CN107483187A - A kind of data guard method and device based on credible password module - Google Patents

A kind of data guard method and device based on credible password module Download PDF

Info

Publication number
CN107483187A
CN107483187A CN201710651171.4A CN201710651171A CN107483187A CN 107483187 A CN107483187 A CN 107483187A CN 201710651171 A CN201710651171 A CN 201710651171A CN 107483187 A CN107483187 A CN 107483187A
Authority
CN
China
Prior art keywords
tcm
encryption
data
key
hardware keys
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710651171.4A
Other languages
Chinese (zh)
Inventor
许鑫
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Inspur Beijing Electronic Information Industry Co Ltd
Original Assignee
Inspur Beijing Electronic Information Industry Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Inspur Beijing Electronic Information Industry Co Ltd filed Critical Inspur Beijing Electronic Information Industry Co Ltd
Priority to CN201710651171.4A priority Critical patent/CN107483187A/en
Publication of CN107483187A publication Critical patent/CN107483187A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0877Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/76Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in application-specific integrated circuits [ASIC] or field-programmable devices, e.g. field-programmable gate arrays [FPGA] or programmable logic devices [PLD]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Mathematical Physics (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a kind of data guard method and device based on credible password module, methods described includes:Receive the instruction for accessing data;The the first default enciphering and deciphering algorithm decryption software encryption key used according to TCM hardware keys;The TCM hardware keys are pre-created, to encrypt the software cryptography key using TCM hardware keys;The software cryptography key is pre-created, to use the software cryptography encrypted data;The the second default enciphering and deciphering algorithm ciphertext data used according to the software cryptography key.When visitor wants to conduct interviews to data, it is necessary to first decrypt software cryptography key using TCM hardware keys, then reuse software cryptography secret key decryption data, the process of decryption becomes more complicated difficulty, so as to preferably protect the safety of data.Data and physical platform can also be bound using method provided by the present invention simultaneously, prevent encryption data and key data to be stolen.

Description

A kind of data guard method and device based on credible password module
Technical field
The present invention relates to information security field, more particularly to a kind of data guard method based on credible password module and Device.
Background technology
With the fast development of information technology and increasingly extensive, the people of the electronics applications including computer Life become more and more convenient, but the phenomenon of user data leakage is also following, the mode of leakage be also it is varied, And the baneful influence caused by these leakages is probably to retrieve, so the protection to data seems more and more important.
Nowadays people protect the mode of data that data are encrypted generally by software, are converted to data clear text close Text, but this cipher mode is carried out in computer-internal, is easier to be cracked by data theft person, so as to cause letting out for data Dew, it is limited to the degree of protection of data.
The content of the invention
It is an object of the invention to provide a kind of data guard method and device based on credible password module, to solve logarithm According to degree of protection it is limited the problem of.
In order to solve the above technical problems, the present invention provides a kind of data guard method based on credible password module, including:
Receive the instruction for accessing data;
The the first default enciphering and deciphering algorithm decryption software encryption key used according to TCM hardware keys;The TCM hardware is close Key is pre-created, to encrypt the software cryptography key using TCM hardware keys;The software cryptography key is advance Create, to use the software cryptography encrypted data;
The the second default enciphering and deciphering algorithm ciphertext data used according to the software cryptography key.
Alternatively, the described second default enciphering and deciphering algorithm is symmetrical enciphering and deciphering algorithm.
Alternatively, the symmetrical enciphering and deciphering algorithm is SM4 algorithms.
Alternatively, the described first default enciphering and deciphering algorithm is SM2 algorithms.
Alternatively, before TCM hardware keys are pre-created, in addition to:
TCM user identity is obtained, and judges whether to obtain successfully, if obtained successfully, it is close to create the TCM hardware Key, if acquisition is unsuccessful, return to TCM error message.
Alternatively, after the software cryptography key using the encryption of TCM hardware keys, in addition to:
Judge that the use TCM hardware keys encrypt whether the software cryptography key succeeds, if it fails, then utilizing The data of software cryptography secret key decryption encryption, and TCM error message is returned, so that user judges according to the error message Error reason, it is encrypted again, until encrypting successfully.
Present invention also offers a kind of data protecting device based on credible password module, including:Receiving module, encryption and decryption Module;
Wherein, the receiving module, the instruction of data is accessed for receiving;
The encryption/decryption module, for being pre-created software cryptography key, use software cryptography encrypted data;In advance TCM hardware keys are created, encrypt the software cryptography key using TCM hardware keys, and using TCM hardware keys encryption institute State the success of software cryptography key and delete software cryptography key afterwards;The the first default plus solution used according to the TCM hardware keys Close algorithm decryption software encryption key;The the second default enciphering and deciphering algorithm ciphertext data used according to the software cryptography key.
Alternatively, the second default enciphering and deciphering algorithm decryption that the encryption/decryption module uses according to the software cryptography key Data, including:
The SM4 algorithm ciphertext datas that the encryption/decryption module uses according to the software cryptography key.
Alternatively, the first default enciphering and deciphering algorithm decryption that the encryption/decryption module uses according to the TCM hardware keys Software cryptography key, including:
The SM2 algorithm decryption software encryption keys that the encryption/decryption module uses according to TCM hardware keys.
Alternatively, the encryption/decryption module, it is additionally operable to before TCM hardware keys are pre-created, obtains TCM user's body Part, and judge whether to obtain successfully, if obtained successfully, the TCM hardware keys are created, if acquisition is unsuccessful, are returned Return TCM error message;
The encryption/decryption module, it is additionally operable to after the software cryptography key using the encryption of TCM hardware keys, sentences Disconnected TCM hardware keys encrypt whether the software cryptography key succeeds, if it fails, then being added using software cryptography secret key decryption Close data, and TCM error message is returned, so that user judges error reason according to the error message, carry out again Encryption, until encrypting successfully.
Data guard method and device provided by the present invention based on credible password module, are added by being pre-created software Key, using software cryptography encrypted data, TCM hardware keys are pre-created, are added using TCM hardware keys encryption softwares Key, after the success of TCM hardware keys encryption softwares encryption key, software cryptography key source file is deleted, is not just had so There is method directly to obtain software cryptography key, when visitor wants to conduct interviews to data, it is necessary to first using TCM hardware keys Software cryptography key is decrypted, then reuses software cryptography secret key decryption data, the process of decryption becomes more complicated difficulty, So as to preferably protect the safety of data.Simultaneously can also be by data and physical platform using method provided by the present invention Binding, prevents encryption data and key data to be stolen.
Brief description of the drawings
, below will be to embodiment or existing for the clearer explanation embodiment of the present invention or the technical scheme of prior art The required accompanying drawing used is briefly described in technology description, it should be apparent that, drawings in the following description are only this hair Some bright embodiments, for those of ordinary skill in the art, on the premise of not paying creative work, can be with root Other accompanying drawings are obtained according to these accompanying drawings.
The flow chart for the data guard method based on credible password module that Fig. 1 is provided by the embodiment of the present invention;
Advance ciphering process in the data guard method based on credible password module that Fig. 2 is provided by the embodiment of the present invention Flow chart;
The structured flowchart for the data protecting device based on credible password module that Fig. 3 is provided by the embodiment of the present invention.
Embodiment
The core of the present invention is to provide a kind of data guard method and device based on credible password module, to solve logarithm According to degree of protection it is limited the problem of.
In order that those skilled in the art more fully understand the present invention program, with reference to the accompanying drawings and detailed description The present invention is described in further detail.Obviously, described embodiment is only part of the embodiment of the present invention, rather than Whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art are not making creative work premise Lower obtained every other embodiment, belongs to the scope of protection of the invention.
Referring to Fig. 1, the stream for the data guard method based on credible password module that Fig. 1 is provided by the embodiment of the present invention Cheng Tu, comprise the following steps:
Step 101:Receive the instruction for accessing data.
When visitor desires access to the data encrypted in equipment, TCM modules can be sent instructions to, TCM modules receive should Instruction, to carry out subsequent treatment.
Step 102:The the first default enciphering and deciphering algorithm decryption software encryption key used according to TCM hardware keys.
Because created in advance ciphering process, it is necessary to select a kind of enciphering and deciphering algorithm for TCM hardware keys by TCM modules TCM hardware keys are built, to use its encryption software encryption key, by software cryptography key from ciphertext is changed into plain text, are encrypted to After work(, the source file of software cryptography key is deleted, so when desiring access to data, it is necessary to first by software cryptography key solution It is close to come out.During decryption software encryption key, create what enciphering and deciphering algorithm is TCM hardware keys employ, decrypt also according to the calculation Software cryptography key is decrypted method.When creating TCM hardware keys, each TCM hardware keys have father's key, and one As use SMK keys as his father's key, but can also be that TCM hardware keys separately specify father key.
Step 103:The the second default enciphering and deciphering algorithm ciphertext data used according to software cryptography key.
Because created in advance ciphering process, it is necessary to select a kind of enciphering and deciphering algorithm for software cryptography key by equipment Software cryptography key, to use its encryption data, by data from ciphertext is changed into plain text, so being obtained in execution step 102 soft After part encryption key, it is desirable to which accessing data needs that data are decrypted according to the enciphering and deciphering algorithm that software cryptography key uses.
Above-mentioned technical proposal disclosed in the present application, after the success of TCM hardware keys encryption softwares encryption key, delete Software cryptography key source file, so just have no idea directly to obtain the plaintext of software cryptography key, and according to its decryption Data, visitor want to conduct interviews to data, it is necessary to first decrypt software cryptography key using TCM hardware keys, then Software cryptography secret key decryption data are reused, the process of decryption becomes more complicated difficulty, so as to preferably protect data Safety, while data and physical platform can also be bound, prevent encryption data and key data to be stolen.
The data guard method based on credible password module that the embodiment of the present invention is provided, it is advance in TCM hardware keys Before establishment, it can also include:
TCM user identity is obtained, and judges whether to obtain successfully, if obtained successfully, creates TCM hardware keys, If acquisition is unsuccessful, TCM error message is returned.
TCM user identity is obtained, and is judged whether to obtain successfully, can further improve the degree of protection to data.
The data guard method based on credible password module that the embodiment of the present invention is provided, using TCM hardware keys After encryption software encryption key, it can also include:
Whether judgement is succeeded using TCM hardware keys encryption software encryption keys, if it fails, then utilizing software cryptography The data of secret key decryption encryption, and TCM error message is returned, so that user judges error reason according to error message, then It is secondary to be encrypted, until encrypting successfully.
For the ease of a further understanding of the present invention, the present invention is carried out with reference to the embodiment of the present invention Detailed description.
It refer to Fig. 2, it is pre- in the data guard method based on credible password module that Fig. 2 is provided by the embodiment of the present invention The flow chart of first ciphering process, comprises the following steps:
Step 201:TCM user identity is obtained, acquisition is unsuccessful, performs step 202, obtains successfully, performs step 203。
The user identity of TCM modules is obtained by TCM_TakeOwnership instructions, the instruction can create SMK simultaneously Key, SMK keys can be as father's keys of TCM hardware keys.Obtain successfully explanation to have the right to carry out the operation of next step to it, obtain Take unsuccessful explanation can not carry out next step operation to it.
Step 202:Return to TCM error message.
Step 203:SM4 algorithms are selected to create software cryptography key.
Using sms4_set_encrypt_key interfaces in gmssl, software cryptography key is set.
SM4 algorithms are a kind of symmetric encipherment algorithms in national secret algorithm, and on system upper strata, selection uses symmetric encipherment algorithm, Can ensure encryption when efficiency, in addition to SM4 algorithms, other symmetry algorithms it is also ensured that encryption when efficiency, but select SM4 algorithms can ensure the uniformity with the key code system of TCM modules simultaneously, naturally it is also possible to select other asymmetric encryption to calculate Method, which kind of specifically chosen algorithm can't influence the realization of the present invention.
Step 204:Use software cryptography encrypted data.
Use sms4_ecb_encrypt interface cipherings data in gmssl.Now data are via being converted to ciphertext in plain text, But directly data can be decrypted after being obtained by people in itself also in plaintext state for software cryptography key.
Step 205:SM2 algorithms are selected to create TCM hardware keys.
TCM hardware keys are created by TCM_CreateWrapKey instructions.
Because TCM modules only support national secret algorithm system, so have selected SM2 algorithms here, naturally it is also possible to select state Other algorithms in close algorithm, this can't influence the realization of the present invention.
Step 206:Using TCM hardware keys encryption software encryption keys, encrypt successfully, into step 207, encryption not into Work(enters step 208.
Step 207:Delete software cryptography key source file.
Now, encrypted by TCM hardware keys, software cryptography key also by becoming for ciphertext, and set after deleting in plain text Software cryptography key is also not present in standby.
Step 208:Using software cryptography secret key decryption encrypted data, and return to TCM error message, step is performed Rapid 203.
Because it is possible that inputing authorization value by mistake so as to cause the situation of failed encryption when using TCM hardware keys, because Need to decrypt encrypted data, and return to TCM error message after this failure, user can sentence according to TCM error message The disconnected reason that makes mistake, is encrypted, until encrypting successfully again.
In the method encrypted in advance, step 203,204,205 orders performed are not necessarily according to described above suitable Sequence, software cryptography encrypted data is used as long as realizing, with TCM hardware keys encryption software encryption keys, for example may be used also First to create TCM hardware keys, software cryptography key is then created, software cryptography encrypted data is reused, finally makes again With TCM hardware keys encryption software encryption keys.Step 201 and matching step 202, step 208 are not necessarily to The step of execution, delete the realization that these steps do not interfere with the present invention yet.
The data protecting device provided in an embodiment of the present invention based on credible password module is introduced below, hereafter retouched The data protecting device based on credible password module stated and the above-described data guard method based on credible password module Can be mutually to should refer to.
It refer to Fig. 3, the knot for the data protecting device based on credible password module that Fig. 3 is provided by the embodiment of the present invention Structure block diagram, the data protecting device based on credible password module can include:Receiving module, encryption/decryption module;
Wherein receiving module receives the instruction for accessing data;
Encryption/decryption module is pre-created software cryptography key, uses software cryptography encrypted data;It is hard to be pre-created TCM Part key, using TCM hardware keys encryption software encryption keys, and using TCM hardware keys encryption software encryption keys into Software cryptography key is deleted after work(;The the first default enciphering and deciphering algorithm decryption software encryption used according to TCM hardware keys is close Key;The the second default enciphering and deciphering algorithm ciphertext data used according to software cryptography key.
In the data protecting device based on credible password module that the embodiment of the present invention is provided, encryption/decryption module can be with Before TCM hardware keys are pre-created, TCM user identity is obtained, and judges whether to obtain successfully, if obtained successfully, TCM hardware keys are then created, if acquisition is unsuccessful, return to TCM error message;Or TCM hardware can also used After key cryptography software encryption key, judge whether TCM hardware keys encryption software encryption keys succeed, if it fails, Then using the data of software cryptography secret key decryption encryption, and TCM error message is returned to, so that user judges according to error message Make mistake reason, is encrypted again, until encrypting successfully.
The data protecting device based on credible password module of the present embodiment is foregoing based on trusted cryptography's mould for realizing The data guard method of block, therefore the embodiment in the data protecting device based on credible password module is visible hereinbefore The data guard method based on credible password module embodiment part, for example, receiving module 301, encryption/decryption module 302 is divided Yong Yu not realize step 101 in the above-mentioned data guard method based on credible password module, 102 and 103 so, it is embodied Mode is referred to the description of corresponding various pieces embodiment, will not be repeated here.
Each embodiment is described by the way of progressive in this specification, what each embodiment stressed be with it is other The difference of embodiment, between each embodiment same or similar part mutually referring to.For dress disclosed in embodiment For putting, because it is corresponded to the method disclosed in Example, so description is fairly simple, related part is referring to method part Explanation.
Professional further appreciates that, with reference to the unit of each example of the embodiments described herein description And algorithm steps, can be realized with electronic hardware, computer software or the combination of the two, in order to clearly demonstrate hardware and The interchangeability of software, the composition and step of each example are generally described according to function in the above description.These Function is performed with hardware or software mode actually, application-specific and design constraint depending on technical scheme.Specialty Technical staff can realize described function using distinct methods to each specific application, but this realization should not Think beyond the scope of this invention.
The data guard method provided by the present invention based on credible password module and device have been carried out in detail above Introduce.Specific case used herein is set forth to the principle and embodiment of the present invention, the explanation of above example It is only intended to help the method and its core concept for understanding the present invention.It should be pointed out that the ordinary skill people for the art For member, under the premise without departing from the principles of the invention, some improvement and modification can also be carried out to the present invention, these improve and Modification is also fallen into the protection domain of the claims in the present invention.

Claims (10)

  1. A kind of 1. data guard method based on credible password module, it is characterised in that including:
    Receive the instruction for accessing data;
    The the first default enciphering and deciphering algorithm decryption software encryption key used according to TCM hardware keys;The TCM hardware keys are It is pre-created, to encrypt the software cryptography key using TCM hardware keys;The software cryptography key is to be pre-created , to use the software cryptography encrypted data;
    The the second default enciphering and deciphering algorithm ciphertext data used according to the software cryptography key.
  2. 2. the method as described in claim 1, it is characterised in that the described second default enciphering and deciphering algorithm is calculated for symmetrical encryption and decryption Method.
  3. 3. method as claimed in claim 2, it is characterised in that the symmetrical enciphering and deciphering algorithm is SM4 algorithms.
  4. 4. the method as described in claim 1, it is characterised in that the described first default enciphering and deciphering algorithm is SM2 algorithms.
  5. 5. the method as described in claim 1-4 any one, it is characterised in that before TCM hardware keys are pre-created, also Including:
    TCM user identity is obtained, and judges whether to obtain successfully, if obtained successfully, creates the TCM hardware keys, If acquisition is unsuccessful, TCM error message is returned.
  6. 6. the method as described in claim 1-4 any one, it is characterised in that use TCM hardware keys encryption institute described After stating software cryptography key, in addition to:
    Judge that the use TCM hardware keys encrypt whether the software cryptography key succeeds, if it fails, then utilizing software The data of encryption key decryption encryption, and TCM error message is returned, so that user judges to make mistake according to the error message Reason, it is encrypted again, until encrypting successfully.
  7. A kind of 7. data protecting device based on credible password module, it is characterised in that including:Receiving module, encryption/decryption module;
    Wherein, the receiving module, the instruction of data is accessed for receiving;
    The encryption/decryption module, for being pre-created software cryptography key, use software cryptography encrypted data;It is pre-created TCM hardware keys, the software cryptography key is encrypted using TCM hardware keys, and it is described soft being encrypted using TCM hardware keys Software cryptography key is deleted after the success of part encryption key;The the first default encryption and decryption used according to the TCM hardware keys is calculated Method decryption software encryption key;The the second default enciphering and deciphering algorithm ciphertext data used according to the software cryptography key.
  8. 8. device as claimed in claim 7, it is characterised in that the encryption/decryption module uses according to the software cryptography key The second default enciphering and deciphering algorithm ciphertext data, including:
    The SM4 algorithm ciphertext datas that the encryption/decryption module uses according to the software cryptography key.
  9. 9. device as claimed in claim 7, it is characterised in that the encryption/decryption module uses according to the TCM hardware keys The first default enciphering and deciphering algorithm decryption software encryption key, including:
    The SM2 algorithm decryption software encryption keys that the encryption/decryption module uses according to TCM hardware keys.
  10. 10. the device as described in claim 7-9 any one, it is characterised in that the encryption/decryption module, be additionally operable to advance Before creating TCM hardware keys, TCM user identity is obtained, and judges whether to obtain successfully, if obtained successfully, is created The TCM hardware keys, if acquisition is unsuccessful, return to TCM error message;
    The encryption/decryption module, it is additionally operable to after the software cryptography key using the encryption of TCM hardware keys, judges TCM hardware keys encrypt whether the software cryptography key succeeds, if it fails, then being encrypted using software cryptography secret key decryption Data, and return to TCM error message, so that user judges error reason according to the error message, added again It is close, until encrypting successfully.
CN201710651171.4A 2017-08-02 2017-08-02 A kind of data guard method and device based on credible password module Pending CN107483187A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710651171.4A CN107483187A (en) 2017-08-02 2017-08-02 A kind of data guard method and device based on credible password module

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710651171.4A CN107483187A (en) 2017-08-02 2017-08-02 A kind of data guard method and device based on credible password module

Publications (1)

Publication Number Publication Date
CN107483187A true CN107483187A (en) 2017-12-15

Family

ID=60597382

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710651171.4A Pending CN107483187A (en) 2017-08-02 2017-08-02 A kind of data guard method and device based on credible password module

Country Status (1)

Country Link
CN (1) CN107483187A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108133144A (en) * 2017-12-22 2018-06-08 浪潮(北京)电子信息产业有限公司 A kind of virtual disk files guard method, device, equipment and readable storage medium storing program for executing
CN108572861A (en) * 2018-04-26 2018-09-25 浪潮(北京)电子信息产业有限公司 A kind of guard method, system, equipment and the storage medium of virtual credible root
CN113609497A (en) * 2021-06-30 2021-11-05 荣耀终端有限公司 Data protection method and device

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102207999A (en) * 2010-03-29 2011-10-05 国民技术股份有限公司 Data protection method based on trusted computing cryptography support platform
CN102236756A (en) * 2011-05-09 2011-11-09 山东超越数控电子有限公司 File encryption method based on TCM (trusted cryptography module) and USBkey
US20140281509A1 (en) * 2013-03-15 2014-09-18 Novell, Inc. Techniques for secure data extraction in a virtual or cloud environment
CN106533663A (en) * 2016-11-01 2017-03-22 广东浪潮大数据研究有限公司 Data encryption method, encryption party device, data decryption method, and decryption party device
CN106570402A (en) * 2015-10-13 2017-04-19 深圳市中电智慧信息安全技术有限公司 Encryption module and process trusted measurement method

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102207999A (en) * 2010-03-29 2011-10-05 国民技术股份有限公司 Data protection method based on trusted computing cryptography support platform
CN102236756A (en) * 2011-05-09 2011-11-09 山东超越数控电子有限公司 File encryption method based on TCM (trusted cryptography module) and USBkey
US20140281509A1 (en) * 2013-03-15 2014-09-18 Novell, Inc. Techniques for secure data extraction in a virtual or cloud environment
CN106570402A (en) * 2015-10-13 2017-04-19 深圳市中电智慧信息安全技术有限公司 Encryption module and process trusted measurement method
CN106533663A (en) * 2016-11-01 2017-03-22 广东浪潮大数据研究有限公司 Data encryption method, encryption party device, data decryption method, and decryption party device

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108133144A (en) * 2017-12-22 2018-06-08 浪潮(北京)电子信息产业有限公司 A kind of virtual disk files guard method, device, equipment and readable storage medium storing program for executing
CN108572861A (en) * 2018-04-26 2018-09-25 浪潮(北京)电子信息产业有限公司 A kind of guard method, system, equipment and the storage medium of virtual credible root
CN113609497A (en) * 2021-06-30 2021-11-05 荣耀终端有限公司 Data protection method and device
CN113609497B (en) * 2021-06-30 2022-09-23 荣耀终端有限公司 Data protection method and device

Similar Documents

Publication Publication Date Title
US7516330B2 (en) Platform and method for establishing provable identities while maintaining privacy
CN1914849B (en) Trusted mobile platform architecture
JP2008520030A (en) Method, device and system for securely storing data
CN106101150B (en) The method and system of Encryption Algorithm
JP2007027896A (en) Communication card, secret information processing system, secret information transmission method, and program
CN106533663B (en) Data ciphering method, encryption method, apparatus and data decryption method, decryption method, apparatus
CN108718233B (en) Encryption method, computer equipment and storage medium
CN101950347A (en) Method and system for encrypting data
US20050069138A1 (en) Application program obfuscation
CN110401538A (en) Data ciphering method, system and terminal
CN107196907A (en) A kind of guard method of Android SO files and device
CN105468940A (en) Software protection method and apparatus
TW201003451A (en) Safety storage device with two-stage symmetrical encryption algorithm
CN107483187A (en) A kind of data guard method and device based on credible password module
WO2017050152A1 (en) Password security system adopted by mobile apparatus and secure password entering method thereof
WO2021018306A1 (en) Method and system for protecting authentication credentials
CN103929312A (en) Mobile terminal and method and system for protecting individual information of mobile terminal
CN109510702A (en) A method of it key storage based on computer characteristic code and uses
CN105825142A (en) Method and device for encrypting and decrypting documents in mobile terminal
CN100561913C (en) A kind of method of access code equipment
CN107276961A (en) A kind of method and device based on cipher algorithm encryption and ciphertext data
CN108809889B (en) Data deterministic deletion method based on data block random position negation
CN115801232A (en) Private key protection method, device, equipment and storage medium
CN109784072A (en) Security file management method and system
CN107994998A (en) A kind of authentication information encryption method and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20171215

RJ01 Rejection of invention patent application after publication