CN111611595B - Data encryption method and device - Google Patents
Data encryption method and device Download PDFInfo
- Publication number
- CN111611595B CN111611595B CN202010251449.0A CN202010251449A CN111611595B CN 111611595 B CN111611595 B CN 111611595B CN 202010251449 A CN202010251449 A CN 202010251449A CN 111611595 B CN111611595 B CN 111611595B
- Authority
- CN
- China
- Prior art keywords
- data
- length
- encrypted
- integer
- initial
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Abstract
A data encryption method and device relate to the field of data encryption, and the method comprises the following steps: encrypting the data to be encrypted through a secret key to obtain initial encrypted data; generating first data according to a preset data transformation rule and the initial encrypted data, wherein the evolution result of the data length of the first data is an integer; performing nonlinear two-dimensional conversion on the first data; and carrying out nonlinear one-dimensional conversion on the first data after nonlinear two-dimensional conversion to obtain final encrypted data. The data encryption method and device improve the complexity of data encryption, prevent encrypted data from being cracked, and improve the safety of the data.
Description
Technical Field
The present disclosure relates to the field of data encryption, and in particular, to a data encryption method and apparatus.
Background
A general company can generate a lot of data in the operation process, and if the data is leaked, huge economic losses are brought to the company. For example, the source code may be compiled into a byte code file, and the server reads the byte code file and operates accordingly according to the byte instructions in the byte code file when the interpreter is running. That is, even without a source code program, the bytecode file can be interpreted to run. This has the consequence that if the bytecode leaks, it is easily decompiled to source code, with a safety hazard.
Disclosure of Invention
In order to solve the above technical problems or at least partially solve the above technical problems, the present application provides a data encryption method and apparatus.
In a first aspect, the present application provides a data encryption method, the method including:
encrypting the data to be encrypted through a secret key to obtain initial encrypted data;
generating first data according to a preset data transformation rule and the initial encrypted data, wherein the evolution result of the data length of the first data is an integer;
performing nonlinear two-dimensional conversion on the first data;
and carrying out nonlinear one-dimensional conversion on the first data after nonlinear two-dimensional conversion to obtain final encrypted data.
Optionally, the generating the first data according to the preset data transformation rule and the initial encrypted data includes:
performing length transformation on the initial encrypted data to obtain comprehensive data;
determining the comprehensive data length of the comprehensive data, and judging whether the evolution result of the comprehensive data length is an integer;
if the evolution result of the integrated data length is not an integer, generating additional integrated data based on the integrated data, and taking the additional integrated data as the first data, wherein the evolution result of the data length of the additional integrated data is an integer;
and if the evolution result of the integrated data length is an integer, taking the integrated data as the first data.
Optionally, the performing the length transformation on the initial encrypted data to obtain integrated data includes:
determining a data length value of the initial encrypted data;
and adding second data after the initial encrypted data to obtain comprehensive data, wherein the second data is a data length value of the initial encrypted data.
Optionally, the generating additional comprehensive data based on the comprehensive data includes:
determining a minimum value which is larger than the comprehensive data length and the evolution result is an integer;
calculating the difference between the minimum value and the length of the comprehensive data;
acquiring random data with the data length of the difference value;
and inserting the random data between the initial encrypted data and the second data to generate additional comprehensive data.
Optionally, the performing the nonlinear two-dimensional conversion on the first data includes:
the first data are arranged in a square matrix.
Optionally, the performing the nonlinear one-dimensional conversion on the first data after the nonlinear two-dimensional conversion to obtain final encrypted data includes:
and serializing the square matrix through a Hilbert curve to obtain final encrypted data.
Optionally, the method further comprises:
performing nonlinear two-dimensional conversion on the final encrypted data;
carrying out nonlinear one-dimensional conversion on the final encrypted data after nonlinear two-dimensional conversion to obtain the first data;
generating the initial encrypted data according to the first data and a preset data transformation inverse rule;
and decrypting the initial encrypted data to obtain the data to be encrypted.
In a second aspect, the present application provides a data encryption apparatus, the apparatus comprising:
the encryption module is used for encrypting the data to be encrypted through the secret key to obtain initial encrypted data;
the first generation module is used for generating first data according to a preset data transformation rule and the initial encrypted data, wherein the evolution result of the data length of the first data is an integer;
the first conversion module is used for carrying out nonlinear two-dimensional conversion on the first data;
and the second conversion module is used for carrying out nonlinear one-dimensional conversion on the first data subjected to the nonlinear two-dimensional conversion to obtain final encrypted data.
