CN106709362A - File encryption method and device and file decryption method and device - Google Patents
File encryption method and device and file decryption method and device Download PDFInfo
- Publication number
- CN106709362A CN106709362A CN201611110325.0A CN201611110325A CN106709362A CN 106709362 A CN106709362 A CN 106709362A CN 201611110325 A CN201611110325 A CN 201611110325A CN 106709362 A CN106709362 A CN 106709362A
- Authority
- CN
- China
- Prior art keywords
- key
- user
- file
- mac address
- key information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 54
- 238000004891 communication Methods 0.000 claims abstract description 55
- 230000001788 irregular Effects 0.000 abstract description 7
- 230000006870 function Effects 0.000 description 13
- 230000008569 process Effects 0.000 description 8
- 238000012795 verification Methods 0.000 description 5
- 230000004927 fusion Effects 0.000 description 4
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 230000003247 decreasing effect Effects 0.000 description 3
- 238000006243 chemical reaction Methods 0.000 description 2
- 238000013478 data encryption standard Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 238000001514 detection method Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000005728 strengthening Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0866—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Power Engineering (AREA)
- Storage Device Security (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention provides a file encryption method and device and a file decryption method and device. The file encryption method comprises the following steps of: obtaining a to-be-encrypted file; obtaining an MAC address of secret key equipment appointed by a user through near-field communication connection; obtaining key information obtained through clicking keys of the secret key equipment by the user; and encrypting the to-be-encrypted file according to the MAC address and the key information. According to the file encryption method, the file is encrypted through the MAC address of the secret key equipment and the key information generated through clicking the keys of the secret key equipment by the user; the MAC address of the secret key equipment is a unique character string for identifying the secret key equipment, the constitution of characters in the character string is random and irregular; and in addition of the key information generated through clicking the keys of the secret key equipment by the user, the complexity of a secret key for file encryption is high and difficult to crack, so that the file encryptions safety is greatly improved, and the user can open the encrypted file through remembering a simple key clicking operation after establishing connection with the secret key equipment.
Description
Technical Field
The invention relates to the technical field of file encryption, in particular to a file encryption method and device and a file decryption method and device.
Background
At present, a user often stores files in a mobile phone or a PAD (Portable Android Device) terminal, some files may relate to user privacy, and the user does not want others to know the content of the files, so that the files need to be encrypted.
Currently, in the related art, a user-defined password is generally used to encrypt a file. When a file needs to be encrypted, a user self-defines a password consisting of characters such as numbers, letters or spaces and the like, and inputs the password into the terminal. And the terminal receives the password submitted by the user and encrypts the file to be encrypted through the password. And when the user opens the encrypted file again, inputting the self-defined password to the terminal, and decrypting the encrypted file by the terminal according to the password input by the user so as to open the file.
However, by adopting the related art encryption mode, when the password is leaked, the encrypted file is easily lost, and when the user forgets the password, the encrypted file cannot be opened.
Disclosure of Invention
In view of the above, an object of the embodiments of the present invention is to provide a file encryption method and apparatus, and a file decryption method and apparatus, in which a file is encrypted by using an MAC address of a key device and key information generated when a user clicks a key of the key device. The MAC address of the key device is a character string which uniquely identifies the key device, the character composition of the character string is very random and irregular, and the key information generated by clicking the key of the key device by a user makes the key for encrypting the file have high complexity and difficult to crack, thereby greatly improving the security of file encryption.
In a first aspect, an embodiment of the present invention provides a file encryption method, where the method includes:
acquiring a file to be encrypted selected by a user;
acquiring a Media Access Control (MAC) address of the key device specified by the user through near field communication connection;
acquiring key information generated by clicking keys of the key equipment by the user;
and encrypting the file to be encrypted according to the MAC address and the key information.
With reference to the first aspect, an embodiment of the present invention provides a first possible implementation manner of the first aspect, where encrypting the file to be encrypted according to the MAC address and the key information includes:
fusing the MAC address and the key information to obtain a merged character string;
converting the merged character string into a message digest algorithm MD5 character string through a Hash operation;
and encrypting the file to be encrypted according to the MD5 character string.
With reference to the first possible implementation manner of the first aspect, an embodiment of the present invention provides a second possible implementation manner of the first aspect, where the merging the MAC address and the key information to obtain a merged character string includes:
adding the key information to the front of all characters included in the MAC address to obtain a combined character string; or,
adding the key information to all characters included in the MAC address to obtain a combined character string; or,
and positioning two characters with serial numbers respectively being a first preset serial number and a second preset serial number from the MAC address, inserting the key information between the two positioned characters to obtain a combined character string, wherein the two positioned characters are two adjacent characters.
With reference to the first aspect, an embodiment of the present invention provides a third possible implementation manner of the first aspect, where before acquiring the MAC address of the key device specified by the user through near field communication connection, the method further includes:
detecting whether a key device with established near field communication connection exists currently;
if yes, instructing the user to select one key device from key devices with established near field communication connection;
and if not, indicating the user to start a key device and establishing near field communication connection with the key device started by the user.
With reference to the first aspect, an embodiment of the present invention provides a fourth possible implementation manner of the first aspect, where the obtaining key information generated when the user clicks a key of the key device includes:
receiving each key instruction transmitted by the key equipment within a preset time length;
respectively acquiring a key code corresponding to each key instruction;
and coding the keys corresponding to each key instruction according to a preset sequence to form key information.
In a second aspect, an embodiment of the present invention provides a file decryption method, where the method includes:
obtaining a ciphertext to be decrypted selected by a user;
acquiring the MAC address of the key equipment appointed by the user through near field communication connection;
acquiring key information generated by clicking keys of the key equipment by the user;
and decrypting the ciphertext to be decrypted according to the MAC address and the key information.
With reference to the second aspect, an embodiment of the present invention provides a first possible implementation manner of the second aspect, where decrypting the ciphertext to be decrypted according to the MAC address and the key information includes:
fusing the MAC address and the key information to obtain a merged character string;
converting the merged character string into a message digest algorithm MD5 character string through a Hash operation;
and decrypting the ciphertext to be decrypted according to the MD5 character string.
With reference to the second aspect, an embodiment of the present invention provides a second possible implementation manner of the second aspect, where the obtaining of key information generated when the user clicks a key of the key device includes:
receiving each key instruction transmitted by the key equipment within a preset time length;
respectively acquiring a key code corresponding to each key instruction;
and coding the keys corresponding to each key instruction according to a preset sequence to form key information.
In a third aspect, an embodiment of the present invention provides a file encryption apparatus, where the apparatus includes:
the acquisition module is used for acquiring a file to be encrypted selected by a user; acquiring the MAC address of the key equipment appointed by the user through near field communication connection; acquiring key information generated by clicking keys of the key equipment by the user;
and the encryption module is used for encrypting the file to be encrypted according to the MAC address and the key information.
In a fourth aspect, an embodiment of the present invention provides a file decryption apparatus, where the apparatus includes:
the acquisition module is used for acquiring the ciphertext to be decrypted selected by the user; acquiring the MAC address of the key equipment appointed by the user through near field communication connection; acquiring key information generated by clicking keys of the key equipment by the user;
and the decryption module is used for decrypting the ciphertext to be decrypted according to the MAC address and the key information.
In the method and the device provided by the embodiment of the invention, the file to be encrypted selected by a user is obtained; acquiring a hardware MAC address of key equipment appointed by a user through near field communication connection; acquiring key information generated by clicking keys of the key equipment by a user; and encrypting the file to be encrypted according to the MAC address and the key information. The invention encrypts the file by the MAC address of the key device and the key information generated by clicking the key of the key device by the user. The MAC address of the key device is a character string which uniquely identifies the key device, the character composition of the character string is very random and irregular, and the key information generated by clicking the key of the key device by a user makes the key for encrypting the file have high complexity and difficult to crack, thereby greatly improving the security of file encryption.
In order to make the aforementioned and other objects, features and advantages of the present invention comprehensible, preferred embodiments accompanied with figures are described in detail below.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present invention and therefore should not be considered as limiting the scope, and for those skilled in the art, other related drawings can be obtained according to the drawings without inventive efforts.
Fig. 1 shows a flowchart of a file encryption method provided in embodiment 1 of the present invention;
fig. 2 is a flowchart illustrating a file decryption method according to embodiment 2 of the present invention;
fig. 3 is a schematic structural diagram illustrating a file encryption apparatus according to embodiment 3 of the present invention;
fig. 4 is a schematic structural diagram illustrating a file decryption apparatus according to embodiment 4 of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. The components of embodiments of the present invention generally described and illustrated in the figures herein may be arranged and designed in a wide variety of different configurations. Thus, the following detailed description of the embodiments of the present invention, presented in the figures, is not intended to limit the scope of the invention, as claimed, but is merely representative of selected embodiments of the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present invention without making any creative effort, shall fall within the protection scope of the present invention.
In consideration of the fact that a user-defined password is adopted to encrypt files in the related art, when the password is leaked, the encrypted files are easily lost, and when the user forgets the password, the encrypted files cannot be opened. Based on this, embodiments of the present invention provide a file encryption method and apparatus, and a file decryption method and apparatus, which are described below by way of embodiments.
Example 1
Referring to fig. 1, an embodiment of the present invention provides a file encryption method, which specifically includes the following steps:
step 101: and acquiring the file to be encrypted selected by the user.
The execution main body of the embodiment of the invention is a terminal such as a mobile phone or a PAD, and the terminal is provided with an APP (Application) for encrypting files. When a user needs to encrypt a file through a terminal, the user needs to select the file to be encrypted which needs to be encrypted. In the embodiment of the present invention, the file to be encrypted may be a single file, or may be a folder including a plurality of files.
In the embodiment of the invention, a local file is displayed to a user through a file browser carried by an android system, and codes for displaying the local file are as follows:
present _ event _ GET _ CONTENT); // intent to initialize a connection;
settype ("+"); // set type, which may be any type;
internal. Indicating a GET _ CONTENT intent to open an interface to select a file;
startactiveforresult (intent, 1); // begin execution.
And displaying a file selection interface for a user by executing the code for displaying the local file, browsing the files in the file selection interface by the user, and selecting the clicked file as the file to be encrypted by clicking one of the files. When detecting that a user clicks a file in a file selection interface, the terminal acquires an absolute address of the file selected by the user through a callback function onactive result (), namely, acquires the absolute address of the file to be encrypted.
After the user selects the file to be encrypted, there may be some misoperation that deletes the file to be encrypted from the memory, so in the embodiment of the present invention, after the absolute address of the file to be encrypted is obtained, whether the file to be encrypted exists is further determined by executing the following code, examples of the code are as follows:
file f ═ new File ("/storage/sdcard/test. Establishing a file object according to the acquired absolute address of the file to be encrypted;
exists ()// whether the file to be encrypted exists is judged by the newly created file object.
The function exists () is executed through the newly created file object based on the absolute address of the file to be encrypted, and whether the file to be encrypted exists is judged through the function exists (). If the return value of the function exists () is false, it indicates that the file to be encrypted does not exist. If the return value of the function exists () is true, it indicates that the file to be encrypted exists.
And when the return value of the function exists () is false and the file to be encrypted selected by the user does not exist, displaying the file selection interface for the user again, and indicating the user to reselect one file as the file to be encrypted. When the user reselects one file, whether the file reselected by the user exists is determined again in the above mode until the file to be encrypted selected by the user exists in the memory.
And when the file to be encrypted selected by the user is determined to exist, acquiring all file contents of the file to be encrypted according to the acquired absolute address of the file to be encrypted.
After the file to be encrypted is obtained through the operation in this step, the file to be encrypted is encrypted through the following operation in steps 102 and 104, so as to obtain the ciphertext corresponding to the file to be encrypted.
Step 102: a MAC (Media access control) address of a key device designated by a user is acquired through a near field communication connection.
The key device can be a sports bracelet or a Bluetooth headset and the like used by a user. The NFC connection may be a bluetooth connection, an infrared connection, or an NFC (Near Field Communication ), or the like.
In the embodiment of the present invention, before acquiring the MAC address of the key device specified by the user, the following operations are first performed to determine the key device specified by the user, which specifically include:
detecting whether a key device with established near field communication connection exists currently; if yes, instructing the user to select one key device from the key devices which establish the near field communication connection; if not, the user is instructed to activate a key device to establish a near field communication connection with the user-activated key device.
In the embodiment of the present invention, detecting whether there is a key device that has established a near field communication connection currently includes:
and acquiring a key equipment adapter in the android system, judging whether the acquired key equipment adapter is empty, if so, indicating that the terminal does not establish near field communication connection with any key equipment currently, and subsequently indicating a user to start one key equipment and establishing near field communication connection between the terminal and the key equipment started by the user.
When the acquired key device adapter contains device identifications of some key devices, the fact that the terminal establishes near field communication connection with the key devices corresponding to the device identifications is indicated. And at the moment, the monitor monitors whether the terminal establishes near field communication connection with the key equipment corresponding to the equipment identifications currently. When a listener monitors an equipment identifier in the key equipment adapter, if the state returned by the listener is a service disconnection state, it indicates that the terminal does not currently establish near field communication connection with the key equipment corresponding to the equipment identifier. And if the state returned by the listener is the service connection state, indicating that the terminal currently establishes the near field communication connection between the key devices corresponding to the device identification.
If it is monitored through the above method that the near field communication connection between the key devices corresponding to all the device identifiers in the current key device adapter and the terminal is not established, the user is instructed to start one key device, and the near field communication connection between the terminal and the key device started by the user is established.
If it is monitored that the near field communication connection is established between the key device corresponding to at least one device identifier in the current key device adapter and the terminal through the method, the user is instructed to select one key device from the key devices with the established near field communication connection.
In the embodiment of the present invention, assuming that the key device is a bluetooth device, the bluetooth adapter is obtained by calling a bluetooth adapter reading function bluetooth adapter. And if the acquired Bluetooth adapter is not empty, monitoring the equipment identifier included in the Bluetooth adapter through a Bluetooth monitor Bluetooth Profile.
After the key device specified by the user is determined in the above manner, the embodiment of the present invention calls the function getconnectildedvices () to obtain the hardware information of the key device specified by the user, and obtains the MAC address of the key device specified by the user from the hardware information by calling the address obtaining function getAddress ().
In the embodiment of the invention, after the MAC address of the key device is obtained, the terminal also records the device identifier of the key device, so that the file decryption can be carried out by the same key device when the ciphertext of the file to be encrypted is decrypted.
In the embodiment of the present invention, after the MAC address of the key device is obtained in this step, the obtained MAC address may be directly converted into a MD5(Message Digest Algorithm 5, version 5 of the Message Digest Algorithm) character string through a hash operation, and the file to be encrypted is encrypted through the MD5 character string, so as to obtain a ciphertext corresponding to the file to be encrypted.
However, the security of encrypting the file according to the MAC address of the key device is limited, and in order to further improve the security of file encryption, the embodiment of the present invention may continue to encrypt the file to be encrypted through the following steps 103 and 104.
Step 103: and acquiring key information generated by clicking keys of the key equipment by a user.
Because the key equipment such as the sports bracelet or the Bluetooth headset is provided with one or more keys, after the terminal establishes near field communication connection with the key equipment, click events of the keys on the key equipment can be received. Based on this, the embodiment of the present invention can further enhance the complexity of file encryption through these keys on the key device.
In the embodiment of the invention, the terminal pops up a prompt box to prompt the user whether the key equipment needs to strengthen the encryption verification. If the user selects to require the key device to strengthen the encryption verification, the user can click a key on the key device within a preset time length to strengthen the verification.
When the terminal receives an instruction which is submitted by a user and used for determining strengthening verification, each key instruction transmitted by the key equipment is received within a preset time length; respectively acquiring a key code corresponding to each key instruction; and coding the keys corresponding to each key instruction according to a preset sequence to form key information.
The preset sequence may be from front to back or from back to front according to the receiving time of the key command. The preset time period may be 5 seconds or 10 seconds.
To further facilitate understanding of the above-described operation of acquiring key information, the following description is given by way of example. For example, assume that the key device is a bluetooth headset of a user, the bluetooth headset has two keys of volume up and volume down, assume that the key code corresponding to the volume up key preset in the terminal is 233, and the key code corresponding to the volume down key is 234. Assume that the preset time period is 10 seconds. When the terminal receives an instruction for determining to strengthen the verification submitted by a user, the terminal waits for 10 seconds, a key click event on the Bluetooth headset is detected within the 10 seconds, and if the user clicks a volume increasing key once and then clicks volume decreasing keys twice within the 10 seconds, the terminal receives a volume increasing instruction and two volume decreasing instructions transmitted by the key device within the 10 seconds, the terminal acquires that a key code corresponding to the volume increasing instruction is 233, and acquires that a key code corresponding to the volume decreasing instruction is 234. Assuming that the preset sequence is from front to back according to the receiving time of the key command, the finally composed key information is 233234234.
In the embodiment of the invention, when the key device is a Bluetooth device, a monitor of a Bluetooth key can be started to monitor the key click event of the Bluetooth device, and the monitor monitors the key through a Bluetooth receiving function Bluetooth receiver (). When the monitored EVENT is a KEY click EVENT EXTRA _ KEY _ EVENT, the KEY of the Bluetooth device is clicked by the user, and at the moment, the KEY code of the KEY clicked by the user is obtained by calling the KEY code obtaining function getKeycode (), and the KEY code is recorded. If the user presses the key once again, the key codes of the keys clicked by the user are continuously recorded in the above mode until the time length of the key clicking event monitored by the terminal reaches the preset time length, all the key codes recorded in the preset time length are superposed into a character string, and the character string is the acquired key information generated when the user clicks the keys of the key equipment. Specifically, all the key codes recorded in the preset duration may be superimposed according to the preset sequence.
Step 104: and encrypting the file to be encrypted according to the MAC address and the key information.
In the embodiment of the invention, after the MAC address of the key device and the key information generated by clicking the key of the key device by a user are obtained, the MAC address and the key information are fused to obtain a combined character string; converting the merged character string into an MD5 character string through Hash operation; and encrypting the file to be encrypted according to the MD5 character string.
The embodiment of the invention can fuse the MAC address and the key information in the following three ways.
First, key information is added before all characters included in the MAC address, resulting in a merged string.
For example, assuming that the key information is 233234234 and the MAC address is 0050BACE070C, the key information is added before the MAC address includes all characters, and the resulting merged string is 2332342340050BACE 070C.
Secondly, the key information is added after all the characters included in the MAC address, and a merged character string is obtained.
For example, assuming that the key information is 233234234 and the MAC address is 0050BACE070C, the key information is added after the MAC address includes all characters, and the resulting merged character string is 0050BACE070C 233234234.
Thirdly, two characters with serial numbers respectively being a first preset serial number and a second preset serial number are located from the MAC address, the key information is inserted between the two located characters to obtain a combined character string, and the two located characters are two adjacent characters.
The first preset serial number and the second preset serial number are two adjacent serial numbers, for example, the first preset serial number is 3, and the second preset serial number is 4. The embodiment of the invention does not specifically limit the values of the first preset serial number and the second preset serial number, and the terminal can randomly determine the values of the first preset serial number and the second preset serial number according to the digits of the character string included in the MAC address in practical application. After the terminal determines the values of the first preset sequence number and the second preset sequence number, the values of the first preset sequence number and the second preset sequence number are also recorded, so that a decrypted key can be generated according to the first preset sequence number and the second preset sequence number when a ciphertext corresponding to a file to be encrypted is decrypted.
For example, if the key information is 233234234, the MAC address is 0050BACE070C, and if the first preset serial number is 3 and the second preset serial number is 4, the key information is added between the 3 rd character "5" and the 4 th character "0" included in the MAC address, and the obtained merged string is 0052332342340BACE 070C.
In the embodiment of the present invention, the terminal may select any one of the first to third manners to fuse the MAC address and the key information, so as to obtain the merged string. The terminal also needs to record the used fusion mode so that a decrypted key can be generated in the same fusion mode when the ciphertext corresponding to the file to be encrypted is decrypted.
After the merged character string is obtained in the embodiment of the invention, the merged character string is converted into an MD5 character string through Hash operation, and the MD5 character string is a key for encrypting the file to be encrypted. And subsequently encrypting the file to be encrypted according to the MD5 character string.
Because the process of encrypting the file to be encrypted belongs to the process of writing the file, in the embodiment of the invention, before encrypting the file to be encrypted, the storage address of the ciphertext corresponding to the file to be encrypted which is finally obtained needs to be obtained. And the terminal prompts the user to select a storage address of the ciphertext, at the moment, a file browser of the android system is also used for displaying a file selection interface to the user, and the user selects a folder from the file selection interface. When the terminal detects that a user selects a folder, the absolute address of the folder is obtained, and the absolute address of the folder is determined as the storage address of the ciphertext selected by the user.
Because there may be a case that the storage space of the folder selected by the user is not enough to store the ciphertext of the file to be encrypted, the embodiment of the present invention also needs to determine whether the storage space corresponding to the storage address of the ciphertext is enough. The storage space can be judged to be sufficient by executing the following judgment code, and specific examples of the code are as follows:
StatfFs dataFs ═ new StatfFs (Path); acquiring the space information of the storage address of the ciphertext selected by the user;
long sizes=(long)dataFs.getFreeBlocks()*(long)dataFs.
getLockSize (); // get the size of the remaining space.
The codes judge the size of the residual space under the storage address, compare the return value of sizes with the size of the file to be encrypted, if the return value of sizes is larger than or equal to the size of the file to be encrypted, the space size of the folder selected by the user is enough, and the ciphertext corresponding to the file to be encrypted can be written into the folder. If the return value of the sizes is smaller than the size of the file to be encrypted, the folder space selected by the user is not enough, and the user is prompted to reselect one folder subsequently.
After the ciphertext corresponding to the file to be encrypted is stored, the encryption process of the file to be encrypted can be started through the MD5 character string obtained by converting the merged character string.
The embodiment of the invention adopts DES (Data Encryption Standard) in java (script) to encrypt the file, and the specific codes are as follows:
in the above code, Cipher is used to create an encryption class, and this is key is sent in, and this is key is the key finally obtained according to the MAC address of the bluetooth device and the key information generated by the user clicking the key of the bluetooth device, after the key is written in, the file stream of the file to be encrypted is started to be read, the file stream is added into the encryption stream CipherInputStream for encryption, and the encrypted ciphertext is written in the saved folder.
In the embodiment of the invention, mainly aiming at key devices such as Bluetooth devices and the like, when encrypting, a user can click keys on the key devices to realize complex encryption functions. When a user starts to encrypt, an APP installed on the terminal and used for encrypting files waits for the user to click a key on the key device to achieve encryption. When a user clicks a key on the key device, the terminal monitors the key code of the key, and the terminal records the key code once every time the user clicks one time, so that the final encryption result is influenced when the user clicks different keys and clicks different sequences of the different keys. The more types of keys clicked by the user, the more the number of clicks, the higher the complexity of the finally generated key, and the higher the security of the encrypted file.
In the embodiment of the invention, a file to be encrypted selected by a user is obtained; acquiring a hardware MAC address of key equipment appointed by a user through near field communication connection; acquiring key information generated by clicking keys of the key equipment by a user; and encrypting the file to be encrypted according to the MAC address and the key information. The invention encrypts the file by the MAC address of the key device and the key information generated by clicking the key of the key device by the user. The MAC address of the key device is a character string which uniquely identifies the key device, the character composition of the character string is very random and irregular, and the key information generated by clicking the key of the key device by a user makes the key for encrypting the file have high complexity and difficult to crack, thereby greatly improving the security of file encryption.
Example 2
Referring to fig. 2, an embodiment of the present invention provides a file decryption method, which is used for decrypting a ciphertext obtained by the file encryption method provided in the foregoing embodiment. The method specifically comprises the following steps:
step 201: and acquiring the ciphertext to be decrypted selected by the user.
The execution main body of the embodiment of the invention is a terminal such as a mobile phone or a PAD, and the terminal is provided with an APP (Application) for encrypting files. When a user needs to decrypt a file through a terminal, a ciphertext to be decrypted needs to be selected first.
The way of obtaining the ciphertext to be decrypted selected by the user in the embodiment of the present invention is the same as the way of obtaining the file to be encrypted in step 101 in embodiment 1, and details are not described here.
After the ciphertext to be decrypted is obtained through the operation in this step, the ciphertext to be decrypted is decrypted through the following operation in steps 202 and 204, so as to obtain the plaintext corresponding to the ciphertext to be decrypted.
Step 202: and acquiring the MAC address of the key device specified by the user through the near field communication connection.
The key device can be a sports bracelet or a Bluetooth headset and the like used by a user. The NFC connection may be a bluetooth connection, an infrared connection, or an NFC (Near Field Communication ), or the like.
In the decryption process, the terminal acquires the recorded device identifier of the key device used in the encryption process from the memory. Then, the key device adapter is obtained, and whether the key device adapter contains the device identification is checked. And if not, prompting the user to start the key device corresponding to the device identification, and establishing a near field communication connection with the key device. If the terminal is in the service disconnection state, the listener indicates that the terminal does not establish the near field communication connection with the key device currently, instructs the user to start the key device, and establishes the near field communication connection between the terminal and the key device. And if the state returned by the listener is the service connection state, the terminal is indicated to be currently established with the near field communication connection between the terminal and the key device.
After the near field communication connection with the key device is ensured to be established, the MAC address of the key device is obtained through the near field communication connection.
Step 203: and acquiring key information generated by clicking keys of the key equipment by a user.
In the embodiment of the invention, if the ciphertext to be decrypted is encrypted and verified through the key of the key device in the previous encryption process, the terminal prompts the user to operate the key of the key device to decrypt.
The terminal receives each key instruction transmitted by the key equipment within a preset time length; respectively acquiring a key code corresponding to each key instruction; and coding the keys corresponding to each key instruction according to a preset sequence to form key information.
The specific details of the key information acquisition in this step are the same as the operation in step 103 in embodiment 1, and are not described herein again.
Step 204: and decrypting the ciphertext to be decrypted according to the MAC address and the key information.
In the embodiment of the invention, after the MAC address of the key device and the key information generated by clicking the key of the key device by a user are obtained, the MAC address and the key information are fused to obtain a combined character string; converting the merged character string into an MD5 character string through Hash operation; and decrypting the ciphertext to be decrypted according to the MD5 character string.
The specific details of the above-mentioned merging of the MAC address and the key information are the same as the merging operation in step 104 in embodiment 1, and are not described herein again.
In the embodiment of the invention, a ciphertext to be decrypted selected by a user is obtained; acquiring the MAC address of the key equipment appointed by a user through near field communication connection; acquiring key information generated by clicking keys of key equipment by a user; and decrypting the ciphertext to be decrypted according to the MAC address and the key information. The ciphertext to be decrypted is obtained by encrypting the MAC address of the key equipment and key information generated by clicking the key of the key equipment by a user. Decryption is also performed based on the MAC address and key information. The MAC address of the key device is a character string which uniquely identifies the key device, the character composition of the character string is very random and irregular, and the key information generated by clicking the key of the key device by a user makes the key for encrypting the file have high complexity and difficult to crack, thereby greatly improving the security of file encryption.
Example 3
Referring to fig. 3, an embodiment of the present invention provides a file encryption apparatus, where the apparatus is configured to execute the file encryption method provided in embodiment 1, and the apparatus includes:
an obtaining module 301, configured to obtain a file to be encrypted selected by a user; acquiring the MAC address of the key equipment appointed by a user through near field communication connection; acquiring key information generated by clicking keys of key equipment by a user;
and the encryption module 302 is configured to encrypt the file to be encrypted according to the MAC address and the key information.
The encryption module 302 includes:
the fusion unit is used for fusing the MAC address and the key information to obtain a merged character string;
a conversion unit, which is used for converting the merged character string into a message digest algorithm MD5 character string through hash operation;
and the encryption unit is used for encrypting the file to be encrypted according to the MD5 character string.
The merging unit is configured to add the key information to the front of all characters included in the MAC address to obtain a merged character string; or,
the key information is added after all characters included in the MAC address to obtain a combined character string; or,
the method is used for positioning two characters with serial numbers respectively being a first preset serial number and a second preset serial number from the MAC address, inserting key information between the two positioned characters to obtain a combined character string, wherein the two positioned characters are two adjacent characters.
In an embodiment of the present invention, the apparatus further includes:
the detection module is used for detecting whether the key equipment which establishes the near field communication connection exists at present; if yes, instructing the user to select one key device from the key devices which establish the near field communication connection; if not, the user is instructed to activate a key device to establish a near field communication connection with the user-activated key device.
In this embodiment of the present invention, the obtaining module 301 includes:
the receiving unit is used for receiving each key instruction transmitted by the key equipment within a preset time length;
the acquisition unit is used for respectively acquiring the key codes corresponding to the key instructions;
and the composition unit is used for forming key information by the key codes corresponding to each key instruction according to a preset sequence.
In the embodiment of the invention, a file to be encrypted selected by a user is obtained; acquiring a hardware MAC address of key equipment appointed by a user through near field communication connection; acquiring key information generated by clicking keys of the key equipment by a user; and encrypting the file to be encrypted according to the MAC address and the key information. The invention encrypts the file by the MAC address of the key device and the key information generated by clicking the key of the key device by the user. The MAC address of the key device is a character string which uniquely identifies the key device, the character composition of the character string is very random and irregular, and the key information generated by clicking the key of the key device by a user makes the key for encrypting the file have high complexity and difficult to crack, thereby greatly improving the security of file encryption.
Example 4
Referring to fig. 4, an embodiment of the present invention provides a file decryption apparatus, where the apparatus is configured to execute the file decryption method provided in embodiment 2, and the apparatus includes:
an obtaining module 401, configured to obtain a ciphertext to be decrypted, where the ciphertext is selected by a user; acquiring a hardware MAC address of key equipment appointed by a user through near field communication connection; acquiring key information generated by clicking keys of key equipment by a user;
and the decryption module 402 is configured to decrypt the ciphertext to be decrypted according to the MAC address and the key information.
The decryption module 402 comprises:
the fusion unit is used for fusing the MAC address and the key information to obtain a merged character string;
a conversion unit for converting the merged character string into an MD5 character string by a hash operation;
and the decryption unit is used for decrypting the ciphertext to be decrypted according to the MD5 character string.
In this embodiment of the present invention, the obtaining module 401 includes:
the receiving unit receives each key instruction transmitted by the key equipment in a preset time length;
the acquisition unit is used for respectively acquiring the key codes corresponding to the key instructions;
and the composition unit is used for forming key information by the key codes corresponding to each key instruction according to a preset sequence.
In the embodiment of the invention, a ciphertext to be decrypted selected by a user is obtained; acquiring the MAC address of the key equipment appointed by a user through near field communication connection; acquiring key information generated by clicking keys of key equipment by a user; and decrypting the ciphertext to be decrypted according to the MAC address and the key information. The ciphertext to be decrypted is obtained by encrypting the MAC address of the key equipment and key information generated by clicking the key of the key equipment by a user. Decryption is also performed based on the MAC address and key information. The MAC address of the key device is a character string which uniquely identifies the key device, the character composition of the character string is very random and irregular, and the key information generated by clicking the key of the key device by a user makes the key for encrypting the file have high complexity and difficult to crack, thereby greatly improving the security of file encryption.
The file encryption device and the file decryption device provided by the embodiment of the invention can be specific hardware on equipment, or software or firmware installed on the equipment, and the like. The device provided by the embodiment of the present invention has the same implementation principle and technical effect as the method embodiments, and for the sake of brief description, reference may be made to the corresponding contents in the method embodiments without reference to the device embodiments. It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the foregoing systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the embodiments provided in the present invention, it should be understood that the disclosed apparatus and method may be implemented in other ways. The above-described embodiments of the apparatus are merely illustrative, and for example, the division of the units is only one logical division, and there may be other divisions when actually implemented, and for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection of devices or units through some communication interfaces, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments provided by the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus once an item is defined in one figure, it need not be further defined and explained in subsequent figures, and moreover, the terms "first", "second", "third", etc. are used merely to distinguish one description from another and are not to be construed as indicating or implying relative importance.
Finally, it should be noted that: the above-mentioned embodiments are only specific embodiments of the present invention, which are used for illustrating the technical solutions of the present invention and not for limiting the same, and the protection scope of the present invention is not limited thereto, although the present invention is described in detail with reference to the foregoing embodiments, those skilled in the art should understand that: any person skilled in the art can modify or easily conceive the technical solutions described in the foregoing embodiments or equivalent substitutes for some technical features within the technical scope of the present disclosure; such modifications, changes or substitutions do not depart from the spirit and scope of the present invention in its spirit and scope. Are intended to be covered by the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the appended claims.
Claims (10)
1. A method for encrypting a file, the method comprising:
acquiring a file to be encrypted selected by a user;
acquiring a Media Access Control (MAC) address of the key device specified by the user through near field communication connection;
acquiring key information generated by clicking keys of the key equipment by the user;
and encrypting the file to be encrypted according to the MAC address and the key information.
2. The method according to claim 1, wherein the encrypting the file to be encrypted according to the MAC address and the key information comprises:
fusing the MAC address and the key information to obtain a merged character string;
converting the merged character string into a message digest algorithm MD5 character string through a Hash operation;
and encrypting the file to be encrypted according to the MD5 character string.
3. The method of claim 2, wherein fusing the MAC address and the key information to obtain a merged string comprises:
adding the key information to the front of all characters included in the MAC address to obtain a combined character string; or,
adding the key information to all characters included in the MAC address to obtain a combined character string; or,
and positioning two characters with serial numbers respectively being a first preset serial number and a second preset serial number from the MAC address, inserting the key information between the two positioned characters to obtain a combined character string, wherein the two positioned characters are two adjacent characters.
4. The method of claim 1, wherein before the obtaining the MAC address of the user-specified key device via the near field communication connection, further comprising:
detecting whether a key device with established near field communication connection exists currently;
if yes, instructing the user to select one key device from key devices with established near field communication connection;
and if not, indicating the user to start a key device and establishing near field communication connection with the key device started by the user.
5. The method of claim 1, wherein obtaining key information generated by the user clicking a key of the key device comprises:
receiving each key instruction transmitted by the key equipment within a preset time length;
respectively acquiring a key code corresponding to each key instruction;
and coding the keys corresponding to each key instruction according to a preset sequence to form key information.
6. A method for decrypting a file, the method comprising:
obtaining a ciphertext to be decrypted selected by a user;
acquiring the MAC address of the key equipment appointed by the user through near field communication connection;
acquiring key information generated by clicking keys of the key equipment by the user;
and decrypting the ciphertext to be decrypted according to the MAC address and the key information.
7. The method according to claim 6, wherein the decrypting the ciphertext to be decrypted according to the MAC address and the key information comprises:
fusing the MAC address and the key information to obtain a merged character string;
converting the merged character string into a message digest algorithm MD5 character string through a Hash operation;
and decrypting the ciphertext to be decrypted according to the MD5 character string.
8. The method of claim 6, wherein obtaining key information generated by the user clicking a key of the key device comprises:
receiving each key instruction transmitted by the key equipment within a preset time length;
respectively acquiring a key code corresponding to each key instruction;
and coding the keys corresponding to each key instruction according to a preset sequence to form key information.
9. An apparatus for encrypting a file, the apparatus comprising:
the acquisition module is used for acquiring a file to be encrypted selected by a user; acquiring the MAC address of the key equipment appointed by the user through near field communication connection; acquiring key information generated by clicking keys of the key equipment by the user;
and the encryption module is used for encrypting the file to be encrypted according to the MAC address and the key information.
10. An apparatus for decrypting a file, the apparatus comprising:
the acquisition module is used for acquiring the ciphertext to be decrypted selected by the user; acquiring the MAC address of the key equipment appointed by the user through near field communication connection; acquiring key information generated by clicking keys of the key equipment by the user;
and the decryption module is used for decrypting the ciphertext to be decrypted according to the MAC address and the key information.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611110325.0A CN106709362A (en) | 2016-12-06 | 2016-12-06 | File encryption method and device and file decryption method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611110325.0A CN106709362A (en) | 2016-12-06 | 2016-12-06 | File encryption method and device and file decryption method and device |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106709362A true CN106709362A (en) | 2017-05-24 |
Family
ID=58937462
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201611110325.0A Pending CN106709362A (en) | 2016-12-06 | 2016-12-06 | File encryption method and device and file decryption method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106709362A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107197346A (en) * | 2017-05-27 | 2017-09-22 | 深圳Tcl新技术有限公司 | Television terminal and bluetooth equipment return even method and computer-readable recording medium |
CN109101116A (en) * | 2018-07-24 | 2018-12-28 | 深圳享米科技有限公司 | IOS terminal device safety keyboard and its implementation |
CN109992987A (en) * | 2017-12-29 | 2019-07-09 | 深圳市融汇通金科技有限公司 | Script file guard method, device and terminal device based on Nginx |
CN111984944A (en) * | 2020-08-28 | 2020-11-24 | 重庆小雨点小额贷款有限公司 | Source code processing method, related device and storage medium |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1601577A (en) * | 2003-09-22 | 2005-03-30 | 株式会社理光 | Information processing device, printing device, print data transmission method, printing method, print data transmitting program, and recording medium |
CN102857564A (en) * | 2012-08-27 | 2013-01-02 | 华为终端有限公司 | Data synchronization method, terminal and system |
CN103560886A (en) * | 2013-11-04 | 2014-02-05 | 北京旋极信息技术股份有限公司 | Authentication method for electronic signature equipment |
CN104598782A (en) * | 2014-12-04 | 2015-05-06 | 广东欧珀移动通信有限公司 | Data packaging and analysis method and device |
CN105634729A (en) * | 2015-12-25 | 2016-06-01 | 上海云丞聚智能科技有限公司 | Mobile phone encryption and decryption method based on bluetooth equipment |
-
2016
- 2016-12-06 CN CN201611110325.0A patent/CN106709362A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1601577A (en) * | 2003-09-22 | 2005-03-30 | 株式会社理光 | Information processing device, printing device, print data transmission method, printing method, print data transmitting program, and recording medium |
CN102857564A (en) * | 2012-08-27 | 2013-01-02 | 华为终端有限公司 | Data synchronization method, terminal and system |
CN103560886A (en) * | 2013-11-04 | 2014-02-05 | 北京旋极信息技术股份有限公司 | Authentication method for electronic signature equipment |
CN104598782A (en) * | 2014-12-04 | 2015-05-06 | 广东欧珀移动通信有限公司 | Data packaging and analysis method and device |
CN105634729A (en) * | 2015-12-25 | 2016-06-01 | 上海云丞聚智能科技有限公司 | Mobile phone encryption and decryption method based on bluetooth equipment |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107197346A (en) * | 2017-05-27 | 2017-09-22 | 深圳Tcl新技术有限公司 | Television terminal and bluetooth equipment return even method and computer-readable recording medium |
CN109992987A (en) * | 2017-12-29 | 2019-07-09 | 深圳市融汇通金科技有限公司 | Script file guard method, device and terminal device based on Nginx |
CN109992987B (en) * | 2017-12-29 | 2021-04-27 | 港融科技有限公司 | Script file protection method and device based on Nginx and terminal equipment |
CN109101116A (en) * | 2018-07-24 | 2018-12-28 | 深圳享米科技有限公司 | IOS terminal device safety keyboard and its implementation |
CN111984944A (en) * | 2020-08-28 | 2020-11-24 | 重庆小雨点小额贷款有限公司 | Source code processing method, related device and storage medium |
CN111984944B (en) * | 2020-08-28 | 2024-04-19 | 重庆小雨点小额贷款有限公司 | Source code processing method, related device and storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106599723B (en) | File encryption method and device and file decryption method and device | |
JP6814147B2 (en) | Terminals, methods, non-volatile storage media | |
WO2017202025A1 (en) | Terminal file encryption method, terminal file decryption method, and terminal | |
US8555060B2 (en) | Managing method, device and terminal for application program | |
CN106709362A (en) | File encryption method and device and file decryption method and device | |
KR102391784B1 (en) | A primary device, an accessory device, and methods for processing operations on the primary device and the accessory device | |
EP2835997B1 (en) | Cell phone data encryption method and decryption method | |
CN104270517A (en) | Information encryption method and mobile terminal | |
CN110221990B (en) | Data storage method and device, storage medium and computer equipment | |
KR101625785B1 (en) | Method and device for information security management of mobile terminal, and mobile terminal | |
CN102750497A (en) | Method and device for deciphering private information | |
CN103034417A (en) | Unlocking method for touch screen and terminal equipment | |
CN106648583B (en) | Information processing method and terminal | |
JP6397046B2 (en) | Address book protection method, apparatus and communication system | |
CN106357678A (en) | Cloud encryption storage method for intelligent terminal and intelligent terminal | |
JP6172866B2 (en) | Agent for providing security cloud service and security key device for security cloud service | |
CN112492352A (en) | Video encryption and decryption method and device, electronic equipment and storage medium | |
Park et al. | A methodology for the decryption of encrypted smartphone backup data on android platform: A case study on the latest samsung smartphone backup system | |
CN106033518B (en) | Information processing method and device | |
CN105279447A (en) | Method and device for data encryption, and method and device for data decryption | |
WO2017120745A1 (en) | Method, device, and system for processing profile | |
CN112199730A (en) | Method and device for processing application data on terminal and electronic equipment | |
US20220311601A1 (en) | Method for pushing key, method for operating file, storage medium, and computer device | |
CN106453335B (en) | Data transmission method and device | |
CN113536334A (en) | Authorization checking method, module and system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170524 |