CN106407127A - Data encryption method and apparatus - Google Patents
Data encryption method and apparatus Download PDFInfo
- Publication number
- CN106407127A CN106407127A CN201510465717.8A CN201510465717A CN106407127A CN 106407127 A CN106407127 A CN 106407127A CN 201510465717 A CN201510465717 A CN 201510465717A CN 106407127 A CN106407127 A CN 106407127A
- Authority
- CN
- China
- Prior art keywords
- data
- area
- ciphertext
- internal memory
- write
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 54
- 230000015654 memory Effects 0.000 claims abstract description 213
- 241001269238 Data Species 0.000 claims description 13
- 238000004513 sizing Methods 0.000 claims description 4
- 230000009286 beneficial effect Effects 0.000 description 12
- 238000010586 diagram Methods 0.000 description 10
- 230000007423 decrease Effects 0.000 description 6
- 230000000694 effects Effects 0.000 description 6
- 230000006870 function Effects 0.000 description 2
- 238000004064 recycling Methods 0.000 description 2
- 230000006872 improvement Effects 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Abstract
The invention discloses a data encryption method and apparatus, and belongs to the technical field of encryption. The data encryption method comprises the steps of applying for a section of memory for plaintext data needed to be encrypted in a predetermined mode, wherein the size of the memory is equal to the size of ciphertext data obtained after the plaintext data is encrypted; writing the plaintext data into a second region; sequentially reading plaintext data blocks of predetermined sizes from unread plaintext data in the second region, and performing encryption on the read plaintext data blocks according to a predetermined encryption algorithm; and writing the ciphertext data into a first region. According to the method and the apparatus, the memory overhead is reduced and low-power embedded equipment with a relatively small memory is ensured to perform encrypted storage.
Description
Technical field
The present invention relates to encryption technology field, particularly to a kind of data ciphering method and device.
Background technology
In order to ensure the security of data, it usually needs data is encrypted.
A kind of common cipher mode is:First, two sections of internal memories of application in the internal memory of equipment, wherein one section
Internal memory is used for storage in plain text, and this section of internal memory is designated as the first internal memory, and a wherein another section internal memory is used for storing ciphertext,
This section of internal memory is designated as the second internal memory;Then, read clear data from the first internal memory, according to predetermined encryption
Mode is encrypted to the clear data reading, and the data ciphertext after encryption is stored to the second internal memory.
During realizing the present invention, inventor finds that correlation technique at least has problems with:Due to upper
State and need in cipher mode to apply for two sections of internal memories, be therefore not particularly suited for the smaller equipment of internal memory, such as interior
Hold the embedded device of the low-power consumption being typically only 256 bytes.
Content of the invention
In order to solve in correlation technique because needing to apply for two sections of internal memories in encryption, it is not particularly suited for internal memory and compares
The problem of little equipment, embodiments provides a kind of data ciphering method and device.Described technical side
Case is as follows:
A kind of first aspect, there is provided data ciphering method, methods described includes:
It is the one section of internal memory of clear data application needing encryption according to predetermined way, described internal memory is included positioned at institute
State the first area of internal memory head and the second area being located at described internal memory afterbody, the size of described internal memory is equal to
Size to the ciphertext data obtaining after the encryption of described clear data;
Described clear data is write described second area;
The clear data of predefined size is read in the clear data not sequentially being read from described second area
Block, is encrypted to the described block of plaintext data reading according to predetermined cryptographic algorithm, obtains ciphertext block data;
Described ciphertext block data is write described first area, and after described first area is write completely, continues to write
Enter to described second area.
The beneficial effect that technique scheme is brought is:It is less than clear data and bright to this by only applying for one section
Civilian data be encrypted after the ciphertext data sum obtaining internal memory, and first clear data is write this internal memory,
Then sequentially read block of plaintext data, the block of plaintext data reading is encrypted, the ciphertext after being encrypted
Data block, the ciphertext block data obtaining is write this internal memory, due to before encryption, can be by clear data
Store to internal memory, and the clear data storing has no effect on the storage of ciphertext data, therefore decreases internal memory and opens
Pin is it is ensured that the smaller low-power-consumption embedded equipment of internal memory is encrypted storage.
Optionally, described is the one section of internal memory of clear data application needing encryption according to predetermined way, including:
The ciphertext data obtaining after being expected according to described predetermined cryptographic algorithm, described clear data to be encrypted
Size, described ciphertext data includes data corresponding with described clear data and predetermined description information;
Application size is equal to the internal memory of the size of described ciphertext data.
The beneficial effect that technique scheme is brought is:Calculated to bright by calculating previously according to predetermined encryption
The size of the ciphertext data that civilian data obtains after being encrypted, determines the size of internal memory, namely this internal memory only needs
The size that ciphertext data can be deposited is set, thus clear data can be encrypted in guarantee
Meanwhile, reduce the space of the internal memory of application as far as possible.
Optionally, described by described ciphertext block data write described first area, including:
It is not written into the original position of data from described first area, the ciphertext number that sequentially write encryption obtains
According to block.
The beneficial effect that technique scheme is brought is:By being not written into the initial of data in the first region
Position, sequentially the write ciphertext block data that obtains of encryption is it is ensured that being sequentially written in of ciphertext data, it is to avoid
Cover the situation of the ciphertext data having been written into and still not encrypted clear data so as to plaintext number
According to encryption and the correct reading to ciphertext data provide possibility.
Optionally, described described ciphertext block data is write described first area, and write in described first area
Man Hou, continues to write to described second area, including:
Detect whether described first area is fully written;
If described first area is fully written, from the original position of described second area, cover write successively and add
The close ciphertext block data obtaining;
If described first area is not written full, described ciphertext block data is write described first area.
The beneficial effect that technique scheme is brought is:By after first area is fully written, from second area
Original position, cover the write ciphertext block data that obtains of encryption successively;Original position due to second area
The clear data being stored has been read and encrypted mistake, and therefore these clear datas are nonsensical,
Now then can be by these clear datas of ciphertext data cover, so, early stage is used for storing the of clear data
Two regions are eventually covered by ciphertext data, so that second area is by clear data and ciphertext data
Recycling, therefore provides possibility for reducing data as far as possible to the occupancy of internal memory.
Optionally, methods described also includes:
When all clear datas are all encrypted, and all ciphertext data that encryption obtains all are written into described internal memory
Afterwards, then in described second area not by the region of ciphertext data cover, cover write and be used for described description information.
The beneficial effect that technique scheme is brought is:After clear data is all encrypted, store in internal memory
Clear data then there is no the meaning of presence, now description information can be covered write currently used for storage
The region of clear data, now, for storing the region of ciphertext data and the area for storing description information
Domain is the internal memory of whole application, and being stored in of description information can ensure that ciphertext data is read out carrying out correlation
Operation.
Optionally, methods described also includes:
When described clear data is all encrypted complete, and encrypt after all ciphertext data be all read after, then
The described internal memory of release application.
The beneficial effect that technique scheme is brought is:By all encrypted complete in clear data, and encrypt
After all ciphertext data afterwards are all read, this internal memory of release application, can effectively reduce and internal memory is accounted for
With duration, these internal memories can be continuing with order to other business in equipment, improve the work of equipment
Efficiency.
A kind of second aspect, there is provided data encryption device, described device includes:
Internal memory application module, for being the one section of internal memory of clear data application needing encryption according to predetermined way,
The second area that described internal memory includes positioned at the first area of described internal memory head and is located at described internal memory afterbody,
The size of described internal memory is equal to the size to the ciphertext data obtaining after the encryption of described clear data;
First writing module, for writing described second area by described clear data;
Data encryption module, pre- for reading in the clear data that is not sequentially read from described second area
The block of plaintext data of sizing, is encrypted to the described block of plaintext data reading according to predetermined cryptographic algorithm,
Obtain ciphertext block data;
Second writing module, for the described ciphertext block data write obtaining the encryption of described data encryption module
Described first area, and after described first area is write completely, continue to write to described second area.
The beneficial effect that technique scheme is brought is:It is less than clear data and bright to this by only applying for one section
Civilian data be encrypted after the ciphertext data sum obtaining internal memory, and first clear data is write this internal memory,
Then sequentially read block of plaintext data, the block of plaintext data reading is encrypted, the ciphertext after being encrypted
Data block, the ciphertext block data obtaining is write this internal memory, due to before encryption, can be by clear data
Store to internal memory, and the clear data storing has no effect on the storage of ciphertext data, therefore decreases internal memory and opens
Pin is it is ensured that the smaller low-power-consumption embedded equipment of internal memory is encrypted storage.
Optionally, described internal memory application module, including:
Size expected cell, is encrypted to described clear data according to described predetermined cryptographic algorithm for estimated
The size of the ciphertext data obtaining afterwards, described ciphertext data includes data corresponding with described clear data and pre-
Fixed description information;
Internal memory application unit, for applying for that size is equal to the described ciphertext number that described size expected cell predicts
According to size internal memory.
The beneficial effect that technique scheme is brought is:Calculated to bright by calculating previously according to predetermined encryption
The size of the ciphertext data that civilian data obtains after being encrypted, determines the size of internal memory, namely this internal memory only needs
Arrange and can deposit ciphertext data and be used for describing the former or whole in the description information of ciphertext data
Two kinds of size, thus while ensureing clear data can be encrypted, reduce as far as possible
The space of the internal memory of application.
Optionally, described second writing module, is additionally operable to:
It is not written into the original position of data from described first area, the ciphertext number that sequentially write encryption obtains
According to block.
The beneficial effect that technique scheme is brought is:By being not written into the initial of data in the first region
Position, sequentially the write ciphertext block data that obtains of encryption is it is ensured that being sequentially written in of ciphertext data, it is to avoid
Cover the situation of the ciphertext data having been written into and still not encrypted clear data so as to plaintext number
According to encryption and the correct reading to ciphertext data provide possibility.
Optionally, described second writing module, including:
Detector unit, for detecting whether described first area is fully written;
First writing unit, for when described detector unit detects described first area and is fully written, from institute
State the original position of second area, cover the ciphertext block data that write encryption obtains successively;
Second writing unit, be additionally operable to described detector unit detect described first area not written full when,
Described ciphertext block data is write described first area.
The beneficial effect that technique scheme is brought is:By after first area is fully written, from second area
Original position, cover the write ciphertext block data that obtains of encryption successively;Original position due to second area
The clear data being stored has been read and encrypted mistake, and therefore these clear datas are nonsensical,
Now then can be by these clear datas of ciphertext data cover, so, early stage is used for storing the of clear data
Two regions are eventually covered by ciphertext data, so that second area is by clear data and ciphertext data
Recycling, therefore provides possibility for reducing data as far as possible to the occupancy of internal memory.
Optionally, described device also includes:
Description information writing module, for when all clear datas all encrypted, and encrypt obtain all close
After civilian data is all written into described internal memory, then in described second area not by the region of ciphertext data cover, cover
Overwrite enters the description information for describing described ciphertext data.
The beneficial effect that technique scheme is brought is:After clear data is all encrypted, store in internal memory
Clear data then there is no the meaning of presence, now description information can be covered write currently used for storage
The region of clear data, now, for storing the region of ciphertext data and the area for storing description information
Domain is the internal memory of whole application, and being stored in of description information can ensure that ciphertext data is read out carrying out correlation
Operation.
Optionally, described device also includes:
Internal memory release module, for when described clear data all encrypted complete, and encrypt after all ciphertexts
After data is all read, then discharge the described internal memory of application.
The beneficial effect that technique scheme is brought is:By all encrypted complete in clear data, and encrypt
After all ciphertext data afterwards are all read, this internal memory of release application, can effectively reduce and internal memory is accounted for
With duration, these internal memories can be continuing with order to other business in equipment, improve the work of equipment
Efficiency.
Brief description
For the technical scheme being illustrated more clearly that in the embodiment of the present invention, below will be to institute in embodiment description
Need use accompanying drawing be briefly described it should be apparent that, drawings in the following description are only the present invention
Some embodiments, for those of ordinary skill in the art, on the premise of not paying creative work,
Other accompanying drawings can also be obtained according to these accompanying drawings.
Fig. 1 is the method flow diagram of the data ciphering method providing in one embodiment of the invention;
Fig. 2A is the method flow diagram of the data ciphering method providing in another embodiment of the present invention;
Fig. 2 B is the clear data Shen being needs encryption according to predetermined way providing in one embodiment of the invention
Please one section of internal memory flow chart;
Fig. 2 C is the interior presence storage clear data and ciphertext number that the application providing in one embodiment of the invention is arrived
According to when region distribution schematic diagram;
Fig. 2 D is the schematic diagram writing ciphertext block data to first area providing in one embodiment of the invention;
Fig. 2 E is the schematic diagram writing ciphertext block data to second area providing in one embodiment of the invention;
Fig. 3 is the structural representation of the data encryption device providing in one embodiment of the invention;
Fig. 4 is the structural representation of the data encryption device providing in another embodiment of the present invention.
Specific embodiment
For making the object, technical solutions and advantages of the present invention clearer, below in conjunction with accompanying drawing to the present invention
Embodiment is described in further detail.
Fig. 1 is the method flow diagram of the data ciphering method providing in one embodiment of the invention.This data adds
The low-power-consumption embedded equipment that decryption method can apply to, in the embedded device of low-power consumption, be said here is interior
Deposit very little, the equipment very high to the use requirement of internal memory.This data ciphering method can include:
Step 101, is the one section of internal memory of clear data application needing encryption according to predetermined way, and this internal memory includes
Second area positioned at the first area of this internal memory head with positioned at this internal memory afterbody, the size of this internal memory is equal to
Size to the ciphertext data obtaining after the encryption of this clear data.
Step 102, this clear data is write this second area.
Step 103, reads the plaintext of predefined size in the clear data not sequentially being read from this second area
Data block, is encrypted to this block of plaintext data reading according to predetermined cryptographic algorithm, obtains ciphertext block data.
Step 104, this ciphertext block data is write this first area, and after this first area is write completely, continues
Write to this second area.
In sum, the data ciphering method providing in the embodiment of the present invention, by only applying for one section less than bright
Civilian data and the internal memory of the ciphertext data sum obtaining after this clear data is encrypted, and first will be in plain text
Data writes this internal memory, then sequentially reads block of plaintext data, the block of plaintext data reading is encrypted,
Ciphertext block data after being encrypted, the ciphertext block data obtaining is write this internal memory, due to before encryption,
Clear data can be stored to internal memory, and the clear data storing has no effect on the storage of ciphertext data, because
This decreases memory cost it is ensured that the smaller low-power-consumption embedded equipment of internal memory is encrypted storage.
Fig. 2A is the method flow diagram of the data ciphering method providing in another embodiment of the present invention.This data
The low power consuming devices that encryption method can apply to, in low power consuming devices, be said here are that internal memory is very little, right
The very high equipment of the use requirement of internal memory, the embedded device of such as low-power consumption.This data ciphering method can
To include:
Step 201, is the one section of internal memory of clear data application needing encryption according to predetermined way, and this internal memory includes
Second area positioned at the first area of this internal memory head with positioned at this internal memory afterbody, the size of this internal memory is equal to
Size to the ciphertext data obtaining after the encryption of this clear data.
In actual applications, low-power-consumption embedded equipment is often encrypted for one section of clear data, all can basis
The byte number of this section of clear data, applies for one section of internal memory.
In general, the internal memory of low power consuming devices generally very little, such as only 256 bytes, therefore for
Reduce the occupancy to internal memory during encryption as far as possible, the present invention each embodiment is in the plaintext for needing encryption
When data is encrypted, only apply for an end memory, and the size of the internal memory applied for is equal to and this clear data is added
The size of the ciphertext data obtaining after close.
Compared in correlation technique, needing to apply for two sections of internal memories, wherein one section internal memory needs to encrypt for storage
Clear data, another section of internal memory be used for the ciphertext data after storage is encrypted to this clear data, here
Memory size show less than this two sections of internal memory sums in correlation technique, therefore save the occupancy to internal memory.
For the ease of the ciphertext data of write clear data orderly in the internal memory of application and generation, generally
Memory setting can be two regions, namely the content of application can include positioned at this internal memory head first
Region and the second area being located at this internal memory afterbody.
Optionally, the next position of the end position of first area is the original position of second area.
In a kind of possible implementation, can under first budget internal memory size, then big according to budget
Little application internal memory, specifically may refer to shown in Fig. 2 B, and it is to provide in one embodiment of the invention according to pre-
Determine the flow chart that mode is the one section of internal memory of clear data application needing encryption.In fig. 2b, low power consuming devices
It is being the one section of internal memory of clear data application needing encryption according to predetermined way, may include steps of:
Step 201a is it is contemplated that the ciphertext number that obtains after this clear data being encrypted according to predetermined cryptographic algorithm
According to size, this ciphertext data includes data corresponding with clear data and predetermined description information.
Here predetermined cryptographic algorithm is the algorithm that low power consuming devices are encrypted to clear data, and this makes a reservation for add
Close algorithm generally to be determined by the security requirements of clear data, the present embodiment not side to predetermined cryptographic algorithm
Formula is defined.
In general, to the ciphertext data obtaining after clear data encryption, the byte that it takies is typically larger than right
The byte shared by clear data answered, therefore, when for application internal memory, can first Budget Service ciphertext data
Shared byte, then to be determined with the byte shared by ciphertext data needs the internal memory of application.
Generally, in order to the receiving terminal ensureing ciphertext data can learn the cipher mode of ciphertext data, so that right
The ciphertext data receiving is decrypted, and low power consuming devices generally also can be calculated in the internal memory of application in write encryption
The description informations such as method, in order to send the description information reading in internal memory to the receiving terminal of ciphertext data.This
In the description information said can be the description letter to the cipher mode that ciphertext data is encrypted for description
Cease or for describing information of byte etc. shared by all ciphertext data, the present embodiment is not to description
The particular content of information is defined.
In general, the part all as ciphertext data such as these description informations, namely ciphertext data except
Including the data after clear data is encrypted, also include other description informations.
Therefore when applying for internal memory, generally also need in view of for describing the description information institute of this ciphertext data
The size taking, description information here is usually 8bit-10bit.
Step 201b, application size is equal to the internal memory of the size of this ciphertext data.
In order to reduce the occupancy to internal memory as far as possible, and can be sequentially according to clear data in view of ciphertext data
It is encrypted, therefore in initial phase, ciphertext data can be not take up internal memory, with the life of ciphertext data
Become, ciphertext data starts progressively committed memory.Therefore, when applying for internal memory, application size is equal to this ciphertext
The internal memory of the size of data.
General, the second area in internal memory is traditionally arranged to be the size of clear data.Optionally, from internal memory
Tail position shift forward predefined size, point to the original position of second area, that is said here is predetermined big
The little size being clear data.
Optionally, refer to shown in Fig. 2 C, it is to be arrived according to the application providing in one embodiment of the invention
The interior region distribution schematic diagram existing when storage clear data and ciphertext data, in fig. 2 c, the internal memory of application
Including first area 22 and second area 24, the wherein size of second area 24 is equal to shared by clear data
Byte.
General, this clear data is typically greater than to the ciphertext data obtaining after clear data encryption, because
During the internal memory of this size being equal to ciphertext data in application size, second area shows and can be used for storing all
Clear data.
Step 202, this clear data is write this second area.
When this clear data is write this second area, can successively will from the original position of second area
Clear data writes second area.
Optionally, when clear data is write this second area, the first write pointer can be set, this
The original position of one write pointer is the original position of second area, during write clear data,
Often write a byte, the position that this first write pointer is given instruction adds 1, until this first write pointer points to
The end position of second area, completes the write of clear data.
Step 203, reads the plaintext of predefined size in the clear data not sequentially being read from this second area
Data block, is encrypted to this block of plaintext data reading according to predetermined cryptographic algorithm, obtains ciphertext block data.
After clear data all writes second area, start clear data is encrypted, now can be from
The original position of second area sequentially reads clear data, general, when reading clear data, can be by
Read clear data according to predefined size, the clear data with predefined size is designated as block of plaintext data.
Often read out block of plaintext data, then according to predetermined cryptographic algorithm, the block of plaintext data reading be encrypted,
Ciphertext data after being encrypted, the ciphertext data after the clear data encryption of a predefined size is designated as close
Civilian data block.
Optionally, when reading block of plaintext data from this second area, the first reading pointer can be set,
The original position of this first reading pointer is the original position of second area, during reading clear data,
In one byte of every reading, the position that this first reading pointer is given instruction adds 1, until this first reading pointer moves
Move the byte of predefined size, complete the reading to a block of plaintext data.
In order to read clear data in order, it is to avoid omit clear data, can sequentially from this second area not
The block of plaintext data of predefined size is read, according to predetermined cryptographic algorithm to reading in the clear data being read
This block of plaintext data is encrypted, and obtains ciphertext block data.
Step 204, detects whether this first area is fully written.
After obtaining ciphertext block data, need for ciphertext block data to write first area, but because internal memory is
According to the internal memory application shared by all ciphertext data, and clear data has occupied in internal memory second
Region, therefore, after write part ciphertext data, first area may be fully written.Therefore, exist
After obtaining ciphertext block data, need first to detect whether this first area has been fully written.
Obviously, in every write one of ciphertext block data byte, all can detect this first area whether by
Write full.
Step 205, if this first area is not written full, this ciphertext block data is write this first area.
If this first area is not written full, the ciphertext block data obtaining can be write this first area, low
Power consuming device when ciphertext block data is write this first area, in order to avoid after the ciphertext block data that obtains
Cover the ciphertext block data in front write, then need to be not written into the start bit of data from this first area
Put, the ciphertext block data that sequentially write encryption obtains.
Optionally, when ciphertext data is write this first area, the second write pointer can be set, this
The original position of two write pointers is the original position of first area, during write ciphertext data,
Often write a byte, the position that this second write pointer is given instruction adds 1.
When detecting whether this first area is fully written, can detect whether this second write pointer points to first
The end position in region, if the end position of the second write pointer positive sense first area, shows the firstth area
Domain is fully written, when the second write pointer points to the position before the end position of first area, then shows first
Region is not yet fully written.
Refer to shown in Fig. 2 D, it is to provide in one embodiment of the invention to first area write ciphertext number
According to the schematic diagram of block, the second area 24 from Fig. 2 D reads out predefined size using the first reading pointer P1
Block of plaintext data 26, the block of plaintext data 26 reading out is encrypted, obtains ciphertext block data 28,
Using the second write pointer P2, the ciphertext block data obtaining 28 is write in first area 22, in write first
During region 22, be not written into the original position 29 of data from this first area 22 at (i.e. write ciphertext
Before data block 28, second writes the position pointed by pointer P2) write this ciphertext block data 28, often write
One of ciphertext block data 28 byte, the second write pointer P2 is then moved rearwards by one, until this ciphertext number
All write according to block 28.
Step 206, if this first area is fully written, from the original position of this second area, covers successively and writes
Enter the ciphertext block data that encryption obtains.
Because clear data is sequentially to be written of from the original position of second area, and it is written into second area
Clear data be also sequentially from the original position of second area start read, therefore, second area start bit
The clear data put is already encrypted and writes to first area, namely the plaintext of second area original position
Data no longer has meaning, now then can be initial from this second area after first area is fully written
Position starts, and covers the ciphertext block data that write encryption obtains successively.
Refer to shown in Fig. 2 E, it is to provide in one embodiment of the invention to second area write ciphertext number
According to the schematic diagram of block, the second area 24 from Fig. 2 E reads out predefined size using the first reading pointer P1
Block of plaintext data 26 ', the block of plaintext data 26 ' reading out is encrypted, obtains ciphertext block data 28 ',
Using the second write pointer P2, the ciphertext block data 28 ' obtaining is write in second area 24, in write second
Region 24, often one of write ciphertext block data 28 ' byte, the second write pointer P2 is then moved rearwards by one,
Until this ciphertext block data 28 ' is all write.
Step 207, when all clear datas are all encrypted, and all ciphertext data that encryption obtains all are written into
After this internal memory, then in this second area not by the region of ciphertext data cover, cover write be used for describing this close
The description information of civilian data.
According to step 201a and step 201b, the size of the internal memory of application can accommodate all ciphertext numbers
According to (i.e. data corresponding with clear data) and for describing the description information of ciphertext data, therefore from
After the original position of internal memory has write all of ciphertext data, in internal memory, also have remainder content, this portion
Point content can be used for writing description information.Obviously, if internal memory is only the size of ciphertext data, close
After civilian data is all write, then this second area is not in not by the region of ciphertext data cover, therefore
Without write for describing the description information of this ciphertext data.
Therefore, when all clear datas are all encrypted, and all ciphertext data that encryption obtains all are written into this
After internal memory, then in this second area not by the region of ciphertext data cover, cover write and be used for describing this ciphertext
The description information of data.
Step 208, when this clear data is all encrypted complete, and all ciphertext data after encryption are all read
Afterwards, then discharge this internal memory of application.
When this clear data is all encrypted complete, and encrypt after all ciphertext data be all read after, in order to
So that the content being applied is recycled, then can discharge the internal memory of application.
In sum, the data ciphering method providing in the embodiment of the present invention, by only applying for one section less than bright
Civilian data and the internal memory of the ciphertext data sum obtaining after this clear data is encrypted, and first will be in plain text
Data writes this internal memory, then sequentially reads block of plaintext data, the block of plaintext data reading is encrypted,
Ciphertext block data after being encrypted, the ciphertext block data obtaining is write this internal memory, due to before encryption,
Clear data can be stored to internal memory, and the clear data storing has no effect on the storage of ciphertext data, because
This decreases memory cost it is ensured that the smaller low-power-consumption embedded equipment of internal memory is encrypted storage.
In addition, calculated by calculating previously according to predetermined encryption clear data is encrypted after obtain close
The size of civilian data, determines the size of internal memory, namely this internal memory only need to setting can be used for ciphertext data with
And for describing the size of the description information of ciphertext data, thus ensureing clear data can be carried out
While encryption, reduce the space of the internal memory of application as far as possible.
By being not written into the original position of data in the first region, the ciphertext number that sequentially write encryption obtains
According to block it is ensured that being sequentially written in of ciphertext data, it is to avoid cover the ciphertext data having been written into and still
The situation of not encrypted clear data is so that the encryption to clear data and the correct reading to ciphertext data
Provide possibility.
By after first area is fully written, from the original position of second area, cover write successively and encrypt
The ciphertext block data arriving;Because the clear data that the original position of second area is stored has been read and quilt
Encrypted, therefore these clear datas are nonsensical, now then can these are bright by ciphertext data cover
Civilian data, so, the second area that early stage is used for storing clear data is eventually covered by ciphertext data,
So that second area is utilized by clear data and ciphertext Data duplication, therefore for reducing data as far as possible
Possibility is provided to the occupancy of internal memory.
After clear data is all encrypted, in internal memory, the clear data of storage does not then have the meaning of presence,
Now description information can be covered the region currently used for storage clear data for the write, now, for storing
The region of ciphertext data and the internal memory being whole application for storing the region of description information, description information
Be stored in the operation that can ensure that ciphertext data is read out carrying out correlation.
By all encrypted complete in clear data, and after all ciphertext data after encrypting all are read, release
Put this internal memory of application, can effectively reduce the occupancy duration to internal memory, in order to other business in equipment
These internal memories can be continuing with, improve the operating efficiency of equipment.
Fig. 3 is the structural representation of the data encryption device providing in one embodiment of the invention.This data adds
The low-power-consumption embedded equipment that close device can apply to, in the embedded device of low-power consumption, be said here is interior
Deposit very little, the equipment very high to the use requirement of internal memory.This data encryption device can include:Internal memory
Application module 310, the first writing module 320, data encryption module 330 and the second writing module 340.
Internal memory application module 310, for being in one section of clear data application need encryption according to predetermined way
Deposit, the second area that this internal memory includes positioned at the first area of this internal memory head and is located at this internal memory afterbody, should
The size that the size of internal memory is less than this clear data adds to the ciphertext data obtaining after the encryption of this clear data
Size sum;
First writing module 320, for writing this second area by this clear data;
Data encryption module 330, pre- for reading in the clear data that is not sequentially read from this second area
The block of plaintext data of sizing, is encrypted to this block of plaintext data reading according to predetermined cryptographic algorithm, obtains
To ciphertext block data;
Second writing module 340, this ciphertext block data for obtaining the encryption of this data encryption module 330 is write
Enter this first area, and after this first area is write completely, continue to write to this second area.
In sum, the data encryption device providing in the embodiment of the present invention, by only applying for one section less than bright
Civilian data and the internal memory of the ciphertext data sum obtaining after this clear data is encrypted, and first will be in plain text
Data writes this internal memory, then sequentially reads block of plaintext data, the block of plaintext data reading is encrypted,
Ciphertext block data after being encrypted, the ciphertext block data obtaining is write this internal memory, due to before encryption,
Clear data can be stored to internal memory, and the clear data storing has no effect on the storage of ciphertext data, because
This decreases memory cost it is ensured that the smaller low-power-consumption embedded equipment of internal memory is encrypted storage.
Fig. 4 is the structural representation of the data encryption device providing in another embodiment of the present invention.This data
The low-power-consumption embedded equipment that encryption device can apply to, in the embedded device of low-power consumption, be said here is
Internal memory is very little, the equipment very high to the use requirement of internal memory.This data encryption device can include:Interior
Deposit application module 410, the first writing module 420, data encryption module 430 and the second writing module 440.
Internal memory application module 410, for being in one section of clear data application need encryption according to predetermined way
Deposit, the second area that this internal memory includes positioned at the first area of this internal memory head and is located at this internal memory afterbody, should
The size that the size of internal memory is less than this clear data adds to the ciphertext data obtaining after the encryption of this clear data
Size sum;
First writing module 420, for writing this second area by this clear data;
Data encryption module 430, pre- for reading in the clear data that is not sequentially read from this second area
The block of plaintext data of sizing, is encrypted to this block of plaintext data reading according to predetermined cryptographic algorithm, obtains
To ciphertext block data;
Second writing module 440, this ciphertext block data for obtaining the encryption of this data encryption module 430 is write
Enter this first area, and after this first area is write completely, continue to write to this second area.
In a kind of possible implementation, this internal memory application module 410, including:Size expected cell 411
With internal memory application unit 412.
Size expected cell 411, after being expected according to this predetermined cryptographic algorithm, this clear data to be encrypted
The size of the ciphertext data obtaining, this ciphertext data includes data corresponding with clear data and predetermined description
Information;
Internal memory application unit 412, for applying for that size is equal to the ciphertext data that size expected cell 411 predicts
Size internal memory.
In a kind of possible implementation, this second writing module 440 can be also used for:
It is not written into the original position of data from this first area, the ciphertext data that sequentially write encryption obtains
Block.
In a kind of possible implementation, this second writing module 440 can include:Detector unit 441,
First writing unit 442 and the 3rd writing unit 443.
Detector unit 441, for detecting whether this first area is fully written;
First writing unit 442, for when this detector unit 441 detects this first area and is fully written, from
The original position of this second area, covers the ciphertext block data that write encryption obtains successively;
Second writing unit 443, be additionally operable to this detector unit 441 detect this first area not written full when,
This ciphertext block data is write this first area.
In a kind of possible implementation, this data encryption device can also include:Description information writes mould
Block 450.
Description information writing module 450, for when all clear datas all encrypted, and encrypt obtain all
After ciphertext data is all written into this internal memory, then in this second area not by the region of ciphertext data cover, cover
Write the description information for describing this ciphertext data.
In a kind of possible implementation, this data encryption device can also include:Internal memory release module 460.
Internal memory release module 460, for when this clear data all encrypted complete, and encrypt after all ciphertexts
After data is all read, then discharge this internal memory of application.
In sum, the data encryption device providing in the embodiment of the present invention, by only applying for one section less than bright
Civilian data and the internal memory of the ciphertext data sum obtaining after this clear data is encrypted, and first will be in plain text
Data writes this internal memory, then sequentially reads block of plaintext data, the block of plaintext data reading is encrypted,
Ciphertext block data after being encrypted, the ciphertext block data obtaining is write this internal memory, due to before encryption,
Clear data can be stored to internal memory, and the clear data storing has no effect on the storage of ciphertext data, because
This decreases memory cost it is ensured that the smaller low-power-consumption embedded equipment of internal memory is encrypted storage.
In addition, calculated by calculating previously according to predetermined encryption clear data is encrypted after obtain close
The size of civilian data, determines the size of internal memory, namely this internal memory only need to setting can be used for ciphertext data with
And for describing the size of the description information of ciphertext data, thus ensureing clear data can be carried out
While encryption, reduce the space of the internal memory of application as far as possible.
By being not written into the original position of data in the first region, the ciphertext number that sequentially write encryption obtains
According to block it is ensured that being sequentially written in of ciphertext data, it is to avoid cover the ciphertext data having been written into and still
The situation of not encrypted clear data is so that the encryption to clear data and the correct reading to ciphertext data
Provide possibility.
By after first area is fully written, from the original position of second area, cover write successively and encrypt
The ciphertext block data arriving;Because the clear data that the original position of second area is stored has been read and quilt
Encrypted, therefore these clear datas are nonsensical, now then can these are bright by ciphertext data cover
Civilian data, so, the second area that early stage is used for storing clear data is eventually covered by ciphertext data,
So that second area is utilized by clear data and ciphertext Data duplication, therefore for reducing data as far as possible
Possibility is provided to the occupancy of internal memory.
After clear data is all encrypted, in internal memory, the clear data of storage does not then have the meaning of presence,
Now description information can be covered the region currently used for storage clear data for the write, now, for storing
The region of ciphertext data and the internal memory being whole application for storing the region of description information, description information
Be stored in the operation that can ensure that ciphertext data is read out carrying out correlation.
By all encrypted complete in clear data, and after all ciphertext data after encrypting all are read, release
Put this internal memory of application, can effectively reduce the occupancy duration to internal memory, in order to other business in equipment
These internal memories can be continuing with, improve the operating efficiency of equipment.
It should be noted that:In above-described embodiment provide data encryption device when being encrypted to data,
Only it is illustrated with the division of above-mentioned each functional module, in practical application, can as desired will be upper
State function distribution to be completed by different functional modules, will low power consuming devices internal structure be divided into different
Functional module, to complete all or part of function described above.In addition, the number that above-described embodiment provides
Belong to same design according to encryption device and data ciphering method embodiment, it implements process and refers to method in fact
Apply example, repeat no more here.
The embodiments of the present invention are for illustration only, do not represent the quality of embodiment.
One of ordinary skill in the art will appreciate that all or part of step realizing above-described embodiment can be passed through
Hardware come to complete it is also possible to instructed by program correlation hardware complete, described program can be stored in
In a kind of computer-readable recording medium, storage medium mentioned above can be read-only storage, disk or
CD etc..
The foregoing is only presently preferred embodiments of the present invention, not in order to limit the present invention, all the present invention's
Within spirit and principle, any modification, equivalent substitution and improvement made etc., should be included in the present invention's
Within protection domain.
Claims (12)
1. a kind of data ciphering method is it is characterised in that methods described includes:
It is the one section of internal memory of clear data application needing encryption according to predetermined way, described internal memory is included positioned at institute
State the first area of internal memory head and the second area being located at described internal memory afterbody, the size of described internal memory is equal to
Size to the ciphertext data obtaining after the encryption of described clear data;
Described clear data is write described second area;
The clear data of predefined size is read in the clear data not sequentially being read from described second area
Block, is encrypted to the described block of plaintext data reading according to predetermined cryptographic algorithm, obtains ciphertext block data;
Described ciphertext block data is write described first area, and after described first area is write completely, continues to write
Enter to described second area.
2. method according to claim 1 is it is characterised in that described is to need to add according to predetermined way
One section of internal memory of close clear data application, including:
The ciphertext data obtaining after being expected according to described predetermined cryptographic algorithm, described clear data to be encrypted
Size, described ciphertext data includes data corresponding with described clear data and predetermined description information;
Application size is equal to the internal memory of the size of described ciphertext data.
3. method according to claim 1 is it is characterised in that described write described ciphertext block data
Described first area, including:
It is not written into the original position of data from described first area, the ciphertext number that sequentially write encryption obtains
According to block.
4. method according to claim 1 is it is characterised in that described write described ciphertext block data
Described first area, and described first area write full after, continue to write to described second area, including:
Detect whether described first area is fully written;
If described first area is fully written, from the original position of described second area, cover write successively and add
The close ciphertext block data obtaining;
If described first area is not written full, described ciphertext block data is write described first area.
5. method according to claim 2 is it is characterised in that methods described also includes:
When all clear datas are all encrypted, and all ciphertext data that encryption obtains all are written into described internal memory
Afterwards, then in described second area not by the region of ciphertext data cover, cover write and be used for described description information.
6. according to described method arbitrary in claim 1 to 5 it is characterised in that methods described also includes:
When described clear data is all encrypted complete, and encrypt after all ciphertext data be all read after, then
The described internal memory of release application.
7. a kind of data encryption device is it is characterised in that described device includes:
Internal memory application module, for being the one section of internal memory of clear data application needing encryption according to predetermined way,
The second area that described internal memory includes positioned at the first area of described internal memory head and is located at described internal memory afterbody,
The size of described internal memory is equal to the size to the ciphertext data obtaining after the encryption of described clear data;
First writing module, for writing described second area by described clear data;
Data encryption module, pre- for reading in the clear data that is not sequentially read from described second area
The block of plaintext data of sizing, is encrypted to the described block of plaintext data reading according to predetermined cryptographic algorithm,
Obtain ciphertext block data;
Second writing module, for the described ciphertext block data write obtaining the encryption of described data encryption module
Described first area, and after described first area is write completely, continue to write to described second area.
8. device according to claim 7 is it is characterised in that described internal memory application module, including:
Size expected cell, is encrypted to described clear data according to described predetermined cryptographic algorithm for estimated
The size of the ciphertext data obtaining afterwards, described ciphertext data includes data corresponding with described clear data and pre-
Fixed description information;
Internal memory application unit, for applying for that size is equal to the described ciphertext number that described size expected cell predicts
According to size internal memory.
9. device according to claim 7, it is characterised in that described second writing module, is additionally operable to:
It is not written into the original position of data from described first area, the ciphertext number that sequentially write encryption obtains
According to block.
10. device according to claim 7 is it is characterised in that described second writing module, including:
Detector unit, for detecting whether described first area is fully written;
First writing unit, for when described detector unit detects described first area and is fully written, from institute
State the original position of second area, cover the ciphertext block data that write encryption obtains successively;
Second writing unit, be additionally operable to described detector unit detect described first area not written full when,
Described ciphertext block data is write described first area.
11. devices according to claim 8 are it is characterised in that described device also includes:
Description information writing module, for when all clear datas all encrypted, and encrypt obtain all close
After civilian data is all written into described internal memory, then in described second area not by the region of ciphertext data cover, cover
Overwrite enters described description information.
12. according to described device arbitrary in claim 7 to 11 it is characterised in that described device is also wrapped
Include:
Internal memory release module, for when described clear data all encrypted complete, and encrypt after all ciphertexts
After data is all read, then discharge the described internal memory of application.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510465717.8A CN106407127B (en) | 2015-07-31 | 2015-07-31 | Data encryption method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510465717.8A CN106407127B (en) | 2015-07-31 | 2015-07-31 | Data encryption method and device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106407127A true CN106407127A (en) | 2017-02-15 |
CN106407127B CN106407127B (en) | 2019-12-10 |
Family
ID=58007941
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510465717.8A Active CN106407127B (en) | 2015-07-31 | 2015-07-31 | Data encryption method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106407127B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109462468A (en) * | 2017-09-06 | 2019-03-12 | 深圳光启智能光子技术有限公司 | Data processing method and device |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1957336A (en) * | 2004-06-15 | 2007-05-02 | 索尼株式会社 | Information management device and information management method |
US8036377B1 (en) * | 2006-12-12 | 2011-10-11 | Marvell International Ltd. | Method and apparatus of high speed encryption and decryption |
CN102254127A (en) * | 2011-08-11 | 2011-11-23 | 华为技术有限公司 | Method, device and system for encrypting and decrypting files |
-
2015
- 2015-07-31 CN CN201510465717.8A patent/CN106407127B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1957336A (en) * | 2004-06-15 | 2007-05-02 | 索尼株式会社 | Information management device and information management method |
US8036377B1 (en) * | 2006-12-12 | 2011-10-11 | Marvell International Ltd. | Method and apparatus of high speed encryption and decryption |
CN102254127A (en) * | 2011-08-11 | 2011-11-23 | 华为技术有限公司 | Method, device and system for encrypting and decrypting files |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109462468A (en) * | 2017-09-06 | 2019-03-12 | 深圳光启智能光子技术有限公司 | Data processing method and device |
Also Published As
Publication number | Publication date |
---|---|
CN106407127B (en) | 2019-12-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8555088B2 (en) | Method and apparatus for implementing secure and selectively deniable file storage | |
US20170046281A1 (en) | Address dependent data encryption | |
CN107609418A (en) | Desensitization method, device, storage device and the computer equipment of text data | |
US8996933B2 (en) | Memory management method, controller, and storage system | |
CN104424016B (en) | Virtual tape concentration for self-encrypting drives | |
CN103294961A (en) | Method and device for file encrypting/decrypting | |
EP1662356A3 (en) | Information leakage prevention method and apparatus and program for the same | |
CN110059455A (en) | Code encryption method, apparatus, electronic equipment and computer readable storage medium | |
JP2010517447A (en) | File encryption while maintaining file size | |
CN108197504A (en) | A kind of controlled data encrypting and deciphering system and method | |
CN106960156A (en) | Data encryption and access method based on application program, device | |
US20090016532A1 (en) | Portable data carrier featuring secure data processing | |
CN103823726A (en) | SIM (subscriber identity module) card data backup method and terminal | |
US20200065639A1 (en) | Smart card | |
CN107609428A (en) | Date safety storing system and method | |
CN103390139A (en) | Data storage device and data protection method thereof | |
CN104298926A (en) | Method and device for running encrypted file | |
CN107885864A (en) | A kind of encryption data querying method, system, device and readable storage medium storing program for executing | |
CN108763401A (en) | A kind of reading/writing method and equipment of file | |
CN105989304A (en) | File storage method, file reading method, file storage apparatus and file reading apparatus | |
CN108171067A (en) | A kind of hard disk encryption method and device | |
CN106816175A (en) | The control method and device of memory | |
CN106407127A (en) | Data encryption method and apparatus | |
CN112214784A (en) | Resource processing method, device, electronic equipment and medium | |
CN102301369B (en) | Data storage device access method and device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20240103 Address after: 518057 Tencent Building, No. 1 High-tech Zone, Nanshan District, Shenzhen City, Guangdong Province, 35 floors Patentee after: TENCENT TECHNOLOGY (SHENZHEN) Co.,Ltd. Patentee after: TENCENT CLOUD COMPUTING (BEIJING) Co.,Ltd. Address before: 2, 518000, East 403 room, SEG science and Technology Park, Zhenxing Road, Shenzhen, Guangdong, Futian District Patentee before: TENCENT TECHNOLOGY (SHENZHEN) Co.,Ltd. |