Optionally, the first generating module includes:
the transformation unit is used for carrying out length transformation on the initial encrypted data to obtain comprehensive data;
the judging unit is used for determining the comprehensive data length of the comprehensive data and judging whether the evolution result of the comprehensive data length is an integer or not;
a first generating unit, configured to generate additional integrated data based on the integrated data if the result of the evolution of the integrated data length is not an integer, and take the additional integrated data as the first data, where the result of the evolution of the data length of the additional integrated data is an integer;
and the second generation unit is used for taking the integrated data as the first data if the evolution result of the integrated data length is an integer.
Optionally, the transforming unit includes:
a first determination subunit configured to determine a data length value of the initial encrypted data;
and the adding subunit is used for adding second data after the initial encrypted data to obtain comprehensive data, wherein the second data is the data length value of the initial encrypted data.
Optionally, the first generating unit includes:
the second determining subunit is used for determining the minimum value which is larger than the comprehensive data length and the evolution result is an integer;
a calculating subunit, configured to calculate a difference between the minimum value and the integrated data length;
an acquisition subunit, configured to acquire random data with a data length being the difference value;
an inserting subunit, configured to insert the random data between the initial encrypted data and the second data, and generate additional integrated data.
Optionally, the first conversion module includes:
and the arrangement unit is used for arranging the first data into a square matrix.
Optionally, the second conversion module includes:
and the serialization unit is used for serializing the square matrix through the Hilbert curve to obtain final encrypted data.
Optionally, the apparatus further includes:
the third conversion module is used for carrying out nonlinear two-dimensional conversion on the final encrypted data;
the fourth conversion module is used for carrying out nonlinear one-dimensional conversion on the final encrypted data after nonlinear two-dimensional conversion to obtain the first data;
the second generation module is used for generating the initial encrypted data according to the first data and a preset data transformation inverse rule;
and the decryption module is used for decrypting the initial encrypted data to obtain the data to be encrypted.
Compared with the prior art, the technical scheme provided by the embodiment of the application has the following advantages:
the embodiment of the application provides a data encryption method, which is characterized in that data to be encrypted is encrypted, and then nonlinear transformation between one dimension and two dimensions is carried out, so that the data sequence is disordered, the complexity of data encryption is improved, meanwhile, random data with variable data length is added in the data, the complexity of data encryption is improved, the encrypted data is prevented from being cracked, and the safety of the data is improved.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the invention and together with the description, serve to explain the principles of the invention.
In order to more clearly illustrate the embodiments of the invention or the technical solutions of the prior art, the drawings which are used in the description of the embodiments or the prior art will be briefly described, and it will be obvious to a person skilled in the art that other drawings can be obtained from these drawings without inventive effort.
Fig. 1 is a flowchart of a data encryption method provided in an embodiment of the present application;
FIG. 2 is a flowchart of a method for generating first data according to an embodiment of the present application;
FIG. 3 is a flow chart of a method for generating additional integrated data provided by an embodiment of the present application;
FIG. 4 is a flowchart of a method for encrypting data according to an embodiment of the present application;
fig. 5 is a schematic diagram of a data encryption device according to an embodiment of the present application;
fig. 6 is a schematic diagram of an electronic device according to an embodiment of the present application.
Detailed Description
For the purposes of making the objects, technical solutions and advantages of the embodiments of the present application more clear, the technical solutions of the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is apparent that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be made by one of ordinary skill in the art without undue burden from the present disclosure, are within the scope of the present application based on the embodiments herein.
Fig. 1 is a schematic diagram of a data encryption method provided in an embodiment of the present application, which may be applied to a server, for increasing complexity of data in an encryption process, and specifically includes the following steps:
step 101: and encrypting the data to be encrypted through the secret key to obtain initial encrypted data.
In this embodiment of the present application, the server performs initial encryption on the data to be encrypted through the key, where the data to be encrypted may be byte code data. Specifically, the initial encryption may include various ways, such as the server exchanging the positions of the characters in the data to be encrypted by a key, or in the case that the data to be encrypted is a number, the server adds a preset value to each number in the data to be encrypted by a key, so that it becomes a new number. The specific manner of initial encryption is not limited in this application. The server takes the encrypted data to be encrypted as initial encrypted data, and the initial encrypted data is consistent with the character string length of the data to be encrypted.
For example, if the data to be encrypted is abcd, the initial encryption uses the key to scramble the positions of the characters of the data to be encrypted, so as to obtain initial encrypted data bcea. If the data to be encrypted is 4568, the initial encryption adds a preset value of 1 to each number in the data to be encrypted through the key, and initial encrypted data 5679 is obtained.
Step 102: and generating first data according to the preset data transformation rule and the initial encrypted data.
Wherein the result of the evolution of the data length of the first data is an integer.
In this embodiment of the present invention, after obtaining initial encrypted data, a server generates first data according to a preset data transformation rule and the initial encrypted data, where an evolution result of a data length of the first data is an integer, and the preset data transformation rule is used to increase the data length of the initial encrypted data, so that the evolution result of the increased data length is an integer.
In one implementation, the server may determine whether an evolution result of the data length of the initial encrypted data is an integer, and if the evolution result of the data length of the initial encrypted data is an integer, take the initial encrypted data as the first data; if the data length of the initial encrypted data is not an integer, determining a minimum value which is larger than the initial encrypted data length and the data length of which is an integer, calculating a difference value between the minimum value and the initial encrypted data length, and setting a preset value with the value length being the difference value to the initial encrypted data to generate first data. Wherein the last value of the preset values is the same as the value of the initial encrypted data length.
For example, if the initial encrypted data is bcda12358, the initial encrypted data length is 9, and the evolution result is an integer of 3, then the server takes bcda12358 as the first data.
If the initial encrypted data is bcda, the initial encrypted data length is 4, the evolution result is not an integer, the server determines that the minimum value which is greater than 4 and the evolution result is an integer is 9, the server calculates that the difference between 9 and 4 is 5, and the server sets the preset value with the value length of 5 and the last value of 4 to bcda, and then the preset value can be 12344 or 65984.
In addition, other implementations are possible for generating the first data according to the preset data transformation rule and the initial encrypted data, and the specific process will be described in detail later.
Step 103: and carrying out nonlinear two-dimensional conversion on the first data.
In the embodiment of the application, the server performs nonlinear two-dimensional conversion on the first data, so that the arrangement mode of each character in the first data can be disturbed.
Optionally, the process of performing nonlinear two-dimensional conversion on the first data is: the first data are arranged in a square matrix.
In the embodiment of the present application, since the result of the evolution of the data length of the first data is an integer, the first data may be arranged in a square matrix.
For example, the data length of the first data is 9, and the evolution result 3 of 9 is an integer, so the first data is arranged in a 3×3 matrix.
Step 104: and carrying out nonlinear one-dimensional conversion on the first data after nonlinear two-dimensional conversion to obtain final encrypted data.
In the embodiment of the application, the server performs nonlinear one-dimensional conversion on the first data after nonlinear two-dimensional conversion, so that the final encrypted data is still one-dimensional data, and a worker can conveniently store the one-dimensional final encrypted data.
Optionally, the process of performing the nonlinear one-dimensional conversion on the first data after the nonlinear two-dimensional conversion is: the square matrix is serialized by Hilbert curve.
In the embodiment of the present application, the server sequences the first data arranged into the square matrix through the hilbert curve, to obtain the final encrypted data.
The server firstly carries out nonlinear one-dimensional conversion and then nonlinear two-dimensional conversion on the first data, so that the sequence of the first data is disordered, and the safety and complexity of the data are improved.
As shown in fig. 2, another implementation manner of generating the first data is provided in the embodiment of the present application, which specifically includes the following steps:
step 201: and performing length transformation on the initial encrypted data to obtain comprehensive data.
In the embodiment of the present application, the manner in which the server performs the length transformation on the initial encrypted data to obtain the integrated data may be various, and several possible implementation manners are provided in the embodiment of the present application.
In one implementation, a data length value of initial encrypted data may be determined; and adding second data after the initial encryption data to obtain comprehensive data, wherein the second data is the data length value of the initial encryption data.
Specifically, after obtaining the initial encrypted data, the server determines a data length value N of the initial encrypted data, where N is a positive integer. And adding second data after the initial encrypted data by the server to obtain comprehensive data, wherein the second data is a data length value of the initial encrypted data.
For example, the initial encrypted data is bcda, the server determines that the data length value of bcda is 4, and then the server adds 4 to bcda to obtain the integrated data bcda4.
The second data represents a data length value of the initial encrypted data, and the server locates the second data after the initial encrypted data so that the data length value of the initial encrypted data can be known through the second data when decrypting the final encrypted data.
In another implementation, a data length value of the initial encrypted data may be determined; and adding third data after the initial encryption data to obtain comprehensive data, wherein the third data is specific data corresponding to the data length value of the initial encryption data.
