CN109510704A - A kind of digital cipher protection system and method based on IOS system - Google Patents
A kind of digital cipher protection system and method based on IOS system Download PDFInfo
- Publication number
- CN109510704A CN109510704A CN201811511849.XA CN201811511849A CN109510704A CN 109510704 A CN109510704 A CN 109510704A CN 201811511849 A CN201811511849 A CN 201811511849A CN 109510704 A CN109510704 A CN 109510704A
- Authority
- CN
- China
- Prior art keywords
- key
- rsa
- clear text
- resource file
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/045—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0822—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
Abstract
The invention discloses a kind of digital cryptographic key protection methods based on IOS system, receive resource file, are based on AES symmetric encipherment algorithm, carry out a re-encryption to resource file, obtain clear text key;According to RSA rivest, shamir, adelman, two re-encryptions are carried out to clear text key, obtain ciphertext.The present invention solves the key static state preservation unsafe problems in IOS system, solves the problems, such as that key is easy to be intercepted by packet capturing in IOS system, while also solving the problem of key is directly acquired in IOS system;Improve the safety of key, the safety of user information and the safety of resource file.
Description
Technical field
The present invention relates to computer software technical fields, it particularly relates to which a kind of digital cipher based on IOS system is protected
Protecting system and method.
Background technique
Key has played the protection of user data very important.So the protection for key also will primarily appoint
Business.Traditional cryptographic key protection mode uses and key is locally stored, it is easy to be crawled.Server saves key mode, by key
It is stored in server, although certain promotion that safety obtains, is also easy to be intercepted by packet capturing.This invention is exactly to be
Improve the safety of key.
Summary of the invention
The present invention provides a kind of digital cryptographic key protection methods based on IOS system, and its technical solution is as follows:
A kind of digital cryptographic key protection method based on IOS system, comprising the following steps:
A, random clear text key is pre-generated by server-side, receives resource file, be based on AES with clear text key and symmetrically add
Close algorithm carries out a re-encryption to resource file;
B, corresponding APP key is pre-generated by server-side, and using RSA public key is carried out to clear text key double add
It is close.
The step b is further comprising the steps of:
B101, APP key is packed into .a static library;
B102, equipment is registered by client request, server-side verifying signature, random generation RSA is generated close after being verified
Key pair;
B103, generation ciphertext key is encrypted to clear text key with RSA public key, deposited to server, and return to client RSA
Private key.
Preferably, further comprising the steps of:
Receive decryption instructions, be from .a static library acquirement APP key, for request endorse, get RSA private key and
Ciphertext key;
If RSA private key and the RSA public key match being stored in server, successful decryption, what is obtained after decryption is in plain text
Key.
Preferably, further comprising the steps of: according to the acquired clear text key decoding resource file of decryption, after being decrypted
Resource file.
A kind of digital cipher protection system based on IOS system, including AES encryption module and rsa encryption module, in which:
AES encryption module pre-generates random clear text key by server-side, receives resource file, with clear text key base
In AES symmetric encipherment algorithm, a re-encryption is carried out to resource file;
Rsa encryption module, for carrying out two re-encryptions to clear text key, obtaining ciphertext according to RSA rivest, shamir, adelman
Key.
Preferably, the rsa encryption module includes that ciphertext generates submodule, ciphertext compiling submodule and key storage submodule
Block, in which:
Ciphertext generates submodule, for transferring RSA public key after obtaining clear text key, carries out to the clear text key double
Encryption obtains clear text key;
Ciphertext compiles submodule, and for storing APP key, protection APP key is used to request of endorsing, protection request safety;
Key stores submodule, for storing RSA public key into server.
It preferably, further include RSA deciphering module, after the completion of encryption, if receiving decryption instructions, from .a static library
APP key is obtained, endorses for requesting, obtains RSA private key and ciphertext key;If RSA private key and the RSA being stored in server
Public key match, then successful decryption, obtains clear text key.
Preferably, further include AES deciphering module, according to the acquired clear text key decoding resource file of decryption, solved
Resource file after close.
The beneficial effects of the present invention are:
1, then the present invention reuses RSA asymmetric encryption, to bright to resource file encryption and decryption using AES symmetric cryptography
Literary key carries out encryption and decryption, solves the key static state preservation unsafe problems in IOS system, solves close in IOS system
Key is easy the problem of being intercepted by packet capturing, while also solving the problem of key is directly acquired in IOS system;Improve key
Safety, the safety of user information and the safety of resource file.
2, RSA asymmetric encryption is being used, after carrying out encryption and decryption to clear text key, public key is deposited in into server, used
Xcode developing instrument, by key encapsulation in a file;While ensuring that file is complete, guarantee the safety of key, realization pair
The protection of digital cipher.
3, client obtains resource file link using RSA in local decryption;Ensure file acquisition safe enough, no
Easily intercepted at random.
Detailed description of the invention
Fig. 1 is the flow chart of the digital cryptographic key protection method based on IOS system described in the embodiment of the present invention;
Fig. 2 is the functional block diagram of the digital cipher protection system described in the embodiment of the present invention based on IOS system.
Description of symbols:
10-AES encrypting module;20-RSA encrypting module;201- ciphertext generates submodule;202- ciphertext compiles submodule;
203- key stores submodule;30-RSA deciphering module;40-AES deciphering module.
Specific embodiment
The embodiment of the present invention is described in detail below.
Embodiment 1:
As shown in Figure 1, a kind of digital cryptographic key protection method based on IOS system, comprising the following steps:
A, random clear text key is pre-generated by server-side, receives resource file, be based on AES with clear text key and symmetrically add
Close algorithm carries out a re-encryption to resource file;
B, corresponding APP key is pre-generated by server-side, and using RSA public key is carried out to clear text key double add
It is close.
In the present embodiment, using AES symmetric cryptography, to resource file encryption and decryption;Then reuse RSA it is asymmetric plus
It is close, encryption and decryption is carried out to clear text key, the key static state preservation unsafe problems in IOS system is solved, solves in IOS system
Key is easy the problem of being intercepted by packet capturing in system, while also solving the problem of key is directly acquired in IOS system;It improves
The safety of key, the safety of user information and the safety of resource file;
Detailed process is as follows:
Resource file is encrypted using AES symmetric encipherment algorithm using clear text key, encrypted resource file is stored in clothes
Business end;Then rsa encryption is carried out to clear text key using RSA public key, encrypted RSA public key is stored in server-side, works as client
When end pulls encrypted resource file, RSA public key is obtained can together;Then client uses .a static library (RSA private key
It is previously enclosed in .a static library) decryption RSA public key is removed, clear text key is obtained, then clear text key is taken to remove decoding resource file, most
The resource file of decryption is obtained eventually.
Embodiment 2
The present embodiment on the basis of embodiment 1, the step b the following steps are included:
B101, APP key is packed into .a static library;
B102, equipment is registered by client request, server-side verifying signature, random generation RSA is generated close after being verified
Key pair;
B103, general RSA public key, which encrypt clear text key, generates ciphertext key, deposits to server, and return to client
RSA private key.
In the present embodiment, using RSA asymmetric encryption, encryption and decryption is carried out to clear text key, public key is deposited in into service
End, with xcode developing instrument, by APP key encapsulation in .a static library;While ensuring that file is complete, guarantee the peace of key
Quan Xing realizes the protection to digital cipher.
Embodiment 3
The present embodiment is further comprising the steps of on the basis of embodiment 2:
After the completion of encryption, decryption instructions are received, is the acquirement APP key from .a static library, endorses, obtain for requesting
Get RSA private key and ciphertext key;
If RSA private key and the RSA public key match being stored in server, successful decryption, what is obtained after decryption is in plain text
Key.
In the present embodiment, client obtains resource file link using RSA in local decryption;Ensure file acquisition foot
Enough safeties, are not easy to be intercepted at random.
Embodiment 4
The present embodiment is further comprising the steps of on the basis of embodiment 3:
If the acquired clear text key of decryption is matched with AES key, resource file is obtained.Carry out the key of resource file
Pairing obtains the resource file finally needed, guarantees file integrality and safety.
Embodiment 5
The present embodiment is the system of embodiment 1, as shown in Fig. 2, a kind of digital cipher based on IOS system protects system,
Including AES encryption module 10 and rsa encryption module 20, in which:
AES encryption module 10 pre-generates random clear text key by server-side, receives resource file, use clear text key
Based on AES symmetric encipherment algorithm, a re-encryption is carried out to resource file;
Rsa encryption module 20, for carrying out two re-encryptions to clear text key, obtaining close according to RSA rivest, shamir, adelman
Literary key.
Embodiment 6
The present embodiment is the system of embodiment 2, and the rsa encryption module 20 includes that ciphertext generates submodule 201, ciphertext is compiled
Translate submodule 202 and key storage submodule 203, in which:
Ciphertext generates submodule 201, for transferring RSA public key after obtaining clear text key, carries out two to the clear text key
Re-encryption obtains clear text key;
Ciphertext compiles submodule 202, and for storing APP key, protection APP key is used to request of endorsing, protection request peace
Entirely;
Key stores submodule 203, for storing RSA public key into server.
Embodiment 7
The present embodiment is the system of embodiment 3, further includes RSA deciphering module 30, after the completion of encryption, if receiving decryption
Instruction then obtains APP key from .a static library, endorses for requesting, obtains RSA private key and ciphertext key;If RSA private key with
The RSA public key match being stored in server, then successful decryption, obtains clear text key.
Embodiment 8
The present embodiment is the system of embodiment 4, further includes AES deciphering module 40, according to the acquired clear text key of decryption
Decoding resource file, the resource file after being decrypted.
A specific embodiment of the invention above described embodiment only expresses, the description thereof is more specific and detailed, but simultaneously
Limitations on the scope of the patent of the present invention therefore cannot be interpreted as.It should be pointed out that for those of ordinary skill in the art
For, without departing from the inventive concept of the premise, various modifications and improvements can be made, these belong to guarantor of the invention
Protect range.
Claims (8)
1. a kind of digital cryptographic key protection method based on IOS, which comprises the following steps:
A, random clear text key is pre-generated by server-side, receives resource file, calculated with clear text key based on AES symmetric cryptography
Method carries out a re-encryption to resource file;
B, corresponding APP key is pre-generated by server-side, and two re-encryptions is carried out to clear text key using RSA public key.
2. the digital cryptographic key protection method according to claim 1 based on IOS system, which is characterized in that the step b packet
Include following steps:
B101, APP key is packed into .a static library;
B102, equipment is registered by client request, server-side verifying signature, the random RSA that generates generates key pair after being verified;
B103, generation ciphertext key is encrypted to clear text key with RSA public key, deposited to server, and it is private to return to client RSA
Key.
3. the digital cryptographic key protection method according to claim 1 or 2 based on IOS system, which is characterized in that further include with
Lower step:
Decryption instructions are received, is the acquirement APP key from .a static library, endorses for requesting, get RSA private key and ciphertext
Key;
If RSA private key and the RSA public key match being stored in server, successful decryption, what is obtained after decryption is clear text key.
4. the digital cryptographic key protection method according to claim 3 based on IOS system, which is characterized in that further include following
Step:
Resource file according to the acquired clear text key decoding resource file of decryption, after being decrypted.
5. a kind of digital cipher based on IOS system protects system, which is characterized in that including AES encryption module and rsa encryption mould
Block, in which:
AES encryption module pre-generates random clear text key by server-side, receives resource file, is based on AES with clear text key
Symmetric encipherment algorithm carries out a re-encryption to resource file;
Rsa encryption module, for carrying out two re-encryptions to clear text key, it is close obtaining ciphertext according to RSA rivest, shamir, adelman
Key.
6. the digital cipher according to claim 5 based on IOS system protects system, which is characterized in that the rsa encryption
Module includes that ciphertext generates submodule, ciphertext compiling submodule and key storage submodule, in which:
Ciphertext generates submodule, for transferring RSA public key after obtaining clear text key, carries out two re-encryptions to the clear text key,
Obtain clear text key;
Ciphertext compiles submodule, and for storing APP key, protection APP key is used to request of endorsing, protection request safety;
Key stores submodule, for storing RSA public key into server.
7. the digital cipher according to claim 5 or 6 based on IOS system protects system, which is characterized in that further include
RSA deciphering module, if receiving decryption instructions, obtains APP key, for requesting after the completion of encryption from .a static library
It endorses, obtains RSA private key and ciphertext key;If RSA private key and the RSA public key match being stored in server, successful decryption,
Obtain clear text key.
8. the digital cipher according to claim 7 based on IOS system protects system, which is characterized in that further include AES solution
Close module, the resource file according to the acquired clear text key decoding resource file of decryption, after being decrypted.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811511849.XA CN109510704A (en) | 2018-12-11 | 2018-12-11 | A kind of digital cipher protection system and method based on IOS system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811511849.XA CN109510704A (en) | 2018-12-11 | 2018-12-11 | A kind of digital cipher protection system and method based on IOS system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109510704A true CN109510704A (en) | 2019-03-22 |
Family
ID=65752164
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811511849.XA Pending CN109510704A (en) | 2018-12-11 | 2018-12-11 | A kind of digital cipher protection system and method based on IOS system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109510704A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113438238A (en) * | 2021-06-25 | 2021-09-24 | 北京八分量信息科技有限公司 | User information anti-theft automatic alarm system based on decentralization |
CN113612746A (en) * | 2021-07-26 | 2021-11-05 | 建信金融科技有限责任公司 | Sensitive information storage method and system based on Android system |
-
2018
- 2018-12-11 CN CN201811511849.XA patent/CN109510704A/en active Pending
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113438238A (en) * | 2021-06-25 | 2021-09-24 | 北京八分量信息科技有限公司 | User information anti-theft automatic alarm system based on decentralization |
CN113612746A (en) * | 2021-07-26 | 2021-11-05 | 建信金融科技有限责任公司 | Sensitive information storage method and system based on Android system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
KR101744748B1 (en) | Contents protection, encryption and decryption apparatus using white-box cryptography | |
CN104486315B (en) | A kind of revocable key outsourcing decryption method based on contents attribute | |
CN107124274B (en) | Digital signature method and device based on SM2 | |
CN101340279B (en) | Method, system and apparatus for data ciphering and deciphering | |
CN102571329B (en) | Password key management | |
EP3192207B1 (en) | Apparatus and method for data encryption | |
CN101771699A (en) | Method and system for improving SaaS application security | |
CN110889696A (en) | Storage method, device, equipment and medium for alliance block chain secret key based on SGX technology | |
CN104463040A (en) | Secure input method and system for password | |
CN109684129B (en) | Data backup recovery method, storage medium, encryption machine, client and server | |
CN109547198A (en) | The method and system of network transmission video file | |
CN105554031A (en) | Encryption method, encryption apparatus, decryption method, decryption apparatus and terminal | |
CN109005184A (en) | File encrypting method and device, storage medium, terminal | |
CN106878322A (en) | A kind of encryption and decryption method of the fixed length ciphertext based on attribute and key | |
CN109510702A (en) | A method of it key storage based on computer characteristic code and uses | |
CN109495255A (en) | Digital cryptographic key protection method and its system based on android system | |
CN109510704A (en) | A kind of digital cipher protection system and method based on IOS system | |
CN104866738B (en) | A kind of program code guard method and device | |
CN100561913C (en) | A kind of method of access code equipment | |
CN108933758A (en) | Cloud storage encipher-decipher method, device and system can be shared | |
CN103605927A (en) | Encryption and decryption method based on embedded Linux system | |
KR20140071775A (en) | Cryptography key management system and method thereof | |
US20190109828A1 (en) | Data processing method, device and system, and storage medium | |
KR101329789B1 (en) | Encryption Method of Database of Mobile Communication Device | |
KR101793528B1 (en) | Certificateless public key encryption system and receiving terminal |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190322 |
|
RJ01 | Rejection of invention patent application after publication |