CN109005199A - A kind of quick encipher-decipher method when sharing files - Google Patents
A kind of quick encipher-decipher method when sharing files Download PDFInfo
- Publication number
- CN109005199A CN109005199A CN201811136598.1A CN201811136598A CN109005199A CN 109005199 A CN109005199 A CN 109005199A CN 201811136598 A CN201811136598 A CN 201811136598A CN 109005199 A CN109005199 A CN 109005199A
- Authority
- CN
- China
- Prior art keywords
- key
- file
- sharing files
- person
- document receivers
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/045—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
Abstract
Quick encipher-decipher method when a kind of sharing files of the invention, the person that includes the following steps: sharing files is to each encrypted one file key of file generated;Sharing files person symmetric cryptographic algorithm and file key encrypt file;Combine key encryption All Files key between sharing files person symmetric cryptographic algorithm and sharing files person and document receivers, then sharing files person encrypts joint key with the public key of document receivers with sharing files person respectively, and encrypted joint key is obtained by document receivers;Encrypted file and encrypted file key are issued document receivers by sharing files person together;After document receivers receive encrypted file and encrypted file key, obtain by the joint key after oneself public key encryption;Document receivers decrypt joint key with the private key of oneself, and cooperate symmetric cryptographic algorithm, decrypt the file key of All Files;Document receivers decrypt file with the file key decrypted.
Description
Technical field
The invention belongs to quick encryption and decryption fields, more specifically, quick encryption and decryption side when being related to a kind of sharing files
Method.
Background technique
The subsequent code language used is explained first, is understood with facilitating.
Symmetric cryptographic algorithm: encrypting and decrypts the cryptographic algorithm for using same key.Symmetric key: it is calculated for symmetric cryptography
The key of method.Public key algorithm: also known as asymmetric cryptographic algorithm, encryption and decryption use the cryptographic algorithm of different keys,
One of key (public key) can disclose, another key (private key) must maintain secrecy, and solving private key by public key is to calculate not
It is feasible.Public key: can disclosed key in public key algorithm.Private key: it can only be used by owner in public key algorithm
Underground key.Master key: the top layer in symmetric cryptosystem layering cipher key structure, the generation for lower layer's key
Or protection.Ciphertext: refer to encrypted data.In plain text: the data or the data after decryption reduction for referring to unencryption.
Commercially, the encryption of data or file is shared very common.For example company A leads to important contract or other data
The mode for crossing Email issues company B, and the sensitive information in contract is stolen by third party in order to prevent, and company A needs pairing
With being encrypted, then send.After company B gets the mail, need that first contract is decrypted.
In order to realize above-mentioned encryption process, general way is using public key algorithm and symmetric cryptography in the world
Algorithm is completed jointly.The step of file encryption is shared is as follows:
To each encrypted one random symmetric key of file generated, referred to as file key, each file has certainly
Oneself unique file key;
Company A encrypts file using symmetric cryptographic algorithm and file key;
Company A encrypts file key with the public key of company B;
Encrypted file and encrypted file key are issued company B by company A together;
After company B is received, file key first is decrypted with the private key of oneself;
Company's B file key cooperates symmetric cryptographic algorithm, decrypts file.
Any individual can realize that the ciphertext of safety be shared by the above method with entity.
Theoretically, company A can directly encrypt entire file with the public key of company B, without using symmetric cryptographic algorithm,
Then company B directly decrypts file with the private key of oneself.But practical problem is, the encryption/decryption speed of public key algorithm is very
Slowly, hundred times usually slower than symmetric cryptographic algorithm are even more to thousands of times, are not suitable for being used to encrypt mass data.Therefore state
The encryption sharing files mode of mainstream, is realized jointly by public key algorithm and symmetric cryptographic algorithm on border.
The above method although popular also very practical, disadvantage also clearly: when number of files is very more, use
The speed of public key algorithm encryption and decryption file key is still very slow.
Summary of the invention
The invention mainly solves the technical problem of providing quick encipher-decipher methods when a kind of sharing files, work as number of files
When very more, encryption/decryption speed when sharing files can effectively improve.
In order to solve the above technical problems, quick encipher-decipher method when a kind of sharing files of the invention includes the following steps:
Step 1: sharing files person is to each encrypted one random symmetric key of file generated, i.e. file key;
Step 2: sharing files person symmetric cryptographic algorithm and file key encrypt file;
Step 3: combining key between sharing files person symmetric cryptographic algorithm and sharing files person and document receivers
Encrypt All Files key, then sharing files person encrypted respectively with sharing files person with the public key of document receivers combine it is close
Key, and encrypted joint key is obtained by document receivers;
Step 4: encrypted file and encrypted file key are issued document receivers by sharing files person together;
Step 5: obtaining after document receivers receive encrypted file and encrypted file key by oneself public affairs
The encrypted joint key of key;
Step 6: document receivers decrypt joint key with the private key of oneself, and cooperate symmetric cryptographic algorithm, decrypts
The file key of All Files;
Step 7: document receivers decrypt file with the file key decrypted.
As advanced optimizing for the technical program, text described in quick encipher-decipher method when a kind of sharing files of the invention
Combine key encryption All Files key between part participator symmetric cryptographic algorithm and sharing files person and document receivers,
Then sharing files person encrypts joint key with the public key of document receivers with sharing files person respectively, and makes encrypted
It closes key to be obtained by document receivers, detailed process are as follows:
If S1, sharing files persons share file to document receivers for the first time:
S11, sharing files person generate a random master key MK, i.e. combining between sharing files person and document receivers
Key, and symmetric cryptographic algorithm is used cooperatively to encrypt All Files key;
S12, sharing files person encrypt joint key with the public key of sharing files person and document receivers respectively, and result
The position that be stored in sharing files person and document receivers can access jointly;
If S2, sharing files person are not to share file for the first time to document receivers:
S21, sharing files person are obtained on the position described in S12 by the joint key after oneself public key encryption, with private
Key decrypts joint key, then with the All Files shared between joint key encryption sharing files person and document receivers
File key.
As advanced optimizing for the technical program, text described in quick encipher-decipher method when a kind of sharing files of the invention
The position that part participator and document receivers can access jointly is network server.
As advanced optimizing for the technical program, join described in quick encipher-decipher method when a kind of sharing files of the invention
Conjunction key is symmetric key.
A kind of quick encipher-decipher method when sharing files has the beneficial effect that
When number of files is very more, encryption/decryption speed when sharing files can effectively improve, and with file
The increase of number, advantage is increasing, it is faster than conventional method very much.
Specific embodiment
The invention mainly solves the technical problem of providing quick encipher-decipher methods when a kind of sharing files, work as number of files
When very more, encryption/decryption speed when sharing files can effectively improve.
In order to solve the above technical problems, quick encipher-decipher method when a kind of sharing files of the invention includes the following steps:
Step 1: sharing files person is to each encrypted one random symmetric key of file generated, i.e. file key;
Step 2: sharing files person symmetric cryptographic algorithm and file key encrypt file;
Step 3: combining key between sharing files person symmetric cryptographic algorithm and sharing files person and document receivers
Encrypt All Files key, then sharing files person encrypted respectively with sharing files person with the public key of document receivers combine it is close
Key, and encrypted joint key is obtained by document receivers;
Step 4: encrypted file and encrypted file key are issued document receivers by sharing files person together;
Step 5: obtaining after document receivers receive encrypted file and encrypted file key by oneself public affairs
The encrypted joint key of key;
Step 6: document receivers decrypt joint key with the private key of oneself, and cooperate symmetric cryptographic algorithm, decrypts
The file key of All Files;
Step 7: document receivers decrypt file with the file key decrypted.
Key of combining between the sharing files person symmetric cryptographic algorithm and sharing files person and document receivers adds
Close All Files key, then sharing files person encrypts joint key with the public key of document receivers with sharing files person respectively,
And encrypted joint key is obtained by document receivers, detailed process are as follows:
If S1, sharing files persons share file to document receivers for the first time:
S11, sharing files person generate a random master key MK, i.e. combining between sharing files person and document receivers
Key, and symmetric cryptographic algorithm is used cooperatively to encrypt All Files key;
S12, sharing files person encrypt joint key with the public key of sharing files person and document receivers respectively, and result
The position that be stored in sharing files person and document receivers can access jointly;
If S2, sharing files person are not to share file for the first time to document receivers:
S21, sharing files person are obtained on the position described in S12 by the joint key after oneself public key encryption, with private
Key decrypts joint key, then with the All Files shared between joint key encryption sharing files person and document receivers
File key.
The position that the sharing files person and document receivers can access jointly is network server.
The joint key is symmetric key.
General way is completed jointly using public key algorithm and symmetric cryptographic algorithm in the world.File encryption is shared
The step of it is as follows:
To each encrypted one random symmetric key of file generated, referred to as file key.Each file has certainly
Oneself unique file key;
A encrypts file using symmetric cryptographic algorithm and file key;
A encrypts file key with the public key of B;
Encrypted file and encrypted file key are issued B by A together;
After B receives encrypted file and encrypted file key, file key first is decrypted with the private key of oneself;
B file key cooperates symmetric cryptographic algorithm, decrypts file.
Any individual can realize that the ciphertext of safety be shared by the above method with entity.
By taking public key algorithm RSA-4096 as an example, the file key that encryption and decryption is 256 is Intel Core in CPU
I7-7700, RAM are to recycle 1000 times on the computer of 16GB, the total time of encryption and decryption be respectively 595ms and
34779ms.The time of single encryption and decryption is 0.595ms and 34.779ms respectively.
If decrypting 1000 files, only decrypting file key will be 34 second, in the software and hardware system of real-time encryption and decryption
In, the system of will cause is blocked 34 seconds, causes user experience excessively poor, this is unacceptable for business software and hardware.
If there is 10000 files, in encryption, the encryption times of file key will be up to 5.95 seconds, be also resulted in
Poor user experience.For commercial server, above storage file number may be up to several hundred million or even billions of, add
It will cause serious latency issue when decryption.
In the method, the file code key of all shared files is no longer carried out plus is solved with the public key of B and private key between A and B
It is close, but with both joint key encryption and decryption, use faster symmetric cryptographic algorithm.Joint key is by the public key of A and B
It encrypts respectively.
The above method can be used for it is multi-party between file-sharing, need to only be combined in S12 with multi-party public key encryption close
Key.
Assuming that B will decrypt 1000 files that A is shared with him, then 1 decryption oprerations only need to be carried out with private key, be combined
Key, time-consuming 34.779ms.Then it is decrypted 1000 times with joint key, obtains the file key of each file.
Symmetric cryptographic algorithm is by taking AES-256 as an example, the file key of encryption and decryption 256, is Intel Core in CPU
I7-7700, RAM are to execute 1000 times on the computer of 16GB, encryption and decryption total time used be respectively 0.441ms and
0.443ms。
Using above-mentioned fast method, total time needed for B decrypts 1000 file keys is: 34.779+0.443=
35.222ms, much smaller than the 34799ms of conventional method.
CPU be Intel Core i7-7700, RAM be on the computer of 16GB, it is assumed that the public key algorithm used
It is RSA-4096, symmetric cryptographic algorithm is AES-256, encrypts and decrypt N number of file key.
With conventional method, encryption times TC1With decryption time TC2It is respectively as follows:
TC1=0.595 × N
TC2=34.779 × N
TC1And TC2Unit be ms.
With fast method of the invention, encryption times Tk1With decryption time Tk2It is respectively as follows:
Tk1And Tk2Unit be ms.
When file number N increases, the encryption and decryption time of fast method of the invention and conventional method is as shown in table 1.
The encryption and decryption time of the fast method of the invention of table 1 and conventional method
From table 1 it follows that the time used in encrypt and decrypt documents key of the present invention be much smaller than conventional method, and with
The increase of file number, advantage is increasing, it is faster than conventional method very much.It therefore, can be with when number of files is very more
Effectively improve encryption/decryption speed when sharing files
Certainly, above description is not limitation of the present invention, and the present invention is also not limited to the example above, the art
The variations, modifications, additions or substitutions that those of ordinary skill is made within the essential scope of the present invention also belong to guarantor of the invention
Protect range.
Claims (4)
1. quick encipher-decipher method when a kind of sharing files, it is characterised in that: the quick encryption and decryption side when sharing files
Method includes the following steps:
Step 1: sharing files person is to each encrypted one random symmetric key of file generated, i.e. file key;
Step 2: sharing files person symmetric cryptographic algorithm and file key encrypt file;
Step 3: combining key encryption between sharing files person symmetric cryptographic algorithm and sharing files person and document receivers
All Files key, then sharing files person encrypts joint key with the public key of document receivers with sharing files person respectively, and
So that encrypted joint key is obtained by document receivers;
Step 4: encrypted file and encrypted file key are issued document receivers by sharing files person together;
Step 5: acquisition is added by oneself public key after document receivers receive encrypted file and encrypted file key
Joint key after close;
Step 6: document receivers decrypt joint key with the private key of oneself, and cooperate symmetric cryptographic algorithm, decrypts all
The file key of file;
Step 7: document receivers decrypt file with the file key decrypted.
2. quick encipher-decipher method when a kind of sharing files according to claim 1, it is characterised in that: the file point
Combine key encryption All Files key between the person's of enjoying symmetric cryptographic algorithm and sharing files person and document receivers, then
Sharing files person encrypts joint key with the public key of document receivers with sharing files person respectively, and makes encrypted joint close
Key is obtained by document receivers, detailed process are as follows:
If S1, sharing files persons share file to document receivers for the first time:
S11, sharing files person generate a random master key MK, i.e., combining between sharing files person and document receivers is close
Key, and symmetric cryptographic algorithm is used cooperatively to encrypt All Files key;
S12, sharing files person encrypt joint key with the public key of sharing files person and document receivers respectively, and result is stored
In the position that sharing files person and document receivers can access jointly;
If S2, sharing files person are not to share file for the first time to document receivers:
S21, sharing files person are obtained on the position described in S12 by the joint key after oneself public key encryption, with private key solution
Close joint key out, then with the file for the All Files shared between joint key encryption sharing files person and document receivers
Key.
3. quick encipher-decipher method when a kind of sharing files according to claim 2, it is characterised in that: the file point
The position that the person of enjoying and document receivers can access jointly is network server.
4. quick encipher-decipher method when a kind of sharing files according to claim 1 or 2, it is characterised in that: described
Conjunction key is symmetric key.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811136598.1A CN109005199A (en) | 2018-09-28 | 2018-09-28 | A kind of quick encipher-decipher method when sharing files |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811136598.1A CN109005199A (en) | 2018-09-28 | 2018-09-28 | A kind of quick encipher-decipher method when sharing files |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109005199A true CN109005199A (en) | 2018-12-14 |
Family
ID=64588988
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811136598.1A Pending CN109005199A (en) | 2018-09-28 | 2018-09-28 | A kind of quick encipher-decipher method when sharing files |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109005199A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111049726A (en) * | 2019-11-13 | 2020-04-21 | 北京达佳互联信息技术有限公司 | File sharing method, device, system, client, server and storage medium |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103888467A (en) * | 2014-03-31 | 2014-06-25 | 武汉理工大学 | Sharing-oriented safety file folder encryption system |
CN104868996A (en) * | 2014-02-25 | 2015-08-26 | 中兴通讯股份有限公司 | Data encryption and decryption method, device thereof, and terminal |
CN105245328A (en) * | 2015-09-09 | 2016-01-13 | 西安电子科技大学 | User and file key generation and management method based on third party |
EP3361408A1 (en) * | 2017-02-10 | 2018-08-15 | Michael Mertens | Verifiable version control on authenticated and/or encrypted electronic documents |
-
2018
- 2018-09-28 CN CN201811136598.1A patent/CN109005199A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104868996A (en) * | 2014-02-25 | 2015-08-26 | 中兴通讯股份有限公司 | Data encryption and decryption method, device thereof, and terminal |
CN103888467A (en) * | 2014-03-31 | 2014-06-25 | 武汉理工大学 | Sharing-oriented safety file folder encryption system |
CN105245328A (en) * | 2015-09-09 | 2016-01-13 | 西安电子科技大学 | User and file key generation and management method based on third party |
EP3361408A1 (en) * | 2017-02-10 | 2018-08-15 | Michael Mertens | Verifiable version control on authenticated and/or encrypted electronic documents |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111049726A (en) * | 2019-11-13 | 2020-04-21 | 北京达佳互联信息技术有限公司 | File sharing method, device, system, client, server and storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103731432B (en) | Multi-user supported searchable encryption method | |
Dhinakaran et al. | Preserving data confidentiality in association rule mining using data share allocator algorithm | |
US11316671B2 (en) | Accelerated encryption and decryption of files with shared secret and method therefor | |
CN110969431A (en) | Safe trusteeship method, equipment and system of block chain digital currency private key | |
US11128452B2 (en) | Encrypted data sharing with a hierarchical key structure | |
CN101924739A (en) | Method for encrypting, storing and retrieving software certificate and private key | |
JPWO2018235845A1 (en) | Key exchange system and key exchange method | |
Singh et al. | Database security using encryption | |
CN104158880A (en) | User-end cloud data sharing solution | |
CN105721146B (en) | A kind of big data sharing method towards cloud storage based on SMC | |
CN104243493A (en) | Network identity authentication method and system | |
KR20120132708A (en) | Distributed access priviledge management apparatus and method in cloud computing environments | |
Sekar et al. | Comparative study of encryption algorithm over big data in cloud systems | |
TW201630378A (en) | Key splitting | |
WO2017126571A1 (en) | Ciphertext management method, ciphertext management device, and program | |
Almuzaini et al. | Key aggregation cryptosystem and double encryption method for cloud-based intelligent machine learning techniques-based health monitoring systems | |
WO2008065351A1 (en) | Self encryption | |
Chen et al. | Application of homomorphic encryption in blockchain data security | |
CN109005199A (en) | A kind of quick encipher-decipher method when sharing files | |
CN116208330A (en) | Industrial Internet cloud-edge cooperative data secure transmission method and system based on quantum encryption | |
CN113609502B (en) | Space crowdsourcing system and method based on block chain | |
CN108173880A (en) | A kind of file encryption system based on third party's key management | |
GB2444343A (en) | Encryption system for peer-to-peer networks in which data is divided into chunks and self-encryption is applied | |
Mo et al. | A dynamic re-encrypted ciphertext-policy attributed-based encryption scheme for cloud storage | |
Altarawneh | A strong combination of cryptographic techniques to secure cloud-hosted data |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20181214 |
|
WD01 | Invention patent application deemed withdrawn after publication |