CN106789070A - The decryption method of data, device and terminal - Google Patents
The decryption method of data, device and terminal Download PDFInfo
- Publication number
- CN106789070A CN106789070A CN201611185054.5A CN201611185054A CN106789070A CN 106789070 A CN106789070 A CN 106789070A CN 201611185054 A CN201611185054 A CN 201611185054A CN 106789070 A CN106789070 A CN 106789070A
- Authority
- CN
- China
- Prior art keywords
- key
- data
- terminal
- encryption
- decryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
Decryption method, device and terminal the disclosure is directed to data, the method can include:When detecting the decryption oprerations for enabling terminal deciphering function, the unlocking pin that the decryption oprerations are used is obtained;First key is generated based on the unlocking pin;When the first key is with the second pre-stored key agreement, the encryption data stored in terminal is decrypted based on the first key, second key is based on the screen-lock password of validated user setting and generates.Using the embodiment of the present disclosure, the decryption to the encryption data in terminal is not only realized, and any data will not be lost, improve the data safety of terminal, provided users with the convenient, optimize Consumer's Experience.
Description
Technical field
This disclosure relates to the technical field of data security of terminal, more particularly to a kind of decryption method of data, device and end
End.
Background technology
In correlation technique, using the equipment of Android (Android) system, such as terminal all supports the data to data partition
The function being encrypted, but the method being decrypted to the data of data subregion is not provided with.Once user is to terminal example
After being encrypted such as mobile phone, if being no longer desire to use encryption function, or Crypted password is have forgotten, can only just reset hand
Machine, the data partition of mobile phone is reformatted, and could be deleted password, and into system, and the process for formatting can cause to lose
The data in terminal are lost, certain loss is caused to user, Consumer's Experience is not good enough.
The content of the invention
Present disclose provides a kind of decryption method of data, device and terminal, do not possess with terminal in overcoming correlation technique
Decryption function, can only cancel encryption function by formatting system, and this mode can cause to lose the defect of data.
According to the first aspect of the embodiment of the present disclosure, there is provided a kind of decryption method of data, including:
When detecting the decryption oprerations for enabling terminal deciphering function, the unlocking pin that the decryption oprerations are used is obtained;
First key is generated based on the unlocking pin;
When the first key is with the second pre-stored key agreement, based on the first key to storage in terminal
Encryption data is decrypted, and second key is based on the screen-lock password of validated user setting and generates.
In one embodiment, it is described detect the decryption oprerations for enabling terminal deciphering function before, methods described also includes:
When the cryptographic operation for enabling terminal encryption function is detected, the screen locking for receiving the validated user input is close
Code;
It is close based on AES and second generating random number second using the screen-lock password as the second random number
Key;
Store second key;
The data stored in the terminal are encrypted using second key, obtain the encryption data.
In one embodiment, it is described the data stored in the terminal are encrypted using second key, obtain
The encryption data, including:
It is successively read the data of each data block of the storage on the data partition of the terminal;
The data of each data block are encrypted based on second key, obtain encryption data.
In one embodiment, it is described that first key is generated based on the unlocking pin, including:
The unlocking pin is defined as the first random number;
Based on AES and the first generating random number first key.
In one embodiment, it is described the encryption data stored in terminal is decrypted based on first key, including:
Encryption data of the storage in the terminal is read in units of data block;
The encryption data of each data block is decrypted successively based on the first key and decipherment algorithm.
In one embodiment, it is described based on the first key and decipherment algorithm successively to the encryption of each data block
After data are decrypted, methods described also includes:
Determine the ciphertext data of each data block;
Determine the ciphertext data of each data block reading position before decryption;
The ciphertext data of each data block is written to corresponding reading position successively.
In one embodiment, methods described also includes:
When the first key is inconsistent with second key, the prompt message of unlocking pin is re-entered in output.
According to the second aspect of the embodiment of the present disclosure, there is provided a kind of decryption device of data, including:
Acquisition module, when being configured as detecting the decryption oprerations for enabling terminal deciphering function, obtains the decryption oprerations
The unlocking pin for using;
First generation module, is configured as generating first key based on the unlocking pin;
Deciphering module, is configured as when the first key is with the second pre-stored key agreement, based on described first
Key is decrypted to the encryption data stored in terminal, and second key is based on the screen-lock password of validated user setting and gives birth to
Into.
In one embodiment, described device also includes:
Receiver module, is configured as, when the cryptographic operation for enabling terminal encryption function is detected, receiving the legal use
The screen-lock password of family input;
Second generation module, is configured as the screen-lock password as the second random number, based on AES and described
Second the second key of generating random number;
Memory module, is configured as storage second key;
Encrypting module, is configured with second key and the data stored in the terminal is encrypted, and obtains
The encryption data.
In one embodiment, the encrypting module includes:
First reading submodule, is configured as being successively read each data block of storage on the data partition of the terminal
Data;
Encryption submodule, is configured as being encrypted the data of each data block based on second key, obtains
To encryption data.
In one embodiment, first generation module includes:
First determination sub-module, is configured as the unlocking pin being defined as the first random number;
First generation submodule, is configured as based on AES and the first generating random number first key.
In one embodiment, the deciphering module includes:
Second reading submodule, is configured as reading encryption data of the storage in the terminal in units of data block;
First decryption submodule, is configured as based on the first key and decipherment algorithm successively to the institute of each data block
Encryption data is stated to be decrypted.
