CN106788999A - A kind of wechat evidence collecting method and system based on data collision - Google Patents

A kind of wechat evidence collecting method and system based on data collision Download PDF

Info

Publication number
CN106788999A
CN106788999A CN201611131930.6A CN201611131930A CN106788999A CN 106788999 A CN106788999 A CN 106788999A CN 201611131930 A CN201611131930 A CN 201611131930A CN 106788999 A CN106788999 A CN 106788999A
Authority
CN
China
Prior art keywords
wechat
user
evidence
collision
data storehouse
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201611131930.6A
Other languages
Chinese (zh)
Other versions
CN106788999B (en
Inventor
操家庆
桂坤
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Lanzhou Zhonghe Technology Co.,Ltd.
Original Assignee
Wuhan Soft Card Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Wuhan Soft Card Information Technology Co Ltd filed Critical Wuhan Soft Card Information Technology Co Ltd
Priority to CN201611131930.6A priority Critical patent/CN106788999B/en
Publication of CN106788999A publication Critical patent/CN106788999A/en
Application granted granted Critical
Publication of CN106788999B publication Critical patent/CN106788999B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0631Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention relates to a kind of wechat evidence collecting method based on data collision and system, its method includes creating crash data storehouse, user's wechat number UID is encrypted, and the first encrypted characters string that will be obtained after encryption is stored in crash data storehouse as local file directory name;Local file directory name to be collected evidence is inquired about in crash data storehouse, and corresponding user's wechat number UID is treated in acquisition;According to the user's wechat number UID generation AES decryption keys for obtaining, and it is decrypted by the encryption file that AES decrypts secret key pair wechat, completes wechat evidence obtaining.The present invention is using the association between the local data and user UID of wechat, the mapping relations of user's local data and user's wechat number UID are completely set up by crash data storehouse, can be decrypted with the more convenient encryption file to wechat, realize that wechat is collected evidence, simultaneously can be when multiple wechat accounts be logged in simultaneously, each user wechat number UID is accurately obtained, and is targetedly decrypted, security is high.

Description

A kind of wechat evidence collecting method and system based on data collision
Technical field
The present invention relates to data ciphering and deciphering technical field, more particularly to a kind of wechat evidence collecting method based on data collision And system.
Background technology
Traditional Mobile Phone Forensics analysis system, is decrypted by the wechat local file to extracting, by analysis caching text The field of part, obtains wechat user UID, and then entering line translation according to UID etc. obtains decruption key, so as to realize decryption.But During for not knowing that user UID or same portion's mobile phone log in multiple micro-signals, it is impossible to which acquisition analyzes UID, or cannot know Other local file correspondence is which wechat user UID, and then cannot wechat data be analyzed with evidence obtaining.In order to overcome above-mentioned skill Art defect, it is necessary to set up the mapping relations of user data information in user's local data and server database, so as to facilitate Collected evidence with realizing wechat into decryption oprerations.
The content of the invention
The technical problems to be solved by the invention are directed to above-mentioned the deficiencies in the prior art, there is provided one kind is based on data collision Wechat evidence collecting method and system.
The technical scheme that the present invention solves above-mentioned technical problem is as follows:
According to one aspect of the present invention, there is provided a kind of wechat evidence collecting method based on data collision, including following step Suddenly:
Step 1:Crash data storehouse is created, user's wechat number UID is encrypted, and first for being obtained after encryption adds Close character string is as local file directory name storage in the crash data storehouse;
Step 2:Local file directory name to be collected evidence is inquired about in the crash data storehouse, and obtains local file to be collected evidence The corresponding user's wechat number UID of directory name;
Step 3:According to the user's wechat number UID generation AES decryption keys for obtaining, and key is decrypted by the AES Encryption file to wechat is decrypted, and completes wechat evidence obtaining.
A kind of wechat evidence collecting method based on data collision of the invention, using wechat local data and user UID it Between association, the mapping relations of user's local data and user's wechat number UID are completely set up by crash data storehouse, can compare The more convenient encryption file to wechat is decrypted, realize wechat collect evidence, while can multiple wechat accounts simultaneously log in when, Each user wechat number UID is accurately obtained, and is targetedly decrypted, security is high.
According to another aspect of the present invention, there is provided a kind of wechat evidence-obtaining system based on data collision, including create Module, encrypting module, enquiry module and deciphering module.The creation module is used to create crash data storehouse;The encrypting module Be encrypted for user's wechat number UID, and the first encrypted characters string that will be obtained after encryption as local file directory name Storage is in the crash data storehouse;The enquiry module is used to inquire about local file mesh to be collected evidence in the crash data storehouse Record name, and obtain the corresponding user's wechat number UID of local file directory name to be collected evidence;The deciphering module is used for according to acquisition User's wechat number UID generation AES decryption key, and by the AES decrypt secret key pair local file be decrypted, complete Wechat is collected evidence.
A kind of wechat evidence-obtaining system based on data collision of the invention, can be to user's wechat by the encrypting module Number UID is encrypted, and stores into crash data storehouse, establishes reflecting for user's local data and user wechat number UID Relation is penetrated, local file directory name to be collected evidence is input into enquiry module, you can the encryption by the deciphering module to wechat File is decrypted, and realizes that wechat is collected evidence.
Brief description of the drawings
Fig. 1 is a kind of wechat evidence collecting method schematic flow sheet based on data collision of the invention;
Fig. 2 is a kind of wechat evidence-obtaining system structural representation based on data collision of the invention.
Specific embodiment
Principle of the invention and feature are described below in conjunction with accompanying drawing, example is served only for explaining the present invention, and It is non-for limiting the scope of the present invention.
Embodiment one, a kind of wechat evidence collecting method based on data collision.Below in conjunction with Fig. 1 to one kind of the present embodiment Wechat evidence collecting method based on data collision is introduced in detail.
As shown in figure 1, a kind of wechat evidence collecting method based on data collision, comprises the following steps:
Step 1:Crash data storehouse is created, user's wechat number UID is encrypted, and first for being obtained after encryption adds Close character string is as local file directory name storage in the crash data storehouse;
Step 2:Local file directory name to be collected evidence is inquired about in the crash data storehouse, and obtains local file to be collected evidence The corresponding user's wechat number UID of directory name;
Step 3:According to the user's wechat number UID generation AES decryption keys for obtaining, and key is decrypted by the AES Encryption file to wechat is decrypted, and completes wechat evidence obtaining.
In the present embodiment, in the step 1, to being implemented as that user's wechat number UID is encrypted:By default spy Levy character string carries out being spliced to form the first character string with user's wechat number UID, and is encrypted fortune to first character string Calculate, obtain the first encrypted characters string;Wherein, position of the digit of user's wechat number UID no more than the first encrypted characters string Number.The wechat number UID can be effectively encrypted through the above way, and described first for obtaining will be encrypted and added Close character string in the crash data storehouse, is easy to follow-up lookup as local file directory name storage.
In the present invention, the feature string takes general feature string " mm " in wechat, can be in order to recognize, to institute The first character string is stated effectively to be recognized.
Preferably, in the step 1, first character string is encrypted according to following presetting database table;
wxmd5(wxno varchar,md5char);
Wherein, wxno represents first character string, and varchar represents the data that first character string is regular length Type, md5 is cryptographic calculation, and char represents the data type that the md5 cryptographic calculations are variable-length, and wxmd5 is to described First character string carries out the first encrypted characters string obtained after md5 cryptographic calculations.
Can be set up between the first encrypted characters string and first character string one by one by above-mentioned database table Mapping relations, that is, the mapping relations set up between user wechat number UID and local file directory name, are so subsequently searching When, corresponding user's wechat number UID can eaily be obtained by local file directory to be collected evidence name, it is quick to realize solution It is close, while improving the security of data.
Preferably, after creating the crash data storehouse, also the crash data storehouse is divided, obtains multiple collision subdatas Storehouse, and stored after generating the first encrypted characters string into colliding subdata base one of them described.Due to described The amount in crash data storehouse is very big, and according to the length of 11 bit digitals, the value of each can be 0-9, and "-" character, by most Enumerate eventually, total data volume is more than 20,000,000,000.So in storage and retrieval, efficiency is very low, and corresponding speed is extremely slow, leads to Cross and the crash data storehouse is divided, eaily by data storage to different collision subdata bases can so look into It is very convenient when looking for.
Preferably, crash data storehouse division is implemented as according to the cryptographic calculation:According to described first The crash data storehouse is divided into m by preceding n of character stringnIndividual collision subdata base, and according to the first encrypted characters string Preceding n stored to it is corresponding it is described collision subdata base in;Wherein m represents the system number of first character string.It is logical Cross aforesaid way targetedly can be divided into quantity phase therewith according to the data volume of the first character string by the crash data storehouse The collision subdata base of matching, and preceding n by first character string divide to the crash data storehouse, can be with Corresponding collision subdata base is found in storage or retrieval, corresponding speed is exceedingly fast fast accurate.
Preferably, first character string takes 16 systems, takes first 2 of first character string by the crash data storehouse 00-FF totally 256 collision subdata bases are divided into, the other corresponding speed of Millisecond can be reached in practice.
In the present embodiment, in the step 2, the corresponding user's wechat number UID of local file directory name to be collected evidence is obtained Be implemented as:Local file directory name to be collected evidence is inquired about in the crash data storehouse, and treats evidence obtaining local file mesh Record name is decrypted computing, obtains user's wechat number UID;Wherein, the decryption computing is inverse each other with the cryptographic calculation transports Calculate.User's wechat number can be directly quickly obtained according to local file directory to be collected evidence name when searching through the above way UID, is easy to the decryption of the follow-up encryption file that correspondence user's wechat is realized according to user's wechat number UID, and security is good, and Inverse operation each other between decryption computing and the cryptographic calculation, is not in mistake, it is ensured that data are accurate.
In the present embodiment, being implemented as decryption key is generated in the step 3:
Step 31:According to corresponding user IMEI values in user's wechat number UID reading local cache files;
Step 32:Call AES to decrypt key function, and generated according to user's wechat number UID and user IMEI values AES decrypts key;
Step 33:AES decryption functions are called, and the encryption file that wechat is read in key circulation is decrypted according to the AES, it is real Existing wechat evidence obtaining.
AES decryption keys can be generated according to user's wechat number UID through the above way, and key is decrypted according to AES The wechat encryption file of correspondence user is decrypted, quick and convenient, and security performance is high, it is not easy to crack.
Specifically, heretofore described AES decryption key functions are using the PKCS5_PBKDF2_ in openssl functions HMAC_SHA1 functions, the AES decryption functions use AES_cbc_encrypt decryption functions.
Preferably, in the step 32, key is decrypted according to user's wechat number UID and the generation of user IMEI values It is implemented as:
Step 321:User wechat number UID and corresponding user IMEI values are spliced, the second character string is formed;
Step 322:Second character string is carried out into the cryptographic calculation, the second encrypted characters string is obtained;
Step 323:Call AES to decrypt key function, and concatenate into corresponding AES decryption according to second encrypted characters Key.
Spliced by by user's wechat number UID and corresponding user IMEI values, and to spliced second Character string is encrypted computing and obtains the second encrypted characters string, then obtains AES decryption keys by AES decryption key functions, enters One step improves the level of confidentiality of encryption, strengthens the security of data.
A kind of wechat evidence collecting method based on data collision of the invention, using wechat local data and user UID it Between association, the mapping relations of user's local data and user's wechat number UID are completely set up by crash data storehouse, can compare The more convenient encryption file to wechat is decrypted, realize wechat collect evidence, while can multiple wechat accounts simultaneously log in when, Each user wechat number UID is accurately obtained, and is targetedly decrypted, security is high.
Embodiment two, a kind of wechat evidence-obtaining system based on data collision.Below in conjunction with Fig. 2 to one kind of the present embodiment Wechat evidence-obtaining system based on data collision is introduced in detail.
