 be
e8 c0 50 01
6th takes turns encryption:
after subbyte:
e1 e8 35 97
4f fb c8 6c
d2 fb 96 ae
9b ba 53 7c
after shiftrows:
e1 e8 35 97
fb c8 6c 4f
96 ae d2 fb
7c 9b ba 53
after mixcolumns:
25 bd b6 4c
d1 11 3a 4c
a9 d1 33 c0
ad 68 8e b0
after keyexpand:
rotword():0b ad 00 db
subword():2b 95 63 b9
after ^Rcon():3b 95 63 b9
w[20] : d4 d1 c6 f8
w[21] : 7c 83 9d 87
w[22] : ca f2 b8 bc
w[23] : 11 f9 15 bc
Cipher key spreading Round key:
d4 7c ca 11
d1 83 f2 f9
c6 9d b8 15
f8 87 bc bc
addroundkey 6 :
f1 c1 7c 5d
00 92 c8 b5
6f 4c 8b d5
55 ef 32 0c
7th takes turns encryption:
after subbyte:
a1 78 10 4c
63 4f e8 d5
a8 29 3d 03
fc df 23 fe
after shiftrows:
a1 78 10 4c
4f e8 d5 63
3d 03 a8 29
fe fc df 23
after mixcolumns:
4b 2c 33 37
86 4a 9d d2
8d 89 f4 18
6d 80 e8 d8
after keyexpand:
rotword():f9 15 bc 11
subword():99 59 65 82
after ^Rcon():b9 59 65 82
w[24] : 6d 88 a3 7a
w[25] : 11 0b 3e fd
w[26] : db f9 86 41
w[27] : ca 00 93 fd
Cipher key spreading Round key:
6d 11 db ca
88 0b f9 00
a3 3e 86 93
7a fd 41 fd
addroundkey 7 :
26 3d e8 fd
0e 41 64 d2
2e b7 72 8b
17 7d a9 25
8th takes turns encryption:
after subbyte:
f7 27 9b 54
ab 83 43 b5
31 a9 40 3d
f0 ff d3 3f
after shiftrows:
f7 27 9b 54
83 43 b5 ab
40 3d 31 a9
3f f0 ff d3
after mixcolumns:
14 46 27 34
15 16 46 2a
b5 15 56 d8
bf ec d7 43
after keyexpand:
rotword():00 93 fd ca
subword():63 dc 54 74
after ^Rcon():23 dc 54 74
w[28] : 4e 54 f7 0e
w[29] : 5f 5f c9 f3
w[30] : 84 a6 4f b2
w[31] : 4e a6 dc 4f
Cipher key spreading Round key:
4e 5f 84 4e
54 5f a6 a6
f7 c9 4f dc
0e f3 b2 4f
addroundkey 8 :
5a 19 a3 7a
41 49 e0 8c
42 dc 19 04
b1 1f 65 0c
9th takes turns encryption:
after subbyte:
be d4 0a da
83 3b e1 64
2c 86 d4 f2
c8 c0 4d fe
after shiftrows:
be d4 0a da
3b e1 64 83
d4 f2 2c 86
fe c8 c0 4d
after mixcolumns:
00 b1 54 fa
51 c8 76 1b
2f 89 6d 99
d1 ff cd ea
after keyexpand:
rotword():a6 dc 4f 4e
subword():24 86 84 2f
after ^Rcon():a4 86 84 2f
w[32] : ea d2 73 21
w[33] : b5 8d ba d2
w[34] : 31 2b f5 60
w[35] : 7f 8d 29 2f
Cipher key spreading Round key:
ea b5 31 7f
d2 8d 2b 8d
73 ba f5 29
21 d2 60 2f
addroundkey 9 :
ea 04 65 85
83 45 5d 96
5c 33 98 b0
f0 2d ad c5
10th takes turns encryption:
after subbyte:
87 f2 4d 97
ec 6e 4c 90
4a c3 46 e7
8c d8 95 a6
after shiftrows:
87 f2 4d 97
6e 4c 90 ec
46 e7 4a c3
a6 8c d8 95
after mixcolumns:
47 40 a3 4c
37 d4 70 9f
94 e4 3a 42
ed a5 a6 bc
after keyexpand:
rotword():8d 29 2f 7f
subword():5d a5 15 d2
after ^Rcon():46 a5 15 d2
w[36] : ac 77 66 f3
w[37] : 19 fa dc 21
w[38] : 28 d1 29 41
w[39] : 57 5c 00 6e
Cipher key spreading Round key:
ac 19 28 57
77 fa d1 5c
66 dc 29 00
f3 21 41 6e
addroundkey 10 :
eb 59 8b 1b
40 2e a1 c3
f2 38 13 42
1e 84 e7 d2
after subbyte:
e9 cb 3d af
09 31 32 2e
89 07 7d 2c
72 5f 94 b5
after shiftrows:
e9 cb 3d af
31 32 2e 09
7d 2c 89 07
b5 72 5f 94
after keyexpand:
rotword():5c 00 6e 57
subword():4a 63 9f 5b
after ^Rcon():7c 63 9f 5b
w[40] : d0 14 f9 a8
w[41] : c9 ee 25 89
w[42] : e1 3f 0c c8
w[43] : b6 63 0c a6
Cipher key spreading Round key:
d0 c9 e1 b6
14 ee 3f 63
f9 25 0c 0c
a8 89 c8 a6
Export the ciphertext after plain text encryption:
39 02 dc 19
25 dc 11 6a
84 09 85 0b
1d fb 97 32
Claims (5)
1. be applied to the file encrypting method at data collection task station, its hardware components comprises acquisition workstation, display, and is linked into the registering instrument of acquisition workstation by USB port, it is characterized in that: comprise the following steps:
1.1. the software development environment of Windows operating system is entered;
1.2. initialization system IO and all external devices;
1.3., in software development environment, command window API in Windows system is started;
1.4. arrange the path of registration table drive driver, open registration table drive driving N oDrives file;
1.5. revise NoDrives value, the binary digit 1 of corresponding drive is set;
The amendment of 1.6. preserving registration table is arranged;
1.7. acquisition workstation is restarted;
1.8. byte is replaced, by input or each byte of intermediate state by tabling look-up, using the row value of the Gao Siwei of input byte as S box, low four as train value, the element then taking out row and column corresponding in S box, as output, is mapped as another byte;
1.9. row displacement, the 0th row is motionless, the first row ring shift left byte, second ring shift left two bytes, the third line ring shift left three bytes;
1.10. arrange mixing, middle state matrix state is converted by column;
1.11. InvAddRoundKey, each row of input or intermediate state S are carried out step-by-step XOR with a key word ki, and each round key is made up of Nb word;
1.12. cipher key spreading, produce Nr+1 round key by maker, each round key is made up of Nb word, total Nb(Nr+1) individual word;
1.13. replace against byte, using train value as low four, row value is as high four;
1.14. Retrograde transposition, rear three row of state state are carried out shifting function by contrary direction, and namely the 0th row remains unchanged, and the 1st row circulation moves right a byte, and the 2nd row circulation moves right two bytes, and the 3rd row circulation moves right three bytes;
Each row is all exchanged by being multiplied with fixing polynomial expression d (x) by 1.15. inverse row mixing;
1.16. data are encrypted.
2. a kind of file encrypting method being applied to data collection task station according to claim 1; it is characterized in that: in step 1.11; need Nr+1 round key; need to construct 4(Nr+1) individual 32 words; first 4 bytes of input are directly copied in front 4 words of expanded keys array, obtain W [0], W [1]; W [2], W [3]; Then fill the part of expanded keys number remainder with 4 words at every turn.
3. a kind of file encrypting method being applied to data collection task station according to claim 1, is characterized in that: step 1.16 comprises the following steps:
3.1. length (128 bits, 192 bits, 256 bits) and the key of key K is inputted;
3.2. by cipher key spreading program, key is expanded, 128 bits, 192 bits, 256 bit keys corresponding KeyExpansion128 (key) respectively, KeyExpansion192 (key), KeyExpansion256 (key), generate 72bytes respectively, the expanded keys of 204bytes, 236bytes;
3.3. create encryption and store with text formatting;
3.4. from wait encrypt file, take out 16 bytes, just terminate if do not take out 16 byte file, then put on EOF in end, the data of taking out are put into intermediate variable (state);
3.5. according to the length of key, the data in state are encrypted, 128 bits, 192 bits, 256 bits corresponding Cipher128 (InvCipher128) respectively, Cipher192 (InvCipher192), Cipher256 (In2vCipher256), and the data after encryption are kept in state, in the data write encrypt file in state.
4. a kind of file encrypting method being applied to data collection task station according to claim 1, is characterized in that: in step 1.3, command window API is application programming interface.
5. a kind of file encrypting method being applied to data collection task station according to claim 1, is characterized in that: in step 1.4,1.5, NoDrives is drive driver number.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410548933.4A CN104408374B (en) | 2014-10-17 | 2014-10-17 | A kind of file encrypting method applied to data collection task station |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410548933.4A CN104408374B (en) | 2014-10-17 | 2014-10-17 | A kind of file encrypting method applied to data collection task station |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104408374A true CN104408374A (en) | 2015-03-11 |
CN104408374B CN104408374B (en) | 2018-05-25 |
Family
ID=52646005
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410548933.4A Active CN104408374B (en) | 2014-10-17 | 2014-10-17 | A kind of file encrypting method applied to data collection task station |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104408374B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110602118A (en) * | 2019-09-20 | 2019-12-20 | 南京信同诚信息技术有限公司 | Virtualization data remote encryption security system and method |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102035641A (en) * | 2009-09-24 | 2011-04-27 | 中兴通讯股份有限公司 | Device and method for implementing AES encryption and decryption |
CN203241980U (en) * | 2013-01-30 | 2013-10-16 | 深圳警翼数码科技有限公司 | Data collecting working station with encryption U flash disc automatic identification technology |
WO2014154273A1 (en) * | 2013-03-27 | 2014-10-02 | Irdeto B.V. | Aes implementation with error correction |
-
2014
- 2014-10-17 CN CN201410548933.4A patent/CN104408374B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102035641A (en) * | 2009-09-24 | 2011-04-27 | 中兴通讯股份有限公司 | Device and method for implementing AES encryption and decryption |
CN203241980U (en) * | 2013-01-30 | 2013-10-16 | 深圳警翼数码科技有限公司 | Data collecting working station with encryption U flash disc automatic identification technology |
WO2014154273A1 (en) * | 2013-03-27 | 2014-10-02 | Irdeto B.V. | Aes implementation with error correction |
Non-Patent Citations (1)
Title |
---|
无: "用注册表隐藏自定磁盘盘符", 《百度经验》 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110602118A (en) * | 2019-09-20 | 2019-12-20 | 南京信同诚信息技术有限公司 | Virtualization data remote encryption security system and method |
CN110602118B (en) * | 2019-09-20 | 2022-04-22 | 南京信易达计算技术有限公司 | Virtualization data remote encryption security system and method |
Also Published As
Publication number | Publication date |
---|---|
CN104408374B (en) | 2018-05-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10148437B2 (en) | Encryption system with key recovery | |
Zhang et al. | Analysis and improvement of a chaos-based symmetric image encryption scheme using a bit-level permutation | |
US8966279B2 (en) | Securing the implementation of a cryptographic process using key expansion | |
CN101447870B (en) | Safe storage method of private key based on technology of distributed password | |
CN104579646B (en) | Method, device and circuit that the limited monotonic transformation of clobber book and encryption and decryption thereof are applied | |
US10176121B2 (en) | Apparatus and method for memory address encryption | |
KR20190039850A (en) | Methods for constructing secure hash functions from bit-mixers | |
US20120179919A1 (en) | Securing implementation of a cryptographic process having fixed or dynamic keys | |
CN105095695B (en) | The incorrect behaviour realized via white box, which is realized, to be authorized | |
Kazymyrov et al. | Influence of addition modulo 2 n on algebraic attacks | |
US20160072779A1 (en) | Securing a cryptographic device against implementation attacks | |
WO2018224382A1 (en) | Device and method to compute a block cipher | |
CN101848081A (en) | S box and construction method thereof | |
Fadhil et al. | A new lightweight AES using a combination of chaotic systems | |
CN116663038A (en) | Data encryption method and device and electronic equipment | |
Yang et al. | PLCrypto: A symmetric cryptographic library for programmable logic controllers | |
CN105916141A (en) | Self-synchronizing realization system and self-synchronizing realization method for Zu Chongzhi encryption and decryption algorithm | |
CN104618380A (en) | Secret key update method suitable for internet of things | |
Tang et al. | A meet-in-the-middle attack on reduced-round ARIA | |
CN106656500A (en) | Encryption device and method | |
CN104408374A (en) | File encryption method applied to data acquisition workstation | |
CN103136122A (en) | Encryption method of removable disc | |
Gangadari et al. | FPGA implementation of compact S-box for AES algorithm using composite field arithmetic | |
CN104320420A (en) | SCADA file encryption method based on AES algorithm | |
CN107835070B (en) | Simple embedded encryption method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |