CN109698812A - Information ciphering method and device, information decryption method and device and security system - Google Patents
Information ciphering method and device, information decryption method and device and security system Download PDFInfo
- Publication number
- CN109698812A CN109698812A CN201710989330.1A CN201710989330A CN109698812A CN 109698812 A CN109698812 A CN 109698812A CN 201710989330 A CN201710989330 A CN 201710989330A CN 109698812 A CN109698812 A CN 109698812A
- Authority
- CN
- China
- Prior art keywords
- matrix
- data
- block
- split
- data block
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/104—Peer-to-peer [P2P] networks
- H04L67/1074—Peer-to-peer [P2P] networks for supporting data block transmission mechanisms
- H04L67/1078—Resource delivery mechanisms
- H04L67/108—Resource delivery mechanisms characterised by resources being split in blocks or fragments
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The disclosure provides a kind of information ciphering method and device, information decryption method and device and security system, is related to information security field.Wherein by the way that initial data is carried out even partition, to obtain at least two data blocks, each data block is decomposed into k number according to sub-block, to obtain the split-matrix R of initial data, conversion process is carried out to split-matrix R using invertible matrix A, to generate encryption data matrix S, wherein the either element in the encryption data matrix S is associated with whole elements in the split-matrix R.Corresponding decrypting process is the inverse process of ciphering process.The disclosure is by obscuring processing mode using secondary to obtain corresponding data matrix, and the either element in the matrix is all related to by whole elements in matrix obtained by being decomposed to initial data, to effectively increase the safety of data.
Description
Technical field
This disclosure relates to information security field, in particular to a kind of information ciphering method and device, information decryption method and
Device and security system.
Background technique
As " internet+" is raised to the height of national policy policy, started in the whole country an internet with
The depth integration of traditional industries thes storm of revolution, and medical treatment & health industry is no exception.With the relevant technologies such as big data, cloud computings
Tend to be perfect, medical information is irresistible, wherein establish the whole nation it is unified, standardized Residential soil has become
One of the key content of current Medical and health informationization construction.Health account would generally be related to the sensitive data of privacy of user,
How to protect private data in health account and prevents sensitive information leakage from having become the significant problem that must be solved.Encryption is
Often there is inefficiency, expend in one of most common method of conventional privacy data protection, but the data encryption for magnanimity
Time and the problems such as more resource.
Summary of the invention
The technical problem that embodiment of the disclosure solves is: carrying out encryption to private data, there are inefficiency, consumption
The time-consuming and more defect of resource.
According to the one aspect of one or more other embodiments of the present disclosure, a kind of information ciphering method is provided, comprising:
Initial data is subjected to even partition, to obtain at least two data blocks;
Each data block is decomposed into k number according to sub-block, to obtain the split-matrix R of initial data;
Conversion process, to generate encryption data matrix S, wherein encryption data are carried out to split-matrix R using invertible matrix A
Either element in matrix S is associated with whole elements in split-matrix R.
Optionally, each data block is decomposed into k number according to sub-block includes:
For i-th of data block fi, in finite field ZpMiddle k-1 element of random selection, wherein 1≤i≤n, n are data
Number of blocks;
According to data block fiAnd k-1 element determines k-th of element;
Using k-1 element and k-th of element as data block fiK number according to sub-block.
Optionally, formula r is utilizedi,k=fi·(ri,1·ri,2·…·ri,j·…·ri,k-1)-1Mod p is calculated k-th
Element ri,k;
Wherein, ri,jIt is from finite field ZpIn the element that is randomly selected, 1≤j≤k-1, p are greater than 2LPrime number, L be number
According to the length of block.
Optionally, carrying out conversion process to split-matrix R using invertible matrix A includes:
Conversion process is carried out to split-matrix R using formula S=ARA, to generate encryption data matrix S.
According to the another aspect of one or more other embodiments of the present disclosure, a kind of information decryption method is provided, comprising:
Conversion process, to obtain split-matrix R, wherein encryption data are carried out to encryption data matrix S using invertible matrix A
Either element in matrix S is associated with whole elements in split-matrix R;
K number corresponding with each data block is obtained from split-matrix R according to sub-block;
Corresponding data block is obtained according to sub-block using k number;
Obtained data block is merged, to obtain initial data.
Optionally, obtaining corresponding data block according to sub-block using k number includes:
Utilize formula ri,k=fi·(ri,1·ri,2·…·ri,j·…·ri,k-1)-1Mod p calculates i-th of data block
fi;
Wherein, p is greater than 2LPrime number, L be data block length, ri,jIt is and i-th of data block fiCorresponding j-th yuan
Element, 1≤j≤k-1, ri,kIt is and i-th of data block fiCorresponding k-th of element.
Optionally, carrying out conversion process to encryption data matrix S using invertible matrix A includes:
Utilize formula R=A-1·S·A-1Conversion process is carried out to encryption data matrix S, to obtain split-matrix R.
According to the other side of one or more other embodiments of the present disclosure, a kind of information encryption device is provided, comprising:
Data segmentation module is configured as initial data carrying out even partition, to obtain at least two data blocks;
Split-matrix generation module is configured as each data block being decomposed into k number according to sub-block, to obtain original number
According to split-matrix R;
Conversion module is encrypted, is configured as carrying out conversion process to split-matrix R using invertible matrix A, to generate encryption
Data matrix S, wherein the either element in encryption data matrix S is associated with whole elements in split-matrix R.
Optionally, split-matrix generation module is configured as i-th of data block fi, in finite field ZpMiddle random selection
K-1 element, wherein 1≤i≤n, n are data sub-block quantity;According to data block fiAnd k-1 element determines k-th of element, it will
K-1 element and k-th of element are as data block fiK number according to sub-block.
Optionally, split-matrix generation module is configured as utilizing formula ri,k=fi·(ri,1·ri,2·…·
ri,j·…·ri,k-1)-1Mod p calculates k-th of element ri,k;Wherein, ri,jIt is from finite field ZpIn the element that is randomly selected, 1
≤ j≤k-1, p are greater than 2LPrime number, L be data block length.
Optionally, encryption conversion module is configured as carrying out conversion process to split-matrix R using formula S=ARA,
To generate encryption data matrix S.
According to the other side of one or more other embodiments of the present disclosure, a kind of information encryption device is provided, comprising:
Memory is configured as store instruction;
Processor, is coupled to memory, and the instruction execution that processor is configured as storing based on memory is realized as above-mentioned
The information ciphering method that any embodiment is related to.
According to the other side of one or more other embodiments of the present disclosure, a kind of information decryption device is provided, comprising:
Conversion module is decrypted, is configured as carrying out conversion process to encryption data matrix S using invertible matrix A, to obtain
Split-matrix R, wherein the either element in encryption data matrix S is associated with whole elements in split-matrix R;
Data sub-block obtains module, is configured as obtaining k number corresponding with each data block from split-matrix R according to son
Block;
Data block generation module is configured as obtaining corresponding data block according to sub-block using k number;
Data combiners block, the data block for being configured as to obtain merge, to obtain initial data.
Optionally, data block generation module is configured as utilizing formula ri,k=fi·(ri,1·ri,2·…·
ri,j·…·ri,k-1)-1Mod p calculates i-th of data block fi, wherein p is greater than 2LPrime number, L be data block length,
ri,jIt is and i-th of data block fiCorresponding j-th of element, 1≤j≤k-1, ri,kIt is and i-th of data block fiCorresponding k-th
Element.
Optionally, decryption conversion module is configured as utilizing formula R=A-1·S·A-1Encryption data matrix S is become
Processing is changed, to obtain split-matrix R.
According to the other side of one or more other embodiments of the present disclosure, a kind of information decryption device is provided, comprising:
Memory is configured as store instruction;
Processor, is coupled to memory, and the instruction execution that processor is configured as storing based on memory is realized as above-mentioned
The information decryption method that any embodiment is related to.
According to the other side of one or more other embodiments of the present disclosure, a kind of security system is provided, comprising:
The information encryption device being related to such as above-mentioned any embodiment;
The information decryption device being related to such as above-mentioned any embodiment.
According to the one aspect of one or more other embodiments of the present disclosure, a kind of computer readable storage medium is provided,
In, computer-readable recording medium storage has computer instruction, and such as above-mentioned any embodiment is realized when instruction is executed by processor
The information decryption method that the information ciphering method or any of the above-described embodiment being related to are related to.
By the detailed description referring to the drawings to the exemplary embodiment of the disclosure, the other feature of the disclosure and its
Advantage will become apparent.
Detailed description of the invention
In order to illustrate more clearly of the embodiment of the present disclosure or technical solution in the prior art, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
Disclosed some embodiments without any creative labor, may be used also for those of ordinary skill in the art
To obtain other drawings based on these drawings.
Fig. 1 is the exemplary process diagram of the information ciphering method of an embodiment of the present disclosure.
Fig. 2 is the exemplary process diagram of the information decryption method of an embodiment of the present disclosure.
Fig. 3 is the exemplary block diagram of the information encryption device of an embodiment of the present disclosure.
Fig. 4 is the exemplary block diagram of the information encryption device of another embodiment of the disclosure.
