CN111310211A - Method for encrypting database by using SM4 algorithm - Google Patents
Method for encrypting database by using SM4 algorithm Download PDFInfo
- Publication number
- CN111310211A CN111310211A CN202010100719.8A CN202010100719A CN111310211A CN 111310211 A CN111310211 A CN 111310211A CN 202010100719 A CN202010100719 A CN 202010100719A CN 111310211 A CN111310211 A CN 111310211A
- Authority
- CN
- China
- Prior art keywords
- data
- algorithm
- encryption
- database
- encrypting
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6227—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
Abstract
The invention discloses a method for encrypting a database by a quotient secret SM4 algorithm, which comprises the following steps: encrypting plaintext data by using an SM4 algorithm and then packaging the plaintext data according to an encryption protocol format; the encryption protocol format is as follows in sequence: the total length of the ciphertext, the data of the first half of the ciphertext, the total length of the plaintext before encryption and the data of the second half of the ciphertext; and storing the packaged encrypted data into a database. The invention utilizes SM4 algorithm to encrypt and package data according to encryption protocol format, so as to scramble the data and store the scrambled data in the database, thereby ensuring privacy in any transmission path before decryption, and even if the data is intercepted maliciously, the data cannot be easily cracked into plaintext.
Description
Technical Field
The invention relates to the field of development of various application systems with data storage functions, such as data encryption storage of a Web application system and storage data encryption of mobile terminal APP software, in particular to a method for encrypting a database by a commercial secret SM4 algorithm.
Background
In contrast to other mainstream encryption algorithms, the SM4 packet cipher algorithm is a special packet cipher algorithm for wireless local area networks and trusted computing systems, and the SM4 algorithm has a packet length of 128 bits and a key length of 128 bits. The SM4 algorithm is a packet symmetric cryptographic algorithm designed by the country independently, and is used for encryption/decryption operations of data, and also can be used for encryption protection of network data and encryption protection of stored data or files. The SM4 algorithm is also capable of resisting various attack methods for block cipher algorithms, including exhaustive search attacks, differential attacks, linear attacks, etc.
In the current big data era, the big data security problem (such as stealing and tampering important data in a computer system by illegal means, loss of confidential data caused by data transmission security problem, and the like) is particularly prominent in order to meet the social development requirements and the data security and reliability. Therefore, as a weak link in the security protection of the current application system, it is urgently needed to introduce a relatively high-security information security encryption technology and measure to ensure the security of data in the processes of storage, transmission and the like.
Disclosure of Invention
The technical problem to be solved by the invention is as follows: aiming at the existing problems, the method for encrypting the database by the commercial cipher SM4 algorithm is provided, is used for encrypting and packaging the stored data of the database, and can be applied to various application systems needing the stored data of the database.
The technical scheme adopted by the invention is as follows:
a method of encrypting a database using a secret SM4 algorithm, the method comprising:
encrypting plaintext data by using an SM4 algorithm and then packaging the plaintext data according to an encryption protocol format; the encryption protocol format is as follows in sequence: the total length of the ciphertext, the data of the first half of the ciphertext, the total length of the plaintext before encryption and the data of the second half of the ciphertext;
and storing the packaged encrypted data into a database.
The method for encrypting the plaintext data by using the SM4 algorithm comprises the following steps: the SM4 algorithm, the fixed encryption key and the plaintext data to be encrypted are used for encryption operation.
The first half of data of the ciphertext is the first half of encrypted data after encryption operation is performed on the plaintext data to be encrypted by using an SM4 algorithm, a fixed encryption key and the fixed encryption key.
The second half of the ciphertext data is the second half of the encrypted data after encryption operation is performed on the SM4 algorithm, the fixed encryption key and the plaintext data to be encrypted.
Further, the total length of the ciphertext is stored in a small-end storage mode converted into four bytes.
Further, the total length before plaintext encryption adopts a small-end storage mode converted into four bytes.
Further, the operation of encapsulating in the encryption protocol format after encryption using the SM4 algorithm may be performed one or more times.
In summary, due to the adoption of the technical scheme, the invention has the beneficial effects that:
the invention utilizes SM4 algorithm to encrypt and package data according to encryption protocol format, so as to scramble the data and store the scrambled data in the database, thereby ensuring privacy in any transmission path before decryption, and even if the data is intercepted maliciously, the data cannot be easily cracked into plaintext.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present invention and therefore should not be considered as limiting the scope, and for those skilled in the art, other related drawings can be obtained according to the drawings without inventive efforts.
Fig. 1 is a schematic diagram of an encryption protocol format of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the detailed description and specific examples, while indicating the preferred embodiment of the invention, are intended for purposes of illustration only and are not intended to limit the scope of the invention. The components of embodiments of the present invention generally described and illustrated in the figures herein may be arranged and designed in a wide variety of different configurations. Thus, the following detailed description of the embodiments of the present invention, presented in the figures, is not intended to limit the scope of the invention, as claimed, but is merely representative of selected embodiments of the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present invention without making any creative effort, shall fall within the protection scope of the present invention.
The features and properties of the present invention are described in further detail below with reference to examples.
As shown in fig. 1, the method for encrypting a database by using the secret SM4 algorithm provided in this embodiment includes:
encrypting plaintext data by using an SM4 algorithm and then packaging the plaintext data according to an encryption protocol format; the encryption protocol format is as follows in sequence: the total length of the ciphertext, the data of the first half of the ciphertext, the total length of the plaintext before encryption and the data of the second half of the ciphertext;
and storing the packaged encrypted data into a database.
The method for encrypting the plaintext data by using the SM4 algorithm comprises the following steps: the SM4 algorithm, the fixed encryption key and the plaintext data to be encrypted are used for encryption operation.
The SM4 algorithm is a national secret SM4 symmetric cryptographic algorithm.
(1) The total length of the ciphertext is the total length of the ciphertext encrypted by using an SM4 algorithm, the ciphertext is not encrypted and protected, and a small-end storage mode converted into four bytes is adopted to ensure the integrity of encrypted data during decryption.
(2) The first half of data of the ciphertext is the first half of encrypted data after encryption operation is carried out on the plaintext data to be encrypted by using an SM4 algorithm and a fixed encryption key.
(3) The total length before plaintext encryption is the total length of plaintext data to be encrypted before SM4 encryption, encryption protection is not performed on the plaintext data, and a small-end storage mode converted into four bytes is adopted to ensure that the lengths of the obtained decrypted data are consistent after SM4 algorithm decryption operation is run.
(4) The second half data of the ciphertext is the second half encrypted data after encryption operation is carried out on the SM4 algorithm, the fixed encryption key and the plaintext data to be encrypted.
Further, the operation of encapsulating in the encryption protocol format after encryption using the SM4 algorithm may be performed one or more times. That is, the data packaged by the installed encryption protocol format is split and combined again to increase the complexity of the encrypted data, and the integrity and the tamper-proof performance of the encrypted data are ensured.
According to the invention, the SM4 algorithm is used for encrypting the data which is packaged according to the encryption protocol format, and the data is scrambled and then stored in the database, so that the privacy of any transmission path before decryption is ensured, and the plaintext cannot be easily cracked even if the data is maliciously intercepted.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents and improvements made within the spirit and principle of the present invention are intended to be included within the scope of the present invention.
Claims (7)
1. A method for encrypting a database by a secret SM4 algorithm, the method comprising:
encrypting plaintext data by using an SM4 algorithm and then packaging the plaintext data according to an encryption protocol format; the encryption protocol format is as follows in sequence: the total length of the ciphertext, the data of the first half of the ciphertext, the total length of the plaintext before encryption and the data of the second half of the ciphertext;
and storing the packaged encrypted data into a database.
2. The method for encrypting the database by the SM4 quotient algorithm according to claim 1, wherein the method for encrypting the plaintext data by the SM4 algorithm comprises: the SM4 algorithm, the fixed encryption key and the plaintext data to be encrypted are used for encryption operation.
3. The method for encrypting the database by the quotient secret SM4 algorithm according to claim 2, wherein the first half of the ciphertext data is the first half of the ciphertext data after being encrypted by the SM4 algorithm, the fixed encryption key and the plaintext data to be encrypted.
4. The method for encrypting the database by the quotient secret SM4 algorithm according to claim 2, wherein the ciphertext latter half data is the latter half encrypted data after encryption operation by the SM4 algorithm, the fixed encryption key and the plaintext data to be encrypted.
5. The method for encrypting the database by the quotient cipher SM4 algorithm according to claim 1, wherein the total length of the ciphertext is stored in a small end storage mode converted into a size of four bytes.
6. The method for encrypting the database by the quotient secret SM4 algorithm according to claim 1, wherein the total length before plaintext encryption adopts a small-end storage mode converted into a size of four bytes.