Specifically, after determining the data length value of the initial encrypted data, the server determines specific data corresponding to the data length value of the initial encrypted data according to the corresponding relationship between the data length value and the data, takes the specific data as third data, and adds the third data after the initial encrypted data to obtain comprehensive data.
For example, the initial encrypted data is bcda, the server determines that the data length value of bcda is 4, and the specific data corresponding to 4 is "+", and then the server locates "+" after bcda, so as to obtain comprehensive data bcda+.
Step 202: and determining the comprehensive data length of the comprehensive data, and judging whether the evolution result of the comprehensive data length is an integer.
In the embodiment of the application, after obtaining the comprehensive data, the server determines the comprehensive data length of the comprehensive data, and determines whether the evolution result of the comprehensive data length is an integer. If the server determines that the result of the evolution of the integrated data length is not an integer, then step 203 is executed; if the server determines that the result of the evolution of the integrated data length is an integer, then step 204 is performed.
Step 203: additional integrated data is generated based on the integrated data, and the additional integrated data is taken as first data.
Wherein the result of the evolution of the data length of the additional integrated data is an integer.
In this embodiment of the present application, if the server determines that the evolution result of the integrated data length is not an integer, the server generates additional integrated data based on the integrated data, and takes the additional integrated data as the first data, where the evolution result of the data length of the additional integrated data is an integer.
For example, if the integrated data is bcda4, the integrated data length is 5, and the evolution result is not an integer, the server generates additional integrated data bcda12354, and bcda12354 is used as the first data.
Step 204: the integrated data is taken as first data.
In this embodiment of the present application, if the server determines that the result of the evolution of the integrated data length is an integer, the server uses the integrated data as the first data.
For example, if the integrated data is bcda12358, the integrated data length is 9, the evolution result is the integer 3, then the server takes bcda12358 as the first data.
Optionally, as shown in fig. 3, generating additional comprehensive data based on the comprehensive data includes:
step 301: the minimum value that is greater than the integrated data length and the evolution result is an integer is determined.
In this embodiment of the present application, if the evolution result of the integrated data length is not an integer, the server determines a minimum value that is greater than the integrated data length and that is an integer, so that the minimum integer evolution result is an integer.
For example, if the evolution result for the integrated data length of 5,5 is not an integer, then the server determines that the minimum value of the evolution result is an integer greater than 5 is 9.
Step 302: the difference between the minimum value and the integrated data length is calculated.
In the embodiment of the application, the server calculates the difference between the minimum value and the integrated data length.
For example, the composite data length is 5, the minimum value is 9, and the server calculates the difference between 9 and 5 to be 4.
Step 303: and acquiring random data with the data length being the difference value.
In the embodiment of the application, after calculating the difference between the minimum value and the comprehensive data length, the server acquires random data with the data length being the difference from a preset database.
For example, the server calculates that the difference between 9 and 5 is 4, and then the server acquires random data, the data length of which is 4. The random data may be 1234 or-! The embodiment of the present application does not specifically limit the random data.
Step 304: random data is inserted between the initial encrypted data and the second data to generate additional integrated data.
In the embodiment of the application, after the server acquires the random data, the random data is inserted between the initial encrypted data and the second data to obtain the additional comprehensive data, and the addition of the random data enables the evolution result of the data length of the additional comprehensive data to be an integer, so that the additional comprehensive data can be subjected to nonlinear two-dimensional conversion. The random data is inserted between the initial encrypted data and the second data, so that when the final encrypted data is decrypted, the data length value of the initial encrypted data can be obtained according to the second data, namely the last character of the final encrypted data.
Optionally, the process of decrypting the final encrypted data is:
carrying out nonlinear two-dimensional conversion on the final encrypted data; carrying out nonlinear one-dimensional conversion on the final encrypted data after nonlinear two-dimensional conversion to obtain first data; generating initial encrypted data according to the first data and a preset data transformation inverse rule; and decrypting the initial encrypted data to obtain the data to be encrypted.
The server carries out nonlinear two-dimensional conversion on the final encrypted data; and carrying out nonlinear one-dimensional conversion on the final encrypted data after nonlinear two-dimensional conversion to obtain first data. If the evolution result of the length of the integrated data is an integer in the encryption process of the data to be encrypted, the server takes the integrated data as first data; if the result of the evolution of the length of the integrated data is not an integer in the encryption process of the data to be encrypted, the server takes the additional integrated data as first data, generates initial encrypted data according to the first data and a preset data transformation inverse rule, and decrypts the initial encrypted data to obtain the data to be encrypted.
For example, the server performs nonlinear two-dimensional conversion on the final encrypted data; and carrying out nonlinear one-dimensional conversion on the final encrypted data after nonlinear two-dimensional conversion to obtain first data bcda12358. If the result of the evolution of the length of the integrated data is an integer in the encryption process of the data to be encrypted, the server determines that the integrated data is identical to the first data, and the integrated data is bcda12358, the server removes the last character in the first data, takes the remaining characters as initial encrypted data bcda1235, and decrypts the initial encrypted data to obtain data abcd2346 to be encrypted.
The server carries out nonlinear two-dimensional conversion on the final encrypted data; and carrying out nonlinear one-dimensional conversion on the final encrypted data after nonlinear two-dimensional conversion to obtain first data bcda12354. If the result of the evolution of the integrated data length is not an integer in the encryption process of the data to be encrypted, the server can know that the data length of the initial encrypted data is 4 according to the second data 4, then the server reserves the first four data in the first data as initial encrypted data bcda, and decrypts the initial encrypted data to obtain the data abcd to be encrypted.
In this embodiment, as shown in fig. 4, a flowchart of a data encryption method is further provided, and specific steps are as follows:
step 401: and encrypting the data to be encrypted through the secret key to obtain initial encrypted data.
In the embodiment of the application, the server performs initial encryption on the data to be encrypted through the secret key to obtain initial encrypted data.
Step 402: and performing length transformation on the initial encrypted data to obtain comprehensive data.
In this embodiment of the present application, after obtaining initial encrypted data, the server determines a data length value N of the initial encrypted data, where N is a positive integer. And adding second data after the initial encrypted data by the server to obtain comprehensive data, wherein the second data is a data length value of the initial encrypted data.
Step 403: and determining the comprehensive data length of the comprehensive data, and judging whether the evolution result of the comprehensive data length is an integer.
If the result of the evolution of the integrated data length is an integer, then step 404 is performed; if the result of the evolution of the integrated data length is not an integer, then step 405 is performed.
Step 404: and carrying out nonlinear two-dimensional conversion on the comprehensive data, and then carrying out nonlinear one-dimensional conversion to obtain final encrypted data.
In the embodiment of the application, the server arranges the comprehensive data into a square matrix, and then sequences the square matrix through the hilbert curve to obtain final encrypted data.
Step 405: the minimum value that is greater than the integrated data length and the evolution result is an integer is determined.
In this embodiment of the present application, if the evolution result of the integrated data length is not an integer, the server determines a minimum value that is greater than the integrated data length and that is an integer, so that the minimum integer evolution result is an integer.
Step 406: the difference between the minimum value and the integrated data length is calculated.
In the embodiment of the application, the server calculates the difference between the minimum value and the integrated data length.
Step 407: and acquiring random data with the data length being the difference value.
In the embodiment of the application, after calculating the difference between the minimum value and the comprehensive data length, the server acquires random data with the data length being the difference from a preset database.
Step 408: random data is inserted between the initial encrypted data and the second data, and additional integrated data is generated based on the integrated data.
In this embodiment of the present application, after the server obtains the random data, the random data is inserted between the initial encrypted data and the second data, so as to obtain the additional comprehensive data.
Step 409: and carrying out nonlinear two-dimensional conversion on the additional comprehensive data, and then carrying out nonlinear one-dimensional conversion to obtain final encrypted data.
In this embodiment of the present application, the server arranges the additional comprehensive data into a square matrix, and then sequences the square matrix through the hilbert curve to obtain the final encrypted data.
Corresponding to the above method embodiment, the embodiment of the present application further provides a data encryption device, as shown in fig. 5, where the device includes:
the encryption module 501 is configured to encrypt data to be encrypted by using a key to obtain initial encrypted data;
the first generating module 502 is configured to generate first data according to a preset data transformation rule and initial encrypted data, where a result of the evolution of the data length of the first data is an integer;
a first conversion module 503, configured to perform nonlinear two-dimensional conversion on the first data;
the second conversion module 504 is configured to perform nonlinear one-dimensional conversion on the first data after nonlinear two-dimensional conversion, so as to obtain final encrypted data.
Optionally, the generating module includes:
the transformation unit is used for performing length transformation on the initial encrypted data to obtain comprehensive data;
the judging unit is used for determining the comprehensive data length of the comprehensive data and judging whether the evolution result of the comprehensive data length is an integer or not;
a first generation unit configured to generate additional integrated data based on the integrated data if the result of the evolution of the integrated data length is not an integer, and take the additional integrated data as first data, wherein the result of the evolution of the data length of the additional integrated data is an integer;
and the second generation unit is used for taking the integrated data as the first data if the evolution result of the integrated data length is an integer.
Optionally, the transformation unit includes:
a first determination subunit configured to determine a data length value of the initial encrypted data;
and the adding subunit is used for adding second data after the initial encrypted data to obtain comprehensive data, wherein the second data is the data length value of the initial encrypted data.
Optionally, the first generating unit includes:
the second determining subunit is used for determining the minimum value which is larger than the comprehensive data length and the evolution result is an integer;
a calculating subunit, configured to calculate a difference between the minimum value and the integrated data length;
an acquisition subunit, configured to acquire random data with a data length being a difference value;
and a generation subunit for inserting the random data between the initial encrypted data and the second data to generate additional comprehensive data.
Optionally, the first conversion module 503 includes:
and a first conversion unit for arranging the first data into a square matrix.
Optionally, the second conversion module 504 includes:
and the second conversion unit is used for serializing the square matrix through the Hilbert curve to obtain final encrypted data.
Optionally, the method further comprises:
the third conversion module is used for carrying out nonlinear two-dimensional conversion on the final encrypted data;
the fourth conversion module is used for carrying out nonlinear one-dimensional conversion on the final encrypted data after nonlinear two-dimensional conversion to obtain first data;
the second generation module is used for generating initial encrypted data according to the first data and a preset data transformation inverse rule by the first conversion module;
and the decryption module is used for decrypting the initial encrypted data to obtain the data to be encrypted.
The embodiment of the application provides a data encryption method, which is characterized in that data to be encrypted is encrypted, and then nonlinear transformation between one dimension and two dimensions is carried out, so that the data sequence is disordered, the complexity of data encryption is improved, meanwhile, random data with variable data length is added in the data, the complexity of data encryption is improved, the encrypted data is prevented from being cracked, and the safety of the data is improved.
Based on the same technical concept, the embodiment of the present invention further provides an electronic device, as shown in fig. 6, including a processor 601, a communication interface 602, a memory 603, and a communication bus 604, where the processor 601, the communication interface 602, and the memory 603 perform communication with each other through the communication bus 604,
a memory 603 for storing a computer program;
the processor 601 is configured to execute the program stored in the memory 603, thereby implementing the above steps.
The communication bus mentioned above for the electronic devices may be a peripheral component interconnect standard (Peripheral Component Interconnect, PCI) bus or an extended industry standard architecture (Extended Industry Standard Architecture, EISA) bus, etc. The communication bus may be classified as an address bus, a data bus, a control bus, or the like. For ease of illustration, the figures are shown with only one bold line, but not with only one bus or one type of bus.
The communication interface is used for communication between the electronic device and other devices.
The Memory may include random access Memory (Random Access Memory, RAM) or may include Non-Volatile Memory (NVM), such as at least one disk Memory. Optionally, the memory may also be at least one memory device located remotely from the aforementioned processor.
The processor may be a general-purpose processor, including a central processing unit (Central Processing Unit, CPU), a network processor (Network Processor, NP), etc.; but also digital signal processors (Digital Signal Processing, DSP), application specific integrated circuits (Application Specific Integrated Circuit, ASIC), field programmable gate arrays (Field-Programmable Gate Array, FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components.
In yet another embodiment of the present invention, there is also provided a computer readable storage medium having stored therein a computer program which when executed by a processor implements the steps of any of the methods described above.
In yet another embodiment of the present invention, there is also provided a computer program product containing instructions which, when run on a computer, cause the computer to perform any of the methods of the above embodiments.
In the above embodiments, it may be implemented in whole or in part by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When loaded and executed on a computer, produces a flow or function in accordance with embodiments of the present invention, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a computer network, or other programmable apparatus. The computer instructions may be stored in or transmitted from one computer-readable storage medium to another, for example, by wired (e.g., coaxial cable, optical fiber, digital Subscriber Line (DSL)), or wireless (e.g., infrared, wireless, microwave, etc.). The computer readable storage medium may be any available medium that can be accessed by a computer or a data storage device such as a server, data center, etc. that contains an integration of one or more available media. The usable medium may be a magnetic medium (e.g., floppy Disk, hard Disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., solid State Disk (SSD)), etc.
It should be noted that in this document, relational terms such as "first" and "second" and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The foregoing is only a specific embodiment of the invention to enable those skilled in the art to understand or practice the invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (14)
1. A method of encrypting data, the method comprising:
encrypting the data to be encrypted through a secret key to obtain initial encrypted data;
generating first data according to a preset data transformation rule and the initial encrypted data, wherein the evolution result of the data length of the first data is an integer;
performing nonlinear two-dimensional conversion on the first data;
and carrying out nonlinear one-dimensional conversion on the first data after nonlinear two-dimensional conversion to obtain final encrypted data.
2. The method of claim 1, wherein the generating the first data according to the preset data transformation rules and the initial encrypted data comprises:
performing length transformation on the initial encrypted data to obtain comprehensive data;
determining the comprehensive data length of the comprehensive data, and judging whether the evolution result of the comprehensive data length is an integer;
if the evolution result of the integrated data length is not an integer, generating additional integrated data based on the integrated data, and taking the additional integrated data as the first data, wherein the evolution result of the data length of the additional integrated data is an integer;
and if the evolution result of the integrated data length is an integer, taking the integrated data as the first data.
3. The method of claim 2, wherein the length transforming the initial encrypted data to obtain integrated data comprises:
determining a data length value of the initial encrypted data;
and adding second data after the initial encrypted data to obtain comprehensive data, wherein the second data is a data length value of the initial encrypted data.
4. The method of claim 3, wherein the generating additional integrated data based on the integrated data comprises:
determining a minimum value which is larger than the comprehensive data length and the evolution result is an integer;
calculating the difference between the minimum value and the length of the comprehensive data;
acquiring random data with the data length of the difference value;
and inserting the random data between the initial encrypted data and the second data to generate additional comprehensive data.
5. The method of claim 1, wherein said non-linearly two-dimensionally converting said first data comprises:
the first data are arranged in a square matrix.
6. The method of claim 5, wherein the performing the nonlinear one-dimensional transformation on the first data after the nonlinear two-dimensional transformation to obtain the final encrypted data comprises:
and serializing the square matrix through a Hilbert curve to obtain final encrypted data.
7. The method according to claim 1, wherein the method further comprises:
performing nonlinear two-dimensional conversion on the final encrypted data;
carrying out nonlinear one-dimensional conversion on the final encrypted data after nonlinear two-dimensional conversion to obtain the first data;
generating the initial encrypted data according to the first data and a preset data transformation inverse rule;
and decrypting the initial encrypted data to obtain the data to be encrypted.
8. A data encryption device, the device comprising:
the encryption module is used for encrypting the data to be encrypted through the secret key to obtain initial encrypted data;
the first generation module is used for generating first data according to a preset data transformation rule and the initial encrypted data, wherein the evolution result of the data length of the first data is an integer;
the first conversion module is used for carrying out nonlinear two-dimensional conversion on the first data;
and the second conversion module is used for carrying out nonlinear one-dimensional conversion on the first data subjected to the nonlinear two-dimensional conversion to obtain final encrypted data.
9. The apparatus of claim 8, wherein the first generation module comprises:
the transformation unit is used for carrying out length transformation on the initial encrypted data to obtain comprehensive data;
the judging unit is used for determining the comprehensive data length of the comprehensive data and judging whether the evolution result of the comprehensive data length is an integer or not;
a first generating unit, configured to generate additional integrated data based on the integrated data if the result of the evolution of the integrated data length is not an integer, and take the additional integrated data as the first data, where the result of the evolution of the data length of the additional integrated data is an integer;
and the second generation unit is used for taking the integrated data as the first data if the evolution result of the integrated data length is an integer.
10. The apparatus of claim 9, wherein the transformation unit comprises:
a first determination subunit configured to determine a data length value of the initial encrypted data;
and the adding subunit is used for adding second data after the initial encrypted data to obtain comprehensive data, wherein the second data is the data length value of the initial encrypted data.
11. The apparatus of claim 10, wherein the first generation unit comprises:
the second determining subunit is used for determining the minimum value which is larger than the comprehensive data length and the evolution result is an integer;
a calculating subunit, configured to calculate a difference between the minimum value and the integrated data length;
an acquisition subunit, configured to acquire random data with a data length being the difference value;
an inserting subunit, configured to insert the random data between the initial encrypted data and the second data, and generate additional integrated data.
12. The apparatus of claim 8, wherein the first conversion module comprises:
and the arrangement unit is used for arranging the first data into a square matrix.
13. The apparatus of claim 12, wherein the second conversion module comprises:
and the serialization unit is used for serializing the square matrix through the Hilbert curve to obtain final encrypted data.
14. The apparatus of claim 8, wherein the apparatus further comprises:
the third conversion module is used for carrying out nonlinear two-dimensional conversion on the final encrypted data;
the fourth conversion module is used for carrying out nonlinear one-dimensional conversion on the final encrypted data after nonlinear two-dimensional conversion to obtain the first data;
the second generation module is used for generating the initial encrypted data according to the first data and a preset data transformation inverse rule;
and the decryption module is used for decrypting the initial encrypted data to obtain the data to be encrypted.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010251449.0A CN111611595B (en) | 2020-04-01 | 2020-04-01 | Data encryption method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010251449.0A CN111611595B (en) | 2020-04-01 | 2020-04-01 | Data encryption method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111611595A CN111611595A (en) | 2020-09-01 |
| CN111611595B true CN111611595B (en) | 2023-06-30 |
Family
ID=72205424
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010251449.0A Active CN111611595B (en) | 2020-04-01 | 2020-04-01 | Data encryption method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111611595B (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1096390A2 (en) * | 1999-11-01 | 2001-05-02 | Matsushita Electric Industrial Co., Ltd. | Two-dimensional orthogonal transformation method |
| CN103916248A (en) * | 2014-04-10 | 2014-07-09 | 东南大学 | Fully homomorphic encryption public key space compression method |
| CN104573782A (en) * | 2014-12-05 | 2015-04-29 | 中国科学院信息工程研究所 | One-dimensional code encoding and decoding method |
| CN105426765A (en) * | 2015-07-09 | 2016-03-23 | 深圳百云信息技术有限公司 | Two-dimensional code dynamic encryption and decryption algorithm |
-
2020
- 2020-04-01 CN CN202010251449.0A patent/CN111611595B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1096390A2 (en) * | 1999-11-01 | 2001-05-02 | Matsushita Electric Industrial Co., Ltd. | Two-dimensional orthogonal transformation method |
| CN103916248A (en) * | 2014-04-10 | 2014-07-09 | 东南大学 | Fully homomorphic encryption public key space compression method |
| CN104573782A (en) * | 2014-12-05 | 2015-04-29 | 中国科学院信息工程研究所 | One-dimensional code encoding and decoding method |
| CN105426765A (en) * | 2015-07-09 | 2016-03-23 | 深圳百云信息技术有限公司 | Two-dimensional code dynamic encryption and decryption algorithm |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111611595A (en) | 2020-09-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP5911654B2 (en) | Random number generator and stream cipher | |
| CN106599723B (en) | File encryption method and device and file decryption method and device | |
| CN112347498B (en) | Encryption method, encryption device, electronic equipment and readable storage medium | |
| CN110505054B (en) | Data processing method, device and equipment based on dynamic white box | |
| US20160013933A1 (en) | Order-preserving encryption system, device, method, and program | |
| US10044499B2 (en) | Information processing apparatus, program, and storage medium | |
| CN111030803A (en) | Encryption method, device and equipment | |
| CN111447059B (en) | Ciphertext equivalent test method, ciphertext equivalent test device, electronic equipment, storage medium and ciphertext equivalent test system | |
| US20200177380A1 (en) | Seed key expansion method and its uses | |
| CN109683851A (en) | The generation method of random number, generating random number device, computer storage medium | |
| EP2991265B1 (en) | Encrypted text matching system, method and program | |
| CN112019328B (en) | Encryption method, device, equipment and storage medium of IP address | |
| CN114268447B (en) | File transmission method and device, electronic equipment and computer readable medium | |
| CN111859435B (en) | Data security processing method and device | |
| CN111611595B (en) | Data encryption method and device | |
| CN112236974A (en) | Decryption device, encryption device, and encryption system | |
| CN115603907A (en) | Method, device, equipment and storage medium for encrypting storage data | |
| JP5436373B2 (en) | Confidentiality enhancement processing arithmetic device and quantum cryptography communication terminal equipped with the same | |
| CN111314270A (en) | Data encryption and decryption method based on validity period uniform distribution symmetric algorithm | |
| CN113645022A (en) | Method and device for determining privacy set intersection, electronic equipment and storage medium | |
| CN111314052B (en) | Data encryption and decryption method | |
| Liu et al. | A parallel encryption algorithm for dual-core processor based on chaotic map | |
| CN111931204A (en) | Encryption and de-duplication storage method and terminal equipment for distributed system | |
| CN116049841B (en) | Encryption method, device, equipment and medium for identity card number | |
| CN115801227B (en) | Method and device for generating substitution table |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |