CN108038383B - File encryption method, file decryption method and device - Google Patents

File encryption method, file decryption method and device Download PDF

Info

Publication number
CN108038383B
CN108038383B CN201711189759.9A CN201711189759A CN108038383B CN 108038383 B CN108038383 B CN 108038383B CN 201711189759 A CN201711189759 A CN 201711189759A CN 108038383 B CN108038383 B CN 108038383B
Authority
CN
China
Prior art keywords
instruction
file
machine
preset
encoding format
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201711189759.9A
Other languages
Chinese (zh)
Other versions
CN108038383A (en
Inventor
梁家辉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Dingxiang Technology Co ltd
Original Assignee
Beijing Dingxiang Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Dingxiang Technology Co ltd filed Critical Beijing Dingxiang Technology Co ltd
Priority to CN201711189759.9A priority Critical patent/CN108038383B/en
Publication of CN108038383A publication Critical patent/CN108038383A/en
Application granted granted Critical
Publication of CN108038383B publication Critical patent/CN108038383B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides a file encryption method, a file decryption method and a file decryption device, and relates to the technical field of computers. The file encryption method comprises the following steps: obtaining a first file to be encrypted; acquiring a preset decoding machine instruction corresponding to the first file and a preset encoding format instruction corresponding to a machine encryption instruction for encrypting the first file; decoding the preset encoding format instruction into the machine encryption instruction based on the preset decoding machine instruction; encrypting the first file based on the machine encryption instruction to obtain a first encrypted file. The file encryption method, the file decryption method and the file decryption device can strengthen the protection of an encryption algorithm, a decryption algorithm and a secret key, thereby improving the safety of data transmission and storage.

Description

File encryption method, file decryption method and device
Technical Field
The invention relates to the technical field of computers, in particular to a file encryption method, a file decryption method and a file decryption device.
Background
In the internet of today, there is a huge amount of data, and the storage and transmission of the huge amount of data are not independent of data encryption and data decryption. Encryption and decryption of data necessarily involves an encryption algorithm, a decryption algorithm, and a key. Thus, the security of the keys and algorithms implies the security of the data.
The existing method for encrypting or decrypting the file is to directly encrypt or decrypt the file according to a machine instruction generated after compiling. And a hacker can acquire the read machine instruction and then reversely analyze the machine instruction by using a reverse analysis technology, so that a specific algorithm and a specific key for encryption or decryption are obtained, the specific encryption algorithm, decryption algorithm and key are leaked, and the security of data is reduced.
Disclosure of Invention
In view of this, embodiments of the present invention provide a file encryption method, a file decryption method, and a device.
In order to achieve the purpose, the technical scheme adopted by the invention is as follows:
in a first aspect, an embodiment of the present invention provides a file encryption method, where the method includes: obtaining a first file to be encrypted; acquiring a preset decoding machine instruction corresponding to the first file and a preset encoding format instruction corresponding to a machine encryption instruction for encrypting the first file; decoding the preset encoding format instruction into the machine encryption instruction based on the preset decoding machine instruction; encrypting the first file based on the machine encryption instruction to obtain a first encrypted file.
In a second aspect, an embodiment of the present invention provides a file decryption method, where the method includes: obtaining a first encrypted file; acquiring a preset decoding machine instruction corresponding to the first encrypted file and a preset encoding format instruction corresponding to a machine decryption instruction for decrypting the first encrypted file; decoding the preset encoding format instruction into the machine decryption instruction based on the preset decoding machine instruction; decrypting the first encrypted file based on the machine decryption instruction to obtain a first file.
In a third aspect, an embodiment of the present invention provides a file encryption apparatus, where the file encryption apparatus includes: the device comprises a first file acquisition module, a first instruction acquisition module, a first decoding execution module and an encryption execution module, wherein the first file acquisition module is used for acquiring a first file to be encrypted; the first instruction acquisition module is used for acquiring a preset decoding machine instruction corresponding to the first file and a preset encoding format instruction corresponding to a machine encryption instruction used for encrypting the first file; the first decoding execution module is used for decoding the preset encoding format instruction into the machine encryption instruction based on the preset decoding machine instruction; the encryption execution module is configured to encrypt the first file based on the machine encryption instruction to obtain a first encrypted file.
In a fourth aspect, an embodiment of the present invention provides a file decryption apparatus, where the apparatus includes: the device comprises a second file acquisition module, a second instruction acquisition module, a second decoding execution module and a decryption execution module, wherein the second file acquisition module is used for acquiring a first encrypted file to be decrypted; the second instruction acquisition module is used for acquiring a preset decoding machine instruction corresponding to the first encrypted file and a preset encoding format instruction corresponding to a machine decryption instruction for decrypting the first encrypted file; the second decoding execution module is used for decoding the preset encoding format instruction into the machine decryption instruction based on the preset decoding machine instruction; the decryption execution module is used for decrypting the first encrypted file based on the machine decryption instruction to obtain a first file.
According to the file encryption method, the file decryption method and the file decryption device provided by the embodiment of the invention, the first file to be encrypted is obtained, then the preset decoding machine instruction corresponding to the first file and the preset encoding format instruction corresponding to the machine encryption instruction for encrypting the first file are obtained, then the preset encoding format instruction is decoded into the machine encryption instruction based on the preset decoding machine instruction, and finally the first file is encrypted based on the machine encryption instruction, so that the first encrypted file is obtained. Therefore, in the process of encrypting the file, the obtained instruction is a preset decoding machine instruction and a preset encoding format instruction corresponding to the machine encryption instruction, and the file can be encrypted only by decoding the preset encoding format instruction by reusing, so that the protection of the encrypted code of the file is improved, and the safety of data is improved accordingly.
In order to make the aforementioned and other objects, features and advantages of the present invention comprehensible, preferred embodiments accompanied with figures are described in detail below.
Drawings
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
FIG. 1 is a block diagram of an electronic device provided by an embodiment of the invention;
FIG. 2 is a flow chart of a file encryption method provided by an embodiment of the invention;
fig. 3 shows a flowchart of step S120 in the file encryption method provided by the embodiment of the present invention;
FIG. 4 is a flowchart illustrating a file decryption method according to an embodiment of the present invention;
fig. 5 is a flowchart illustrating step S220 in the file decryption method according to the embodiment of the present invention;
FIG. 6 is a block diagram of a file encryption apparatus provided by an embodiment of the present invention;
fig. 7 is a block diagram illustrating a first instruction obtaining module in the file encryption apparatus according to the embodiment of the present invention;
fig. 8 is a block diagram showing a file decryption apparatus according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. The components of embodiments of the present invention generally described and illustrated in the figures herein may be arranged and designed in a wide variety of different configurations. Thus, the following detailed description of the embodiments of the present invention, presented in the figures, is not intended to limit the scope of the invention, as claimed, but is merely representative of selected embodiments of the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present invention without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures. Meanwhile, in the description of the present invention, the terms "first", "second", and the like are used only for distinguishing the description, and are not to be construed as indicating or implying relative importance.
Fig. 1 shows a block diagram of an electronic device applicable to an embodiment of the present invention. As shown in FIG. 1, electronic device 100 includes a memory 102, a memory controller 104, one or more processors 106 (only one shown), a peripherals interface 108, a radio frequency module 110, an audio module 112, a display unit 114, and the like. These components communicate with each other via one or more communication buses/signal lines 116.
The memory 102 may be used to store software programs and modules, such as program instructions/modules corresponding to the file encryption method, the file decryption method, and the device in the embodiments of the present invention, and the processor 106 executes various functional applications and data processing, such as the file encryption method and the file decryption method provided in the embodiments of the present invention, by running the software programs and modules stored in the memory 102.
The memory 102 may include high speed random access memory, and may also include non-volatile memory, such as one or more magnetic storage devices, flash memory, or other non-volatile solid-state memory. Access to the memory 102 by the processor 106, and possibly other components, may be under the control of the memory controller 104.
The peripheral interface 108 couples various input/output devices to the processor 106 as well as to the memory 102. In some embodiments, the peripheral interface 108, the processor 106, and the memory controller 104 may be implemented in a single chip. In other examples, they may be implemented separately from the individual chips.
The rf module 110 is used for receiving and transmitting electromagnetic waves, and implementing interconversion between the electromagnetic waves and electrical signals, so as to communicate with a communication network or other devices.
Audio module 112 provides an audio interface to a user that may include one or more microphones, one or more speakers, and audio circuitry.
The display unit 114 provides a display interface between the electronic device 100 and a user. In particular, display unit 114 displays video output to the user, the content of which may include text, graphics, video, and any combination thereof.
It will be appreciated that the configuration shown in FIG. 1 is merely illustrative and that electronic device 100 may include more or fewer components than shown in FIG. 1 or have a different configuration than shown in FIG. 1. The components shown in fig. 1 may be implemented in hardware, software, or a combination thereof.
In the existing scheme for protecting the algorithm and the key for encrypting and decrypting the data in the data encrypting and decrypting process, the encryption and decryption algorithm and the key are subjected to code obfuscation or code hiding and the like to improve the security, so that the purpose of safe encryption and decryption is achieved. The code confusion or code mode is finally executed by standard binary instructions, and the analysis time length of a reverse analyst is not qualitatively changed.
First embodiment
Fig. 2 shows a flowchart of a file encryption method according to an embodiment of the present invention. Referring to fig. 2, the file encryption method includes:
step S110: a first file to be encrypted is obtained.
When encrypting a file, a first file to be encrypted is obtained first. The first file to be encrypted comprises data to be encrypted.
In the embodiment of the present invention, the first file to be encrypted may be a file transmitted to the electronic device by another device connected to the electronic device, may also be a file input by a user on the electronic device, and may also be a file stored in the electronic device.
Of course, the obtaining manner of the first file to be encrypted is not limited in the embodiment of the present invention. The specific content in the first file to be encrypted is not limited in the embodiment of the present invention.
Step S120: and acquiring a preset decoding machine instruction corresponding to the first file and a preset encoding format instruction corresponding to a machine encryption instruction for encrypting the first file.
After obtaining the first file to be encrypted, an instruction for encrypting the first file needs to be obtained. The instructions for encrypting the first file comprise preset decoding machine instructions corresponding to the first file and preset encoding format instructions corresponding to the machine encryption instructions for encrypting the first file.
In the embodiment of the present invention, a preset decoding machine instruction corresponding to the first file, and a preset encoding format instruction corresponding to a machine encryption instruction for encrypting the first file may be stored in a location for storing the run file. It can be understood that the preset decoding machine instruction and the preset encoding format instruction corresponding to the machine encryption instruction for encrypting the first file may be stored to a position of the running file generated after the compiling, so that the preset decoding machine instruction and the preset encoding format instruction corresponding to the machine encryption instruction may be obtained when the runnable file is called in the encryption process.
In the embodiment of the present invention, the preset encoding format instruction corresponding to the machine encryption instruction may be a position where the machine encryption instruction is stored in an executable file after being encoded in advance. Therefore, in this embodiment of the present invention, before step S120, the file encryption method may further include:
and coding the machine encryption instruction into the preset coding format instruction based on a preset coding machine instruction corresponding to the preset decoding machine instruction, and storing the preset coding format instruction.
It can be understood that the machine encryption instruction is encoded by using a pre-stored preset encoding machine instruction, where the preset encoding machine instruction corresponds to the preset decoding machine instruction, so that the preset encoding format instruction can be obtained. And storing the obtained preset encoding format instruction to the position of an executable file, namely the position of the executable instruction generated after compiling.
In the embodiment of the present invention, the machine encryption instruction may be a machine instruction corresponding to each of the plurality of algorithms. The plurality of algorithms may be encryption algorithms, such as RSA algorithm, AES algorithm, DES algorithm, 3-DES algorithm, etc.
Of course, the specific algorithm corresponding to the machine encryption instruction is not limited in the embodiment of the present invention, and may be selected according to actual requirements.
In the embodiment of the present invention, the preset encoding machine instruction is used to encode the machine encryption instruction to obtain the preset encoding format instruction, which may be to encode specific content in the machine encryption instruction to make the machine encryption instruction become a machine instruction that cannot be directly run or a machine instruction that does not have a specific meaning of the machine instruction, and the expression form of the preset encoding format instruction is the expression form of the machine instruction.
For example, an add instruction in an encryption algorithm is a 1+1, and its corresponding machine instruction is 0001345600010001, where the first 0001 is an opcode, 3456 is a memory address of a, and the second 0001 and third 0001 are specific operands. After the machine instruction corresponding to the addition instruction is encoded by using a preset encoding machine instruction, the instructions in the preset encoding format are 010000110001 and 010000110001, wherein 0100 represents the addition operation, 0011 represents the register number, and 0001 represents the operand.
Thus, the instructions in the preset encoding format can be machine instructions which do not have the specific meaning of the machine instructions, but have the same expression form as the machine instructions. In the subsequent operation, a preset decoding instruction corresponding to the preset encoding instruction decodes the preset encoding format instruction, and the preset encoding format instruction is translated into the original machine encryption instruction.
In this embodiment of the present invention, specific contents of the specific preset encoding machine instruction and the specific preset decoding instruction are not limited in this embodiment of the present invention, and a process of encoding the machine encryption instruction into the preset encoding format instruction based on the preset encoding machine instruction is not limited in this embodiment of the present invention.
And then, storing a preset decoding machine instruction and a preset encoding format instruction obtained by encoding the machine encryption instruction based on the preset encoding machine instruction in an executable file as a machine instruction called during encryption. Therefore, the machine instruction called during encryption can be a preset decoding machine instruction and a preset encoding format instruction, and a hacker still needs to crack the preset decoding machine instruction and the preset encoding format instruction after acquiring the preset decoding machine instruction and the preset encoding format instruction, so that the machine instruction corresponding to the original encryption algorithm and the key can be obtained, and the code protection is enhanced.
In the embodiment of the present invention, a plurality of aliases may be set, and the plurality of aliases respectively correspond to a specific encryption algorithm and a specific key.
For example, the alias may be bob, boy, jack, etc. The alias may correspond to a specific encryption algorithm and key, bob may correspond to DES algorithm and key0, boy may correspond to 3-DES algorithm and key1, and jack may correspond to AES algorithm and key 2.
It should be noted that the above aliases and the corresponding relationship between the aliases and the specific encryption algorithm and key are only examples. The specific alias and the corresponding relationship between the specific alias and the specific encryption algorithm and key are not limited in the embodiment of the present invention.
In addition, the default decoded machine instruction may also correspond to aliases, where the default decoded machine instruction corresponding to each alias may be the same default decoded machine instruction.
In the embodiment of the present invention, referring to fig. 3, step S120 may include:
step S121: and acquiring a preset file identifier of the first file.
In this embodiment of the present invention, the obtained preset file identifier of the first file may be the alias described above. The preset file identifier for acquiring the first file may be input by the user, or may be the preset file identifier synchronously acquired when the first file is acquired in step S110.
Of course, the specific manner of obtaining the preset file identifier of the first file is not limited in the embodiment of the present invention.
Step S122: and acquiring a preset decoding machine instruction corresponding to the first file and a preset encoding format instruction corresponding to a machine encryption instruction for encrypting the first file based on the preset file identifier.
It is understood that the corresponding preset decoding machine instructions can be queried according to the preset file identification, and the encryption algorithm and the key used for encryption can be queried. And determining a preset encoding format instruction corresponding to the machine encryption instruction used for encryption according to the encryption algorithm and the secret key.
By setting the alias and the corresponding relationship between the alias and the specific encryption algorithm and key, the encryption algorithm and key specifically used by each file can be different, and thus the protection of the code can be enhanced.
Step S130: decoding the preset encoding format instruction into the machine encryption instruction based on the preset decoding machine instruction.
It can be understood that, after the preset decoding machine instruction and the preset encoding format instruction corresponding to the machine encryption instruction for encrypting the first file are obtained, the preset decoding machine instruction is a machine instruction that can be directly run. Therefore, the decoding of the preset encoding format instruction by using the preset decoding machine instruction can be realized, that is, the preset encoding format instruction is translated to obtain the original machine encryption instruction.
For example, instruction 010000110001, 010000110001 in the default encoding format is decoded by the default decoded machine instruction to obtain 0001345600010001 as the corresponding machine instruction.
Thus, machine encryption instructions that specifically encrypt the first file may be obtained.
Step S140: encrypting the first file based on the machine encryption instruction to obtain a first encrypted file.
After the original encryption algorithm and the machine encryption instruction corresponding to the key are obtained, a specific encryption operation may be performed on the first file according to the encryption algorithm and the machine encryption instruction corresponding to the key, so as to obtain a first encrypted file.
In the file encryption method provided by the first embodiment of the present invention, since the obtained instruction is the preset encoding format instruction corresponding to the preset decoding machine instruction and the machine encryption instruction used for encryption, since the expression form of the obtained instruction is still the machine instruction expression form and is obtained from the executable file position, a hacker may mistakenly obtain the machine instruction directly used for encryption, and actually obtain the preset decoding machine instruction and the preset encoding format instruction, and after obtaining the preset decoding machine instruction and the preset encoding format instruction, the hacker still needs to crack the preset decoding machine instruction and the preset encoding format instruction to obtain the machine instruction corresponding to the original encryption algorithm and the key. Therefore, the protection of the code can be strengthened, and the data security is improved along with the improvement of the security degree of the code.
Second embodiment
Fig. 4 shows a flowchart of a file decryption method according to an embodiment of the present invention. Referring to fig. 4, the file decryption method includes:
step S210: a first encrypted file to be decrypted is obtained.
When decrypting a file, a first encrypted file to be decrypted is first obtained. Wherein the first encrypted file to be decrypted includes encrypted data to be decrypted.
In the embodiment of the present invention, the first encrypted file to be decrypted may be a file transmitted to the electronic device by another device connected to the electronic device, may also be a file input by a user on the electronic device, and may also be a file stored in the electronic device.
Of course, the manner of obtaining the first encrypted file to be decrypted is not limited in the embodiment of the present invention. The specific content in the first encrypted file to be decrypted is not limiting in embodiments of the invention.
Step S220: and acquiring a preset decoding machine instruction corresponding to the first encrypted file and a preset encoding format instruction corresponding to a machine decryption instruction for decrypting the first encrypted file.
After obtaining the first encrypted file to be decrypted, instructions for decrypting the first encrypted file need to be obtained. The instructions for decrypting the first encrypted file include a predetermined decode machine instruction corresponding to the first encrypted file and a predetermined encoding format instruction corresponding to a machine decrypt instruction for decrypting the first encrypted file.
In an embodiment of the present invention, the preset decoding machine instruction corresponding to the first encrypted file and the preset encoding format instruction corresponding to the machine decryption instruction for decrypting the first encrypted file may be stored in a location for storing the run file. It can be understood that the preset decoding machine instruction and the preset encoding format instruction corresponding to the machine decryption instruction for decrypting the first encrypted file may be stored to a position of the running file generated after the compiling, so that the preset decoding machine instruction and the preset encoding format instruction corresponding to the machine decryption instruction may be obtained when the runnable file is called in the decryption process.
In this embodiment of the present invention, in the embodiment of the present invention, the preset encoding format instruction corresponding to the machine decryption instruction may be a position where the machine decryption instruction is stored in an executable file after being encoded in advance. Therefore, in this embodiment of the present invention, before step S220, the file encryption method may further include: and coding the machine decryption instruction into the preset coding format instruction based on a preset coding machine instruction corresponding to the preset decoding machine instruction, and storing the preset coding format instruction.
It can be understood that the machine decryption instruction is encoded by using a pre-stored pre-encoded machine instruction, where the pre-encoded machine instruction corresponds to the pre-encoded machine instruction, so that a pre-encoded format instruction can be obtained. And storing the obtained preset encoding format instruction to the position of an executable file, namely the position of the executable instruction generated after compiling.
In the embodiment of the present invention, the machine decryption instruction may be a machine instruction corresponding to each of the plurality of algorithms. Of course, the specific algorithm corresponding to the machine decryption instruction is not limited in the embodiment of the present invention, and may be selected according to actual requirements.
In the embodiment of the present invention, the preset encoding machine instruction is used to encode the machine decryption instruction to obtain the preset encoding format instruction, which may be to encode specific content in the machine decryption instruction to make the specific content become a machine instruction that cannot be directly run or a machine instruction that does not have a specific meaning of the machine instruction, and the expression form of the preset encoding format instruction is the expression form of the machine instruction.
Thus, the instructions in the preset encoding format can be machine instructions which do not have the specific meaning of the machine instructions, but have the same expression form as the machine instructions. In the subsequent operation, a preset decoding instruction corresponding to the preset encoding instruction decodes the preset encoding format instruction, and the preset encoding format instruction is translated into an original machine decryption instruction.
In this embodiment of the present invention, specific contents of the specific preset encoding machine instruction and the preset decoding instruction are not limited in this embodiment of the present invention, and a process of encoding the machine decryption instruction into the preset encoding format instruction based on the preset encoding machine instruction is not limited in this embodiment of the present invention.
And then, storing the preset decoding machine instruction and a preset encoding format instruction obtained by encoding the machine decryption instruction based on the preset encoding machine instruction in an executable file, wherein the preset encoding format instruction is used as a machine instruction called during decryption. Therefore, the machine instruction called during decryption can be a preset decoding machine instruction and a preset encoding format instruction, and a hacker still needs to crack the preset decoding machine instruction and the preset encoding format instruction after acquiring the preset decoding machine instruction and the preset encoding format instruction, so that the machine instruction corresponding to the original decryption algorithm and the key can be obtained, and the code protection is enhanced.
In the embodiment of the present invention, a plurality of aliases may be set, and the plurality of aliases respectively correspond to a specific decryption algorithm and a specific key.
For example, the alias may be bob, boy, jack, etc. The alias may correspond to a specific decryption algorithm and key, bob may correspond to DES algorithm and key0, boy may correspond to 3-DES algorithm and key1, and jack may correspond to AES algorithm and key 2.
It should be noted that the above aliases and the corresponding relationship between the aliases and the specific decryption algorithm and key are only examples. The specific alias and the corresponding relationship between the specific alias and the specific decryption algorithm and key are not limited in the embodiment of the present invention.
In addition, the default decoded machine instruction may also correspond to aliases, where the default decoded machine instruction corresponding to each alias may be the same default decoded machine instruction.
In the embodiment of the present invention, referring to fig. 5, step S220 may include:
step S221: and acquiring a preset file identifier of the first encrypted file.
In an embodiment of the present invention, the obtained preset file identifier of the first encrypted file may be the alias described above. The preset file identifier for acquiring the first encrypted file may be input by the user, or may be the preset file identifier synchronously acquired when the first encrypted file is acquired in step S110.
Of course, the specific manner of obtaining the preset file identifier of the first encrypted file is not limited in the embodiment of the present invention.
Step S222: and acquiring a preset decoding machine instruction corresponding to the first encrypted file and a preset encoding format instruction corresponding to a machine encryption instruction for decrypting the first encrypted file based on the preset file identifier.
It is understood that the corresponding preset decoding machine instructions can be queried according to the preset file identification, and the decryption algorithm and the key for decryption can be queried. And determining a preset encoding format instruction corresponding to the machine decryption instruction for decryption according to the decryption algorithm and the secret key.
By setting the alias and the corresponding relationship between the alias and the specific decryption algorithm and key, the decryption algorithm and key specifically used by each file can be different, and thus the protection of the code can be enhanced.
Step S230: decoding the preset encoding format instruction into the machine decryption instruction based on the preset decoding machine instruction.
