Summary of the invention
In view of this, the embodiment of the present invention provides a kind of method of data encryption, the method for verification, the device of encryption and school
The device tested enhances Information Security it can be found that whether initial data is tampered.
To achieve the above object, according to an aspect of an embodiment of the present invention, a kind of method of data encryption is provided.
A kind of method of data encryption of the embodiment of the present invention includes:Obtain the characteristic of initial data;Using can not
Reverse encryption mode encrypts the characteristic, generates tamperproof ciphertext;By the tamperproof ciphertext and the original number
According to being spliced, tamperproof data are obtained.
Optionally, the characteristic for obtaining initial data includes:Initial data is grabbed based on preset feature rules for grasping
Data characteristics item;The data characteristics item is integrated according to preset integration rules, obtains characteristic.
Optionally, carrying out the tamperproof ciphertext of encryption generation to the characteristic using irreversible encryption mode includes:It is right
The characteristic carries out irreversible encryption, generates cipher-text information;The cipher-text information is encrypted, is generated tamperproof close
Text.
Optionally, carrying out encryption to the cipher-text information includes:Hash processing is carried out to the cipher-text information.
To achieve the above object, according to an aspect of an embodiment of the present invention, a kind of method of data check is provided.
A kind of method of data check of the embodiment of the present invention includes:Extract the tamperproof ciphertext and original in tamperproof data
Beginning data;Obtain the characteristic of the initial data;The characteristic is encrypted using irreversible encryption mode, it is raw
At verification ciphertext;It compares the verification ciphertext and whether the tamperproof ciphertext is consistent, obtain check results.
Optionally, the characteristic for obtaining the initial data includes:Based on described in the crawl of preset feature rules for grasping
The data characteristics item of initial data;The data characteristics item is integrated according to preset integration rules, obtains characteristic.
Optionally, carrying out encryption generation verification ciphertext to the characteristic using irreversible encryption mode includes:To institute
It states characteristic and carries out irreversible encryption, generate check information;The check information is encrypted, verification ciphertext is generated.
Optionally, carrying out encryption to the check information includes:Hash processing is carried out to the check information.
Optionally, the method also includes:Spliced the initial data and check results to obtain censored data;
And when request of data side requests the initial data, the censored data is returned into request of data side.
To achieve the above object, according to another aspect of an embodiment of the present invention, a kind of device of data encryption is provided.
A kind of device of data encryption of the embodiment of the present invention includes:First obtains module, for obtaining initial data
Characteristic;First encrypting module is generated tamperproof for being encrypted using irreversible encryption mode to the characteristic
Ciphertext;First splicing module obtains tamperproof data for splicing the tamperproof ciphertext with the initial data.
Optionally, the first acquisition module is also used to:Number based on preset feature rules for grasping crawl initial data
According to characteristic item;The data characteristics item is integrated according to preset integration rules, obtains characteristic.
Optionally, first encrypting module is also used to:Irreversible encryption is carried out to the characteristic, generates ciphertext letter
Breath;The cipher-text information is encrypted, tamperproof ciphertext is generated.
Optionally, first encrypting module is further used for:Hash processing is carried out to the cipher-text information.
To achieve the above object, according to another aspect of an embodiment of the present invention, a kind of device of data encryption is provided.
A kind of device of data check of the embodiment of the present invention includes:Extraction module, for extracting in tamperproof data
Tamperproof ciphertext and initial data;Second obtains module, for obtaining the characteristic of the initial data;Second encryption mould
Block generates verification ciphertext for encrypting using irreversible encryption mode to the characteristic;Comparison module, for than
It is whether consistent to the verification ciphertext and the tamperproof ciphertext, obtain check results.
Optionally, the second acquisition module is also used to:The initial data is grabbed based on preset feature rules for grasping
Data characteristics item;The data characteristics item is integrated according to preset integration rules, obtains characteristic.
Optionally, second encrypting module is also used to:Irreversible encryption is carried out to the characteristic, generates verification letter
Breath;The check information is encrypted, verification ciphertext is generated.
Optionally, second encrypting module is further used for:Hash processing is carried out to the check information.
Optionally, described device further includes:Second splicing module, for spelling the initial data with check results
It connects, obtains censored data;And when request of data side requests the initial data, the censored data is returned into number
According to requesting party.
To achieve the above object, another aspect according to an embodiment of the present invention, providing a kind of prevents data to be tampered
System.
A kind of system for preventing data to be tampered of the embodiment of the present invention includes a kind of data encryption of the embodiment of the present invention
Device and the embodiment of the present invention a kind of data check device.
To achieve the above object, another aspect according to an embodiment of the present invention, providing a kind of prevents data to be tampered
Method.
A kind of method for preventing data to be tampered of the embodiment of the present invention includes:Data providing or third-party platform obtain
The characteristic of initial data;Data providing or third-party platform carry out the characteristic using irreversible encryption mode
Encryption, generates tamperproof ciphertext;Data providing or third-party platform carry out the tamperproof ciphertext and the initial data
Splicing, obtains tamperproof data;In verification, data providing, request of data side or third-party platform are from the tamperproof number
According to the middle characteristic for extracting the tamperproof ciphertext and the initial data;Data providing, request of data side or third party
Platform encrypts the characteristic in the tamperproof data using irreversible encryption mode, generates verification ciphertext;Data
Provider, request of data side or third-party platform compare the verification ciphertext and whether the tamperproof ciphertext is consistent, obtain school
Test result.
Optionally, data providing or third-party platform add the characteristic using irreversible encryption mode
Close, generating tamperproof ciphertext includes:Irreversible encryption is carried out to the characteristic, generates cipher-text information;The ciphertext is believed
Breath carries out Hash processing, generates tamperproof ciphertext.
Optionally, data providing, request of data side or third-party platform are using irreversible encryption mode to the anti-channeling
The characteristic changed in data is encrypted, and is generated verification ciphertext and is included:Characteristic in the tamperproof data is carried out
Irreversible encryption generates check information;Hash processing is carried out to the check information, generates verification ciphertext.
Optionally, the method also includes:The initial data is spliced with check results, obtains check number
According to;And verifying the tamperproof data if it is data providing or third-party platform, then data providing or third party are flat
The censored data is returned to request of data side when request of data side requests the initial data by platform.
To achieve the above object, according to an embodiment of the present invention in another aspect, the electronics for providing a kind of data encryption is set
It is standby.
A kind of electronic equipment of data encryption of the embodiment of the present invention includes:One or more processors;Storage device is used
In storing one or more programs, when one or more of programs are executed by one or more of processors, so that described
The method that one or more processors realize a kind of data encryption of the embodiment of the present invention.
To achieve the above object, according to an embodiment of the present invention in another aspect, the electronics for providing a kind of data check is set
It is standby.
A kind of electronic equipment of data check of the embodiment of the present invention includes:One or more processors;Storage device is used
In storing one or more programs, when one or more of programs are executed by one or more of processors, so that described
The method that one or more processors realize a kind of data check of the embodiment of the present invention.
To achieve the above object, according to an embodiment of the present invention in another aspect, providing a kind of computer-readable storage medium
Matter.
A kind of computer readable storage medium of the embodiment of the present invention is stored thereon with computer program, described program quilt
A kind of method of data encryption of the embodiment of the present invention is realized when processor executes.
To achieve the above object, according to an embodiment of the present invention in another aspect, providing a kind of computer-readable storage medium
Matter.
A kind of computer readable storage medium of the embodiment of the present invention is stored thereon with computer program, described program quilt
A kind of method of data check of the embodiment of the present invention is realized when processor executes.
One embodiment in foregoing invention has the following advantages that or beneficial effect:Because using irreversible encryption mode pair
The characteristic of initial data is encrypted, and tamperproof ciphertext is generated;And splice the tamperproof ciphertext with initial data,
Obtain tamperproof data;When to tamperproof data check, the initial data in tamperproof data is used identical with encryption
Mode is handled, and verification ciphertext is obtained;Whether twin check ciphertext unanimously can determine that initial data is with tamperproof ciphertext
The no technological means being tampered, is encrypted initial data using the technology of security and cryptography, so overcoming
Data are not easy the technical issues of finding, not can guarantee data safety after being tampered, and then reach it can be found that initial data is
It is no to be tampered, enhance the technical effect of Information Security.
Further effect possessed by above-mentioned non-usual optional way adds hereinafter in conjunction with specific embodiment
With explanation.
Specific embodiment
Below in conjunction with attached drawing, an exemplary embodiment of the present invention will be described, including the various of the embodiment of the present invention
Details should think them only exemplary to help understanding.Therefore, those of ordinary skill in the art should recognize
It arrives, it can be with various changes and modifications are made to the embodiments described herein, without departing from scope and spirit of the present invention.Together
Sample, for clarity and conciseness, descriptions of well-known functions and structures are omitted from the following description.
It should be pointed out that in the absence of conflict, the technical characteristic in the embodiment of the present invention and embodiment can
To be combined with each other.
Fig. 1 is the schematic diagram of the key step of the method for data encryption according to an embodiment of the present invention.
As shown in Figure 1, the method for the data encryption of the embodiment of the present invention mainly includes the following steps that:
Step S101:Obtain the characteristic of initial data.
Currently, data safety is to entire society, stable, privacy of identities safety and safeguarding of assets etc. become increasingly
It is important.To prevent malicious user from altering truthful data by unlawful means, the embodiment of the present invention utilizes security and password
Initial data is encrypted in technology, to enhance the safety of initial data.
Data providing or the third-party platform for providing data security protecting etc. can encrypt initial data
Processing, can choose and initial data is encrypted when storing initial data, also can choose to stored original
Data are encrypted.Characteristic can be extracted from initial data when being encrypted, it can also be from original number
According to source at obtain the characteristic etc. of initial data.Wherein, characteristic refers to important and representative in initial data
Data, such as the data characteristics item of transaction data may include:Remaining sum changes the information such as the amount of money, account and change time.
The characteristic of initial data can be obtained based on certain rule.In embodiments of the present invention, original number is obtained
According to characteristic can be accomplished by the following way:Data characteristics based on preset feature rules for grasping crawl initial data
?;Data characteristic item is integrated according to preset integration rules, obtains characteristic.
Wherein, preset feature rules for grasping can be, the significance level of type or initial data based on initial data
The identified data characteristics item for needing to grab.Data characteristics item refers in specific corresponding to a certain feature in initial data
Hold.It is special that preset integration rules can be sequence, data characteristics item size or data of the data characteristics item in initial data
Levy the first character etc. of item.Such as it is the character string of multiple data characteristics items is suitable in initial data by data characteristics item
Sequence is spliced into a character string.
Step S102:Characteristic is encrypted using irreversible encryption mode, generates tamperproof ciphertext.
Irreversible encryption mode, which refers to, to be encrypted data using ad hoc fashion to obtain ciphertext, and is not provided with decryption
Key, when verifying, obtain ciphertext in fashion described above again, are verified by comparing two ciphertexts.The embodiment of the present invention utilizes can not
Reverse encryption mode obtains tamperproof ciphertext, which can not be decrypted again, can be determined by tamperproof ciphertext original
Whether data are tampered, and initial data may be larger, if directly done the encryption process to initial data tamperproof close
Text also can be larger, is not easy to subsequent check, and calculation amount is larger, wastes computing resource.And characteristic is done the encryption process
Obtained tamperproof ciphertext can prevent initial data from being altered by secret, additionally it is possible to avoid occupying a large amount of calculating moneys when calculating
Source.
In embodiments of the present invention, step S102 can be accomplished by the following way:Irreversible add, is carried out to characteristic
It is close, generate cipher-text information;Cipher-text information is encrypted, tamperproof ciphertext is generated.Characteristic can be encrypted twice,
Irreversible encryption is first carried out, then carries out primary encryption again, to be further ensured that tamperproof ciphertext is not cracked.It needs
Bright is that second of encryption can be using any cipher mode.
In embodiments of the present invention, Hash processing can be carried out to cipher-text information generate tamperproof ciphertext.Hash is a kind of
Hash function can be transformed into the input of random length by hashing algorithm the output of regular length, which is exactly to hash
Value.Hash processing is using cipher-text information as input, using the hashed value of output as tamperproof ciphertext.The tamperproof ciphertext can be with
It stores in the storage product of data providing, such as the databases such as cloud storage, relevant database or non-relational database,
The third-party platform etc. for providing data security protecting can also be stored.
Step S103:Tamperproof ciphertext is spliced with initial data, obtains tamperproof data.
It for the real effectiveness for guaranteeing initial data, and avoids changing initial data, the embodiment of the present invention is by anti-channeling
Change ciphertext to be directly stitched together with initial data, can verify whether initial data is tampered, additionally it is possible to guarantee original number
According to can be used normally.The tamperproof data are possibly stored in the storage product of data providing, such as cloud storage, relationship type
The databases such as database or non-relational database.
The method of data encryption according to an embodiment of the present invention can be seen that the embodiment of the present invention and utilize security and close
Initial data is encrypted in the technology that code is learned, and to enhance Information Security, adopts to the initial data in tamperproof data
Carrying out processing with mode identical with encryption can be obtained verification ciphertext, to find whether initial data is tampered.And it calculates
It measures small can be avoided and occupies a large amount of computing resources.
Fig. 2 is the schematic diagram of the key step of the method for data check according to an embodiment of the present invention.
As shown in Fig. 2, the method for the data check of the embodiment of the present invention mainly includes the following steps that:
Step S201:Extract tamperproof ciphertext and the initial data in tamperproof data.
Encryption can be carried out to initial data by step S101- step S103 generates tamperproof data.Data provide
Side, request of data side or third-party platform for providing data security protecting etc. can in request of data side's request data school
Tamperproof data are verified when testing tamperproof data, or periodically being checked to data and (be also possible to casual inspection etc.), are being verified
When, tamperproof ciphertext and initial data can be extracted, from tamperproof data to determine whether the initial data is tampered.
Step S202:Obtain the characteristic of initial data.
For same initial data, used characteristic when encrypting with it is obtained in verification.Characteristic refers to
Important and representative data in initial data, such as the data characteristics item of transaction data may include:Remaining sum, change the amount of money,
The information such as account and change time.
The characteristic of initial data can be obtained based on certain rule.In embodiments of the present invention, original number is obtained
According to characteristic can be accomplished by the following way:Data characteristics based on preset feature rules for grasping crawl initial data
?;Data characteristic item is integrated according to preset integration rules, obtains characteristic.
Wherein, preset feature rules for grasping can be, the significance level of type or initial data based on initial data
The identified data characteristics item for needing to grab.Data characteristics item refers in specific corresponding to a certain feature in initial data
Hold.It is special that preset integration rules can be sequence, data characteristics item size or data of the data characteristics item in initial data
Levy the first character etc. of item.
Step S203:Characteristic is encrypted using irreversible encryption mode, generates verification ciphertext.
Irreversible encryption mode, which refers to, to be encrypted data using ad hoc fashion to obtain ciphertext, and is not provided with decryption
Key, when verifying, obtain ciphertext in fashion described above again, are verified by comparing two ciphertexts.Since tamperproof ciphertext can not be again
It is decrypted, therefore, the verification for same initial data can be using used irreversible encryption mode when its encryption again
It is calculated, obtains verification ciphertext, which done the encryption process to characteristic, and when calculating can keep away
Exempt to occupy a large amount of computing resources.
In embodiments of the present invention, step S203 can be accomplished by the following way:Irreversible add, is carried out to characteristic
It is close, generate check information;Check information is encrypted, verification ciphertext is generated.In verification, characteristic is used and encryption
Processing mode when identical first carries out irreversible encryption to check information, then carries out primary encryption again, it should be noted that
Second of encryption can be using any cipher mode, as long as guaranteeing to use identical cipher mode when encryption and verification
It can.
In embodiments of the present invention, using mode identical with cipher-text information, Hash processing is carried out to check information, with life
At verification ciphertext.Hash is a kind of hash function, the input of random length can be transformed into regular length by hashing algorithm
Output, which is exactly hashed value.Herein Hash processing be using check information as input, using the hashed value of output as
Verify ciphertext.
Step S204:Whether Inspection ciphertext is consistent with tamperproof ciphertext, obtains check results.
It is obtained after being calculated due to calculation identical when verification ciphertext is using with encryption, data providing, data
Requesting party or third-party platform etc. for providing data security protecting can will be from tamperproof after obtaining verification ciphertext
The tamperproof ciphertext extracted in data is compared with the verification ciphertext, so that it is determined that whether initial data is tampered.If
Verify ciphertext it is consistent with tamperproof ciphertext, then check results are not tampered with for initial data, if verify ciphertext with it is tamperproof close
Text is inconsistent, then check results are that initial data has been tampered.
In embodiments of the present invention, the method for the data check can also include:Initial data and check results are carried out
Splicing, obtains censored data.When request of data side requests initial data, censored data can be returned into request of data
Side, request of data side can know whether requested initial data has been tampered based on the check results in censored data.
The method of data check according to an embodiment of the present invention can be seen that the embodiment of the present invention and utilize security and close
The technology that code is learned verifies initial data, and to enhance Information Security, and the small occupancy that can be avoided of calculation amount largely calculates
Resource.The identical mode with encryption is used to be handled to obtain verification ciphertext the initial data in tamperproof data;Compare school
It tests ciphertext and can determine whether initial data is tampered with tamperproof ciphertext, enhance Information Security.
Fig. 3 is the schematic diagram of the key step of the method according to an embodiment of the present invention for preventing data to be tampered.
As shown in figure 3, the method for preventing data to be tampered of the embodiment of the present invention mainly includes the following steps that:
Step S301:Data providing or third-party platform obtain the characteristic of initial data.
Data providing or the third-party platform for providing data security protecting etc. can encrypt initial data
Processing, can extract characteristic from initial data when being encrypted, can also obtain from the source of initial data
To the characteristic etc. of initial data.
The characteristic of initial data can be obtained based on certain rule.It in embodiments of the present invention, can be based on pre-
If feature rules for grasping crawl initial data data characteristics item;Data characteristic item is carried out according to preset integration rules whole
It closes, obtains characteristic.Wherein, preset feature rules for grasping can be, type or initial data based on initial data
The data characteristics item for needing to grab determined by significance level.Data characteristics item refers in initial data corresponding to a certain feature
Particular content.Preset integration rules can be sequence of the data characteristics item in initial data, data characteristics item size or
The first character etc. of data characteristics item.
Step S302:Data providing or third-party platform encrypt characteristic using irreversible encryption mode,
Generate tamperproof ciphertext.
Irreversible encryption mode, which refers to, to be encrypted data using ad hoc fashion to obtain ciphertext, and is not provided with decryption
Key, when verifying, obtain ciphertext in fashion described above again, are verified by comparing two ciphertexts.
In embodiments of the present invention, irreversible encryption can be carried out to characteristic, generates cipher-text information;To cipher-text information
Hash processing is carried out, tamperproof ciphertext is generated.Characteristic is encrypted twice, i.e., first carries out irreversible encryption, then again
Primary encryption is carried out, to be further ensured that tamperproof ciphertext is not cracked.It can choose Hash processing to encrypt as second,
Hash processing is carried out to cipher-text information and generates tamperproof ciphertext.It should be noted that second of encryption can also use other
A kind of what cipher mode.
Step S303:Data providing or third-party platform splice tamperproof ciphertext with initial data, are prevented
Alter data.
Tamperproof ciphertext is directly stitched together with initial data, can verify whether initial data is tampered, also
It can guarantee that initial data can be used normally.
Step S304:Data providing, request of data side or third-party platform extract tamperproof close from tamperproof data
The characteristic of text and initial data.
Data providing, request of data side or third-party platform for providing data security protecting etc. can be asked in data
When the side's of asking request data, or when periodically being checked to data and (be also possible to casual inspection etc.), tamperproof data are verified, in school
When testing, data providing can extract the characteristic of tamperproof ciphertext and initial data from tamperproof data, to calculate original
Whether beginning data are tampered.Such as request of data side obtains tamperproof data from data providing, and mentions from tamperproof data
The characteristic for taking tamperproof ciphertext and initial data calculates original number based on the characteristic of tamperproof ciphertext and initial data
According to whether being tampered.
It should be noted that the characteristic of initial data can equally be obtained using step S301.
Step S305:Data providing, request of data side or third-party platform are using irreversible encryption mode to tamperproof
Characteristic in data is encrypted, and verification ciphertext is generated.
Since tamperproof ciphertext can not be decrypted again, the verification for same initial data can be using its encryption
When used irreversible encryption mode calculated again, i.e., using mode identical with step S302 again to tamperproof number
Characteristic in is calculated, and verification ciphertext is obtained.
In embodiments of the present invention, irreversible encryption can be carried out to the characteristic in tamperproof data, generates verification
Information;Hash processing is carried out to check information, generates verification ciphertext.Equally the characteristic in tamperproof data is carried out twice
Encryption, i.e., first carry out irreversible encryption, then carries out the processing of Hash again, thus be further ensured that verification ciphertext with it is tamperproof
Ciphertext is obtained based on identical calculation.It should be noted that second of encryption can also be added using other any one
Close mode, as long as guaranteeing to use identical cipher mode when encryption and verification.
Step S306:Data providing, request of data side or third-party platform Inspection ciphertext and tamperproof ciphertext are
It is no consistent, obtain check results.
It is obtained after being calculated due to calculation identical when verification ciphertext is using with encryption, data providing, data
Requesting party or third-party platform etc. for providing data security protecting can will be from tamperproof after obtaining verification ciphertext
The tamperproof ciphertext extracted in data is compared with the verification ciphertext, so that it is determined that whether initial data is tampered.If
Verify ciphertext it is consistent with tamperproof ciphertext, then check results are not tampered with for initial data, if verify ciphertext with it is tamperproof close
Text is inconsistent, then check results are that initial data has been tampered.
The method according to an embodiment of the present invention for preventing data to be tampered can be seen that because using irreversible encryption mode
Encryption is carried out to the characteristic of initial data and generates tamperproof ciphertext;And the tamperproof ciphertext is spliced with initial data
Obtain tamperproof data;When to tamperproof data check, the initial data in tamperproof data is used identical with encryption
Mode is handled to obtain verification ciphertext;Twin check ciphertext and tamperproof ciphertext can determine what whether initial data was tampered
Technological means is encrypted and verifies to initial data using the technology of security and cryptography, so overcoming number
According to being not easy the technical issues of finding, not can guarantee data safety after being tampered, so reach it can be found that initial data whether by
Alter, enhances the technical effect of Information Security.
Fig. 4 is the signal of the main flow of a method for preventing data to be tampered that can refer to embodiment according to the present invention
Figure, the method for the data encryption of the embodiment of the present invention and the method for data check are applied to data providing or for providing data
The third-party platform etc. of safeguard protection.
As shown in figure 4, the data encryption of initial data and the process of data check include:
Step S401:Initiate data protection request:
To prevent initial data from maliciously being altered, data providing, request of data side or third-party platform can be original
Data initiate data protection request whens cloud storage or database etc. is written, can also initiate data for stored initial data
Protection request carries out data guarantee;
Step S402:By preset feature rules for grasping, data characteristics item set in initial data is grabbed:
Data providing or third-party platform obtain initial data, then by preset feature rules for grasping, grab original
Set data characteristics item in data.Preset feature rules for grasping can be, type or initial data based on initial data
Significance level determined by the data characteristics item that needs to grab, such as the data characteristics item of transaction data may include:Remaining sum,
Change the information such as the amount of money, account and change time;
Step S403:Data characteristic item is integrated according to preset integration rules, obtains characteristic:
Data providing or third-party platform integrate data characteristic item according to preset integration rules, can be obtained
Characteristic.Preset integration rules can be sequence of the data characteristics item in initial data, data characteristics item size or
The first character etc. of data characteristics item.Such as the character string of multiple data characteristics items is pressed into data characteristics item in initial data
In sequential concatenation at a character string;
Step S404:Irreversible encryption is carried out to characteristic, generates cipher-text information:
Data providing or third-party platform carry out irreversible encryption, ciphertext generated to characteristic by irreversible
Information can not be decrypted again;
Step S405:Hash processing is done to cipher-text information, generates tamperproof ciphertext:
Hash processing can also be carried out again for cryptogram information data provider or third-party platform, Hash processing be by
Cipher-text information is as input, using the hashed value of output as tamperproof ciphertext;
Step S406:Tamperproof ciphertext is spliced with initial data, obtains tamperproof data:
Tamperproof ciphertext is spliced in initial data by data providing or third-party platform etc. can obtain tamperproof number
According to the tamperproof data are possibly stored in cloud storage, can also store relevant database or non-relational database etc.
In database;
Step S407:Initiate verification request:
When request of data side requests tamperproof data, or when checking tamperproof data, data are provided
Side, request of data side or third-party platform can initiate verification request, to determine whether initial data is maliciously altered;
Step S408:Extract tamperproof ciphertext and the initial data in tamperproof data;
Step S409:Using preset feature rules for grasping identical with step S402, crawl is obtained by step S408
Initial data data characteristics item;
Step S410:According to integration rules identical with step S403 to the data characteristics item obtained by step S409 into
Row integration, obtains characteristic;
Step S411:Irreversible encryption identical with step S404 is carried out to the characteristic in step S410, generates school
Test information;
Step S412:Hash processing is done to the check information in step S411, generates verification ciphertext;
Step S413:Inspection ciphertext and tamperproof ciphertext, obtain check results:
Whether data providing, request of data side or third-party platform Inspection ciphertext are consistent with tamperproof ciphertext, such as
Fruit is consistent, then check results are not tampered with for initial data;If inconsistent, check results are that initial data has been tampered;
Step S414:The initial data obtained by step S408 is carried out with the check results obtained by step S413
Splicing, obtains censored data;
It should be noted that step S408- step S414 is held by data providing, request of data side or third-party platform
Row is requested if it is the verification initiated when request of data side requests tamperproof data, and by data providing or is used for
The third-party platform etc. for providing data security protecting verifies tamperproof data, then censored data can be returned to number
According to requesting party.
For the technical idea that the present invention is further explained, now in conjunction with specific application scenarios, to the embodiment of the present invention
Technical solution is illustrated.
As shown in figure 5, using transaction data as initial data, transaction data is stored in Relational DBMS
(MySQL) in.
When by transaction data storage to MySQL, data providing, request of data side or for providing data security protecting
Third-party platform etc. can initiate data protection request.Firstly, the data characteristics item of crawl transaction data, i.e. creation time,
Modification time, transaction amount and remaining sum, and creation time, modification time, transaction amount and remaining sum are successively spliced to a word
In symbol string, the characteristic of transaction data is obtained;Then, irreversible encryption is carried out to characteristic and generates cipher-text information, then is right
Cipher-text information carries out encryption and generates tamperproof ciphertext (assuming that being 123456789) of trading, finally, the tamperproof ciphertext that will trade
(123456789) spliced to obtain tamperproof transaction data with transaction data.
In addition, data providing, request of data side or third-party platform for providing data security protecting etc. can be determined
Phase at random verifies tamperproof transaction data.Or when request of data side needs to call the transaction data (i.e. in number
When according to the requestor requests transaction data), tamperproof transaction data is verified.Firstly, being extracted from tamperproof data anti-
Alter ciphertext and transaction data, and obtains creation time, modification time, transaction amount and the remaining sum of transaction data, while successively
It is spliced in a character string, obtains the characteristic of transaction data;This feature data are carried out in a like fashion secondly, adopting
Irreversible encryption generates transaction check information, then carries out encryption to transaction check information and generate transaction verification ciphertext;Then, it compares
Transaction verification ciphertext and tamperproof transaction ciphertext, i.e., if transaction verification ciphertext is also " 123456789 ", check results are to hand over
Easy data are not tampered with, if transaction verification ciphertext is not " 123456789 ", check results are that transaction data has been tampered;
Finally, being spliced to obtain checkout transaction data for check results and transaction data, checkout transaction data are returned to and are asked
The side of asking.
According to the embodiments of the present invention as can be seen that because using irreversible encryption mode to the characteristic of initial data
Tamperproof ciphertext is generated according to encryption is carried out;And spliced the tamperproof ciphertext and initial data to obtain tamperproof data;?
When to tamperproof data check, the identical mode with encryption is used to be handled to obtain school the initial data in tamperproof data
Test ciphertext;Twin check ciphertext and tamperproof ciphertext can determine the technological means whether initial data is tampered, and utilize number
The technology of safety and cryptography is encrypted and verifies to initial data, is not easy to send out after data are tampered so overcoming
It is existing, the technical issues of not can guarantee data safety, and then reach it can be found that whether initial data is tampered, enhance data safety
The technical effect of property.
Fig. 6 is the schematic diagram of the main modular of the device of data encryption according to an embodiment of the present invention.
As shown in fig. 6, the device 600 of the data encryption of the embodiment of the present invention includes:First, which obtains module 601, first, adds
Close module 602 and the first splicing module 603.
Wherein,
First obtains module 601, for obtaining the characteristic of initial data;
First encrypting module 602 generates anti-channeling for encrypting using irreversible encryption mode to the characteristic
Change ciphertext;
First splicing module 603 obtains tamperproof for splicing the tamperproof ciphertext with the initial data
Data.
In embodiments of the present invention, the first acquisition module 601 is also used to:It is grabbed based on preset feature rules for grasping
The data characteristics item of initial data;The data characteristics item is integrated according to preset integration rules, obtains characteristic.
In embodiments of the present invention, first encrypting module 602 is also used to:Irreversible add, is carried out to the characteristic
It is close, generate cipher-text information;The cipher-text information is encrypted, tamperproof ciphertext is generated.
In embodiments of the present invention, first encrypting module 602 is further used for:Hash is carried out to the cipher-text information
Processing.
Fig. 7 is the schematic diagram of the main modular of the device of data check according to an embodiment of the present invention.
As shown in fig. 7, the device 700 of the data check of the embodiment of the present invention includes:Extraction module 701, second obtains mould
Block 701, the second encrypting module 703 and comparison module 704.
Wherein,
Extraction module 701, for extracting tamperproof ciphertext and initial data in tamperproof data;
Second obtains module 702, for obtaining the characteristic of the initial data;
Second encrypting module 703 generates verification for encrypting using irreversible encryption mode to the characteristic
Ciphertext;
Comparison module 704, it is whether consistent for comparing the verification ciphertext and the tamperproof ciphertext, obtain verification knot
Fruit.
In embodiments of the present invention, the second acquisition module 702 is also used to:It is grabbed based on preset feature rules for grasping
The data characteristics item of the initial data;The data characteristics item is integrated according to preset integration rules, obtains feature
Data.
In embodiments of the present invention, second encrypting module 703 is also used to:Irreversible add, is carried out to the characteristic
It is close, generate check information;The check information is encrypted, verification ciphertext is generated.
In embodiments of the present invention, second encrypting module 703 is further used for:Hash is carried out to the check information
Processing.
In addition, described device further includes:Second splicing module (does not show that) in figure, is used for the initial data and school
Result is tested to be spliced to obtain censored data;And it when request of data side requests the initial data, is verified described
Data return to request of data side.
Meanwhile the embodiment of the invention also provides a kind of systems for preventing data to be tampered, including the embodiment of the present invention
The device of the data check of the device and embodiment of the present invention of data encryption.
It is can be seen that according to the device of the device of the data encryption of the embodiments of the present invention and data check because using
Irreversible encryption mode carries out encryption to the characteristic of initial data and generates tamperproof ciphertext;And by the tamperproof ciphertext and former
Beginning data are spliced to obtain tamperproof data;When to tamperproof data check, the initial data in tamperproof data is adopted
It is handled to obtain verification ciphertext with mode identical with encryption;Twin check ciphertext and tamperproof ciphertext can determine original number
According to the technological means whether being tampered, initial data is encrypted using the technology of security and cryptography and school
Test, be not easy the technical issues of finding, not can guarantee data safety after data are tampered so overcoming, so reach it can be found that
Whether initial data is tampered, and enhances the technical effect of Information Security.
Fig. 8 is shown can be using method, the method for data check, data encryption of the data encryption of the embodiment of the present invention
Device or data check device exemplary system architecture 800.
As shown in figure 8, system architecture 800 may include terminal device 801,802,803, network 804 and server 805.
Network 804 between terminal device 801,802,803 and server 805 to provide the medium of communication link.Network 804 can be with
Including various connection types, such as wired, wireless communication link or fiber optic cables etc..
User can be used terminal device 801,802,803 and be interacted by network 804 with server 805, to receive or send out
Send message etc..Various telecommunication customer end applications, such as the application of shopping class, net can be installed on terminal device 801,802,803
The application of page browsing device, searching class application, instant messaging tools, mailbox client, social platform software etc..
Terminal device 801,802,803 can be the various electronic equipments with display screen and supported web page browsing, packet
Include but be not limited to smart phone, tablet computer, pocket computer on knee and desktop computer etc..
Server 805 can be to provide the server of various services, such as utilize terminal device 801,802,803 to user
The shopping class website browsed provides the back-stage management server supported.Back-stage management server can believe the product received
The data such as breath inquiry request carry out the processing such as analyzing, and processing result (such as target push information, product information) is fed back to
Terminal device.
It should be noted that data encryption provided by the embodiment of the present invention method or data check method generally by
Server 805 executes, and correspondingly, the device of data encryption or the device of data check are generally positioned in server 805.
It should be understood that the number of terminal device, network and server in Fig. 8 is only schematical.According to realization need
It wants, can have any number of terminal device, network and server.
Below with reference to Fig. 9, it illustrates the computer systems 900 for the terminal device for being suitable for being used to realize the embodiment of the present invention
Structural schematic diagram.Terminal device shown in Fig. 9 is only an example, function to the embodiment of the present invention and should not use model
Shroud carrys out any restrictions.
As shown in figure 9, computer system 900 includes central processing unit (CPU) 901, it can be read-only according to being stored in
Program in memory (ROM) 902 or be loaded into the program in random access storage device (RAM) 903 from storage section 908 and
Execute various movements appropriate and processing.In RAM 903, also it is stored with system 900 and operates required various programs and data.
CPU 901, ROM 902 and RAM 903 are connected with each other by bus 904.Input/output (I/O) interface 905 is also connected to always
Line 904.
I/O interface 905 is connected to lower component:Importation 906 including keyboard, mouse etc.;It is penetrated including such as cathode
The output par, c 907 of spool (CRT), liquid crystal display (LCD) etc. and loudspeaker etc.;Storage section 908 including hard disk etc.;
And the communications portion 909 of the network interface card including LAN card, modem etc..Communications portion 909 via such as because
The network of spy's net executes communication process.Driver 910 is also connected to I/O interface 905 as needed.Detachable media 911, such as
Disk, CD, magneto-optic disk, semiconductor memory etc. are mounted on as needed on driver 910, in order to read from thereon
Computer program be mounted into storage section 908 as needed.
Particularly, disclosed embodiment, the process described above with reference to flow chart may be implemented as counting according to the present invention
Calculation machine software program.For example, embodiment disclosed by the invention includes a kind of computer program product comprising be carried on computer
Computer program on readable medium, the computer program include the program code for method shown in execution flow chart.?
In such embodiment, which can be downloaded and installed from network by communications portion 909, and/or from can
Medium 911 is dismantled to be mounted.When the computer program is executed by central processing unit (CPU) 901, system of the invention is executed
The above-mentioned function of middle restriction.
It should be noted that computer-readable medium shown in the present invention can be computer-readable signal media or meter
Calculation machine readable storage medium storing program for executing either the two any combination.Computer readable storage medium for example can be --- but not
Be limited to --- electricity, magnetic, optical, electromagnetic, infrared ray or semiconductor system, device or device, or any above combination.Meter
The more specific example of calculation machine readable storage medium storing program for executing can include but is not limited to:Electrical connection with one or more conducting wires, just
Taking formula computer disk, hard disk, random access storage device (RAM), read-only memory (ROM), erasable type may be programmed read-only storage
Device (EPROM or flash memory), optical fiber, portable compact disc read-only memory (CD-ROM), light storage device, magnetic memory device,
Or above-mentioned any appropriate combination.In the present invention, computer readable storage medium can be it is any include or storage journey
The tangible medium of sequence, the program can be commanded execution system, device or device use or in connection.And at this
In invention, computer-readable signal media may include in a base band or as carrier wave a part propagate data-signal,
Wherein carry computer-readable program code.The data-signal of this propagation can take various forms, including but unlimited
In electromagnetic signal, optical signal or above-mentioned any appropriate combination.Computer-readable signal media can also be that computer can
Any computer-readable medium other than storage medium is read, which can send, propagates or transmit and be used for
By the use of instruction execution system, device or device or program in connection.Include on computer-readable medium
Program code can transmit with any suitable medium, including but not limited to:Wirelessly, electric wire, optical cable, RF etc. or above-mentioned
Any appropriate combination.
Flow chart and block diagram in attached drawing are illustrated according to the system of various embodiments of the invention, method and computer journey
The architecture, function and operation in the cards of sequence product.In this regard, each box in flowchart or block diagram can generation
A part of one module, program segment or code of table, a part of above-mentioned module, program segment or code include one or more
Executable instruction for implementing the specified logical function.It should also be noted that in some implementations as replacements, institute in box
The function of mark can also occur in a different order than that indicated in the drawings.For example, two boxes succeedingly indicated are practical
On can be basically executed in parallel, they can also be executed in the opposite order sometimes, and this depends on the function involved.Also it wants
It is noted that the combination of each box in block diagram or flow chart and the box in block diagram or flow chart, can use and execute rule
The dedicated hardware based systems of fixed functions or operations is realized, or can use the group of specialized hardware and computer instruction
It closes to realize.
Being described in module involved in the embodiment of the present invention can be realized by way of software, can also be by hard
The mode of part is realized.Described module also can be set in the processor, for example, can be described as:A kind of processor packet
Include the first acquisition module, the first encrypting module, the first splicing module, extraction module, second obtain module, the second encrypting module and
Comparison module.Wherein, the title of these modules does not constitute the restriction to the module itself under certain conditions, for example, extracting
Module is also described as " module of tamperproof ciphertext and initial data is extracted from tamperproof data ".
As on the other hand, the present invention also provides a kind of computer-readable medium, which be can be
Included in equipment described in above-described embodiment;It is also possible to individualism, and without in the supplying equipment.Above-mentioned calculating
Machine readable medium carries one or more program, when said one or multiple programs are executed by the equipment, makes
Obtaining the equipment includes:Step S101:Obtain the characteristic of initial data;Step S102:Using irreversible encryption mode to spy
Sign data are encrypted, and tamperproof ciphertext is generated;Step S103:Tamperproof ciphertext is spliced with initial data, is prevented
Alter data;Or, making the equipment to include:Step S201:Extract tamperproof ciphertext and the initial data in tamperproof data;Step
Rapid S202:Obtain the characteristic of initial data;Step S203:Characteristic is encrypted using irreversible encryption mode,
Generate verification ciphertext;Step S204:Whether Inspection ciphertext is consistent with tamperproof ciphertext, obtains check results or, making this
Equipment includes:Step S301:Obtain the characteristic of initial data;Step S302:Using irreversible encryption mode to characteristic
According to being encrypted, tamperproof ciphertext is generated;Step S303:Tamperproof ciphertext is spliced with initial data, is obtained tamperproof
Data;Step S304:The characteristic of tamperproof ciphertext and initial data is extracted from tamperproof data;Step S305:Using
Irreversible encryption mode encrypts the characteristic in tamperproof data, generates verification ciphertext;Step S306:Inspection
Whether ciphertext is consistent with tamperproof ciphertext, obtains check results.
Technical solution according to an embodiment of the present invention, because using irreversible encryption mode to the characteristic of initial data
It is encrypted, generates tamperproof ciphertext;And splice the tamperproof ciphertext with initial data, obtain tamperproof data;?
When to tamperproof data check, uses the identical mode with encryption to handle the initial data in tamperproof data, obtain
Verify ciphertext;Twin check ciphertext and tamperproof ciphertext can determine the technological means whether initial data is tampered, and utilize number
Initial data is encrypted in the technology of word safety and cryptography, is not easy to find after data are tampered so overcoming, nothing
The technical issues of method guarantees data security, and then reach it can be found that whether initial data is tampered, enhance Information Security
Technical effect.
Above-mentioned specific embodiment, does not constitute a limitation on the scope of protection of the present invention.Those skilled in the art should be bright
It is white, design requirement and other factors are depended on, various modifications, combination, sub-portfolio and substitution can occur.It is any
Made modifications, equivalent substitutions and improvements etc. within the spirit and principles in the present invention, should be included in the scope of the present invention
Within.