7. Method for encrypting a database according to the secret SM4 algorithm of any of claims 1-6, characterized in that the operation of encapsulating in the encryption protocol format after encryption with the SM4 algorithm can be performed one or more times.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010100719.8A CN111310211A (en) | 2020-02-19 | 2020-02-19 | Method for encrypting database by using SM4 algorithm |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010100719.8A CN111310211A (en) | 2020-02-19 | 2020-02-19 | Method for encrypting database by using SM4 algorithm |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111310211A true CN111310211A (en) | 2020-06-19 |
Family
ID=71158317
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010100719.8A Pending CN111310211A (en) | 2020-02-19 | 2020-02-19 | Method for encrypting database by using SM4 algorithm |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111310211A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115021982A (en) * | 2022-05-19 | 2022-09-06 | 上海欧冶金融信息服务股份有限公司 | Encryption and decryption method and medium based on quotient secret algorithm SM4 |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2002017554A2 (en) * | 2000-08-24 | 2002-02-28 | Vdg Inc. | Parallel bock encryption method and modes for data confidentiality and integrity protection |
| CN101061661A (en) * | 2004-10-20 | 2007-10-24 | 思科技术公司 | Enciphering method |
| CN101311942A (en) * | 2007-05-23 | 2008-11-26 | 西门子(中国)有限公司 | Software encryption and decryption method and encryption and decryption device |
| CN104394148A (en) * | 2014-11-26 | 2015-03-04 | 东南大学 | IPSec (Internet Protocol Security) protocol outgoing processing hardware implementation system under IPv6 (Internet Protocol version 6) |
| CN105100115A (en) * | 2015-08-27 | 2015-11-25 | 中国科学院信息工程研究所 | Data storage method for privacy protection based on encryption password and data fractionation |
| CN109787764A (en) * | 2019-03-25 | 2019-05-21 | 四川九洲空管科技有限责任公司 | A kind of encryption method based on cipher key delivery equipment |
| CN110730366A (en) * | 2019-10-30 | 2020-01-24 | 杭州叙简科技股份有限公司 | Bit operation-based lightweight video stream encryption and decryption method and encryption and decryption mechanism |
-
2020
- 2020-02-19 CN CN202010100719.8A patent/CN111310211A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2002017554A2 (en) * | 2000-08-24 | 2002-02-28 | Vdg Inc. | Parallel bock encryption method and modes for data confidentiality and integrity protection |
| CN101061661A (en) * | 2004-10-20 | 2007-10-24 | 思科技术公司 | Enciphering method |
| CN101311942A (en) * | 2007-05-23 | 2008-11-26 | 西门子(中国)有限公司 | Software encryption and decryption method and encryption and decryption device |
| CN104394148A (en) * | 2014-11-26 | 2015-03-04 | 东南大学 | IPSec (Internet Protocol Security) protocol outgoing processing hardware implementation system under IPv6 (Internet Protocol version 6) |
| CN105100115A (en) * | 2015-08-27 | 2015-11-25 | 中国科学院信息工程研究所 | Data storage method for privacy protection based on encryption password and data fractionation |
| CN109787764A (en) * | 2019-03-25 | 2019-05-21 | 四川九洲空管科技有限责任公司 | A kind of encryption method based on cipher key delivery equipment |
| CN110730366A (en) * | 2019-10-30 | 2020-01-24 | 杭州叙简科技股份有限公司 | Bit operation-based lightweight video stream encryption and decryption method and encryption and decryption mechanism |
Non-Patent Citations (2)
| Title |
|---|
| 杜之波 等: "针对SM4密码算法的多点联合能量分析攻击", 《计算机研究与发展》 * |
| 闫少勃: "国产化PLC上下位机安全通信技术研究", 《中国优秀硕士学位论文全文数据库 信息科技辑》 * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115021982A (en) * | 2022-05-19 | 2022-09-06 | 上海欧冶金融信息服务股份有限公司 | Encryption and decryption method and medium based on quotient secret algorithm SM4 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111709038B (en) | File encryption and decryption method, distributed storage system, device and storage medium | |
| CN111371549B (en) | Message data transmission method, device and system | |
| CN113691502B (en) | Communication method, device, gateway server, client and storage medium | |
| CN103414682A (en) | Method for cloud storage of data and system | |
| CN102904712A (en) | Information encrypting method | |
| CN111970114B (en) | File encryption method, system, server and storage medium | |
| CN104009842A (en) | Communication data encryption and decryption method based on DES encryption algorithm, RSA encryption algorithm and fragile digital watermarking | |
| CN107995147B (en) | Metadata encryption and decryption method and system based on distributed file system | |
| CN112653719A (en) | Automobile information safety storage method and device, electronic equipment and storage medium | |
| CN113312608A (en) | Electric power metering terminal identity authentication method and system based on timestamp | |
| Agarwal et al. | Authenticating cryptography over network in data | |
| Indrayani et al. | Effectiveness comparison of the AES and 3DES cryptography methods on email text messages | |
| CN112202773B (en) | Computer network information security monitoring and protection system based on internet | |
| CN111310211A (en) | Method for encrypting database by using SM4 algorithm | |
| CN109995519A (en) | A kind of quantum key traffic service method and system | |
| CN102223229A (en) | Method for safe transmission of data in public network | |
| CN101325486B (en) | Method and apparatus for transferring field permission cryptographic key | |
| CN113784342B (en) | Encryption communication method and system based on Internet of things terminal | |
| CN115001758A (en) | Short byte message security encryption method based on quantum encryption | |
| CN115175178A (en) | Data security processing method of nuclear power station, 5G terminal and system | |
| CN114844713A (en) | Video stream encryption method based on cryptographic algorithm and related equipment | |
| CN113472539A (en) | Method for carrying out national encryption by using RDMA R _ Key | |
| CN111314287A (en) | Public key encryption communication mode and device | |
| CN114615054B (en) | Dynamic encryption transmission method based on code table | |
| Li | Exploring the Application of Data Encryption Technology in Computer Network Security |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200619 |