As shown in Fig. 2 a kind of wechat evidence-obtaining system based on data collision, including creation module, encrypting module, inquiry mould Block and deciphering module.The creation module is used to create crash data storehouse;The encrypting module enters for user's wechat number UID Row is encrypted, and the first encrypted characters string that will be obtained after encryption is stored in the crash data storehouse as local file directory name In;The enquiry module treats evidence obtaining originally for inquiring about local file directory name to be collected evidence in the crash data storehouse, and obtaining The corresponding user's wechat number UID of ground file directory name;The deciphering module is used for according to the user's wechat number UID lifes for obtaining Key is decrypted into AES, and secret key pair local file is decrypted by the AES and be decrypted, complete wechat evidence obtaining.
In the present embodiment, with user's wechat number UID be spliced to form default feature string by the encrypting module First character string, and computing is encrypted to first character string, obtain the first encrypted characters string;Wherein, user's micro-signal The digit of the digit no more than the first encrypted characters string of code UID.So the wechat number UID can effectively be added Close treatment, and the first encrypted characters string for obtaining will be encrypted as local file directory name storage in the crash data storehouse In, it is easy to follow-up lookup.
Preferably, the encrypting module is encrypted according to following presetting database table to first character string;
wxmd5(wxno varchar,md5 char);
Wherein, wxno represents first character string, and md5 is cryptographic calculation, and wxmd5 is that first character string is carried out The the first encrypted characters string obtained after md5 cryptographic calculations.The first encrypted characters string can be set up by above-mentioned database table With the mapping relations one by one between first character string, that is, set up between user wechat number UID and local file directory name Mapping relations, so in follow-up lookup, can eaily obtain corresponding by local file directory collect evidence User wechat number UID, it is quick to realize decryption, while improving the security of data.
Preferably, after the creation module creates the crash data storehouse, also the crash data storehouse is divided, obtains many Individual collision subdata base, and stored to collision subdata base one of them described after the first encrypted characters string is generated In.Because the amount in the crash data storehouse is very big, according to the length of 11 bit digitals, the value of each can be 0-9, and "-" Character, by finally enumerating, total data volume is more than 20,000,000,000.So in storage and retrieval, efficiency is very low, accordingly Speed is extremely slow, is divided by the crash data storehouse, can eaily by data storage to different collision subdatas Storehouse, it is so very convenient when searching.
Preferably, the creation module is implemented as according to the cryptographic calculation to crash data storehouse division: The crash data storehouse is divided into m by preceding n according to first character stringnIndividual collision subdata base, and according to described Preceding n of one encrypted characters string is stored into the corresponding collision subdata base;Wherein m represents first character string System number.So the crash data storehouse targetedly can be divided into therewith by quantity according to the data volume of the first character string The collision subdata base for matching, and preceding n by first character string divide to the crash data storehouse, can To find corresponding collision subdata base in storage or retrieval, corresponding speed is exceedingly fast fast accurate.
In the present embodiment, the enquiry module inquires about local file directory name to be collected evidence in the crash data storehouse, and Treat evidence obtaining local file directory name and be decrypted computing, obtain user's wechat number UID;Wherein, decryption computing and the institute State cryptographic calculation inverse operation each other.
In the present embodiment, the deciphering module is according to corresponding use in user's wechat number UID reading local cache files Family IMEI values;Then AES is called to decrypt key function, and according to user's wechat number UID and user IMEI values generation AES Decryption key;AES decryption functions are finally called, and the encryption file that wechat is read in key circulation is decrypted according to the AES, realized Wechat is collected evidence.So AES decryption keys can be generated according to user's wechat number UID, and secret key pair application family is decrypted according to AES Wechat encryption file be decrypted, it is quick and convenient, and security performance is high, it is not easy to crack.
Preferably, the deciphering module is spliced user wechat number UID and corresponding user IMEI values, and will To the second character string be encrypted computing and obtain the second encrypted characters string;AES decryption key functions are recalled, and according to described Second encrypted characters concatenate into corresponding AES decryption key.By by user's wechat number UID and corresponding user IMEI Value is spliced, and computing is encrypted to spliced second character string obtains the second encrypted characters string, then is decrypted by AES Key function obtains AES decryption keys, further improves the level of confidentiality of encryption, strengthens the security of data.
A kind of wechat evidence-obtaining system based on data collision of the invention, can be to user's wechat by the encrypting module Number UID is encrypted, and stores into crash data storehouse, establishes reflecting for user's local data and user wechat number UID Relation is penetrated, local file directory name to be collected evidence is input into enquiry module, you can the encryption by the deciphering module to wechat File is decrypted, and realizes that wechat is collected evidence.
The foregoing is only presently preferred embodiments of the present invention, be not intended to limit the invention, it is all it is of the invention spirit and Within principle, any modification, equivalent substitution and improvements made etc. should be included within the scope of the present invention.

Claims (10)

1. a kind of wechat evidence collecting method based on data collision, it is characterised in that comprise the following steps:
Step 1:Crash data storehouse is created, user's wechat number UID is encrypted, and the first encrypted word that will be obtained after encryption Symbol string is as local file directory name storage in the crash data storehouse;
Step 2:Local file directory name to be collected evidence is inquired about in the crash data storehouse, and obtains local file directory to be collected evidence The corresponding user's wechat number UID of name;
Step 3:According to the user's wechat number UID generation AES decryption keys for obtaining, and it is micro- to decrypt secret key pair by the AES The encryption file of letter is decrypted, and completes wechat evidence obtaining.
2. a kind of wechat evidence collecting method based on data collision according to claim 1, it is characterised in that in the step 1, To being implemented as that user's wechat number UID is encrypted:Default feature string is spelled with user's wechat number UID Connect to form the first character string, and computing is encrypted to first character string, obtain the first encrypted characters string;
Wherein, digit of the digit of user's wechat number UID no more than the first encrypted characters string.
3. a kind of wechat evidence collecting method based on data collision according to claim 2, it is characterised in that:In the step 1, First character string is encrypted according to following presetting database table;
wxmd5(wxno varchar,md5char);
Wherein, wxno represents first character string, and varchar represents the data class that first character string is regular length Type, md5 is cryptographic calculation, and char represents the data type that the md5 cryptographic calculations are variable-length, and wxmd5 is to described the One character string carries out the first encrypted characters string obtained after md5 cryptographic calculations.
4. a kind of wechat evidence collecting method based on data collision according to claim 2, it is characterised in that:Create the collision After database, also the crash data storehouse is divided, obtain multiple collision subdata bases, and generating first encrypted characters Stored after string into collision subdata base one of them described.
5. a kind of wechat evidence collecting method based on data collision according to claim 4, it is characterised in that:According to the encryption Computing is implemented as to crash data storehouse division:Preceding n according to first character string by the crash data Storehouse is divided into mnIndividual collision subdata base, and stored to corresponding described according to preceding n of the first encrypted characters string In collision subdata base;
Wherein m represents the system number of first character string.
6. a kind of wechat evidence collecting method based on data collision according to claim 2, it is characterised in that in the step 2, Obtain being implemented as the local file directory corresponding user's wechat number UID of name to be collected evidence:In the crash data storehouse Local file directory name to be collected evidence is inquired about, and treats evidence obtaining local file directory name and be decrypted computing, obtain user's micro-signal Code UID;
Wherein, decryption computing and the cryptographic calculation inverse operation each other.
7. a kind of wechat evidence collecting method based on data collision according to any one of claim 2 to 6, it is characterised in that institute Being implemented as key is decrypted in generation in stating step 3:
Step 31:According to corresponding user IMEI values in user's wechat number UID reading local cache files;
Step 32:AES is called to decrypt key function, and according to user's wechat number UID and user IMEI values generation AES solutions Close key;
Step 33:AES decryption functions are called, and the encryption file that wechat is read in key circulation is decrypted according to the AES, realized micro- Letter evidence obtaining.
8. a kind of wechat evidence collecting method based on data collision according to claim 7, it is characterised in that the step 32 In, being implemented as key is decrypted according to user's wechat number UID and the generation of user IMEI values:
Step 321:User wechat number UID and corresponding user IMEI values are spliced, the second character string is formed;
Step 322:Second character string is carried out into the cryptographic calculation, the second encrypted characters string is obtained;
Step 323:AES is called to decrypt key function, and it is secret to concatenate into corresponding AES decryption according to second encrypted characters Key.
9. a kind of wechat evidence-obtaining system based on data collision, it is characterised in that:Including creation module, encrypting module, inquiry mould Block and deciphering module;
The creation module is used to create crash data storehouse;
The encrypting module is encrypted for user's wechat number UID, and the first encrypted characters string that will be obtained after encryption is made It is that local file directory name is stored in the crash data storehouse;
The enquiry module treats evidence obtaining originally for inquiring about local file directory name to be collected evidence in the crash data storehouse, and obtaining The corresponding user's wechat number UID of ground file directory name;
The deciphering module is used for according to the user's wechat number UID generation AES decryption keys for obtaining, and is solved by the AES Close secret key pair local file is decrypted, and completes wechat evidence obtaining.
10. a kind of wechat evidence-obtaining system based on data collision according to claim 9, it is characterised in that:The establishment mould After block creates the crash data storehouse, the crash data storehouse is divided into m by preceding n always according to first character stringnIt is individual Collision subdata base, and after the encrypting module generates the first encrypted characters string, according to the first encrypted characters string Preceding n stored to it is corresponding it is described collision subdata base in.
CN201611131930.6A 2016-12-09 2016-12-09 WeChat evidence obtaining method and system based on data collision Active CN106788999B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201611131930.6A CN106788999B (en) 2016-12-09 2016-12-09 WeChat evidence obtaining method and system based on data collision

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201611131930.6A CN106788999B (en) 2016-12-09 2016-12-09 WeChat evidence obtaining method and system based on data collision

Publications (2)

Publication Number Publication Date
CN106788999A true CN106788999A (en) 2017-05-31
CN106788999B CN106788999B (en) 2020-05-19

Family

ID=58875771

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201611131930.6A Active CN106788999B (en) 2016-12-09 2016-12-09 WeChat evidence obtaining method and system based on data collision

Country Status (1)

Country Link
CN (1) CN106788999B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108959578A (en) * 2018-07-06 2018-12-07 山东浪潮商用系统有限公司 A kind of tax data crash analysis method
CN111104693A (en) * 2019-12-26 2020-05-05 陕西美亚秦安信息科技有限公司 Android platform software data cracking method, terminal device and storage medium
WO2022028255A1 (en) * 2020-08-04 2022-02-10 公安部第三研究所 Data extraction method and system for mobile phone enterprise wechat, and storage medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101183415A (en) * 2007-12-19 2008-05-21 腾讯科技(深圳)有限公司 Method and device for preventing sensitive information from leakage
CN104394530A (en) * 2014-12-09 2015-03-04 天津光电安辰信息技术有限公司 Wechat content encryption system based on smartphone and implementation method of wechat content encryption system
CN105678174A (en) * 2015-12-31 2016-06-15 四川秘无痕信息安全技术有限责任公司 Method for decrypting WeChat encrypted data based on binary system
CN105760518A (en) * 2016-02-29 2016-07-13 四川秘无痕信息安全技术有限责任公司 Method for accurately detecting data of Android WeChat friend circle
CN105959266A (en) * 2016-04-25 2016-09-21 颜陈煜 File opening authority management method
CN106126699A (en) * 2016-06-30 2016-11-16 武汉烽火众智数字技术有限责任公司 A kind of feature clue querying method based on data collision and system

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101183415A (en) * 2007-12-19 2008-05-21 腾讯科技(深圳)有限公司 Method and device for preventing sensitive information from leakage
CN104394530A (en) * 2014-12-09 2015-03-04 天津光电安辰信息技术有限公司 Wechat content encryption system based on smartphone and implementation method of wechat content encryption system
CN105678174A (en) * 2015-12-31 2016-06-15 四川秘无痕信息安全技术有限责任公司 Method for decrypting WeChat encrypted data based on binary system
CN105760518A (en) * 2016-02-29 2016-07-13 四川秘无痕信息安全技术有限责任公司 Method for accurately detecting data of Android WeChat friend circle
CN105959266A (en) * 2016-04-25 2016-09-21 颜陈煜 File opening authority management method
CN106126699A (en) * 2016-06-30 2016-11-16 武汉烽火众智数字技术有限责任公司 A kind of feature clue querying method based on data collision and system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
李强,刘宝旭,姜政伟,严坚: "一种Android系统下的QQ取证模型分析", 《技术研究》 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108959578A (en) * 2018-07-06 2018-12-07 山东浪潮商用系统有限公司 A kind of tax data crash analysis method
CN111104693A (en) * 2019-12-26 2020-05-05 陕西美亚秦安信息科技有限公司 Android platform software data cracking method, terminal device and storage medium
WO2022028255A1 (en) * 2020-08-04 2022-02-10 公安部第三研究所 Data extraction method and system for mobile phone enterprise wechat, and storage medium

Also Published As

Publication number Publication date
CN106788999B (en) 2020-05-19

Similar Documents

Publication Publication Date Title
US11516201B2 (en) Encryption and decryption techniques using shuffle function
CN106161006B (en) Digital encryption algorithm
CN107609418A (en) Desensitization method, device, storage device and the computer equipment of text data
CN102685110B (en) Universal method and system for user registration authentication based on fingerprint characteristics
CN102685093A (en) Mobile-terminal-based identity authentication system and method
US20150163065A1 (en) Identity authentication method and apparatus and server
CN107241184B (en) Personal password generation and management method based on improved AES
CN110225014B (en) Internet of things equipment identity authentication method based on fingerprint centralized issuing mode
CN106788999A (en) A kind of wechat evidence collecting method and system based on data collision
CN105827582A (en) Communication encryption method, device and system
Geetha et al. Tamilian cryptography: an efficient hybrid symmetric key encryption algorithm
US10997301B1 (en) Variable encryption techniques for secure and efficient searchable encryption
Park et al. Research on Note-Taking Apps with Security Features.
Wu et al. Encryption of accounting data using DES algorithm in computing environment
EP2702723B1 (en) System and method for data obfuscation in interception of communication with a cloud
CN116186108A (en) Method for supporting fuzzy query by encrypting sensitive field
CN110737912A (en) thesis duplicate checking method based on homomorphic encryption
Vengala et al. Three factor authentication system with modified ECC based secured data transfer: untrusted cloud environment
WO2022028255A1 (en) Data extraction method and system for mobile phone enterprise wechat, and storage medium
CN107733936B (en) Encryption method for mobile data
CN103428176A (en) Mobile user accessing mobile Internet application method and system and application server
US11101987B2 (en) Adaptive encryption for entity resolution
CN108512657B (en) Password generation method and device
US10885217B1 (en) Client microservice for secure and efficient searchable encryption
EP3683709A2 (en) Variable encryption techniques for secure and efficient searchable encryption

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20210810

Address after: 730000 floor 5, Keqing Science Park, 281 Yannan Road, Chengguan District, Lanzhou City, Gansu Province

Patentee after: Lanzhou Zhonghe Technology Co.,Ltd.

Address before: No. 27, fozuling Third Road, Donghu New Technology Development Zone, Wuhan City, Hubei Province 430200

Patentee before: WUHAN ZRTZ INFORMATION TECHNOLOGY Co.,Ltd.

TR01 Transfer of patent right