CN104463003A - File encryption protecting method - Google Patents
File encryption protecting method Download PDFInfo
- Publication number
- CN104463003A CN104463003A CN201310422490.XA CN201310422490A CN104463003A CN 104463003 A CN104463003 A CN 104463003A CN 201310422490 A CN201310422490 A CN 201310422490A CN 104463003 A CN104463003 A CN 104463003A
- Authority
- CN
- China
- Prior art keywords
- key
- file
- encryption
- cpu
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6209—Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Abstract
The invention belongs to the technical field of computers and discloses a file encryption protecting method. The method includes: encryption protecting is achieved under a Windows operating system platform using an Intel CPU, and encryption key is generated, to be more specific, the first part of key is acquired from the CPU serial number of a PC, a user uses a soft keyboard to manually input the second part of the key, and the first part of the key and the second part of the key are connected to form the final encryption key; a file is encrypted by the final encryption key and stored in the hidden partition (HPA) at the tail of a hard disk, and illegal programs and a user are limited from accessing the encrypted file through an access authority verification manner. The method has the advantages that the problem that traditionally encrypted files can be easily cracked by brutal force, and the method is high in secrecy degree, safe and reliable, simple to operate and suitable for encryption of various files.
Description
Technical field
The invention belongs to computer security technique field, relate to a kind of encryption protecting method of file.
Background technology
Modern society, file data is very important to everyone, how effectively can protect the file data of individual or company, prevent disabled user from obtaining, and has become the topic that people pay close attention to.
The encryption protecting method of current file is of a great variety, is generally the key that requirement user inputs certain length, is generally realized by bottom document filtering system the hiding defencive function of file after encryption.Itself there is limitation in bottom document filtering system, because file still leaves in Windows system after encryption, the virus for Windows operating system is a lot, so relative or unsafe.Utilize keyboard equipments of recording, IE cache resources extracting tool etc. can be easy to the password finding user to input from keyboard, for only needing the software manually inputting password, its security does not just ensure.
Summary of the invention
The object of the invention is the above-mentioned deficiency overcoming prior art; there is provided a kind of and using the method for encrypting and protecting files realized under the Windows operating system platform of Intel CPU; method of the present invention effectively can prevent Key Exposure; effectively prevent virus or disabled user from conducting interviews to file after encryption, and then carry out the possibility of Brute Force after obtaining.
In order to achieve the above object, technical scheme of the present invention is:
A kind of method of encrypting and protecting files; use under the Windows operating system platform using Intel CPU; it is characterized in that: the key of encrypt file is made up of two parts key; a part obtains a part of key from the CPU sequence number of PC, and another part is the key using soft keyboard to input by user.Then use cryptographic algorithm to be encrypted file, the file after encryption leaves the hidden partition of hard disk afterbody in, and except designated program, all the other programs cannot unauthorized access.
Above-mentioned encryption protecting method, can adopt following step:
(1) user uses soft keyboard to input designated length key;
(2) on PC, the machine CPU sequence number is detected;
(3) choose the part position of the whole of (1) and (2), be linked in sequence into the key needed for final cryptographic algorithm;
(4) then use cryptographic algorithm, the key generated using (3), as encryption key, using the file of required encryption as input, finally obtains the file after encrypting;
(5) then the encrypt file generated is left in the hidden partition of hard disk afterbody by designated program.
(6) judging that whether access privilege is legal by described designated program, is be decrypted file, otherwise cannot access hidden partition.
Wherein said Windows operating system refers to Windows2000 operating system, Windows XP operating system and Windows VISTA operating system; Wherein said Intel CPU refers to Intel486
tMcPU after model.
The present invention realizes encrypting and protecting files under the Windows operating system platform using Intel CPU; its substantive distinguishing features is: the present invention adopts soft keyboard to carry out key input; effectively can prevent Key Exposure; simultaneously in conjunction with CPU sequence number and hidden partition (HPA); make the method that the file after encryption is safer, thus effectively protect encrypt file do not accessed by disabled user and obtain.
Compared with prior art, the present invention has following obvious advantage: because the present invention has used the Intel CPU sequence number of PC when encryption key generates, even if only get its first 10, identical probability
close to 0, declassified document must be carried out on the PC of encrypt file; Adopt soft keyboard input user key, effectively prevent relevant hacker software to the threat of input through keyboard record; Use hidden partition (HPA) technology, strengthen the protection of the file after to encryption, effectively prevent virus or disabled user from conducting interviews to file after encryption, and then carry out the possibility of Brute Force after obtaining.
The present invention only carries out the elaboration of the inventive method using aes algorithm as cryptographic algorithm, but cryptographic algorithm can be not limited to aes algorithm, when choosing other cryptographic algorithm, can according to the length of key needed for algorithm, the length of the key that adjustment user manually inputs and the length of the CPU sequence number used.
Accompanying drawing explanation
Fig. 1 is that encryption key of the present invention generates schematic diagram.
Fig. 2 is that user key of the present invention and CPU sequence number portion position are linked in sequence and generate final encryption key schematic diagram.
Embodiment
Current for hiding data; popular is hidden partition (HPA) technology; this technology needs amendment MBR and sets up a physical protection subregion at hard disk afterbody; physical protection subregion automatically sets up; independent of the place disk partition of Windows operating system; virus cannot infect, and cannot delete.When after the complete file of user encryption, leave in the physical protection subregion of hard disk afterbody foundation by designated program by the file after encryption, hidden partition can constantly increase, and serves like this more effective protection of encrypt file.
Intel CPU is from Intel486
tMwork the function supporting to detect CPU sequence number, Intel CPU sequence number is represented by 24 16 system numbers, and the probability identical due to sequence number is
be approximately 0, decryption oprerations can only be carried out on same PC, so use CPU sequence number to generate encryption key, improve the security of encryption key.
The present invention is under the PC using Intel CPU and Windows operating system platform; use high strength encrypting algorithm; generate final secret key encryption file by the part position using user to input key and PC CPU sequence number, coordinate the hidden partition (HPA) of hard disk afterbody to hide the encryption protecting method of the file after protecting encryption afterwards.
Below by way of concrete embodiment, the present invention is further described in more detail:
Ciphering process comprises the steps, the present invention for aes algorithm, see Fig. 1 and Fig. 2:
First obtain the key needed for encryption, aes algorithm needs 16, i.e. the key of 128bit length:
(1) user uses soft keyboard to input 6 keys.Select the reason of 6 bit lengths to be that user inputs long, be not easy to the memory of user self.If user inputs curtailment 6, then added by designated program and specify key to form 6; If user's input more than 6, then designated program can be ignored unnecessary key, only leave 6 keys of foremost.
(2) on PC, 10 bit CPU sequence numbers before the machine are obtained by designated program, the probability that before Intel, 10 bit sequence number are identical
probability is approximately zero as can be seen here, and the CPU of AMD does not support sequence number, so declassified document is impossible substantially on different computers.
(3) 10 keys that 6 keys (1) generated and (2) generate, according to 1 key first got in (1), then get 2 keys in (2), be linked in sequence into the key needed for 16 final cryptographic algorithm.
Then use aes algorithm, 16 keys (3) generated are as encryption key, and file preparation be encrypted, as the input of algorithm, finally obtains the file after encrypting.
Then the encrypt file generated is left in the hidden partition (HPA) of hard disk afterbody by designated program.According to the needs of user, whether can delete the file before encryption.(HPA) should create out by designated program before encrypt file in hidden partition, and along with the carrying out of encryption and decryption operation, hidden partition (HPA) can become large dynamically or diminish, and the disk size shared by Windows operating system is also along with dynamic change.
Finally, designated program is used can be decrypted operation, by judging that whether user cipher is correct; to be decrypted operation; otherwise cannot decipher, then the file after encryption is in hidden state, to reach the access that protection encrypt file prevents disabled user or program.
The foregoing is only preferred embodiment of the present invention, not in order to limit the present invention, all any amendments done within the spirit and principles in the present invention, equivalent replacement and improvement etc., all should be included within protection scope of the present invention.
Claims (2)
1. a method of encrypting and protecting files, use under the Windows operating system platform using Intel CPU, it is characterized in that: the key of encrypt file is made up of two parts key, a part obtains a part of key from the CPU sequence number of PC, and another part is the key using soft keyboard to input by user; Then use cryptographic algorithm to be encrypted file, the file after encryption leaves the hidden partition of hard disk afterbody in, and except designated program, all the other programs cannot unauthorized access.
2. encryption protecting method according to claim 1, is characterized in that: process comprises the following steps:
(1) user uses soft keyboard to input designated length key;
(2) on PC, the machine CPU sequence number is detected;
(3) choose the part position of the whole of (1) and (2), be linked in sequence into the key needed for final cryptographic algorithm;
(4) use cryptographic algorithm, the key generated using (3), as encryption key, using the file of required encryption as input, finally obtains the file after encrypting;
(5) encrypt file generated is left in the hidden partition of hard disk afterbody by designated program.
(6) judging that whether access privilege is legal by described designated program, is be decrypted file, otherwise cannot access hidden partition.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310422490.XA CN104463003A (en) | 2013-09-13 | 2013-09-13 | File encryption protecting method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310422490.XA CN104463003A (en) | 2013-09-13 | 2013-09-13 | File encryption protecting method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104463003A true CN104463003A (en) | 2015-03-25 |
Family
ID=52909025
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310422490.XA Pending CN104463003A (en) | 2013-09-13 | 2013-09-13 | File encryption protecting method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104463003A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109583237A (en) * | 2018-12-10 | 2019-04-05 | 平安科技(深圳)有限公司 | User data protection method, server and storage medium |
| CN110598409A (en) * | 2019-09-04 | 2019-12-20 | 南方电网数字电网研究院有限公司 | Storage medium access method and device, computer equipment and storage medium |
| CN112100611A (en) * | 2020-08-14 | 2020-12-18 | 广州江南科友科技股份有限公司 | Password generation method and device, storage medium and computer equipment |
-
2013
- 2013-09-13 CN CN201310422490.XA patent/CN104463003A/en active Pending
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109583237A (en) * | 2018-12-10 | 2019-04-05 | 平安科技(深圳)有限公司 | User data protection method, server and storage medium |
| CN110598409A (en) * | 2019-09-04 | 2019-12-20 | 南方电网数字电网研究院有限公司 | Storage medium access method and device, computer equipment and storage medium |
| CN110598409B (en) * | 2019-09-04 | 2020-06-02 | 南方电网数字电网研究院有限公司 | Storage medium access method and device, computer equipment and storage medium |
| CN112100611A (en) * | 2020-08-14 | 2020-12-18 | 广州江南科友科技股份有限公司 | Password generation method and device, storage medium and computer equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| TWI463349B (en) | Method and system for secure data access among two devices | |
| US20130013928A1 (en) | Secure Credential Unlock Using Trusted Execution Environments | |
| CN105740725B (en) | A kind of document protection method and system | |
| RU2010114241A (en) | MULTIFACTOR CONTENT PROTECTION | |
| CN106575342A (en) | Kernel program including relational data base, and method and device for executing said program | |
| CN102156843B (en) | Data encryption method and system as well as data decryption method | |
| CN103236930A (en) | Data encryption method and system | |
| CN104239820A (en) | Secure storage device | |
| CN107908574A (en) | The method for security protection of solid-state disk data storage | |
| CN104657670A (en) | Data encryption based safety use method of configuration file | |
| CN102236756A (en) | File encryption method based on TCM (trusted cryptography module) and USBkey | |
| CN105117658A (en) | Password security management method and equipment based on fingerprint authentication | |
| Belenko et al. | “Secure Password Managers” and “Military-Grade Encryption” on Smartphones: Oh, Really? | |
| CN103338106A (en) | Methods and devices for ciphering and deciphering file | |
| KR20230175184A (en) | Computer file security encryption methods, decryption methods and readable storage media | |
| US20140108818A1 (en) | Method of encrypting and decrypting session state information | |
| CN110225014B (en) | Internet of things equipment identity authentication method based on fingerprint centralized issuing mode | |
| CN101692265A (en) | Method of encrypting and protecting files | |
| CN104463003A (en) | File encryption protecting method | |
| CN101692266A (en) | Method of intensively encrypting and protecting files by using hidden partition (HPA) and CPU ID | |
| CN104504310A (en) | Method and device for software protection based on shell technology | |
| CN102270182B (en) | Encrypted mobile storage equipment based on synchronous user and host machine authentication | |
| CN101795194B (en) | Method for protecting multi-digital certificate of intelligent card | |
| CN101692264A (en) | Method of encrypting and protecting files by using hidden partition (HPA), CPU ID and soft keyboard | |
| KR101318668B1 (en) | Portable memory card having information security function |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20150325 |