Fig. 5 is that the information of an embodiment of the present disclosure decrypts the exemplary block diagram of device.
Fig. 6 is that the information of another embodiment of the disclosure decrypts the exemplary block diagram of device.
Fig. 7 is the exemplary block diagram of the information safety system of an embodiment of the present disclosure.
Fig. 8 is the exemplary block diagram that the information of an embodiment of the present disclosure is divided.
Specific embodiment
Below in conjunction with the attached drawing in the embodiment of the present disclosure, the technical solution in the embodiment of the present disclosure is carried out clear, complete
Site preparation description, it is clear that described embodiment is only disclosure a part of the embodiment, instead of all the embodiments.Below
Description only actually at least one exemplary embodiment be it is illustrative, never as to the disclosure and its application or making
Any restrictions.Based on the embodiment in the disclosure, those of ordinary skill in the art are not making creative work premise
Under every other embodiment obtained, belong to the disclosure protection range.
Unless specifically stated otherwise, positioned opposite, the digital table of the component and step that otherwise illustrate in these embodiments
Up to the unlimited the scope of the present disclosure processed of formula and numerical value.
Simultaneously, it should be appreciated that for ease of description, the size of various pieces shown in attached drawing is not according to reality
Proportionate relationship draw.
Technology, method and apparatus known to person of ordinary skill in the relevant may be not discussed in detail, but suitable
In the case of, the technology, method and apparatus should be considered as authorizing part of specification.
It is shown here and discuss all examples in, any occurrence should be construed as merely illustratively, without
It is as limitation.Therefore, the other examples of exemplary embodiment can have different values.
It should also be noted that similar label and letter indicate similar terms in following attached drawing, therefore, once a certain Xiang Yi
It is defined in a attached drawing, then in subsequent attached drawing does not need that it is further discussed.
Fig. 1 is the exemplary process diagram of the information ciphering method of an embodiment of the present disclosure.Optionally, the side of the present embodiment
Method step can be executed by information encryption device.Wherein:
Step 101, initial data is subjected to even partition, to obtain at least two data blocks.
For example, initial data D is subjected to even partition, to obtain n length identical block, wherein each data block
Length is L bit.
Step 102, each data block is decomposed into k number according to sub-block, to obtain the split-matrix R of initial data.
For example, for i-th of data block fi, in finite field ZpMiddle k-1 element of random selection, it may be assumed that ri,1、ri,2、…、
ri,k-1, wherein 1≤i≤n, n are data sub-block quantity.Next, according to data block fiAnd the k-1 element determines k-th yuan
Plain ri,k。
By in finite field ZpMiddle random selection ri,1、ri,2、…、ri,k-1, so that it is guaranteed that this k-1 element can be limited
It is uniformly distributed in domain.
Optionally, r can be passed throughi,k=fi·F(ri,1、ri,2、…、ri,k-1) mod p calculates k-th of element ri,k, wherein
Function F can be selected as needed.Wherein, p is greater than 2LPrime number, L be data block length.
For example, formula r can be usedi,k=fi·(ri,1·ri,2·…·ri,k-1)-1Mod p calculates k-th of element ri,k。
It as a result, can be using k-1 element and k-th of element as data block fiK number according to sub-block.That is, can incite somebody to action
Data block fiIt decomposes are as follows: (ri,1、ri,2、…、ri,k-1、ri,k)。
Step 103, conversion process is carried out to split-matrix R using invertible matrix A, to generate encryption data matrix S, wherein
Either element in encryption data matrix S is associated with whole elements in split-matrix R.
What needs to be explained here is that due to ri,kIt is by ri,1、ri,2、…、ri,k-1And fiIt is calculated, therefore ri,kNo longer
Meet being uniformly distributed in finite field.Following mapping mode can be used in uniform statistical property in order to obtain:
a11r11+a12r12+…+a1kr1k=s11
a11r21+a12r22+…+a1kr2k=s12
……
a11rn1+a12rn2+…+a1krnk=s1n
Correspondingly, it according to matrix form, can be expressed as:
If
Then AR=S.Wherein A is k rank invertible matrix, and S is encryption data matrix S generated.
It should be noted that the statistical property of matrix S is more uniform by above-mentioned processing, but the either element in S only with
rj,1、rj,2、…、rj,kIt is related, and with other rm,1、rm,2、…、rm,kUnrelated (m ≠ j).For this purpose, can be further by secondary mixed
It closes, it may be assumed that
S=ARA
So that either element is all related to whole elements in R in S.
