CN104463003A - File encryption protecting method - Google Patents

File encryption protecting method Download PDF

Info

Publication number
CN104463003A
CN104463003A CN201310422490.XA CN201310422490A CN104463003A CN 104463003 A CN104463003 A CN 104463003A CN 201310422490 A CN201310422490 A CN 201310422490A CN 104463003 A CN104463003 A CN 104463003A
Authority
CN
China
Prior art keywords
key
file
encryption
cpu
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201310422490.XA
Other languages
Chinese (zh)
Inventor
吕伟峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
TIANJIN WISDOM TREE ELECTRONIC TECHNOLOGY Co Ltd
Original Assignee
TIANJIN WISDOM TREE ELECTRONIC TECHNOLOGY Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by TIANJIN WISDOM TREE ELECTRONIC TECHNOLOGY Co Ltd filed Critical TIANJIN WISDOM TREE ELECTRONIC TECHNOLOGY Co Ltd
Priority to CN201310422490.XA priority Critical patent/CN104463003A/en
Publication of CN104463003A publication Critical patent/CN104463003A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The invention belongs to the technical field of computers and discloses a file encryption protecting method. The method includes: encryption protecting is achieved under a Windows operating system platform using an Intel CPU, and encryption key is generated, to be more specific, the first part of key is acquired from the CPU serial number of a PC, a user uses a soft keyboard to manually input the second part of the key, and the first part of the key and the second part of the key are connected to form the final encryption key; a file is encrypted by the final encryption key and stored in the hidden partition (HPA) at the tail of a hard disk, and illegal programs and a user are limited from accessing the encrypted file through an access authority verification manner. The method has the advantages that the problem that traditionally encrypted files can be easily cracked by brutal force, and the method is high in secrecy degree, safe and reliable, simple to operate and suitable for encryption of various files.

Description

A kind of method of encrypting and protecting files
Technical field
The invention belongs to computer security technique field, relate to a kind of encryption protecting method of file.
Background technology
Modern society, file data is very important to everyone, how effectively can protect the file data of individual or company, prevent disabled user from obtaining, and has become the topic that people pay close attention to.
The encryption protecting method of current file is of a great variety, is generally the key that requirement user inputs certain length, is generally realized by bottom document filtering system the hiding defencive function of file after encryption.Itself there is limitation in bottom document filtering system, because file still leaves in Windows system after encryption, the virus for Windows operating system is a lot, so relative or unsafe.Utilize keyboard equipments of recording, IE cache resources extracting tool etc. can be easy to the password finding user to input from keyboard, for only needing the software manually inputting password, its security does not just ensure.
Summary of the invention
The object of the invention is the above-mentioned deficiency overcoming prior art; there is provided a kind of and using the method for encrypting and protecting files realized under the Windows operating system platform of Intel CPU; method of the present invention effectively can prevent Key Exposure; effectively prevent virus or disabled user from conducting interviews to file after encryption, and then carry out the possibility of Brute Force after obtaining.
In order to achieve the above object, technical scheme of the present invention is:
A kind of method of encrypting and protecting files; use under the Windows operating system platform using Intel CPU; it is characterized in that: the key of encrypt file is made up of two parts key; a part obtains a part of key from the CPU sequence number of PC, and another part is the key using soft keyboard to input by user.Then use cryptographic algorithm to be encrypted file, the file after encryption leaves the hidden partition of hard disk afterbody in, and except designated program, all the other programs cannot unauthorized access.
Above-mentioned encryption protecting method, can adopt following step:
(1) user uses soft keyboard to input designated length key;
(2) on PC, the machine CPU sequence number is detected;
(3) choose the part position of the whole of (1) and (2), be linked in sequence into the key needed for final cryptographic algorithm;
(4) then use cryptographic algorithm, the key generated using (3), as encryption key, using the file of required encryption as input, finally obtains the file after encrypting;
(5) then the encrypt file generated is left in the hidden partition of hard disk afterbody by designated program.
(6) judging that whether access privilege is legal by described designated program, is be decrypted file, otherwise cannot access hidden partition.
Wherein said Windows operating system refers to Windows2000 operating system, Windows XP operating system and Windows VISTA operating system; Wherein said Intel CPU refers to Intel486 tMcPU after model.
The present invention realizes encrypting and protecting files under the Windows operating system platform using Intel CPU; its substantive distinguishing features is: the present invention adopts soft keyboard to carry out key input; effectively can prevent Key Exposure; simultaneously in conjunction with CPU sequence number and hidden partition (HPA); make the method that the file after encryption is safer, thus effectively protect encrypt file do not accessed by disabled user and obtain.
Compared with prior art, the present invention has following obvious advantage: because the present invention has used the Intel CPU sequence number of PC when encryption key generates, even if only get its first 10, identical probability close to 0, declassified document must be carried out on the PC of encrypt file; Adopt soft keyboard input user key, effectively prevent relevant hacker software to the threat of input through keyboard record; Use hidden partition (HPA) technology, strengthen the protection of the file after to encryption, effectively prevent virus or disabled user from conducting interviews to file after encryption, and then carry out the possibility of Brute Force after obtaining.
The present invention only carries out the elaboration of the inventive method using aes algorithm as cryptographic algorithm, but cryptographic algorithm can be not limited to aes algorithm, when choosing other cryptographic algorithm, can according to the length of key needed for algorithm, the length of the key that adjustment user manually inputs and the length of the CPU sequence number used.
Accompanying drawing explanation
Fig. 1 is that encryption key of the present invention generates schematic diagram.
Fig. 2 is that user key of the present invention and CPU sequence number portion position are linked in sequence and generate final encryption key schematic diagram.
Embodiment
Current for hiding data; popular is hidden partition (HPA) technology; this technology needs amendment MBR and sets up a physical protection subregion at hard disk afterbody; physical protection subregion automatically sets up; independent of the place disk partition of Windows operating system; virus cannot infect, and cannot delete.When after the complete file of user encryption, leave in the physical protection subregion of hard disk afterbody foundation by designated program by the file after encryption, hidden partition can constantly increase, and serves like this more effective protection of encrypt file.
Intel CPU is from Intel486 tMwork the function supporting to detect CPU sequence number, Intel CPU sequence number is represented by 24 16 system numbers, and the probability identical due to sequence number is be approximately 0, decryption oprerations can only be carried out on same PC, so use CPU sequence number to generate encryption key, improve the security of encryption key.
The present invention is under the PC using Intel CPU and Windows operating system platform; use high strength encrypting algorithm; generate final secret key encryption file by the part position using user to input key and PC CPU sequence number, coordinate the hidden partition (HPA) of hard disk afterbody to hide the encryption protecting method of the file after protecting encryption afterwards.
Below by way of concrete embodiment, the present invention is further described in more detail:
Ciphering process comprises the steps, the present invention for aes algorithm, see Fig. 1 and Fig. 2:
First obtain the key needed for encryption, aes algorithm needs 16, i.e. the key of 128bit length:
(1) user uses soft keyboard to input 6 keys.Select the reason of 6 bit lengths to be that user inputs long, be not easy to the memory of user self.If user inputs curtailment 6, then added by designated program and specify key to form 6; If user's input more than 6, then designated program can be ignored unnecessary key, only leave 6 keys of foremost.
(2) on PC, 10 bit CPU sequence numbers before the machine are obtained by designated program, the probability that before Intel, 10 bit sequence number are identical probability is approximately zero as can be seen here, and the CPU of AMD does not support sequence number, so declassified document is impossible substantially on different computers.
(3) 10 keys that 6 keys (1) generated and (2) generate, according to 1 key first got in (1), then get 2 keys in (2), be linked in sequence into the key needed for 16 final cryptographic algorithm.
Then use aes algorithm, 16 keys (3) generated are as encryption key, and file preparation be encrypted, as the input of algorithm, finally obtains the file after encrypting.
Then the encrypt file generated is left in the hidden partition (HPA) of hard disk afterbody by designated program.According to the needs of user, whether can delete the file before encryption.(HPA) should create out by designated program before encrypt file in hidden partition, and along with the carrying out of encryption and decryption operation, hidden partition (HPA) can become large dynamically or diminish, and the disk size shared by Windows operating system is also along with dynamic change.
Finally, designated program is used can be decrypted operation, by judging that whether user cipher is correct; to be decrypted operation; otherwise cannot decipher, then the file after encryption is in hidden state, to reach the access that protection encrypt file prevents disabled user or program.
The foregoing is only preferred embodiment of the present invention, not in order to limit the present invention, all any amendments done within the spirit and principles in the present invention, equivalent replacement and improvement etc., all should be included within protection scope of the present invention.

Claims (2)

1. a method of encrypting and protecting files, use under the Windows operating system platform using Intel CPU, it is characterized in that: the key of encrypt file is made up of two parts key, a part obtains a part of key from the CPU sequence number of PC, and another part is the key using soft keyboard to input by user; Then use cryptographic algorithm to be encrypted file, the file after encryption leaves the hidden partition of hard disk afterbody in, and except designated program, all the other programs cannot unauthorized access.
2. encryption protecting method according to claim 1, is characterized in that: process comprises the following steps:
(1) user uses soft keyboard to input designated length key;
(2) on PC, the machine CPU sequence number is detected;
(3) choose the part position of the whole of (1) and (2), be linked in sequence into the key needed for final cryptographic algorithm;
(4) use cryptographic algorithm, the key generated using (3), as encryption key, using the file of required encryption as input, finally obtains the file after encrypting;
(5) encrypt file generated is left in the hidden partition of hard disk afterbody by designated program.
(6) judging that whether access privilege is legal by described designated program, is be decrypted file, otherwise cannot access hidden partition.
CN201310422490.XA 2013-09-13 2013-09-13 File encryption protecting method Pending CN104463003A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310422490.XA CN104463003A (en) 2013-09-13 2013-09-13 File encryption protecting method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310422490.XA CN104463003A (en) 2013-09-13 2013-09-13 File encryption protecting method

Publications (1)

Publication Number Publication Date
CN104463003A true CN104463003A (en) 2015-03-25

Family

ID=52909025

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310422490.XA Pending CN104463003A (en) 2013-09-13 2013-09-13 File encryption protecting method

Country Status (1)

Country Link
CN (1) CN104463003A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109583237A (en) * 2018-12-10 2019-04-05 平安科技(深圳)有限公司 User data protection method, server and storage medium
CN110598409A (en) * 2019-09-04 2019-12-20 南方电网数字电网研究院有限公司 Storage medium access method and device, computer equipment and storage medium
CN112100611A (en) * 2020-08-14 2020-12-18 广州江南科友科技股份有限公司 Password generation method and device, storage medium and computer equipment

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109583237A (en) * 2018-12-10 2019-04-05 平安科技(深圳)有限公司 User data protection method, server and storage medium
CN110598409A (en) * 2019-09-04 2019-12-20 南方电网数字电网研究院有限公司 Storage medium access method and device, computer equipment and storage medium
CN110598409B (en) * 2019-09-04 2020-06-02 南方电网数字电网研究院有限公司 Storage medium access method and device, computer equipment and storage medium
CN112100611A (en) * 2020-08-14 2020-12-18 广州江南科友科技股份有限公司 Password generation method and device, storage medium and computer equipment

Similar Documents

Publication Publication Date Title
TWI463349B (en) Method and system for secure data access among two devices
US20130013928A1 (en) Secure Credential Unlock Using Trusted Execution Environments
CN105740725B (en) A kind of document protection method and system
CN106575342A (en) Kernel program including relational data base, and method and device for executing said program
CN102156843B (en) Data encryption method and system as well as data decryption method
CN104239820A (en) Secure storage device
CN103236930A (en) Data encryption method and system
CN104657670A (en) Data encryption based safety use method of configuration file
CN107908574A (en) The method for security protection of solid-state disk data storage
CN110225014B (en) Internet of things equipment identity authentication method based on fingerprint centralized issuing mode
CN104639332A (en) Protective method for solid-state disk encryption key
US20140108818A1 (en) Method of encrypting and decrypting session state information
Belenko et al. “Secure Password Managers” and “Military-Grade Encryption” on Smartphones: Oh, Really?
KR20230175184A (en) Computer file security encryption methods, decryption methods and readable storage media
CN103338106A (en) Methods and devices for ciphering and deciphering file
CN101692265A (en) Method of encrypting and protecting files
KR101485968B1 (en) Method for accessing to encoded files
CN104463003A (en) File encryption protecting method
CN101692266A (en) Method of intensively encrypting and protecting files by using hidden partition (HPA) and CPU ID
CN102270182B (en) Encrypted mobile storage equipment based on synchronous user and host machine authentication
CN104504310A (en) Method and device for software protection based on shell technology
CN103763097A (en) Security encryption method for password or secret key
CN101795194B (en) Method for protecting multi-digital certificate of intelligent card
CN101692264A (en) Method of encrypting and protecting files by using hidden partition (HPA), CPU ID and soft keyboard
CN204808325U (en) Carry out black equipment to data

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20150325