In one embodiment, the deciphering module also includes:
Second determination sub-module, is configured to determine that the ciphertext data of each data block;
3rd determination sub-module, is configured to determine that the ciphertext data of each data block reading position before decryption
Put;
Write-in submodule, is configured as the ciphertext data of each data block being written to corresponding reading position successively.
In one embodiment, described device also includes:
Output module, is configured as when the first key is inconsistent with second key, and solution is re-entered in output
The prompt message of lock cipher.
According to the third aspect of the embodiment of the present disclosure, there is provided a kind of terminal, including:
Processor;
Memory for storing processor-executable instruction;
Wherein, the processor is configured as:
When detecting the decryption oprerations for enabling terminal deciphering function, the unlocking pin that the decryption oprerations are used is obtained;
First key is generated based on the unlocking pin;
When the first key is with the second pre-stored key agreement, based on the first key to storage in terminal
Encryption data is decrypted, and second key is based on the screen-lock password of validated user setting and generates.
The technical scheme provided by this disclosed embodiment can include the following benefits:
Terminal can be by when decryption oprerations are detected, generating first key, and incite somebody to action based on unlocking pin in the disclosure
First key is right compared with the screen-lock password for being in advance based on validated user setting generates the second key, if the two is consistent, base
It is decrypted in first key or the second key pair encryption data.Add with that can only be cancelled by way of formatting in correlation technique
Close function, can lose data and compare, and not only realize the decryption to the encryption data in terminal, and will not lose any number
According to, the data safety of terminal is improve, provide users with the convenient, optimize Consumer's Experience.
It should be appreciated that the general description of the above and detailed description hereinafter are only exemplary and explanatory, not
The disclosure can be limited.
Brief description of the drawings
Accompanying drawing herein is merged in specification and constitutes the part of this specification, shows the implementation for meeting the disclosure
Example, and it is used to explain the principle of the disclosure together with specification.
Figure 1A is a kind of decryption method flow chart of data of the disclosure according to an exemplary embodiment.
Figure 1B is that a kind of application scenarios of the decryption method of data of the disclosure according to an exemplary embodiment are illustrated
Figure.
Fig. 2 is a kind of decryption method flow chart of data of the disclosure according to an exemplary embodiment.
Fig. 3 is the decryption method flow chart of another data of the disclosure according to an exemplary embodiment.
Fig. 4 is the decryption method flow chart of another data of the disclosure according to an exemplary embodiment.
Fig. 5 is a kind of decryption device block diagram of data of the disclosure according to an exemplary embodiment.
Fig. 6 is the decryption device block diagram of another data of the disclosure according to an exemplary embodiment.
Fig. 7 is the decryption device block diagram of another data of the disclosure according to an exemplary embodiment.
Fig. 8 is the decryption device block diagram of another data of the disclosure according to an exemplary embodiment.
Fig. 9 is the decryption device block diagram of another data of the disclosure according to an exemplary embodiment.
Figure 10 is the decryption device block diagram of another data of the disclosure according to an exemplary embodiment.
Figure 11 is the decryption device block diagram of another data of the disclosure according to an exemplary embodiment.
Figure 12 is that an a kind of structure of decryption device for data of the disclosure according to an exemplary embodiment is shown
It is intended to.
Specific embodiment
Here exemplary embodiment will be illustrated in detail, its example is illustrated in the accompanying drawings.Following description is related to
During accompanying drawing, unless otherwise indicated, the same numbers in different accompanying drawings represent same or analogous key element.Following exemplary embodiment
Described in implementation method do not represent all implementation methods consistent with the disclosure.Conversely, they be only with it is such as appended
The example of the consistent apparatus and method of some aspects described in detail in claims, the disclosure.
The term used in the disclosure is the purpose only merely for description specific embodiment, and is not intended to be limiting the disclosure.
" one kind ", " described " and " being somebody's turn to do " of singulative used in disclosure and the accompanying claims book is also intended to include majority
Form, unless context clearly shows that other implications.It is also understood that term "and/or" used herein refers to and wraps
May be combined containing one or more associated any or all of project listed.
It will be appreciated that though various information, but this may be described using term first, second, third, etc. in the disclosure
A little information should not necessarily be limited by these terms.These terms are only used for being distinguished from each other open same type of information.For example, not departing from
In the case of disclosure scope, the first information can also be referred to as the second information, and similarly, the second information can also be referred to as
One information.Depending on linguistic context, word as used in this " if " can be construed to " ... when " or " when ...
When " or " in response to determining ".
As shown in Figure 1A, Figure 1A is a kind of decryption method flow chart of the data according to an exemplary embodiment, should
Method can be used in terminal, and the terminal in the disclosure can be any intelligent terminal with function of surfing the Net, for example, can have
Body is mobile phone, panel computer, PDA (Personal Digital Assistant, personal digital assistant) etc..Wherein, terminal can
With by WLAN couple in router, and by the server on router access public network.Figure 1B is exemplary according to one
A kind of application scenario diagram of the decryption method of data that implementation is exemplified, the method may comprise steps of 101-103:
In a step 101, when detecting the decryption oprerations for enabling terminal deciphering function, the unblock that decryption oprerations are used is obtained
Password.
In one embodiment, decryption oprerations are used for the screen of unlock terminal.Decryption oprerations can be such as:Input solution lock screen
Password, input unblock screen pattern, the input solution operation such as lock screen fingerprint, above solution lock screen password, unblock screen pattern and
Solution lock screen fingerprint may be collectively referred to as unlocking pin.When terminal detects decryption oprerations, the unblock that decryption oprerations are used is obtained
Password.
It should be noted that the user for performing decryption oprerations can be any user, can be the legitimate holder of terminal
It is disabled user to be likely to, and disabled user is not the holder of terminal.
In a step 102, first key is generated based on unlocking pin.
In one embodiment, terminal can generate first key by following manner:
Using unlocking pin as the first random number, based on AES and the first generating random number first key.
In one embodiment, AES mainly includes:Software levels AES and hardware level AES.Wherein software
Level AES can such as crypto_scrypt algorithms, hardware level AES then generally needs the support of terminal chip.
In step 103, when first key is with the second pre-stored key agreement, based on first key to being deposited in terminal
The encryption data of storage is decrypted, and second key is based on the screen-lock password of validated user setting and generates.
In one embodiment, whether terminal-pair first key is consistent with the second key is verified.
Wherein, the second key is the screen-lock password pre-set based on validated user and the key for generating, here legal
User is the holder of terminal, and only validated user can be provided for the screen-lock password of encryption.
Because first key is identical with the generation method of the second key, thus if user is decrypted what operation was used
Unlocking pin is consistent with the screen-lock password that validated user is set, then first key should be consistent with the second key.If first
Key and the second key are inconsistent, then illustrate that unlocking pin is inconsistent with the second screen-lock password, perform the user of decryption oprerations
It is likely to be disabled user.
In first key and the second key agreement, the encryption data in terminal is decrypted based on first key, can
It is with what is understood, it is also possible to the encryption data stored in terminal is decrypted based on the second key consistent with first key.
In one embodiment, the second key is obtained by following manner:
The tstab files for the carry option of each data partition in descriptive system preserved in reading system, and parse
Fstab files, the subregion where obtaining the second key for encryption data, for example:
/ dev/block/bootdevice/by-name/userdataencryptable=/dev/bl ock/
bootdevice/by-name/bak
Generally, behind encryptable keywords it is exactly data partition where ciphertext, i.e. encryption data, i.e.,
Above-mentioned bak subregions.Then, the second key is read out from bak subregions.
Additionally, when first key and the second key are inconsistent, possible user input is wrong, or the user is not terminal
Holder, thus terminal can export the prompt message for re-entering unlocking pin.
In an exemplary scenario, as shown in Figure 1B, using smart mobile phone as terminal as a example by it is illustrative, figure
In scene shown in 1B, including smart mobile phone.The smart mobile phone is detected for solving the decryption oprerations of lock screen, and obtains decryption
The used unlocking pin of operation, then, unlocking pin as the first random number is given birth to using AES and the first random number
Into first key.Terminal-pair first key and the second pre-stored key are verified, if first key and the second key one
Cause, then the encryption data for being stored on the data partition based on first key or the second key to terminal is decrypted, consequently facilitating
User enters system, checks data.Wherein the second key is to be based on the screen-lock password of validated user setting and generate.
It is specific how ciphertext data, refer to subsequent embodiment.
So far, the above method that the embodiment of the present disclosure is provided, can be close based on unlocking by when decryption oprerations are detected
Code generation first key, and by first key compared with the screen-lock password for being in advance based on validated user setting generates the second key
It is right, if the two is consistent, it is decrypted based on first key or the second key pair encryption data.Can only lead to correlation technique
Cross the mode for formatting and cancel encryption function, data can be lost and compared, not only realize the decryption to the encryption data in terminal,
And any data will not be lost, and the data safety of terminal is improve, provide users with the convenient, optimize Consumer's Experience.
Fig. 2 is the flow chart of the decryption method of the data according to an exemplary embodiment one;The present embodiment is using this
The above method that open embodiment is provided, it is illustrative as a example by how generating the second key, as shown in Fig. 2 including
Following steps 201-204:
In step 201, when the cryptographic operation for enabling terminal encryption function is detected, the lock of validated user input is received
Screen password.
In one embodiment, there can be the encryption such as screen-lock password, screen locking pattern, screen locking fingerprint in the setting function of terminal
Setting options, by these setting options, user can set screen-lock password, screen locking pattern, screen locking fingerprint etc..
Detect user these setting interfaces on carried out set operation when, terminal can determine user in terminal
The data of storage are encrypted.
In step 202., using screen-lock password as the second random number, based on AES and the second generating random number second
Key.
In one embodiment, terminal can be random based on AES and second using screen-lock password as the second random number
Number the second key of generation.The process of the key of generation second is identical with the process of the generation first key shown in Figure 1A.
In step 203, the second key is stored.
In one embodiment, terminal is stored the second key, when decryption oprerations are detected, to judge that unblock is close
Whether code is consistent with screen-lock password.
In step 204, the data stored in terminal are encrypted using the second key, obtain encryption data.
In one embodiment, terminal is encrypted using the data stored on the second data key subregion, is added
Ciphertext data.
So far, the embodiment of the present disclosure provide the above method, can by the setting function setting screen-lock password of terminal, and
Second key is generated based on screen-lock password, is encrypted with to the data on data partition, improve the safety of the data in terminal
Property.
Fig. 3 is the flow chart of the decryption method of the data according to an exemplary embodiment one;The present embodiment is using this
The above method that open embodiment is provided, it is illustrative so that the data stored in how to terminal are encrypted as an example,
As shown in figure 3, comprising the following steps 301-302:
In step 301, the data of each data block of the storage on data partition are successively read.
In one embodiment, there is at least one data partition for being used for data storage, generally userdata in terminal
Subregion.Each data partition can be divided into several data blocks, that is to say, that the data on data partition are entered in units of data block
Row storage.Thus data are encrypted and are also required to be read out in units of data block.
In step 302, the data of each data block based on the second key to reading are encrypted, and obtain encrypting number
According to.
In one embodiment, the data of each data block are encrypted using the second key, obtain encryption data, i.e., it is close
Text, that is to say, that after being encrypted to data, the data of data partition exist in the form of ciphertext.
Fig. 4 is the flow chart of the decryption method of the data according to an exemplary embodiment one;The present embodiment is using this
The above method that open embodiment is provided, how to generate first key and be entered to the encryption data in terminal based on first key
Illustrated as a example by row decryption, as shown in figure 4, comprising the following steps 401-407:
In step 401, using the first screen-lock password as the first random number.
In one embodiment, first key and the second key agreement, thus illustrate that the current decryption oprerations of user are used
Screen-lock password be correct, be that validated user pre-sets, validated user here can be understood as the holder of terminal.
Thus operation can be decrypted to encryption data based on first screen-lock password.
In step 402, based on AES and the first generating random number first key.
In one embodiment, AES can include such as crypto_scrypt algorithms.
In step 403, the encryption data on data block as unit reading terminals.
In step 404, the encryption data of each data block is decrypted successively based on first key and decipherment algorithm.
In step 405, the ciphertext data of each data block is determined.
In one embodiment, after being decrypted to encryption data, the ciphertext data of each data block is obtained.
In a step 406, the ciphertext data of each data block reading position before decryption is determined.
In step 407, the ciphertext data of each data block is written to corresponding reading position successively.
In one embodiment, after being decrypted to encryption data, before the ciphertext data that will be obtained writes back decryption successively
The position of storage.
In one embodiment, the application scenarios of the disclosure can be such as:Some functions of terminal are unavailable, for example, shut down noisy
Clock is unavailable, and the method that can be provided by the disclosure under this scene is decrypted;Some of such as terminal are applied or work(again
The level of security of energy is higher, such as mailbox, then in first use, terminal can be pointed out to be encrypted operation, and again
During using the function, prompting is decrypted operation;For example it is decrypted operation when lock screen is solved again;For example forget Password again,
Or be not desired to be continuing be decrypted operation during encryption function.
Decryption method embodiment with aforementioned data is corresponding, and the disclosure additionally provides the decryption device of data and its answers
The embodiment of terminal.
As shown in figure 5, Fig. 5 is a kind of decryption device block diagram of data of the disclosure according to an exemplary embodiment,
The device can apply in terminal, and the method for performing Figure 1A illustrated embodiments, and the device can include:Acquisition module
510th, the first generation module 520 and deciphering module 530.
Acquisition module 510, when being configured as detecting the decryption oprerations for enabling terminal deciphering function, obtaining decryption oprerations makes
Unlocking pin;
First generation module 520, is configured as the unlocking pin generation first key obtained based on acquisition module 510;
Deciphering module 530, is configured as the first key and the second pre-stored key in the generation of the first generation module 520
When consistent, the encryption data stored in terminal is decrypted based on first key, second key is set based on validated user
Screen-lock password and generate.
In above-described embodiment, terminal can generate first key by when decryption oprerations are detected based on unlocking pin,
And first key is right compared with the screen-lock password for being in advance based on validated user setting generates the second key, if the two is consistent,
Then it is decrypted based on first key or the second key pair encryption data.Can only be taken by way of formatting with correlation technique
Disappear encryption function, can lose data and compare, and not only realizes the decryption to the encryption data in terminal, and will not lose any
Data, improve the data safety of terminal, provide users with the convenient, and optimize Consumer's Experience.
As shown in fig. 6, Fig. 6 is the decryption device frame of another data of the disclosure according to an exemplary embodiment
Figure, on the basis of foregoing embodiment illustrated in fig. 5, the device can also include the embodiment:Receiver module 540, second is generated
Module 550, memory module 560 and encrypting module 570.
Receiver module 540, is configured as, when the cryptographic operation for enabling terminal encryption function is detected, receiving validated user
The screen-lock password of input;
Second generation module 550, is configured as the screen-lock password that receives receiver module 540 as the second random number, base
In AES and second the second key of generating random number;
Memory module 560, is configured as storing the second key of the generation of the second generation module 550;
Encrypting module 570, the second key for being configured with the storage of memory module 560 enters to the data stored in terminal
Row encryption, obtains encryption data.
In above-described embodiment, can be by the setting function setting screen-lock password of terminal, and based on screen-lock password generation the
Two keys, are encrypted with to the data on data partition, improve the security of the data in terminal.
As shown in fig. 7, Fig. 7 is the decryption device frame of another data of the disclosure according to an exemplary embodiment
Figure, on the basis of foregoing embodiment illustrated in fig. 6, encrypting module 570 can include the embodiment:First reading submodule 571
With encryption submodule 572.
First reading submodule 571, is configured as being successively read each data block of storage on the data partition of terminal
Data;
Encryption submodule 572, is configured as each data block read to the first reading submodule 571 based on the second key
Data be encrypted, obtain encryption data.
As shown in figure 8, Fig. 8 is the decryption device frame of another data of the disclosure according to an exemplary embodiment
Figure, on the basis of foregoing embodiment illustrated in fig. 5, the first generation module 520 can include the embodiment:First determination sub-module
521 and first generate submodule 522.
First determination sub-module 521, is configured as unlocking pin being defined as the first random number;
First generation submodule 522, be configured as based on AES and the first determination sub-module 521 determine first with
Machine number generates first key.
As shown in figure 9, Fig. 9 is the decryption device frame of another data of the disclosure according to an exemplary embodiment
Figure, on the basis of foregoing embodiment illustrated in fig. 5, deciphering module 530 can include the embodiment:Second reading submodule 531
With the first decryption submodule 532.
Second reading submodule 531, is configured as reading encryption data of the storage in terminal in units of data block;
First decryption submodule 532, is configured as based on first key and decipherment algorithm successively to the second reading submodule
The encryption data of 531 each data block for reading is decrypted.
As shown in Figure 10, Figure 10 is the decryption device frame of another data of the disclosure according to an exemplary embodiment
Figure, on the basis of foregoing embodiment illustrated in fig. 9, deciphering module 530 also includes the embodiment:Second determination sub-module 533,
Three determination sub-modules 534 and write-in submodule 535.
Second determination sub-module 533, is configured to determine that the ciphertext data of each data block;
3rd determination sub-module 534, is configured to determine that the decryption of each data block determined by the second determination sub-module 533
Data reading position before decryption;
Write-in submodule 535, is configured as the ciphertext data of each data block being written to the 3rd determination sub-module 534 successively
The corresponding reading position for determining.
As shown in figure 11, Figure 11 is the decryption device frame of another data of the disclosure according to an exemplary embodiment
Figure, on the basis of foregoing embodiment illustrated in fig. 5, the device can also include the embodiment:Output module 580.
Output module 580, is configured as when first key and the second key are inconsistent, and unlocking pin is re-entered in output
Prompt message.
The decryption device embodiment of the data shown in above-mentioned Fig. 5 to Figure 11 can be using in the terminal.
The function of unit and the implementation process of effect correspond to step in specifically referring to the above method in said apparatus
Implementation process, will not be repeated here.
For device embodiment, because it corresponds essentially to embodiment of the method, so related part is referring to method reality
Apply the part explanation of example.Device embodiment described above is only schematical, wherein described as separating component
The unit of explanation can be or may not be physically separate, and the part shown as unit can be or can also
It is not physical location, you can with positioned at a place, or can also be distributed on multiple NEs.Can be according to reality
Selection some or all of module therein is needed to realize the purpose of disclosure scheme.Those of ordinary skill in the art are not paying
In the case of going out creative work, you can to understand and implement.
Accordingly, the disclosure also provides a kind of terminal, and the terminal includes processor;Be can perform for storing processor
The memory of instruction;Wherein, the processor is configured as:
When detecting the decryption oprerations for enabling terminal deciphering function, the unlocking pin that the decryption oprerations are used is obtained;
First key is generated based on the unlocking pin;
When the first key is with the second pre-stored key agreement, based on the first key to storage in terminal
Encryption data is decrypted, and second key is based on the screen-lock password of validated user setting and generates.
As shown in figure 12, Figure 12 is a kind of decryption device for data of the disclosure according to an exemplary embodiment
1200 structural representation.For example, device 1200 can be the mobile phone with routing function, computer, digital broadcasting
Terminal, messaging devices, game console, tablet device, Medical Devices, body-building equipment, personal digital assistant etc..
Reference picture 12, device 1200 can include following one or more assemblies:Processing assembly 1202, memory 1204,
Power supply module 1206, multimedia groupware 1208, audio-frequency assembly 1210, the interface 1212 of input/output (I/O), sensor cluster
1214, and communication component 1216.
The integrated operation of the usual control device 1200 of processing assembly 1202, such as with display, call, data communication,
Camera operation and the associated operation of record operation.Processing assembly 1202 can include one or more processors 1220 to perform
Instruction, to complete all or part of step of above-mentioned method.Additionally, processing assembly 1202 can include one or more moulds
Block, is easy to the interaction between processing assembly 1202 and other assemblies.For example, processing assembly 1202 can include multi-media module,
To facilitate the interaction between multimedia groupware 1208 and processing assembly 1202.
Memory 1204 is configured as storing various types of data supporting the operation in device 1200.These data
Instruction of the example including any application program or method for being operated on device 1200, contact data, telephone book data,
Message, picture, video etc..Memory 1204 can by any kind of volatibility or non-volatile memory device or they
Combination realizes, such as static RAM (SRAM), Electrically Erasable Read Only Memory (EEPROM), it is erasable can
Program read-only memory (EPROM), programmable read only memory (PROM), read-only storage (ROM), magnetic memory, flash memory
Reservoir, disk or CD.
Power supply module 1206 provides electric power for the various assemblies of device 1200.Power supply module 1206 can include power management
System, one or more power supplys, and other generate, manage and distribute the component that electric power is associated with for device 1200.
Multimedia groupware 1208 is included in one screen of output interface of offer between described device 1200 and user.
In some embodiments, screen can include liquid crystal display (LCD) and touch panel (TP).If screen includes touch panel,
Screen may be implemented as touch-screen, to receive the input signal from user.Touch panel includes that one or more touches are passed
Sensor is with the gesture on sensing touch, slip and touch panel.The touch sensor can not only sensing touch or slip be dynamic
The border of work, but also the detection duration related to the touch or slide and pressure.In certain embodiments, it is many
Media component 1208 includes a front camera and/or rear camera.When device 1200 is in operator scheme, mould is such as shot
When formula or video mode, front camera and/or rear camera can receive outside multi-medium data.Each preposition shooting
Head and rear camera can be a fixed optical lens systems or with focusing and optical zoom capabilities.
Audio-frequency assembly 1210 is configured as output and/or input audio signal.For example, audio-frequency assembly 1210 includes a wheat
Gram wind (MIC), when device 1200 is in operator scheme, such as call model, logging mode and speech recognition mode, microphone quilt
It is configured to receive external audio signal.The audio signal for being received can be further stored in memory 1204 or via communication
Component 1216 sends.In certain embodiments, audio-frequency assembly 1210 also includes a loudspeaker, for exports audio signal.
I/O interfaces 1212 are that interface, above-mentioned peripheral interface module are provided between processing assembly 1202 and peripheral interface module
Can be keyboard, click wheel, button etc..These buttons may include but be not limited to:Home button, volume button, start button and
Locking press button.
Sensor cluster 1214 includes one or more sensors, and the state for providing various aspects for device 1200 is commented
Estimate.For example, sensor cluster 1214 can detect the opening/closed mode of device 1200, the relative positioning of component, such as institute
Display and keypad that component is device 1200 are stated, sensor cluster 1214 can be with detection means 1200 or device 1,200 1
The position of individual component changes, and user is presence or absence of with what device 1200 was contacted, the orientation of device 1200 or acceleration/deceleration and dress
Put 1200 temperature change.Sensor cluster 1214 can include proximity transducer, be configured to without any physics
The presence of object nearby is detected during contact.Sensor cluster 1214 can also include optical sensor, and such as CMOS or ccd image are sensed
Device, for being used in imaging applications.In certain embodiments, the sensor cluster 1214 can also include acceleration sensing
Device, gyro sensor, Magnetic Sensor, pressure sensor, microwave remote sensor or temperature sensor.
Communication component 1216 is configured to facilitate the communication of wired or wireless way between device 1200 and other equipment.Dress
Putting 1200 can access the wireless network based on communication standard, such as WiFi, 2G or 3G, or combinations thereof.It is exemplary at one
In embodiment, communication component 1216 receives broadcast singal or broadcast correlation from external broadcasting management system via broadcast channel
Information.In one exemplary embodiment, the communication component 1216 also includes near-field communication (NFC) module, to promote short distance
Communication.For example, radio frequency identification (RFID) technology, Infrared Data Association (IrDA) technology, ultra wide band can be based in NFC module
(UWB) technology, bluetooth (BT) technology and other technologies are realized.
In the exemplary embodiment, device 1200 can be by one or more application specific integrated circuits (ASIC), numeral
Signal processor (DSP), digital signal processing appts (DSPD), PLD (PLD), field programmable gate array
(FPGA), controller, microcontroller, microprocessor or other electronic components realization, for performing the above method.
In the exemplary embodiment, a kind of non-transitorycomputer readable storage medium including instructing, example are additionally provided
Such as include the memory 1204 of instruction, above-mentioned instruction can be performed to complete the above method by the processor 1220 of device 1200.Example
Such as, the non-transitorycomputer readable storage medium can be ROM, random access memory (RAM), CD-ROM, tape, soft
Disk and optical data storage devices etc..
The processor 1220 is configured as:
When detecting the decryption oprerations for enabling terminal deciphering function, the unlocking pin that the decryption oprerations are used is obtained;
First key is generated based on the unlocking pin;
When the first key is with the second pre-stored key agreement, based on the first key to storage in terminal
Encryption data is decrypted, and second key is based on the screen-lock password of validated user setting and generates.
Those skilled in the art will readily occur to its of the disclosure after considering specification and putting into practice invention disclosed herein
Its embodiment.The disclosure is intended to any modification, purposes or the adaptations of the disclosure, these modifications, purposes or
Person's adaptations follow the general principle of the disclosure and including the undocumented common knowledge in the art of the disclosure
Or conventional techniques.Description and embodiments are considered only as exemplary, and the true scope of the disclosure and spirit are by following
Claim is pointed out.
The preferred embodiment of the disclosure is the foregoing is only, is not used to limit the disclosure, all essences in the disclosure
Within god and principle, any modification, equivalent substitution and improvements done etc. should be included within the scope of disclosure protection.
Claims (15)
1. a kind of decryption method of data, it is characterised in that including:
When detecting the decryption oprerations for enabling terminal deciphering function, the unlocking pin that the decryption oprerations are used is obtained;
First key is generated based on the unlocking pin;
When the first key is with the second pre-stored key agreement, the encryption based on the first key to being stored in terminal
Data are decrypted, and second key is based on the screen-lock password of validated user setting and generates.
2. method according to claim 1, it is characterised in that described to detect the decryption oprerations for enabling terminal deciphering function
Before, methods described also includes:
When the cryptographic operation for enabling terminal encryption function is detected, the screen-lock password of the validated user input is received;
Using the screen-lock password as the second random number, based on AES and the key of the second generating random number second;
Store second key;
The data stored in the terminal are encrypted using second key, obtain the encryption data.
3. method according to claim 2, it is characterised in that it is described using second key to being stored in the terminal
Data be encrypted, obtain the encryption data, including:
It is successively read the data of each data block of the storage on the data partition of the terminal;
The data of each data block are encrypted based on second key, obtain encryption data.
4. method according to claim 1, it is characterised in that described that first key, bag are generated based on the unlocking pin
Include:
The unlocking pin is defined as the first random number;
Based on AES and the first generating random number first key.
5. method according to claim 1, it is characterised in that it is described based on first key to the encryption number that is stored in terminal
According to being decrypted, including:
Encryption data of the storage in the terminal is read in units of data block;
The encryption data of each data block is decrypted successively based on the first key and decipherment algorithm.
6. method according to claim 5, it is characterised in that described right successively based on the first key and decipherment algorithm
After the encryption data of each data block is decrypted, methods described also includes:
Determine the ciphertext data of each data block;
Determine the ciphertext data of each data block reading position before decryption;
The ciphertext data of each data block is written to corresponding reading position successively.
7. method according to claim 1, it is characterised in that methods described also includes:
When the first key is inconsistent with second key, the prompt message of unlocking pin is re-entered in output.
8. the decryption device of a kind of data, it is characterised in that including:
Acquisition module, when being configured as detecting the decryption oprerations for enabling terminal deciphering function, obtains the decryption oprerations and uses
Unlocking pin;
First generation module, is configured as generating first key based on the unlocking pin;
Deciphering module, is configured as when the first key is with the second pre-stored key agreement, based on the first key
Encryption data to being stored in terminal is decrypted, and second key is based on the screen-lock password of validated user setting and generates.
9. device according to claim 8, it is characterised in that described device also includes:
Receiver module, is configured as, when the cryptographic operation for enabling terminal encryption function is detected, receiving the validated user defeated
The screen-lock password for entering;
Second generation module, is configured as the screen-lock password as the second random number, based on AES and described second
The key of generating random number second;
Memory module, is configured as storage second key;
Encrypting module, is configured with second key and the data stored in the terminal is encrypted, and obtains described
Encryption data.
10. device according to claim 9, it is characterised in that the encrypting module includes:
First reading submodule, is configured as being successively read the number of each data block of the storage on the data partition of the terminal
According to;
Encryption submodule, is configured as being encrypted the data of each data block based on second key, is added
Ciphertext data.
11. devices according to claim 8, it is characterised in that first generation module includes:
First determination sub-module, is configured as the unlocking pin being defined as the first random number;
First generation submodule, is configured as based on AES and the first generating random number first key.
12. devices according to claim 8, it is characterised in that the deciphering module includes:
Second reading submodule, is configured as reading encryption data of the storage in the terminal in units of data block;
First decryption submodule, is configured as based on the first key and decipherment algorithm successively to adding described in each data block
Ciphertext data is decrypted.
13. devices according to claim 12, it is characterised in that the deciphering module also includes:
Second determination sub-module, is configured to determine that the ciphertext data of each data block;
3rd determination sub-module, is configured to determine that the ciphertext data of each data block reading position before decryption;
Write-in submodule, is configured as the ciphertext data of each data block being written to corresponding reading position successively.
14. devices according to claim 8, it is characterised in that described device also includes:
Output module, is configured as when the first key is inconsistent with second key, and it is close that unblock is re-entered in output
The prompt message of code.
A kind of 15. terminals, it is characterised in that including:Processor;Memory for storing processor-executable instruction;Wherein,
The processor is configured as:
When detecting the decryption oprerations for enabling terminal deciphering function, the unlocking pin that the decryption oprerations are used is obtained;
First key is generated based on the unlocking pin;
When the first key is with the second pre-stored key agreement, the encryption based on the first key to being stored in terminal
Data are decrypted, and second key is based on the screen-lock password of validated user setting and generates.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611185054.5A CN106789070A (en) | 2016-12-20 | 2016-12-20 | The decryption method of data, device and terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611185054.5A CN106789070A (en) | 2016-12-20 | 2016-12-20 | The decryption method of data, device and terminal |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106789070A true CN106789070A (en) | 2017-05-31 |
Family
ID=58894078
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201611185054.5A Pending CN106789070A (en) | 2016-12-20 | 2016-12-20 | The decryption method of data, device and terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106789070A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109564615A (en) * | 2018-10-31 | 2019-04-02 | 算丰科技(北京)有限公司 | Loading method, device, equipment and the storage medium of model data |
| CN110929252A (en) * | 2019-11-22 | 2020-03-27 | 福建金密网络安全测评技术有限公司 | Algorithm and random number detection system |
| CN112912881A (en) * | 2018-08-28 | 2021-06-04 | 西门子股份公司 | Method for storing key data in an electronic component |
| CN115037456A (en) * | 2021-11-19 | 2022-09-09 | 荣耀终端有限公司 | Data protection method and system and electronic equipment |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102075327A (en) * | 2010-12-21 | 2011-05-25 | 北京握奇数据系统有限公司 | Method, device and system for unlocking electronic key |
| CN102098391A (en) * | 2011-04-01 | 2011-06-15 | 成都市华为赛门铁克科技有限公司 | Communication terminal and communication information processing method thereof |
| CN102254127A (en) * | 2011-08-11 | 2011-11-23 | 华为技术有限公司 | Method, device and system for encrypting and decrypting files |
| CN102930188A (en) * | 2012-10-12 | 2013-02-13 | 中兴通讯股份有限公司南京分公司 | Screen unlocking method and device as well as terminal |
| CN103677598A (en) * | 2012-09-10 | 2014-03-26 | 广东新岸线计算机系统芯片有限公司 | Touch screen and method and device for achieving touch unlocking on same |
| CN104239809A (en) * | 2013-06-17 | 2014-12-24 | 中兴通讯股份有限公司 | File protecting method, file protecting device, file decryption method, file decryption device and terminal |
| CN106126986A (en) * | 2016-06-15 | 2016-11-16 | 北京小米移动软件有限公司 | Lock unlocking processing method and the device of data partition |
| CN106156639A (en) * | 2016-06-28 | 2016-11-23 | 北京小米移动软件有限公司 | Data partition encryption method and device |
-
2016
- 2016-12-20 CN CN201611185054.5A patent/CN106789070A/en active Pending
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102075327A (en) * | 2010-12-21 | 2011-05-25 | 北京握奇数据系统有限公司 | Method, device and system for unlocking electronic key |
| CN102098391A (en) * | 2011-04-01 | 2011-06-15 | 成都市华为赛门铁克科技有限公司 | Communication terminal and communication information processing method thereof |
| CN102254127A (en) * | 2011-08-11 | 2011-11-23 | 华为技术有限公司 | Method, device and system for encrypting and decrypting files |
| CN103677598A (en) * | 2012-09-10 | 2014-03-26 | 广东新岸线计算机系统芯片有限公司 | Touch screen and method and device for achieving touch unlocking on same |
| CN102930188A (en) * | 2012-10-12 | 2013-02-13 | 中兴通讯股份有限公司南京分公司 | Screen unlocking method and device as well as terminal |
| CN104239809A (en) * | 2013-06-17 | 2014-12-24 | 中兴通讯股份有限公司 | File protecting method, file protecting device, file decryption method, file decryption device and terminal |
| CN106126986A (en) * | 2016-06-15 | 2016-11-16 | 北京小米移动软件有限公司 | Lock unlocking processing method and the device of data partition |
| CN106156639A (en) * | 2016-06-28 | 2016-11-23 | 北京小米移动软件有限公司 | Data partition encryption method and device |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112912881A (en) * | 2018-08-28 | 2021-06-04 | 西门子股份公司 | Method for storing key data in an electronic component |
| US12058254B2 (en) | 2018-08-28 | 2024-08-06 | Siemens Aktiengesellschaft | Method for storing key data in an electronic component |
| CN109564615A (en) * | 2018-10-31 | 2019-04-02 | 算丰科技(北京)有限公司 | Loading method, device, equipment and the storage medium of model data |
| CN109564615B (en) * | 2018-10-31 | 2023-05-02 | 北京算能科技有限公司 | Method, device, equipment and storage medium for loading model data |
| CN110929252A (en) * | 2019-11-22 | 2020-03-27 | 福建金密网络安全测评技术有限公司 | Algorithm and random number detection system |
| CN110929252B (en) * | 2019-11-22 | 2021-10-26 | 福建金密网络安全测评技术有限公司 | Algorithm and random number detection system |
| CN115037456A (en) * | 2021-11-19 | 2022-09-09 | 荣耀终端有限公司 | Data protection method and system and electronic equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103916233B (en) | A kind of information ciphering method and device | |
| CN104219058B (en) | Authentication, identification authorization method and device | |
| CN108269334A (en) | Method for unlocking, terminal device and smart lock | |
| CN104573550A (en) | Method and device for protecting data | |
| CN105847243A (en) | Method and device for accessing smart camera | |
| CN104093119B (en) | unlocking method and device | |
| CN104318177A (en) | Protection method and protection device for data of terminal equipment | |
| CN104965732B (en) | Desktop starts method and device | |
| EP3367286A1 (en) | Methods, apparatuses, computer program and recording medium for protecting information | |
| CN107798231A (en) | Display methods, device, terminal and the storage medium of operation interface | |
| CN106789070A (en) | The decryption method of data, device and terminal | |
| CN106909827A (en) | Using account management method and device | |
| CN108022349A (en) | Information input method, equipment, smart lock and storage medium | |
| KR20210016259A (en) | Method, apparatus and media for controlling door guards | |
| CN104219053A (en) | Information displaying method, information concealing method and information concealing device | |
| CN106446653A (en) | Application authority management method and device and electronic equipment | |
| CN106126986A (en) | Lock unlocking processing method and the device of data partition | |
| CN105046127A (en) | Encryption and decryption method and apparatus | |
| CN105681365B (en) | Method and apparatus for file transmission | |
| CN105282162A (en) | Processing method and device for account management business | |
| CN106611112A (en) | Application program safe processing method, device and equipment | |
| CN107423378A (en) | Image display method and device | |
| CN106534551A (en) | Information display method and apparatus | |
| CN106845199A (en) | Object authentication method and device | |
| CN106709284A (en) | Root package validation method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170531 |