Based on disclosure information ciphering method provided by the above embodiment, by obscuring processing mode using secondary to obtain
Corresponding data matrix, the either element in the matrix is and by complete in matrix R obtained by being decomposed to initial data
Portion's element is all related, so that the safety of data is effectively increased, it, also can not be extensive even if attacker gets part slicing files
File of appearing again is whole.
Fig. 2 is the exemplary process diagram of the information decryption method of an embodiment of the present disclosure.Optionally, the side of the present embodiment
Method step can decrypt device by information and execute.Wherein:
Step 201, conversion process is carried out to encryption data matrix S using invertible matrix A, to obtain split-matrix R, wherein
Either element in encryption data matrix S is associated with whole elements in split-matrix R.
Optionally, formula R=A is utilized-1·S·A-1Conversion process is carried out to encryption data matrix S, to obtain decomposing square
Battle array R.
Wherein, A is above-mentioned k rank invertible matrix.
Step 202, k number corresponding with each data block is obtained from split-matrix R according to sub-block.
Step 203, corresponding data block is obtained according to sub-block using k number.
Optionally, r can be passed throughi,k=fi·F(ri,1、ri,2、…、ri,k-1) mod p calculates i-th of data block fi,
In function F can be selected as needed.Wherein, p is greater than 2LPrime number, L be data block length, ri,jIt is and i-th
Data block fiCorresponding j-th of element, 1≤j≤k-1, ri,kIt is and i-th of data block fiCorresponding k-th of element.
For example, using formula ri,k=fi·(ri,1·ri,2·…·ri,j·…·ri,k-1)-1Mod p calculates i-th
A data block fi。
Step 204, obtained data block is merged, to obtain initial data.
Obviously, decryption method involved in the disclosure is the inverse process of respective encrypted method.
Fig. 3 is the exemplary process diagram of the information encryption device of an embodiment of the present disclosure.As shown in figure 3, information encrypts
Device includes data segmentation module 31, split-matrix generation module 32 and encryption conversion module 33, in which:
Data segmentation module 31 is configured as initial data carrying out even partition, to obtain at least two data blocks.
Split-matrix generation module 32 is configured as each data block being decomposed into k number according to sub-block, to obtain original
The split-matrix R of data.
Optionally, split-matrix generation module 32 is configured as i-th of data block fi, in finite field ZpIn select at random
K-1 element is selected, wherein 1≤i≤n, n are data sub-block quantity;According to data block fiAnd k-1 element determines k-th of element,
Using k-1 element and k-th of element as data block fiK number according to sub-block.
By in finite field ZpMiddle random selection ri,1、ri,2、…、ri,k-1, so that it is guaranteed that this k-1 element can be limited
It is uniformly distributed in domain.
Optionally, r can be passed throughi,k=fi·F(ri,1、ri,2、…、ri,k-1) mod p calculates k-th of element ri,k, wherein
Function F can be selected as needed.Wherein, p is greater than 2LPrime number, L be data block length.
For example, formula r can be usedi,k=fi·(ri,1·ri,2·…·ri,k-1)-1Mod p calculates k-th of element ri,k。
It as a result, can be using k-1 element and k-th of element as data block fiK number according to sub-block.That is, can incite somebody to action
Data block fiIt decomposes are as follows: (ri,1、ri,2、…、ri,k-1、ri,k)。
Encryption conversion module 33 is configured as carrying out conversion process to split-matrix R using invertible matrix A, to generate encryption
Data matrix S, wherein the either element in encryption data matrix S is associated with whole elements in split-matrix R.
Optionally, encryption conversion module is configured as carrying out conversion process to split-matrix R using formula S=ARA,
To generate encryption data matrix S.
For example,
Fig. 4 is the exemplary process diagram of the information encryption device of another embodiment of the disclosure.As shown in figure 4, the information
Encryption device includes memory 41 and processor 42.Wherein:
For storing instruction, processor 42 is coupled to memory 41 to memory 41, and processor 42 is configured as based on storage
The instruction execution of device storage realizes the method that any embodiment is related to as shown in figure 1.
As shown in figure 4, the device further includes communication interface 43, for carrying out information exchange with other equipment.Meanwhile the dress
Setting further includes bus 44, and processor 42, communication interface 43 and memory 41 complete mutual communication by bus 44.
Memory 41 may include high speed RAM memory, can also further include nonvolatile memory (non-volatile
Memory), a for example, at least magnetic disk storage.Memory 41 is also possible to memory array.Memory 41 is also possible to be divided
Block, and block can be combined into virtual volume by certain rule.
In addition, processor 42 can be a central processor CPU, perhaps can be application-specific integrated circuit ASIC or
It is arranged to implement one or more integrated circuits of the embodiment of the present disclosure.
Fig. 5 is that the information of an embodiment of the present disclosure decrypts the exemplary process diagram of device.As shown in figure 5, information is decrypted
Device may include decryption conversion module 51, data sub-block acquisition module 52, data block generation module 53 and data combiners block 54.
Wherein:
Decryption conversion module 51 is configured as carrying out conversion process to encryption data matrix S using invertible matrix A, to obtain
Split-matrix R.
Wherein, the either element in encryption data matrix S is associated with whole elements in split-matrix R.
Optionally, decryption conversion module 51 is configured as utilizing formula R=A-1·S·A-1Encryption data matrix S is carried out
Conversion process, to obtain split-matrix R.
Wherein, if
Data sub-block obtains module 52 and is configured as obtaining k number evidence corresponding with each data block from split-matrix R
Sub-block.
Data block generation module 53 is configured as obtaining corresponding data block according to sub-block using k number.
Optionally, data block generation module 53 can pass through ri,k=fi·F(ri,1、ri,2、…、ri,k-1) modp calculates
I-th of data block fi, wherein can select as needed function F.Wherein, p is greater than 2LPrime number, L be data block length
Degree, ri,jIt is and i-th of data block fiCorresponding j-th of element, 1≤j≤k-1, ri,kIt is and i-th of data block fiCorresponding kth
A element.
For example, data block generation module 53 can utilize formula ri,k=fi·(ri,1·ri,2·…·ri,j·…·
ri,k-1)-1Mod p calculates i-th of data block fi。
The data block that data combiners block 54 is configured as to obtain merges, to obtain initial data.
Fig. 6 is that the information of another embodiment of the disclosure decrypts the exemplary block diagram of device.It is similar to embodiment illustrated in fig. 4,
In Fig. 6, it includes memory 61 and processor 62 which, which decrypts device,.Wherein:
For storing instruction, processor 62 is coupled to memory 61 to memory 61, and processor 62 is configured as based on storage
The instruction execution of device storage realizes the method that any embodiment is related in such as Fig. 2.
As shown in fig. 6, the device further includes communication interface 63, for carrying out information exchange with other equipment.Meanwhile the dress
Setting further includes bus 64, and processor 62, communication interface 63 and memory 61 complete mutual communication by bus 64.
Fig. 7 is the exemplary block diagram of the information safety system of an embodiment of the present disclosure.As shown in fig. 7, the system includes
Information encryption device 71 and information decrypt device 72.Wherein, information encryption device 71 can relate to for any embodiment in Fig. 3 or Fig. 4
And information encryption device, the information that information decryption device 72 can be related to for any embodiment in Fig. 5 or Fig. 6 decrypts device.
Fig. 8 is the exemplary block diagram that the information of an embodiment of the present disclosure is divided.As shown in figure 8, in order to initial data D
Safeguard protection is carried out, initial data D is subjected to even partition, to obtain n data block.Wherein it is directed to each data block fi,
Finite field ZpK-1 element (r of middle random selectioni,1、ri,2、…、ri,k-1), according to data block fiAnd k-1 element determines k-th
Element ri,k.Thus by data block fiBe decomposed into k number according to sub-block (ri,1、ri,2、…、ri,k-1、ri,k).Next decomposition is utilized
Obtained data sub-block generates split-matrix R, by carrying out corresponding conversion process using invertible matrix, i.e., by calculating A
RA is to obtain newly-generated matrix S.Thus the encryption of initial data D is completed.Correspondingly, pass through utilization and ciphering process
The decrypting process of contrary can recover initial data D from matrix S.
Optionally, functional unit block described above can be implemented as executing function described by the disclosure
General processor, programmable logic controller (PLC) (Programmable Logic Controller, referred to as: PLC), digital signal
Processor (Digital Signal Processor, referred to as: DSP), specific integrated circuit (Application Specific
Integrated Circuit, referred to as: ASIC), field programmable gate array (Field-Programmable Gate Array,
Referred to as: FPGA) either other programmable logic device, discrete gate or transistor logic, discrete hardware components or its
It is any appropriately combined.
The disclosure also provides a kind of computer readable storage medium, and wherein computer-readable recording medium storage has computer
Instruction, instruction realize method as shown in Figure 1 or 2 when being executed by processor.
By implementing the disclosure, by obscuring processing mode to obtain corresponding data matrix, in the matrix using secondary
Either element it is all related to by whole elements in matrix R obtained by being decomposed to initial data, to effectively mention
The high safety of data.For example, even if hacker attack data center and obtaining stored data, it is also difficult to by general
Decoding technique obtains initial data.Simultaneously as the disclosure does not need complicated Encryption Algorithm, whole process does not need to expend
More computing resources is therefore particularly suitable for the secrecy of the great private data of data volume of such as health account.
Those of ordinary skill in the art will appreciate that realizing that all or part of the steps of above-described embodiment can pass through hardware
It completes, relevant hardware can also be instructed to complete by program, the program can store in a kind of computer-readable
In storage medium, storage medium mentioned above can be read-only memory, disk or CD etc..
The description of the disclosure is given for the purpose of illustration and description, and is not exhaustively or by the disclosure
It is limited to disclosed form.Many modifications and variations are obvious for the ordinary skill in the art.It selects and retouches
Embodiment is stated and be the principle and practical application in order to more preferably illustrate the disclosure, and those skilled in the art is enable to manage
The solution disclosure is to design various embodiments suitable for specific applications with various modifications.
Claims (18)
1. a kind of information ciphering method, comprising:
Initial data is subjected to even partition, to obtain at least two data blocks;
Each data block is decomposed into k number according to sub-block, to obtain the split-matrix R of the initial data;
Conversion process is carried out to the split-matrix R using invertible matrix A, to generate encryption data matrix S, wherein the encryption
Either element in data matrix S is associated with whole elements in the split-matrix R.
2. according to the method described in claim 1, wherein,
Each data block, which is decomposed into k number according to sub-block, includes:
For i-th of data block fi, in finite field ZpMiddle k-1 element of random selection, wherein 1≤i≤n, n are data sub-block number
Amount;
According to the data block fiAnd the k-1 element determines k-th of element;
Using the k-1 element and k-th of element as the data block fiK number according to sub-block.
3. according to the method described in claim 2, wherein,
Utilize formula ri,k=fi·(ri,1·ri,2·…·ri,j·…·ri,k-1)-1Mod p calculates k-th of element ri,k;
Wherein, ri,jIt is from finite field ZpIn the element that is randomly selected, 1≤j≤k-1, p are greater than 2LPrime number, L be the number
According to the length of block.
4. method according to any one of claim 1-3, wherein
Carrying out conversion process to the split-matrix R using invertible matrix A includes:
Conversion process is carried out to the split-matrix R using formula S=ARA, to generate encryption data matrix S.
5. a kind of information decryption method, comprising:
Conversion process is carried out to encryption data matrix S using invertible matrix A, to obtain split-matrix R, wherein the encryption data
Either element in matrix S is associated with whole elements in the split-matrix R;
K number corresponding with each data block is obtained from the split-matrix R according to sub-block;
Corresponding data block is obtained according to sub-block using the k number;
Obtained data block is merged, to obtain initial data.
6. according to the method described in claim 5, wherein,
Obtaining corresponding data block according to sub-block using the k number includes:
Utilize formula ri,k=fi·(ri,1·ri,2·…·ri,j·…·ri,k-1)-1Mod p calculates i-th of data block fi;
Wherein, p is greater than 2LPrime number, L be the data block length, ri,jIt is and i-th of data block fiCorresponding j-th yuan
Element, 1≤j≤k-1, ri,kIt is and i-th of data block fiCorresponding k-th of element.
7. method according to claim 5 or 6, wherein
Carrying out conversion process to encryption data matrix S using invertible matrix A includes:
Utilize formula R=A-1·S·A-1Conversion process is carried out to encryption data matrix S, to obtain split-matrix R.
8. a kind of information encryption device, comprising:
Data segmentation module is configured as initial data carrying out even partition, to obtain at least two data blocks;
Split-matrix generation module is configured as each data block being decomposed into k number according to sub-block, to obtain the original number
According to split-matrix R;
Conversion module is encrypted, is configured as carrying out conversion process to the split-matrix R using invertible matrix A, to generate encryption
Data matrix S, wherein the either element in the encryption data matrix S is associated with whole elements in the split-matrix R.
9. device according to claim 8, wherein
Split-matrix generation module is configured as i-th of data block fi, in finite field ZpMiddle k-1 element of random selection,
In 1≤i≤n, n be data sub-block quantity;According to the data block fiAnd the k-1 element determines k-th of element, it will be described
K-1 element and k-th of element are as the data block fiK number according to sub-block.
10. device according to claim 9, wherein
Split-matrix generation module is configured as utilizing formula ri,k=fi·(ri,1·ri,2·…·ri,j·…·ri,k-1)- 1Mod p calculates k-th of element ri,k;Wherein, ri,jIt is from finite field ZpIn the element that is randomly selected, 1≤j≤k-1, p are big
In 2LPrime number, L be the data block length.
11. the device according to any one of claim 8-10, wherein
Encryption conversion module is configured as carrying out conversion process to the split-matrix R using formula S=ARA, to generate
Encryption data matrix S.
12. a kind of information encryption device, comprising:
Memory is configured as store instruction;
Processor, is coupled to memory, and the instruction execution that processor is configured as storing based on memory realizes such as claim
The method of any one of 1-4.
13. a kind of information decrypts device, comprising:
Conversion module is decrypted, is configured as carrying out conversion process to encryption data matrix S using invertible matrix A, to be decomposed
Matrix R, wherein the either element in the encryption data matrix S is associated with whole elements in the split-matrix R;
Data sub-block obtains module, is configured as obtaining k number corresponding with each data block from the split-matrix R according to son
Block;
Data block generation module is configured as obtaining corresponding data block according to sub-block using the k number;
Data combiners block, the data block for being configured as to obtain merge, to obtain initial data.
14. device according to claim 13, wherein
Data block generation module is configured as utilizing formula ri,k=fi·(ri,1·ri,2·…·ri,j·…·ri,k-1)-1mod
P calculates i-th of data block fi, wherein p is greater than 2LPrime number, L be the data block length, ri,jIt is and i-th of data
Block fiCorresponding j-th of element, 1≤j≤k-1, ri,kIt is and i-th of data block fiCorresponding k-th of element.
15. device described in 3 or 14 according to claim 1, wherein
Decryption conversion module is configured as utilizing formula R=A-1·S·A-1Conversion process is carried out to encryption data matrix S, with
To split-matrix R.
16. a kind of information decrypts device, comprising:
Memory is configured as store instruction;
Processor, is coupled to memory, and the instruction execution that processor is configured as storing based on memory realizes such as claim
The method of any one of 5-7.
17. a kind of security system, comprising:
Information encryption device as described in any one of claim 8-12;
Information as described in any one of claim 13-16 decrypts device.
18. a kind of computer readable storage medium, wherein computer-readable recording medium storage has computer instruction, instructs quilt
The method as described in any one of the method for any one of claim 1-4 or claim 5-7 is realized when processor executes.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710989330.1A CN109698812A (en) | 2017-10-23 | 2017-10-23 | Information ciphering method and device, information decryption method and device and security system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710989330.1A CN109698812A (en) | 2017-10-23 | 2017-10-23 | Information ciphering method and device, information decryption method and device and security system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109698812A true CN109698812A (en) | 2019-04-30 |
Family
ID=66226682
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710989330.1A Pending CN109698812A (en) | 2017-10-23 | 2017-10-23 | Information ciphering method and device, information decryption method and device and security system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109698812A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110188560A (en) * | 2019-05-29 | 2019-08-30 | 华南师范大学 | Information concealing method and robot system based on big data insertion and local behavior |
CN111177740A (en) * | 2019-11-14 | 2020-05-19 | 腾讯科技(深圳)有限公司 | Data confusion processing method, system and computer readable medium |
CN111680329A (en) * | 2020-08-14 | 2020-09-18 | 成都中轨轨道设备有限公司 | Data processing method for improving data security |
CN117768146A (en) * | 2023-11-07 | 2024-03-26 | 眉山市大数据产业发展有限公司 | Data integrity and secret transmission realization method suitable for agricultural informatization big data service |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20070214361A1 (en) * | 2006-10-11 | 2007-09-13 | Frank Rubin | Device, System and Method for Fast Secure Message Encryption Without Key Distribution |
CN102314580A (en) * | 2011-09-20 | 2012-01-11 | 西安交通大学 | Vector and matrix operation-based calculation-supported encryption method |
US20130246789A1 (en) * | 2012-03-16 | 2013-09-19 | Ruca Chien | Method of securing transmission data |
CN104009835A (en) * | 2014-05-16 | 2014-08-27 | 南京邮电大学 | File encrypting and decrypting method allowing parallel computing to be conducted in cloud storage system |
CN105227297A (en) * | 2014-06-10 | 2016-01-06 | 江苏博智软件科技有限公司 | A kind of intelligent cipher protection generation method |
CN105959326A (en) * | 2016-07-13 | 2016-09-21 | 张志华 | Intelligent big data processing device of electric power equipment based on multilevel security |
CN106788884A (en) * | 2016-12-05 | 2017-05-31 | 渤海大学 | A kind of multi-channel data transmission method |
-
2017
- 2017-10-23 CN CN201710989330.1A patent/CN109698812A/en active Pending
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20070214361A1 (en) * | 2006-10-11 | 2007-09-13 | Frank Rubin | Device, System and Method for Fast Secure Message Encryption Without Key Distribution |
CN102314580A (en) * | 2011-09-20 | 2012-01-11 | 西安交通大学 | Vector and matrix operation-based calculation-supported encryption method |
US20130246789A1 (en) * | 2012-03-16 | 2013-09-19 | Ruca Chien | Method of securing transmission data |
CN104009835A (en) * | 2014-05-16 | 2014-08-27 | 南京邮电大学 | File encrypting and decrypting method allowing parallel computing to be conducted in cloud storage system |
CN105227297A (en) * | 2014-06-10 | 2016-01-06 | 江苏博智软件科技有限公司 | A kind of intelligent cipher protection generation method |
CN105959326A (en) * | 2016-07-13 | 2016-09-21 | 张志华 | Intelligent big data processing device of electric power equipment based on multilevel security |
CN106788884A (en) * | 2016-12-05 | 2017-05-31 | 渤海大学 | A kind of multi-channel data transmission method |
Non-Patent Citations (4)
Title |
---|
PARAKH A ETAL;: "Online data storage using implicit security", 《INFORMATION SCIENCES》 * |
叶薇: "支持多级隐私保护的云备份系统的研究与实现", 《中国优秀硕士学位论文全文数据库信息科技辑(月刊)》 * |
周静岚: "云存储数据隐私保护机制的研究", 《中国优秀硕士学位论文全文数据库信息科技辑(月刊)》 * |
毛剑 等: "云计算环境下隐私保护方案", 《清华大学学报(自然科学版)》 * |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110188560A (en) * | 2019-05-29 | 2019-08-30 | 华南师范大学 | Information concealing method and robot system based on big data insertion and local behavior |
CN111177740A (en) * | 2019-11-14 | 2020-05-19 | 腾讯科技(深圳)有限公司 | Data confusion processing method, system and computer readable medium |
CN111177740B (en) * | 2019-11-14 | 2023-05-02 | 腾讯科技(深圳)有限公司 | Data confusion processing method, system and computer readable medium |
CN111680329A (en) * | 2020-08-14 | 2020-09-18 | 成都中轨轨道设备有限公司 | Data processing method for improving data security |
CN117768146A (en) * | 2023-11-07 | 2024-03-26 | 眉山市大数据产业发展有限公司 | Data integrity and secret transmission realization method suitable for agricultural informatization big data service |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Sohal et al. | BDNA-A DNA inspired symmetric key cryptographic technique to secure cloud computing | |
JP6732141B2 (en) | Conversion key generation device, ciphertext conversion device, secret information processing system, conversion key generation method, conversion key generation program, ciphertext conversion method, and ciphertext conversion program | |
CN109698812A (en) | Information ciphering method and device, information decryption method and device and security system | |
Mandal et al. | Symmetric key image encryption using chaotic Rossler system | |
JP6575532B2 (en) | Encryption device, decryption device, encryption processing system, encryption method, decryption method, encryption program, and decryption program | |
US11101980B2 (en) | System and method for adding and comparing integers encrypted with quasigroup operations in AES counter mode encryption | |
CN106598882A (en) | Secure memory data protection method and device | |
CN110505054B (en) | Data processing method, device and equipment based on dynamic white box | |
GB2532836A (en) | Address-dependent key generation with substitution-permutation network | |
CN108494546A (en) | A kind of whitepack encryption method, device and storage medium | |
Sekar et al. | Comparative study of encryption algorithm over big data in cloud systems | |
CN111130784B (en) | Key generation method and device, CPU chip and server | |
Patil et al. | Pixel co-ordinate-based secret image sharing scheme with constant size shadow images | |
EP3298720B1 (en) | Computing with encrypted values | |
Kasiran et al. | Time performance analysis of advanced encryption standard and data encryption standard in data security transaction | |
Ugbedeojo et al. | RSA and Elliptic Curve Encryption System: A Systematic Literature Review | |
CN114257402B (en) | Encryption algorithm determining method, device, computer equipment and storage medium | |
CN115276952A (en) | Private data processing method and device | |
KR101133988B1 (en) | Method for encrypting and decrypting stream and cryptographic file systems thereof | |
CN113645022A (en) | Method and device for determining privacy set intersection, electronic equipment and storage medium | |
JP6452910B1 (en) | Secret analysis device, secret analysis system, secret analysis method, and secret analysis program | |
KR20170005850A (en) | Encryption device, storage system, decryption device, encryption method, decryption method, encryption program, and decryption program | |
Sakharkar | Survey of cryptographic techniques to certify sharing of information in cloud computing | |
Law et al. | Secure Medical Data Management Based on Homomorphic Encryption and Secret Sharing | |
Kristianti et al. | Implementation optimization of the DES algorithm on FPGA to support smartcard processors |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190430 |
|
RJ01 | Rejection of invention patent application after publication |