It can be understood that, after the preset decoding machine instruction and the preset encoding format instruction corresponding to the machine decryption instruction for decrypting the first encrypted file are obtained, the preset decoding machine instruction is a machine instruction that can be directly run. Therefore, the decoding of the preset encoding format instruction by using the preset decoding machine instruction can be realized, that is, the preset encoding format instruction is translated to obtain the original machine decryption instruction.
Thus, machine encryption instructions that specifically encrypt the first file may be obtained.
Step S240: decrypting the first encrypted file based on the machine decryption instruction to obtain a first file.
After the original decryption algorithm and the machine decryption instruction corresponding to the key are obtained, a specific decryption operation may be performed on the first encrypted file according to the decryption algorithm and the machine decryption instruction corresponding to the key, so as to obtain the first file.
Third embodiment
A third embodiment of the present invention provides a file encryption apparatus 200, referring to fig. 6, the file encryption apparatus 200 includes: a first file obtaining module 210, a first instruction obtaining module 220, a first decoding execution module 230, and an encryption execution module 240. The first file obtaining module 210 is configured to obtain a first file to be encrypted; the first instruction obtaining module 220 is configured to obtain a preset decoding machine instruction corresponding to the first file and a preset encoding format instruction corresponding to a machine encryption instruction used for encrypting the first file; the first decode execution module 230 is configured to decode the preset encoding format instruction into the machine encryption instruction based on the preset decoding machine instruction; the encryption execution module 240 is configured to encrypt the first file based on the machine encryption instruction to obtain a first encrypted file.
In an embodiment of the present invention, referring to fig. 7, the first instruction obtaining module 220 may include a first file identifier obtaining unit 221 and a first instruction obtaining execution unit 222. The first file identifier obtaining unit 221 is configured to obtain a preset file identifier of the first file; the first instruction obtaining and executing unit 222 is configured to obtain, based on the preset file identifier, a preset decoding machine instruction corresponding to the first file, and a preset encoding format instruction corresponding to a machine encryption instruction used for encrypting the first file.
In the embodiment of the present invention, the file encryption apparatus 200 may further include a first code execution module. The first encoding execution module is used for encoding the machine encryption instruction into the preset encoding format instruction based on a preset encoding machine instruction corresponding to the preset decoding machine instruction, and storing the preset encoding format instruction.
Fourth embodiment
A fourth embodiment of the present invention provides a file decryption apparatus 300, referring to fig. 8, wherein the file decryption apparatus 300 includes: a second file obtaining module 310, a second instruction obtaining module 320, a second decoding executing module 330, and a decryption executing module 340. Wherein the second file obtaining module 310 is configured to obtain a first encrypted file to be decrypted; the second instruction obtaining module 320 is configured to obtain a preset decoding machine instruction corresponding to the first encrypted file and a preset encoding format instruction corresponding to a machine decryption instruction for decrypting the first encrypted file; the second decode execution module 330 is configured to decode the preset encoding format instruction into the machine decryption instruction based on the preset decoding machine instruction; the decryption execution module 340 is configured to decrypt the first encrypted file based on the machine decryption instruction to obtain a first file.
In this embodiment of the present invention, the second instruction obtaining module 320 may include a second file identifier obtaining unit and a second instruction obtaining execution unit. The second instruction acquisition module is used for acquiring a preset file identifier of the first encrypted file; the second instruction obtaining and executing unit is used for obtaining a preset decoding machine instruction corresponding to the first encrypted file based on the preset file identification and a preset encoding format instruction corresponding to a machine encryption instruction used for decrypting the first encrypted file.
In this embodiment of the present invention, the file decryption apparatus 300 may further include a second code execution module. The second encoding execution module is used for encoding the machine decryption instruction into the preset encoding format instruction based on a preset encoding machine instruction corresponding to the preset decoding machine instruction, and storing the preset encoding format instruction.
To sum up, the file encryption method, the file decryption method and the file decryption apparatus provided in the embodiments of the present invention obtain a first file to be encrypted, then obtain a preset decoding machine instruction corresponding to the first file, and a preset encoding format instruction corresponding to a machine encryption instruction used for encrypting the first file, then decode the preset encoding format instruction into the machine encryption instruction based on the preset decoding machine instruction, and finally encrypt the first file based on the machine encryption instruction, so as to obtain a first encrypted file. In the file encryption process, the obtained instruction is a preset decoding machine instruction and a preset encoding format instruction corresponding to the machine encryption instruction, and the file can be encrypted only by decoding the preset encoding format instruction by reusing, so that the protection of the file encryption code is improved, and the data security is improved along with the improvement of the security of the code.
It should be noted that, in the present specification, the embodiments are all described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments may be referred to each other. For the device-like embodiment, since it is basically similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus and method can be implemented in other ways. The apparatus embodiments described above are merely illustrative, and for example, the flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of apparatus, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In addition, the functional modules in the embodiments of the present invention may be integrated together to form an independent part, or each module may exist separately, or two or more modules may be integrated to form an independent part.
The functions, if implemented in the form of software functional modules and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes. It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The above description is only a preferred embodiment of the present invention and is not intended to limit the present invention, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention. It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures.
The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and all the changes or substitutions should be covered within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.

Claims (7)

1. A method for encrypting a file, the method comprising:
obtaining a first file to be encrypted;
acquiring a preset decoding machine instruction corresponding to the first file and a preset encoding format instruction corresponding to a machine encryption instruction for encrypting the first file, wherein the preset decoding machine instruction and the preset encoding format instruction are stored in an executable file, and the preset decoding machine instruction and the preset encoding format instruction are acquired by calling the executable file in an encryption process, wherein the preset decoding machine instruction and the preset encoding format instruction are machine instructions without specific meaning of the machine instructions, and the expression form of the preset encoding format instruction is the same as that of the machine instructions;
decoding the preset encoding format instruction into the machine encryption instruction based on the preset decoding machine instruction;
encrypting the first file based on the machine encryption instruction to obtain a first encrypted file.
2. The method of claim 1, wherein before obtaining the preset decoding machine instruction corresponding to the first file and the preset encoding format instruction corresponding to the machine encryption instruction for encrypting the first file, the method further comprises:
and coding the machine encryption instruction into the preset coding format instruction based on a preset coding machine instruction corresponding to the preset decoding machine instruction, and storing the preset coding format instruction.
3. A method for decrypting a file, the method comprising:
obtaining a first encrypted file to be decrypted;
acquiring a preset decoding machine instruction corresponding to the first encrypted file and a preset encoding format instruction corresponding to a machine decryption instruction for decrypting the first encrypted file, wherein the preset decoding machine instruction and the preset encoding format instruction are stored in an executable file, and the preset decoding machine instruction and the preset encoding format instruction are acquired by calling the executable file in a decryption process, wherein the preset decoding machine instruction and the preset encoding format instruction are machine instructions without specific meaning of the machine instructions, and the expression form of the preset encoding format instruction is the same as that of the machine instructions;
decoding the preset encoding format instruction into the machine decryption instruction based on the preset decoding machine instruction;
decrypting the first encrypted file based on the machine decryption instruction to obtain a first file.
4. The method of claim 3, wherein before the obtaining the preset decoding machine instruction corresponding to the first file and the preset encoding format instruction corresponding to the machine decryption instruction for decrypting the first encrypted file, the method further comprises:
and coding the machine decryption instruction into the preset coding format instruction based on a preset coding machine instruction corresponding to the preset decoding machine instruction, and storing the preset coding format instruction.
5. A file encryption apparatus, characterized in that the file encryption apparatus comprises: a first file obtaining module, a first instruction obtaining module, a first decoding execution module and an encryption execution module,
the first file acquisition module is used for acquiring a first file to be encrypted;
the first instruction obtaining module is used for obtaining a preset decoding machine instruction corresponding to the first file and a preset encoding format instruction corresponding to a machine encryption instruction used for encrypting the first file, the preset decoding machine instruction and the preset encoding format instruction are stored in an executable file, and the preset decoding machine instruction and the preset encoding format instruction are obtained by calling the executable file in an encryption process, wherein the preset decoding machine instruction and the preset encoding format instruction are machine instructions without specific meaning of the machine instructions, and the representation form of the preset encoding format instruction is the same as that of the machine instructions;
the first decoding execution module is used for decoding the preset encoding format instruction into the machine encryption instruction based on the preset decoding machine instruction;
the encryption execution module is configured to encrypt the first file based on the machine encryption instruction to obtain a first encrypted file.
6. The apparatus according to claim 5, further comprising a first encoding execution module, configured to encode the machine encryption instruction into the preset encoding format instruction based on a preset encoding machine instruction corresponding to the preset decoding machine instruction, and store the preset encoding format instruction.
7. An apparatus for decrypting a file, the apparatus comprising: a second file obtaining module, a second instruction obtaining module, a second decoding execution module and a decryption execution module, wherein,
the second file acquisition module is used for acquiring a first encrypted file to be decrypted;
the second instruction obtaining module is configured to obtain a preset decoding machine instruction corresponding to the first encrypted file and a preset encoding format instruction corresponding to a machine decryption instruction for decrypting the first encrypted file, where the preset decoding machine instruction and the preset encoding format instruction are stored in an executable file, and obtain the preset decoding machine instruction and the preset encoding format instruction by calling the executable file in a decryption process, where the preset decoding machine instruction and the preset encoding format instruction are machine instructions that do not have a specific meaning of the machine instruction, and an expression form of the preset encoding format instruction is the same as an expression form of the machine instruction;
the second decoding execution module is used for decoding the preset encoding format instruction into the machine decryption instruction based on the preset decoding machine instruction;
the decryption execution module is used for decrypting the first encrypted file based on the machine decryption instruction to obtain a first file.
CN201711189759.9A 2017-11-24 2017-11-24 File encryption method, file decryption method and device Active CN108038383B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711189759.9A CN108038383B (en) 2017-11-24 2017-11-24 File encryption method, file decryption method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711189759.9A CN108038383B (en) 2017-11-24 2017-11-24 File encryption method, file decryption method and device

Publications (2)

Publication Number Publication Date
CN108038383A CN108038383A (en) 2018-05-15
CN108038383B true CN108038383B (en) 2020-08-11

Family

ID=62093011

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711189759.9A Active CN108038383B (en) 2017-11-24 2017-11-24 File encryption method, file decryption method and device

Country Status (1)

Country Link
CN (1) CN108038383B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110750799A (en) * 2019-09-30 2020-02-04 北京智明星通科技股份有限公司 Information encryption method and device, electronic equipment and computer readable storage medium
CN111970689A (en) * 2020-06-29 2020-11-20 百度在线网络技术(北京)有限公司 OTA data packet generation method and device and electronic equipment

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104092537A (en) * 2014-07-03 2014-10-08 飞天诚信科技股份有限公司 Devices for achieving coding and decoding of secret key information and work method thereof
CN105049941A (en) * 2015-06-24 2015-11-11 腾讯科技(深圳)有限公司 Multi-media file processing method and apparatus
CN105760764A (en) * 2014-12-18 2016-07-13 中兴通讯股份有限公司 Encryption and decryption methods and devices for embedded storage device file and terminal

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104092537A (en) * 2014-07-03 2014-10-08 飞天诚信科技股份有限公司 Devices for achieving coding and decoding of secret key information and work method thereof
CN105760764A (en) * 2014-12-18 2016-07-13 中兴通讯股份有限公司 Encryption and decryption methods and devices for embedded storage device file and terminal
CN105049941A (en) * 2015-06-24 2015-11-11 腾讯科技(深圳)有限公司 Multi-media file processing method and apparatus

Also Published As

Publication number Publication date
CN108038383A (en) 2018-05-15

Similar Documents

Publication Publication Date Title
CN107241364B (en) File downloading method and device
CN108280356B (en) File decryption method and device, processing terminal and computer readable storage medium
CN106788995B (en) File encryption method and device
CN107784231B (en) Instruction execution and dynamic compiling method and device and electronic equipment
US10452564B2 (en) Format preserving encryption of object code
CN106027228B (en) Encryption and decryption method and encryption and decryption system for webpage identifier
CN107077540B (en) Method and system for providing cloud-based application security services
CN113259132B (en) Data transmission encryption and decryption method and device, computer equipment and storage medium
CN105282090B (en) A kind of open URL scrambled method of anti-unauthorized access on internet
CN108431819B (en) Method and system for protecting client access to service of DRM agent of video player
WO2020233047A1 (en) Page test method and apparatus
CN108038383B (en) File encryption method, file decryption method and device
US10102386B2 (en) Decrypting content protected with initialization vector manipulation
CN112149137B (en) Vulnerability detection method and device, electronic equipment and computer readable storage medium
JP5641133B2 (en) Information processing apparatus, falsification detection apparatus, information processing method, falsification detection method, information processing program, and falsification detection program
CN107248972B (en) Data encryption and decryption method and device and electronic equipment
CN112561015B (en) Bar code encoding and decoding method, device, system, equipment and medium
KR20080095499A (en) Method for sharing bus key and apparatus therefor
KR101267875B1 (en) Apparatus for message encryption and decryption using virtual keyboard and recording medium storing program for executing method of the same in computer
CN108200058B (en) Chat encryption method and device, electronic terminal and readable storage medium
US10262161B1 (en) Secure execution and transformation techniques for computing executables
CN106650329A (en) Individual authorization method of data export equipment
CN111368322A (en) File decryption method and device, electronic equipment and storage medium
CN116015633A (en) Data encryption method, data decryption method and related devices
CN107533617B (en) Server device, information management system, information management method, and computer program

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant