CN109308420B - Data encryption method, terminal equipment and computer readable storage medium - Google Patents

Data encryption method, terminal equipment and computer readable storage medium Download PDF

Info

Publication number
CN109308420B
CN109308420B CN201810965583.XA CN201810965583A CN109308420B CN 109308420 B CN109308420 B CN 109308420B CN 201810965583 A CN201810965583 A CN 201810965583A CN 109308420 B CN109308420 B CN 109308420B
Authority
CN
China
Prior art keywords
data
sub
preset number
mapping
plaintext data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810965583.XA
Other languages
Chinese (zh)
Other versions
CN109308420A (en
Inventor
王翼
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ping An Technology Shenzhen Co Ltd
Original Assignee
Ping An Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ping An Technology Shenzhen Co Ltd filed Critical Ping An Technology Shenzhen Co Ltd
Priority to CN201810965583.XA priority Critical patent/CN109308420B/en
Publication of CN109308420A publication Critical patent/CN109308420A/en
Application granted granted Critical
Publication of CN109308420B publication Critical patent/CN109308420B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The application discloses a data encryption method, terminal equipment and a computer readable storage medium, which are applied to the technical field of information encryption, wherein the data encryption method comprises the following steps: acquiring text data, wherein the text data comprises a plurality of characters; converting each character in the text data into a multilevel sequence to obtain plaintext data; acquiring an extended value range; mapping the plaintext data to an extended value range by using a mapping function; acquiring expanded data obtained after plain data are mapped to an expanded value domain; and carrying out encryption calculation on the expanded data to obtain encrypted data. According to the method and the device, the plain data are mapped to the expansion value domain by using the mapping function, then the expansion data obtained by mapping are encrypted and calculated to obtain the encrypted data, and the mapping process can enable the data distribution of the expansion data to be different from that of the plain data. Therefore, the method can hide the original data distribution of the plaintext data, prevent the data leakage in the retrieval process and improve the data security.

Description

Data encryption method, terminal equipment and computer readable storage medium
Technical Field
The present application relates to the field of information security technologies, and in particular, to a data encryption method, a terminal device, and a computer-readable storage medium.
Background
When a user queries the content of the encrypted file or finds out the encrypted file containing the specified content in a large stack of encrypted files, the plaintext obtained by decryption can be retrieved only after the encrypted file is decrypted, and the retrieval method is very time-consuming and labor-consuming.
In order to improve the efficiency of retrieval, there are many retrieval methods that can implement retrieval of encrypted files, such as equivalent retrieval, range retrieval, and fuzzy retrieval, so that the contents of the encrypted files can still be retrieved in an encrypted state.
Although the existing retrieval methods greatly improve the retrieval efficiency of encrypted files, the retrieval methods are based on plaintext retrieval technologies, namely, keywords submitted by a user during query and data information in a server database are all given in a plaintext form. The malicious server can deduce the full text content of the encrypted file according to the monitored positions of the retrieval keywords and the keywords of the users in the encrypted file.
Therefore, the existing data encryption method does not consider the problem of information leakage possibly caused in the process of retrieving the encrypted file, and the security is low.
Disclosure of Invention
The embodiment of the application provides a data encryption method, which can hide data distribution of plaintext data to prevent data leakage in a retrieval process and improve data security.
In a first aspect, an embodiment of the present application provides a data encryption method, where the data encryption method includes:
acquiring plaintext data, wherein the plaintext data comprises a plurality of multilevel sequences;
obtaining an extended value range, wherein the extended value range is equal to or not equal to the value range of the multilevel sequence;
mapping the plaintext data to the extended value range by using a mapping function to change arrangement positions among a plurality of multilevel sequences in the plaintext data and/or to map each multilevel sequence into a plurality of multilevel sequences;
obtaining extended data obtained after the plaintext data is mapped to the extended value range;
and carrying out encryption calculation on the expanded data to obtain encrypted data.
With reference to the first aspect, in a first implementation manner of the first aspect, the mapping the plaintext data to the extended value range by using a mapping function includes:
dividing the plaintext data into a preset number of sub-plaintext data;
acquiring the preset number of mapping functions, and enabling the preset number of mapping functions to correspond to the preset number of sub-plaintext data one by one;
respectively mapping the sub-plaintext data of the preset number to the expansion value domain by using the mapping function of the preset number to obtain the sub-expansion data of the preset number;
and integrating the preset number of sub-expansion data to obtain the expansion data.
With reference to the first aspect, in a second implementation manner of the first aspect, the mapping the plaintext data to the extended value range by using a mapping function includes:
dividing the plaintext data into a preset number of sub-plaintext data;
dividing the extended range into the preset number of sub-extended ranges;
acquiring the preset number of mapping functions, and enabling the preset number of mapping functions to correspond to the preset number of sub-plaintext data one by one;
respectively mapping the sub-plaintext data of the preset number to the sub-expansion value domains of the preset number by using the mapping functions of the preset number to obtain the sub-expansion data of the preset number;
and integrating the preset number of sub-expansion data to obtain the expansion data.
With reference to the second implementation manner of the first aspect, in a third implementation manner of the first aspect, the mapping the predetermined number of sub-plaintext data into the predetermined number of sub-extension value domains by using the predetermined number of mapping functions respectively includes:
sequentially corresponding the sub-plaintext data of the preset number to the sub-expansion value ranges of the preset number one by one; respectively mapping the sub-plaintext data of the preset number to the sub-expansion value ranges of the preset number by using the mapping functions of the preset number; or alternatively
The sub-plaintext data with the preset number are mapped to the sub-expansion value ranges with the preset number in an out-of-order mode; and mapping the sub-plaintext data of the preset number to the sub-expansion value ranges of the preset number by using the mapping function of the preset number.
With reference to the third implementation manner of the first aspect, in a fourth implementation manner of the first aspect, the integrating the preset number of sub-extension data includes:
integrating the sub-extension data according to the sequence of the sub-plaintext data with the preset number; or
And integrating the sub-expansion data according to a random order.
In a second aspect, an embodiment of the present application provides a terminal device, where the terminal device includes a unit configured to execute the data encryption method in the first aspect, and the terminal device includes:
an acquisition unit configured to acquire plaintext data, the plaintext data including a plurality of multilevel sequences; and is further configured to obtain an extended range, the extended range being equal to or not equal to the range of the multilevel sequence; the expansion data mapping module is further used for obtaining the expansion data obtained after the plaintext data is mapped to the expansion value range;
a mapping unit for mapping the plaintext data to the spread value range using a mapping function to change arrangement positions between a plurality of multilevel sequences in the plaintext data and/or to map each multilevel sequence into a plurality of multilevel sequences;
and the encryption unit is used for carrying out encryption calculation on the expanded data to obtain encrypted data.
With reference to the second aspect, in a first implementation manner of the second aspect:
a dividing unit configured to divide the plaintext data into a preset number of sub-plaintext data;
the obtaining unit is further configured to obtain the preset number of mapping functions;
a corresponding unit, configured to correspond the preset number of mapping functions to the preset number of sub-plaintext data one to one;
the mapping unit is configured to map the preset number of sub-plaintext data into the extended value domain by using the preset number of mapping functions, so as to obtain the preset number of sub-extended data;
and the integration unit is used for integrating the sub-expansion data with the preset number to obtain the expansion data.
With reference to the second aspect, in a second implementation manner of the second aspect:
a dividing unit configured to divide the plaintext data into a preset number of sub-plaintext data; the expansion value range is further used for dividing the expansion value range into the preset number of sub expansion value ranges;
the obtaining unit is further configured to obtain the preset number of mapping functions;
a corresponding unit, configured to correspond the preset number of mapping functions to the preset number of sub-plaintext data one to one;
the mapping unit is configured to map the preset number of sub-plaintext data into the preset number of sub-extension value domains by using the preset number of mapping functions, so as to obtain the preset number of sub-extension data;
and the integration unit is used for integrating the sub-expansion data with the preset number to obtain the expansion data.
With reference to the second implementation manner of the second aspect, in a third implementation manner of the second aspect:
the corresponding unit is further configured to sequentially correspond the preset number of sub-plaintext data to the preset number of sub-expansion value ranges one by one; correspondingly, the mapping unit is further configured to map the preset number of sub-plaintext data to the preset number of sub-expansion value ranges by using the preset number of mapping functions; or alternatively
The corresponding unit is further configured to correspond the preset number of sub plaintext data to the preset number of sub expansion value ranges in a one-to-one out-of-order manner; correspondingly, the mapping unit is further configured to map the preset number of sub-plaintext data to the preset number of sub-expansion value ranges by using the preset number of mapping functions.
With reference to the third implementation manner of the second aspect, in a fourth implementation manner of the second aspect:
the integration unit is specifically configured to integrate the sub-extension data according to the sequence of the preset number of sub-plaintext data; or, the sub-extension data are integrated in a random order.
In a third aspect, an embodiment of the present application provides another terminal device, including a processor and a memory, where the processor and the memory are connected to each other, where the memory is used to store a computer program that supports the terminal device to execute the data encryption method, and the computer program includes program instructions, and the processor is configured to call the program instructions to execute the data encryption method in any one of the implementations of the first aspect to the first aspect.
In a fourth aspect, the present application provides a computer-readable storage medium, where a computer program is stored, where the computer program includes program instructions, and the program instructions, when executed by a processor, are configured to perform a data encryption method according to any one of the implementation manners of the first aspect to the first aspect.
After plaintext data comprising a plurality of multi-system sequences is obtained, the plaintext data is mapped to an expansion value domain by using a mapping function to obtain expansion data, and then the expansion data is encrypted to obtain encrypted data. The mapping function may be a mapping relation table for position replacement, so that in the mapping process, after the multilevel data in the plaintext data is mapped to the extended value field, the position of the multilevel data in the extended data is different from the position of the multilevel data in the plaintext data; in addition to this, the mapping function may be a function for changing the multilevel data itself, and if the plaintext data is divided into pieces of sub-plaintext data, which are mapped to the extended value range by different mapping functions, each multilevel sequence in the plaintext data may be represented as a plurality of kinds of multilevel data. Then, after the mapping operation, the arrangement order between the plurality of multilevel sequences in the plaintext data is changed, and/or each multilevel sequence is mapped into a plurality of multilevel sequences. Therefore, it can be seen that the data distribution of the plaintext data is changed due to the change of the position of the data in the plaintext data; each multilevel sequence in the plaintext data is mapped into a plurality of multilevel sequences, so that a malicious program cannot find the distribution of a certain multilevel sequence in the plaintext data in the full text, and the data distribution of the plaintext data can be regarded as changed. Generally speaking, the encryption method of the embodiment of the application can hide the original data distribution of plaintext data, so that a malicious server can be prevented from deducing the full-text content of an encrypted file according to a searched keyword and the distribution of the keyword in the encrypted data in the process of searching the encrypted data, and therefore the embodiment of the application can prevent data leakage and improve the security of the data.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings used in the description of the embodiments will be briefly introduced below.
Fig. 1 is a schematic flow chart of a data encryption method provided in an embodiment of the present application;
fig. 2 is a schematic flow chart of a data encryption method according to another embodiment of the present application;
FIG. 3 is a diagram illustrating a mapping function provided by an embodiment of the present application;
FIG. 4 is a diagram of a method for mapping plaintext data into an extended value range according to an embodiment of the present application;
FIG. 5 is a diagram of another example of mapping plaintext data into an extended value range according to an embodiment of the present application;
FIG. 6 is a diagram illustrating a plaintext data mapping to an extended value range according to another embodiment of the present application;
FIG. 7 is a diagram illustrating a method for integrating sub-extension data according to another embodiment of the present application;
FIG. 8 is a diagram illustrating a method for integrating sub-extension data according to another embodiment of the present application;
FIG. 9 is a diagram illustrating the mapping result of the same multilevel sequence according to another embodiment of the present application;
fig. 10 is a schematic block diagram of a terminal device provided in an embodiment of the present application;
fig. 11 is a structural block diagram of a terminal device according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application.
It will be understood that the terms "comprises" and/or "comprising," when used in this specification and the appended claims, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
It is also to be understood that the terminology used in the description of the present application herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in this specification and the appended claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise.
It should be further understood that the term "and/or" as used in this specification and the appended claims refers to and includes any and all possible combinations of one or more of the associated listed items.
As used in this specification and the appended claims, the term "if" may be interpreted contextually as "when", "upon" or "in response to a determination" or "in response to a detection". Similarly, the phrase "if it is determined" or "if a [ described condition or event ] is detected" may be interpreted contextually to mean "upon determining" or "in response to determining" or "upon detecting [ described condition or event ]" or "in response to detecting [ described condition or event ]".
In particular implementations, the terminal devices described in embodiments of the present application include, but are not limited to, other portable devices such as mobile phones, laptop computers, or tablet computers having touch sensitive surfaces (e.g., touch screen displays and/or touch pads). It should also be understood that in some embodiments, the device is not a portable communication device, but is a desktop computer having a touch-sensitive surface (e.g., a touch screen display and/or touchpad).
In the discussion that follows, a terminal device that includes a display and a touch-sensitive surface is described. However, it should be understood that the terminal device may include one or more other physical user interface devices such as a physical keyboard, mouse, and/or joystick.
The terminal device supports various applications, such as one or more of the following: a drawing application, a presentation application, a word processing application, a website creation application, a disc burning application, a spreadsheet application, a gaming application, a telephone application, a video conferencing application, an email application, an instant messaging application, an exercise support application, a photo management application, a digital camera application, a web browsing application, a digital music player application, and/or a digital video player application.
Various applications that may be executed on the terminal device may use at least one common physical user interface device, such as a touch-sensitive surface. One or more functions of the touch-sensitive surface and corresponding information displayed on the terminal device may be adjusted and/or changed between applications and/or within respective applications. In this way, a common physical architecture (e.g., touch-sensitive surface) of the terminal devices may support various applications with user interfaces that are intuitive and transparent to the user.
Referring to fig. 1, which is a schematic flow chart of a data encryption method provided in an embodiment of the present application, as shown in the figure, the data encryption method may include:
101: plaintext data is obtained, and the plaintext data comprises a plurality of multilevel sequences.
In the embodiment of the application, plaintext data to be encrypted is obtained first, wherein the plaintext data includes a plurality of multilevel sequences, and one multilevel sequence represents one character, letter, number, symbol, pixel, loudness, or the like. It should be noted that the plaintext data refers to an unencrypted bit set, and is directly converted from text, a bit stream, a bitmap, digitized voice, or digitized video images, and the like through digitization, and any terminal device can obtain the content of the plaintext data by directly reading the plaintext data without decrypting the plaintext data.
102: and acquiring an extended value range, wherein the extended value range is equal to or not equal to the value range of the multilevel sequence.
In the embodiment of the application, an extended value range is obtained. The extended value range may be a value range interval of any size, and the extended value range may be equal to or not equal to the value range of the multilevel sequence in the plaintext data. For example, the extended value range is [0,31], and if the multilevel sequence in the plaintext data is a binary sequence and the plaintext data includes binary sequences within the range of 00000 to 11111, the value range of the multilevel sequence in the plaintext data is also [0,31].
It should be noted that, this step 102 is not in sequence with the step 101, and the extended value range may also be obtained while the plaintext data is obtained.
103: and mapping the plaintext data to the extended value range by using a mapping function to change the arrangement position among the multiple multilevel sequences in the plaintext data and/or to map each multilevel sequence into multiple multilevel sequences.
In the embodiment of the present application, the plaintext data is mapped to the extended value range by using a mapping function, so as to obtain extended data. When there is at least one mapping function for mapping the plaintext data to the spreading value field, a mapping function that can disturb the arrangement order of the multiple multilevel sequences in the plaintext data, such as a position permutation table, is used, it should be noted that the position permutation table is used to rearrange the multiple multilevel sequences in the plaintext data, and the number of bits in the position permutation table is less than or equal to the number of the multilevel sequences in the plaintext data, for example, the plaintext data includes 64 multilevel sequences, so that the size of the position permutation table may be less than or equal to 8 × 8, as shown in fig. 3. Therefore, when the mapping function is used for disordering the arrangement sequence of the multiple multilevel sequences in the plaintext data, the extended value range is equal to the value range of the plaintext data, and the mapping process only changes the data arrangement in the plaintext data and does not change the value range of the data.
For example, if the plaintext data is 64-bit data, the mapping function is less than or equal to 8-by-8 position substitution table, as shown in fig. 3. Inputting plaintext data L containing 64 multilevel series 0 Then, the position substitution table, L, is collated 0 1 st multiple system order ofThe position of the column in the position comparison table is 8 th row and 6 th column, namely 62 th column, so that L is 0 After the position of the 1 st multilevel sequence is determined, the positions of the 64 multilevel sequences in the plaintext data, which are respectively adjusted, are searched according to a position comparison table 0 = D61, D62, D63, D64 become the extension data L after mapping according to the position lookup table 1 = (D63, D58, D60, D62.... D8, D1, D3, D5), it can be seen that the data distribution of the extension data has been different from the data distribution of the plaintext data described above, and then the data distribution of the plaintext data is changed after the mapping.
It should be noted that the data distribution describes a distribution trend of the data, including a concentration trend of the data distribution, and reflects a degree of closeness or aggregation of each data to its central value; the dispersion degree of data distribution reflects the trend of each data far away from the central value of the data; the shape of the data distribution reflects the skewness and kurtosis of the data distribution.
Optionally, the plaintext data is divided into a preset number of sub plaintext data; acquiring a preset number of mapping functions, and corresponding the preset number of mapping functions to the preset number of sub-plaintext data one by one; respectively mapping a preset number of sub plaintext data into an expansion value domain by using a preset number of mapping functions to obtain a preset number of sub expansion data; and integrating the sub-expansion data with the preset number to obtain the expansion data.
In this embodiment, the number of the mapping functions for mapping the plaintext data to the extended value range may also be multiple, the plaintext data is divided into a preset number of sub-plaintext data, then the preset number of mapping functions are obtained to correspond to the preset number of sub-plaintext data one to one, and then the preset number of sub-plaintext data are mapped into the same extended value range by using the preset number of mapping functions. The preset number of mapping functions may include a mapping function for disturbing an arrangement order between multilevel sequences in the plaintext data, or may include a mapping function for representing each multilevel sequence in the plaintext data as multiple multilevel sequences, where each multilevel sequence in the plaintext data is mapped into multiple multilevel sequences, and a malicious program cannot find a distribution of a certain multilevel sequence in the plaintext data in the full text, so that the data distribution of the plaintext data can be regarded as changed. Compared with the situation that the whole plaintext data uses the same mapping function, the original data distribution of the plaintext data can be disturbed to a greater extent by using a plurality of mapping functions, so that the data distribution of the expanded data obtained after the plaintext data is mapped is completely different from that of the plaintext data.
For example, as shown in fig. 4, the plaintext data is divided into three sub-plaintext data, i.e., a first sub-plaintext data, a second sub-plaintext data and a third sub-plaintext data, then the first sub-plaintext data is mapped to the expansion value range according to a mapping function 1, the second sub-plaintext data is mapped to the expansion value range according to a mapping function 2, and the third sub-plaintext data is mapped to the expansion value range according to a mapping function 3, wherein the first mapping function, the second mapping function and the third mapping function may be different from each other.
Optionally, the plaintext data is divided into a preset number of sub-plaintext data; dividing the expansion value range into a preset number of sub expansion value ranges; acquiring a preset number of mapping functions, and enabling the preset number of mapping functions to correspond to the preset number of sub-plaintext data one by one; respectively mapping a preset number of sub plaintext data into a preset number of sub expansion value domains by using a preset number of mapping functions to obtain a preset number of sub expansion data; and integrating the sub-expansion data with the preset number to obtain the expansion data.
In the embodiment of the application, plaintext data is divided into a preset number of sub-plaintext data, an expansion value range is further divided into a preset number of sub-expansion value ranges equal to the number of sub-plaintext data segments, then a preset number of mapping functions are obtained, after the preset number of sub-plaintext data and the preset number of mapping functions are in one-to-one correspondence, the preset number of sub-plaintext data are respectively mapped to the preset number of sub-expansion value ranges by using the preset number of mapping functions, a preset number of sub-expansion data are obtained, and finally the preset number of sub-expansion data are integrated to obtain the expansion data.
It should be noted that, since the extended value range is divided into the sub-extended value ranges of the preset number, after the sub-plaintext data of the preset number are mapped to the sub-extended value ranges of the preset number respectively, the value ranges of the multilevel sequence in the sub-extended data of the preset number obtained after mapping also become different, and the length of the multilevel sequence in each sub-extended data also becomes different, and then the sub-extended data are finally integrated together to obtain the extended data.
Further, the step of respectively mapping the sub-plaintext data of the preset number into the sub-expansion value ranges of the preset number by using the mapping function of the preset number means that the sub-plaintext data of the preset number are sequentially mapped to the sub-expansion value ranges of the preset number one by one; and respectively mapping the sub plaintext data of the preset number to the sub expansion value ranges of the preset number by using the mapping functions of the preset number.
In the embodiment of the present application, the corresponding relationship between the sub-plaintext data of the preset number and the sub-spread value ranges of the preset number is sequentially corresponding, for example, as shown in fig. 5, the data in the plaintext data is sequentially divided into three sub-plaintext data segments, i.e., a first sub-plaintext data segment, a second sub-plaintext data segment and a third sub-plaintext data segment; then dividing the value range [1, 1023] represented by the expansion value range into a first sub expansion value range [0, 255], a second sub expansion value range [256, 511] and a third sub expansion value range [512, 1023]; and finally, mapping the first sub-plaintext data to a first sub-expansion value range according to a mapping function 1, mapping the second sub-plaintext data to a second sub-expansion value range according to a mapping function 2, and mapping the third sub-plaintext data to a third sub-expansion value range according to a mapping function 3, wherein the first mapping function, the second mapping function and the third mapping function can be different from each other in pairs.
Optionally, the mapping of the sub-plaintext data of the preset number into the sub-expansion value ranges of the preset number by using the mapping function of the preset number means that the sub-plaintext data of the preset number are mapped to the sub-expansion value ranges of the preset number one by one out of order; and mapping the sub-plaintext data of the preset number to the sub-expansion value ranges of the preset number by using the mapping function of the preset number.
In the embodiment of the present application, the corresponding relationship between the predetermined number of sub plaintext data and the predetermined number of sub spread value ranges corresponds to each other out of order, for example, as shown in fig. 6, the data in the plaintext data is sequentially divided into three pieces of sub plaintext data, i.e., a first sub plaintext data, a second sub plaintext data and a third sub plaintext data; then dividing the value range [1, 1023] represented by the expansion value range into a first sub expansion value range [0, 255], a second sub expansion value range [256, 511] and a third sub expansion value range [512, 1023]; and finally, mapping the first sub-plaintext data to a third sub-expansion value range according to a mapping function 1, mapping the second sub-plaintext data to the first sub-expansion value range according to a mapping function 2, and mapping the third sub-plaintext data to the second sub-expansion value range according to a mapping function 3, wherein the first mapping function, the second mapping function and the third mapping function can be different from each other in pairs.
Further, the integration of the sub-extension data with the preset number refers to the integration of the sub-extension data according to the sequence of the sub-plaintext data with the preset number. As shown in fig. 7, after three pieces of sub-plaintext data are respectively mapped to three sub-spread value ranges, first sub-spread data, second sub-spread data, and third sub-spread data are obtained, and then the three sub-spread data are integrated together in the order of the first sub-spread data, the second sub-spread data, and the third sub-spread data.
Optionally, the integrating the sub-extension data with the preset number refers to integrating the sub-extension data according to a random order. As shown in fig. 8, after three pieces of sub-plaintext data are respectively mapped to three sub-spread value ranges, first sub-spread data, second sub-spread data, and third sub-spread data are obtained, and then the three sub-spread data are integrated together in the order of the third sub-spread data, the first sub-spread data, and the second sub-spread data.
It should be noted that, integrating the sub-spread data in a random order is equivalent to disordering the order between the sub-plaintext data in the plaintext data, which is beneficial to further changing the data distribution of the plaintext data.
104: and acquiring expanded data obtained after the plaintext data is mapped to the expanded value range.
In the embodiment of the present application, extended data obtained after plain data is mapped to an extended value range is obtained, and the extended data includes a plurality of multilevel sequences.
105: and carrying out encryption calculation on the expanded data to obtain encrypted data.
In the embodiment of the application, after the preset number of sub-expansion data are integrated together to obtain the expansion data, the expansion data are encrypted according to an encryption algorithm, wherein the encryption algorithm comprises a symmetric encryption algorithm, an asymmetric encryption algorithm and a hash algorithm. Among them, the symmetric Encryption Algorithm includes Data Encryption Algorithm (DES, data Encryption Algorithm), triple Data Encryption Algorithm (TDEA, triple Data Encryption Algorithm) and Advanced Encryption Standard (AES), the asymmetric Encryption Algorithm includes lenard-sammor-aldman (RSA, rivest-Shamir-Adleman) Encryption Algorithm, elliptic Encryption Algorithm (ECC, elliptic cryptograph) and Digital Signature Algorithm (DSA, digital Signature Algorithm), and the hash Algorithm includes information-Digest Algorithm 2 (MD 2, message-Digest Algorithm 2), information-Digest Algorithm 4 (MD 5, message-Digest Algorithm 4) and information-Digest Algorithm 5 (MD 5, message-Digest Algorithm 5), etc.
It should be noted that, in the embodiment of the present application, the plaintext data is mapped to the extended value range, so as to change the value and the position of the data in the plaintext data, as shown in fig. 9, the plaintext data is divided to obtain three binary sequences with different lengths, that is, a first sub-plaintext data, a second sub-plaintext data, and a third sub-plaintext data, where each six bits of the sub-plaintext data represent one character, and the value range is (0-63) 10 . Assume that each sequence contains the character a, and the corresponding binary sequence is (101001) 2 . While expanding the value rangeHas a value range of (0-1023) 10 And each ten bits represents one character. And then dividing the extended value range into intervals with random lengths equal to the number of segments into which the plaintext data is divided, namely, into a first sub-extended space, a second sub-extended space and a third sub-extended space, wherein the length of each sub-extended space is random, and the value ranges of the intervals are not equal. The value ranges of the first sub expansion space, the second sub expansion space and the third sub expansion space are respectively (0-255) 10 、(256~511) 10 And (512-1023) 10 . After the first sub plaintext data, the second sub plaintext data and the third sub plaintext data are mapped to the first sub expansion space, the second sub expansion space and the third sub expansion space, respectively, due to the difference of the value ranges of the mapping functions and the sub expansion value ranges, respectively, the character a (101001) in the first sub plaintext data, the second sub plaintext data and the third sub plaintext data is 2 After mapping to the first sub-expansion space, the second sub-expansion space and the third sub-expansion space respectively, it is represented as (0001101001) 2 ,(0110100001) 2 ,(1101001010) 2 . It can be seen that the same character is represented as a different numerical value after being mapped to the sub-spread value ranges of different value ranges by different mapping functions, the embodiment of the present application changes the numerical value of data in plaintext data by mapping the plaintext data to the spread value range, and the same multilevel sequence can be represented as a different multilevel sequence.
It should be noted that, if the different mapping functions used by the different sub-plaintext data are functions for changing the data position, the extended data obtained after the plaintext data is mapped is different from the data position in the plaintext data, such as a position substitution table; if the different mapping functions used by the different sub-plaintext data are functions for changing the data value, the extended data obtained after the plaintext data is mapped is different from the data value at the same position in the plaintext data, such as a basic elementary function; if the different mapping functions used by the different sub-plaintext data are functions for changing the value and position of data, the extended data obtained after the plaintext data is mapped differs from the value and position of the data in the plaintext data, which represents the same meaning, for example, the combination of the position substitution table and the basic elementary function, which is not limited in the embodiment of the present application.
After plaintext data comprising a plurality of multilevel sequences is acquired, the plaintext data is mapped to an extended value domain by using a mapping function to obtain extended data, and then the extended data is encrypted to obtain encrypted data. The mapping function may be a mapping relation table for position replacement, so that in the mapping process, after the multilevel data in the plaintext data is mapped to the extended value field, the position of the multilevel data in the extended data is different from the position of the multilevel data in the plaintext data; in addition to this, the mapping function may be a function for changing the multilevel data itself, and if the plaintext data is divided into pieces of sub-plaintext data, and a different mapping function is used for each piece of sub-plaintext data, each multilevel sequence in the plaintext data may be represented as a plurality of kinds of multilevel data. Then, after the mapping operation, the arrangement order between the plurality of multilevel sequences in the plaintext data is changed, and/or each multilevel sequence is mapped into a plurality of multilevel sequences. Therefore, it can be seen that the data distribution of the plaintext data is changed due to the change of the position of the data in the plaintext data; each multilevel sequence in the plaintext data is mapped into a plurality of multilevel sequences, so that a malicious program cannot find the distribution of a certain multilevel sequence in the plaintext data in the full text, and the data distribution of the plaintext data can be regarded as changed. Generally speaking, the encryption method of the embodiment of the application can hide the original data distribution of plaintext data, so that a malicious server can be prevented from deducing the full-text content of an encrypted file according to a searched keyword and the distribution of the keyword in the encrypted data in the process of searching the encrypted data, and therefore the embodiment of the application can prevent data leakage and improve the security of the data.
Referring to fig. 2, a schematic flow chart of another data encryption method provided in an embodiment of the present application is shown, where the data encryption method may include:
201: plaintext data is obtained, and the plaintext data comprises a plurality of multilevel sequences.
202: and obtaining an extension value range, wherein the extension value range is equal to or not equal to the value range of the multilevel sequence.
203: and respectively dividing the plaintext data and the expansion data into a preset number of sub-plaintext data and a preset number of sub-expansion value ranges.
In the present embodiment, the plaintext data is divided into a preset number of pieces of sub plaintext data, and the expansion value field is also divided into a preset number of pieces of sub expansion value fields equal to the number of pieces of sub plaintext data, so that both the expansion value field and the plaintext section are divided into the same number of pieces. The length of each segment of sub plaintext data may be the same or different, the width of the value range of the sub expansion value range of each segment may be the same or different, and the preset number may be any integer value greater than or equal to one.
For example, as shown in fig. 5, the plaintext data and the extended value field are respectively divided into three segments, wherein the plaintext data is divided into a first sub-plaintext data, a second sub-plaintext data, and a third sub-plaintext data, and the extended value field is divided into a first sub-extended value field, a second sub-extended value field, and a third sub-extended value field. It can be seen that the number of segments into which the plaintext data and the extended value field are divided is equal.
204: and acquiring a preset number of mapping functions, and corresponding the preset number of mapping functions to the preset number of sub-plaintext data one by one.
In the embodiment of the present application, a preset number of mapping functions are obtained, and a preset number of sub-plaintext data are in one-to-one correspondence with a preset number of mapping functions, as shown in fig. 5, there are three mapping functions corresponding to three segments of sub-plaintext data, where a first sub-plaintext data corresponds to a mapping function 1, a second sub-plaintext data corresponds to a mapping function 2, and a third sub-plaintext data corresponds to a mapping function 3.
205: and respectively mapping the sub-plaintext data of the preset number to the sub-expansion value domains of the preset number by using the mapping functions of the preset number to obtain the sub-expansion data of the preset number.
In the embodiment of the present application, a preset number of mapping functions are used to map a preset number of sub plaintext data to the preset number of sub expansion value ranges, so as to obtain a preset number of sub expansion data. As shown in fig. 5, the first sub-plaintext data is mapped to the first sub-spread value range by the mapping function 1, the second sub-plaintext data is mapped to the second sub-spread value range by the mapping function 2, and the third sub-plaintext data is mapped to the third sub-spread value range by the mapping function 3.
Further, the corresponding relationship between the sub-plaintext data of the preset number and the sub-spread value ranges of the preset number is sequentially corresponding, for example, as shown in fig. 5, the data in the plaintext data is sequentially divided into three sub-plaintext data segments, i.e., a first sub-plaintext data segment, a second sub-plaintext data segment and a third sub-plaintext data segment; then dividing the value range [1, 1023] represented by the expansion value range into a first sub expansion value range [0, 255], a second sub expansion value range [256, 511] and a third sub expansion value range [512, 1023]; and finally, mapping the first sub-plaintext data to a first sub-expansion value range according to a mapping function 1, mapping the second sub-plaintext data to a second sub-expansion value range according to a mapping function 2, and mapping the third sub-plaintext data to a third sub-expansion value range according to a mapping function 3, wherein the first mapping function, the second mapping function and the third mapping function can be different from each other in pairs.
Optionally, the mapping, by using different mapping functions, the sub-plaintext data in the preset number into the sub-expansion value ranges in the preset number respectively means that the sub-plaintext data in the preset number are mapped to the sub-expansion value ranges in the preset number out of order by using different mapping functions, so as to obtain the sub-expansion value ranges in the preset number.
In the embodiment of the present application, the corresponding relationship between the predetermined number of sub plaintext data and the predetermined number of sub spread value ranges corresponds to each other out of order, for example, as shown in fig. 6, the data in the plaintext data is sequentially divided into three pieces of sub plaintext data, i.e., a first sub plaintext data, a second sub plaintext data and a third sub plaintext data; then dividing the value range [1, 1023] represented by the expansion value range into a first sub expansion value range [0, 255], a second sub expansion value range [256, 511] and a third sub expansion value range [512, 1023]; and finally, mapping the first sub-plaintext data to a third sub-expansion value range according to a mapping function 1, mapping the second sub-plaintext data to the first sub-expansion value range according to a mapping function 2, and mapping the third sub-plaintext data to the second sub-expansion value range according to a mapping function 3, wherein the first mapping function, the second mapping function and the third mapping function can be different from each other in pairs.
206: and integrating the sub-expansion data with the preset number to obtain the expansion data.
In the embodiment of the present application, after a preset number of sub-plaintext data are respectively mapped to a preset number of sub-extension value ranges, a preset number of sub-extension data are obtained, and then the preset number of sub-extension data are integrated together to obtain extension data.
Further, the integration of the sub-extension data of the preset number refers to the integration of the sub-extension data according to the arrangement sequence of the sub-plaintext data of the preset number. As shown in fig. 7, after three pieces of sub plaintext data are mapped to three sub spread value ranges, respectively, first sub spread data, second sub spread data, and third sub spread data are obtained, and then the three sub spread data are integrated together in the order of the first sub spread data, the second sub spread data, and the third sub spread data.
Optionally, the integration of the preset number of sub-extension data refers to integrating the sub-extension data in a random out-of-order manner. As shown in fig. 8, after three pieces of sub-plaintext data are respectively mapped to three sub-spread value ranges, first sub-spread data, second sub-spread data, and third sub-spread data are obtained, and then the three sub-spread data are integrated together in the order of the third sub-spread data, the first sub-spread data, and the second sub-spread data.
207: and acquiring expanded data obtained after the plaintext data is mapped to the expanded value range.
In the embodiment of the present application, expanded data obtained after the plaintext data is mapped to the expanded value field, that is, expanded data obtained after the sub-expanded data is integrated, is obtained.
208: and carrying out encryption calculation on the expanded data to obtain encrypted data.
In the embodiment of the application, after the preset number of sub-expansion data are integrated together to obtain the expansion data, the expansion data is encrypted according to an encryption algorithm, and the encryption algorithm includes a symmetric encryption algorithm, an asymmetric encryption algorithm and a hash algorithm. Among them, the symmetric Encryption Algorithm includes a Data Encryption Algorithm (DES), a Triple Data Encryption Algorithm (TDEA), an Advanced Encryption Standard (AES), etc., the asymmetric Encryption Algorithm includes a ronard-sammor-aldman (RSA, rivest-Shamir-Adleman) Encryption Algorithm, an Elliptic Encryption Algorithm (ECC), and a Digital Signature Algorithm (DSA, digital Signature Algorithm), and the hash Algorithm includes an information-Digest Algorithm 2 (MD 2, message-Digest Algorithm 2), an information-Digest Algorithm 4 (MD 5, message-Digest Algorithm 4), and an information-Digest Algorithm 5 (MD 5, message-Digest Algorithm 5), etc.
It should be noted that, in the embodiment of the present application, the plaintext data is mapped to the extended value range, so as to change the value and the position of the data in the plaintext data, as shown in fig. 9, the plaintext data is divided to obtain three binary sequences with different lengths, that is, a first sub-plaintext data, a second sub-plaintext data, and a third sub-plaintext data, where each six bits of the sub-plaintext data represent one character, and the value range is (0-63) 10 . Assume that each sequence contains the character a, and the corresponding binary sequence is (101001) 2 . And the value range of the expanded value range is (0-1023) 10 And each ten bits represents one character. And then dividing the extended value range into intervals with random lengths equal to the number of segments into which the plaintext data is divided, namely, into a first sub-extended space, a second sub-extended space and a third sub-extended space, wherein the length of each sub-extended space is random, and the value ranges of the intervals are not equal. The value ranges of the first sub expansion space, the second sub expansion space and the third sub expansion space are respectively (0-255) 10 、(256~511) 10 And (512-1023) 10 . After the first sub-plaintext data, the second sub-plaintext data and the third sub-plaintext data are respectively mapped to the first sub-expansion space, the second sub-expansion space and the third sub-expansion space, due to the mapping function and the sub-expansion value range respectively adoptedHas different value ranges, the character a (101001) in the first sub plaintext data, the second sub plaintext data and the third sub plaintext data 2 After mapping to the first sub-extension space, the second sub-extension space and the third sub-extension space respectively, it is represented as (0001101001) 2 ,(0110100001) 2 ,(1101001010) 2 . It can be seen that the same character is represented as a different value after being mapped to the sub-spread value range of the different value ranges by different mapping functions, the embodiment of the present application changes the value of data in plaintext data by mapping the plaintext data to the spread value range, and the same multilevel sequence can be represented as a different multilevel sequence.
It should be noted that, if the different mapping functions used by the different sub-plaintext data are functions for changing the data position, the extended data obtained after the plaintext data is mapped is different from the data position in the plaintext data, such as a position substitution table; if the different mapping functions used by the different sub-plaintext data are functions for changing the data value, the extended data obtained after the plaintext data is mapped is different from the data value at the same position in the plaintext data, such as a basic elementary function; if the different mapping functions used by the different sub-plaintext data are functions for changing the value and position of data, the extended data obtained after the plaintext data is mapped have different values and positions from the data in the plaintext data that represents the same meaning, for example, the position substitution table is combined with the basic elementary function, and the mapping function in the embodiment of the present application is not limited.
In the embodiment of the present application, after the extended value range is divided into the preset number of sub-extended value ranges, the value ranges of multilevel sequences in the preset number of sub-extended data obtained after mapping are also different after the preset number of sub-plaintext data are mapped to the preset number of sub-extended value ranges, so that the length of the multilevel sequences in each sub-extended data is also different, and finally the sub-extended data are integrated together to obtain the extended data.
The method has the advantages that the same multilevel sequence can be represented as different multilevel sequences, so that when other users retrieve the encrypted data, the retrieved keywords correspond to various multilevel sequences, the malicious server is difficult to predict the encryption rule according to the multilevel sequences corresponding to the searched keywords, and the corresponding modes of the plaintext data segmentation, the extended value range segmentation, the mapping function, the sub-plaintext data and the sub-extended value range and the integration mode of the sub-extended value range are all secret, which is equivalent to the key in the traditional encryption technology, a defense line is added for the encrypted file, so that the decryption difficulty of the ciphertext is increased, and the security of the data is improved.
It should be noted that the above description of the various embodiments is intended to emphasize the differences between the various embodiments, and the same or similar parts may be referred to each other, and therefore, for brevity, the description is not repeated herein.
The embodiment of the application also provides a terminal device, and the terminal device is used for executing the unit of the data encryption method in any one of the preceding items. Specifically, refer to fig. 10, which is a schematic block diagram of a terminal device provided in an embodiment of the present application. The terminal device of this embodiment includes an obtaining unit 1010, a mapping unit 1020, and an encrypting unit 1030, specifically:
an acquisition unit 1010 configured to acquire plaintext data containing a plurality of multilevel sequences; and is further configured to obtain an extended range, the extended range being equal to or not equal to the range of the multilevel sequence; the expansion value range mapping module is further used for obtaining expansion data obtained after the plaintext data is mapped to the expansion value range;
a mapping unit 1020 for mapping the plaintext data to the spread value field using a mapping function to change arrangement positions between a plurality of multilevel sequences in the plaintext data and/or to map each multilevel sequence into a plurality of multilevel sequences;
an encrypting unit 1030, configured to perform encryption calculation on the extended data to obtain encrypted data.
Further, the terminal device further includes a dividing unit 1040, configured to divide the plaintext data into a preset number of pieces of sub-plaintext data; the obtaining unit 1010 is further configured to obtain the preset number of mapping functions; the terminal device further includes a corresponding unit 1050, configured to correspond the preset number of mapping functions to the preset number of sub-plaintext data one to one; the mapping unit 1020 is further configured to map the sub plaintext data in the preset number into the extended value domains by using the mapping functions in the preset number, so as to obtain the sub extended data in the preset number; the terminal device further includes an integration unit 1060, configured to integrate the preset number of sub-extension data to obtain extension data.
Optionally, the segmenting unit 1040 is configured to segment the plaintext data into a preset number of sub-plaintext data, and to segment the expansion value range into the preset number of sub-expansion value ranges; the obtaining unit 1010 is further configured to obtain the preset number of mapping functions; the corresponding unit 1050 is configured to correspond the preset number of mapping functions to the preset number of sub-plaintext data one to one; the mapping unit 1020 is configured to map the preset number of sub-plaintext data into the preset number of sub-extension value domains by using the preset number of mapping functions, so as to obtain the preset number of sub-extension data; the integration unit 1060 is configured to integrate the preset number of sub-extension data to obtain extension data
Specifically, the corresponding unit is configured to sequentially correspond the sub plaintext data of the preset number to the sub expansion value ranges of the preset number one by one; or, the method is used for one-to-one out-of-order corresponding the sub plaintext data of the preset number to the sub expansion value ranges of the preset number.
Specifically, the integration unit 1060 is specifically configured to integrate the sub-extension data according to the sequence of the preset number of sub-plaintext data; or, the sub-extension data are integrated in a random order.
According to the embodiment of the application, after the plaintext data containing a plurality of multilevel sequences is acquired by the acquisition unit, the plaintext data is mapped to the extended value field by the mapping unit through the mapping function to obtain the extended data, and then the extended data is encrypted by the encryption unit to obtain the encrypted data. The mapping function may be a mapping relation table for position replacement, so that in the mapping process, after the multilevel data in the plaintext data is mapped to the extended value field, the position of the multilevel data in the extended data is different from the position of the multilevel data in the plaintext data; in addition to this, the mapping function may be a function for changing the multilevel data itself, and if the plaintext data is divided into pieces of sub-plaintext data, and a different mapping function is used for each piece of sub-plaintext data, each multilevel sequence in the plaintext data may be represented as a plurality of kinds of multilevel data. Then, after the mapping operation, the arrangement order between the plurality of multilevel sequences in the plaintext data is changed, and/or each multilevel sequence is mapped into a plurality of multilevel sequences. It can be seen that a change in the position of data in the plaintext data causes a change in the data distribution of the plaintext data; each multilevel sequence in the plaintext data is mapped into a plurality of multilevel sequences, so that a malicious program cannot find the distribution of a certain multilevel sequence in the plaintext data in the full text, and the data distribution of the plaintext data can be regarded as changed. Generally speaking, the encryption method of the embodiment of the application can hide the original data distribution of the plaintext data, thereby preventing data leakage in the retrieval process and improving the security of the data.
Fig. 11 is a block diagram of a terminal device according to another embodiment of the present application. As shown, the terminal device in this embodiment may include: one or more processors 1110 and memory 1120. The processor 1110 and the memory 1120 are connected by a bus 1130. The memory 1120 is used to store computer programs comprising program instructions, and the processor 1110 is used to execute the program instructions stored by the memory 1120.
The processor 1110 is configured to perform the functions of the obtaining unit 1010, and is configured to obtain plaintext data, where the plaintext data includes a plurality of multilevel sequences; and is further configured to obtain an extended range, the extended range being equal to or not equal to the range of the multilevel sequence; the expansion value range mapping module is further used for obtaining expansion data obtained after the plaintext data is mapped to the expansion value range; and a mapping unit 1020 for mapping the plaintext data onto the extended value range using a mapping function to change arrangement positions between a plurality of multilevel sequences in the plaintext data and/or to map each multilevel sequence into a plurality of multilevel sequences; and is further configured to perform a function of the encryption unit 1030, configured to perform an encryption calculation on the extension data to obtain encrypted data.
Further, the processor 1110 is further configured to execute a function of a dividing unit 1040, configured to divide the plaintext data into a predetermined number of sub-plaintext data; the mapping function is also used for acquiring the preset number of mapping functions; the mapping unit is further configured to execute a function of the corresponding unit 1050, and is configured to correspond the preset number of mapping functions to the preset number of sub-plaintext data one to one; the expansion value domain is used for mapping the sub plaintext data of the preset number into the expansion value domain by using the mapping function of the preset number to obtain the sub expansion data of the preset number; and is further configured to execute the function of the integration unit 1060, which is configured to integrate the preset number of sub-extension data to obtain extension data.
Optionally, the processor 1110 is configured to divide the plaintext data into a preset number of sub plaintext data, and divide the extended value range into the preset number of sub extended value ranges; a mapping function for obtaining the preset number; the mapping function used for enabling the preset number of mapping functions to correspond to the preset number of sub-plaintext data one by one; the sub-plaintext data of the preset number is mapped into the sub-expansion value domains of the preset number by using the mapping function of the preset number to obtain the sub-expansion data of the preset number; used for integrating the sub-expansion data with the preset quantity to obtain the expansion data
Specifically, the processor 1110 is specifically configured to sequentially correspond the preset number of sub-plaintext data to the preset number of sub-expansion value ranges one by one; or, the sub plaintext data of the preset number is used for corresponding to the sub expansion value ranges of the preset number in a one-to-one disordered manner.
Specifically, the processor 1110 is specifically configured to integrate the sub-extension data according to the sequence of the preset number of sub-plaintext data; or, the sub-extension data are integrated in a random order.
It should be understood that, in the embodiment of the present Application, the Processor 1110 may be a Central Processing Unit (CPU), and the Processor may also be other general processors, digital Signal Processors (DSPs), application Specific Integrated Circuits (ASICs), field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components, and the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The memory 1120 may include a read-only memory and a random access memory, and provides instructions and data to the processor 1110. A portion of the memory 1120 may also include non-volatile random access memory. For example, the memory 1120 may also store device type information.
In a specific implementation, the processor 1110 described in this embodiment of the present application may execute the implementation manners described in the first embodiment and the second embodiment of the data encryption method provided in this embodiment of the present application, and may also execute the implementation manner of the terminal device described in this embodiment of the present application, which is not described herein again.
In another embodiment of the present application, a computer-readable storage medium is provided that stores a computer program comprising program instructions, which are executed by a processor.
The computer readable storage medium may be an internal storage unit of the terminal device of any of the foregoing embodiments, for example, a hard disk or a memory of the terminal device. The computer-readable storage medium may also be an external storage device of the terminal device, such as a plug-in hard disk provided on the terminal device, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like. Further, the computer-readable storage medium may also include both an internal storage unit of the terminal device and an external storage device. The computer-readable storage medium is used for storing computer programs and other programs and data required by the terminal device. The computer-readable storage medium may also be used to temporarily store data that has been output or is to be output.
Those of ordinary skill in the art will appreciate that the elements and algorithm steps of the examples described in connection with the embodiments disclosed herein may be embodied in electronic hardware, computer software, or combinations of both, and that the components and steps of the examples have been described in a functional general in the foregoing description for the purpose of illustrating clearly the interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality using different data encryption methodologies for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
It can be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working processes of the terminal device and the unit described above may refer to the corresponding processes in the foregoing data encryption method embodiments, and are not described herein again.
In the several embodiments provided in the present application, it should be understood that the disclosed terminal device and data encryption method may be implemented in other manners. For example, the above-described apparatus embodiments are merely illustrative, and for example, a division of a unit is merely a logical division, and an actual implementation may have another division, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may also be an electric, mechanical or other form of connection.
Units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiments of the present application.
In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solutions of the present application may substantially or partially contribute to the prior art, or all or part of the technical solutions may be embodied in the form of a software product, which is stored in a storage medium and includes several instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the data encryption method according to the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.

Claims (10)

1. A method for data encryption, comprising:
acquiring plaintext data, wherein the plaintext data comprises a plurality of multilevel sequences;
obtaining an extended value range, wherein the extended value range is equal to or not equal to the value range of the multilevel sequence;
mapping the plaintext data to the extended value range using a mapping function to map each multilevel sequence into a plurality of multilevel sequences;
obtaining extended data obtained after the plaintext data is mapped to the extended value range;
carrying out encryption calculation on the expanded data to obtain encrypted data;
wherein said mapping said plaintext data to said expanded value range using a mapping function comprises:
dividing the plaintext data into a preset number of sub plaintext data;
acquiring the preset number of mapping functions, and enabling the preset number of mapping functions to correspond to the preset number of sub-plaintext data one by one;
respectively mapping the sub-plaintext data of the preset number to the expansion value domain by using the mapping function of the preset number to obtain the sub-expansion data of the preset number;
and integrating the preset number of sub-expansion data to obtain the expansion data.
2. The method of claim 1, wherein the mapping the plaintext data to the spread value range using a mapping function to map each multilevel sequence to a plurality of multilevel sequences comprises:
mapping the plaintext data to the extended value range using a mapping function to change arrangement positions between a plurality of multilevel sequences in the plaintext data, and mapping each multilevel sequence into a plurality of multilevel sequences.
3. The method according to claim 1 or 2, wherein the mapping the predetermined number of sub-plaintext data into the extended value field by using the predetermined number of mapping functions to obtain the predetermined number of sub-extended data comprises:
dividing the extended range into the preset number of sub-extended ranges;
and mapping the sub-plaintext data of the preset number to the sub-expansion value domains of the preset number by using the mapping function of the preset number to obtain the sub-expansion data of the preset number.
4. The method according to claim 3, wherein said mapping the predetermined number of sub-plaintext data into the predetermined number of sub-spread value domains respectively using the predetermined number of mapping functions comprises:
sequentially corresponding the sub-plaintext data of the preset number to the sub-expansion value ranges of the preset number one by one; respectively mapping the sub-plaintext data of the preset number to the sub-expansion value ranges of the preset number by using the mapping functions of the preset number; or
The sub-plaintext data of the preset number are in one-to-one out-of-order correspondence to the sub-expansion value ranges of the preset number; and mapping the sub-plaintext data of the preset number to the sub-expansion value ranges of the preset number by using the mapping function of the preset number.
5. The method according to claim 4, wherein the integrating the preset number of sub-extension data comprises:
integrating the sub-extension data according to the sequence of the sub-plaintext data with the preset number; or
And integrating the sub-expansion data according to a random order.
6. A terminal device, comprising:
an acquisition unit configured to acquire plaintext data, the plaintext data including a plurality of multilevel sequences; and is further configured to obtain an extended range, the extended range being equal to or not equal to the range of the multilevel sequence; the expansion data mapping module is further used for obtaining the expansion data obtained after the plaintext data is mapped to the expansion value range;
a mapping unit for mapping the plaintext data to the spread value range using a mapping function to map each multilevel sequence into a plurality of multilevel sequences;
the encryption unit is used for carrying out encryption calculation on the expanded data to obtain encrypted data;
the terminal device further includes:
a dividing unit configured to divide the plaintext data into a preset number of sub-plaintext data;
the obtaining unit is further configured to obtain the preset number of mapping functions;
a corresponding unit, configured to correspond the preset number of mapping functions to the preset number of sub-plaintext data one to one;
the mapping unit is configured to map the preset number of sub-plaintext data into the extended value domain by using the preset number of mapping functions, so as to obtain the preset number of sub-extended data;
and the integration unit is used for integrating the sub-expansion data with the preset number to obtain the expansion data.
7. The terminal device of claim 6, wherein the mapping unit is specifically configured to:
mapping the plaintext data to the extended value range using a mapping function to change arrangement positions between a plurality of multilevel sequences in the plaintext data, and mapping each multilevel sequence into a plurality of multilevel sequences.
8. The terminal device according to claim 6 or 7,
the dividing unit is further used for dividing the expanded value range into the preset number of sub-expanded value ranges;
the mapping unit is specifically configured to map the preset number of sub-plaintext data into the preset number of sub-extension value domains by using the preset number of mapping functions, so as to obtain the preset number of sub-extension data.
9. A terminal device, characterized in that it comprises a processor and a memory, said processor and memory being interconnected, wherein said memory is adapted to store a computer program comprising program instructions, said processor being configured to invoke said program instructions for performing the method according to any one of claims 1-5.
10. A computer-readable storage medium, characterized in that the computer-readable storage medium stores a computer program comprising program instructions that, when executed by a processor, cause the processor to carry out the method according to any one of claims 1-5.
CN201810965583.XA 2018-08-22 2018-08-22 Data encryption method, terminal equipment and computer readable storage medium Active CN109308420B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810965583.XA CN109308420B (en) 2018-08-22 2018-08-22 Data encryption method, terminal equipment and computer readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810965583.XA CN109308420B (en) 2018-08-22 2018-08-22 Data encryption method, terminal equipment and computer readable storage medium

Publications (2)

Publication Number Publication Date
CN109308420A CN109308420A (en) 2019-02-05
CN109308420B true CN109308420B (en) 2023-04-07

Family

ID=65223879

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810965583.XA Active CN109308420B (en) 2018-08-22 2018-08-22 Data encryption method, terminal equipment and computer readable storage medium

Country Status (1)

Country Link
CN (1) CN109308420B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115801228B (en) * 2023-01-09 2023-04-28 佰聆数据股份有限公司 Interactive information encryption method and device, electronic equipment and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1852088A (en) * 2005-10-13 2006-10-25 华为技术有限公司 Enciphering-deciphering method for flow medium transmission code flow and module
WO2007075154A2 (en) * 2004-12-06 2007-07-05 The Trustees Of The Stevens Institute Of Technology Method and apparatus for maintaining data integrity for block-encryption algorithms
CN104766264A (en) * 2015-01-22 2015-07-08 西北工业大学 Partitioning double-layer self-adaptation diffusion image encryption method
CN105099652A (en) * 2014-05-04 2015-11-25 博雅网络游戏开发(深圳)有限公司 Data encryption and decryption method and devices
CN105790930A (en) * 2016-04-29 2016-07-20 南京酷派软件技术有限公司 Information encryption method and information encryption device used for mobile terminal and mobile terminal

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2007075154A2 (en) * 2004-12-06 2007-07-05 The Trustees Of The Stevens Institute Of Technology Method and apparatus for maintaining data integrity for block-encryption algorithms
CN1852088A (en) * 2005-10-13 2006-10-25 华为技术有限公司 Enciphering-deciphering method for flow medium transmission code flow and module
CN105099652A (en) * 2014-05-04 2015-11-25 博雅网络游戏开发(深圳)有限公司 Data encryption and decryption method and devices
CN104766264A (en) * 2015-01-22 2015-07-08 西北工业大学 Partitioning double-layer self-adaptation diffusion image encryption method
CN105790930A (en) * 2016-04-29 2016-07-20 南京酷派软件技术有限公司 Information encryption method and information encryption device used for mobile terminal and mobile terminal

Also Published As

Publication number Publication date
CN109308420A (en) 2019-02-05

Similar Documents

Publication Publication Date Title
CN109214201B (en) Data sharing method, terminal equipment and computer readable storage medium
CN110245469B (en) Webpage watermark generation method, watermark analysis method, device and storage medium
CN108400868B (en) Seed key storage method and device and mobile terminal
WO2019114122A1 (en) Encryption method for login information, device, electronic device, and medium
WO2017166856A1 (en) Method, device and equipment for file encryption
US20130097430A1 (en) Encrypting data and characterization data that describes valid contents of a column
US11184163B2 (en) Value comparison server, value comparison encryption system, and value comparison method
JP6352441B2 (en) Anonymizing streaming data
CN110221990B (en) Data storage method and device, storage medium and computer equipment
CN114139204A (en) Method, device and medium for inquiring hiding trace
CN112035857A (en) Data protection method, device, equipment and medium
CN111444479A (en) Method and system for verifying ownership of digital fingerprint
CN109308420B (en) Data encryption method, terminal equipment and computer readable storage medium
JP7271800B2 (en) Encrypted search for encrypted data with reduced volume leakage
CN111614469B (en) Digital signature generation method, device and storage medium
US10372299B2 (en) Preserve input focus in virtualized dataset
CN104866773A (en) Fingerprint search method and apparatus, and terminal
CN110990846B (en) Information storage method, device and computer readable storage medium
CN105354506B (en) The method and apparatus of hidden file
US20210224242A1 (en) Systems and methods for indexing and searching data
US8347113B2 (en) System and method for encrypting an electronic file in a mobile electronic device
CN111767553A (en) Data encryption and decryption method, MCU, electronic equipment and readable storage medium
CN116702103A (en) Database watermark processing method, database watermark tracing method and device
Mahmoud et al. Comments on multi-window against mobile application lock
Huang et al. Intellectual property protection for FPGA designs using the public key cryptography

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant