CN111967032B - File encryption method and decryption method based on confusion processing - Google Patents
File encryption method and decryption method based on confusion processing Download PDFInfo
- Publication number
- CN111967032B CN111967032B CN202010880174.7A CN202010880174A CN111967032B CN 111967032 B CN111967032 B CN 111967032B CN 202010880174 A CN202010880174 A CN 202010880174A CN 111967032 B CN111967032 B CN 111967032B
- Authority
- CN
- China
- Prior art keywords
- file
- encryption
- value
- confusion
- preset
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 144
- 238000012545 processing Methods 0.000 title claims abstract description 31
- 238000004422 calculation algorithm Methods 0.000 claims abstract description 12
- 238000000605 extraction Methods 0.000 claims description 9
- 238000004590 computer program Methods 0.000 claims description 6
- 238000005336 cracking Methods 0.000 abstract description 8
- 238000010586 diagram Methods 0.000 description 10
- 230000005540 biological transmission Effects 0.000 description 3
- 238000004364 calculation method Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 238000012360 testing method Methods 0.000 description 3
- 238000004891 communication Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000003672 processing method Methods 0.000 description 2
- 230000000717 retained effect Effects 0.000 description 2
- 238000006467 substitution reaction Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6209—Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Abstract
The application discloses a file encryption method and a file decryption method based on confusion processing, and relates to the technical field of computers. The encryption method comprises the following steps: determining encryption parameters, generating hash values of the encryption parameters, and compiling the hash values into hash value byte codes; the method comprises the steps of obtaining a file to be encrypted, compiling the file to be encrypted into a file byte code, and writing the hash value byte code into the file byte code according to a preset writing method to obtain a mixed byte code; and generating a confusion value of the encryption parameter according to a preset confusion value generation algorithm, and carrying out confusion encryption on the mixed byte codes according to a preset confusion encryption method according to the confusion value to obtain an encrypted file. The application has smaller calculated amount and faster file encryption speed, and further increases the file cracking difficulty by adding the hash value byte code into the byte code.
Description
Technical Field
The application relates to the technical field of computers, in particular to a file encryption method and a file decryption method based on confusion processing.
Background
The file confusion processing refers to the processing of breaking the original byte ordering rule of the file, reorganizing and confusing the original rule according to a specific rule and generating a new file. The newly generated file can be re-opened after being restored by a specific program, so that the anti-cracking capability of the file is improved.
However, the current file confusion processing technology mainly carries out confusion processing on file contents to encrypt, the encryption speed depends on the size and type of the file quantity, so that the occupied memory and CPU are large, the file confusion processing technology is easy to be broken, and the quick and safe file encryption transmission requirement is difficult to be met.
Disclosure of Invention
The application aims to solve the technical problem of providing a file encryption method, a corresponding decryption method, a storage medium and a storage device based on confusion processing aiming at the defects of the prior art.
The technical scheme for solving the technical problems is as follows:
a method of encrypting a file based on obfuscation, comprising:
determining an encryption parameter, generating a hash value of the encryption parameter, and compiling the hash value into a hash value byte code;
acquiring a file to be encrypted, compiling the file to be encrypted into a file byte code, and writing the hash value byte code into the file byte code according to a preset writing method to obtain a mixed byte code;
and generating a confusion value of the encryption parameter according to a preset confusion value generation algorithm, and carrying out confusion encryption on the mixed byte codes according to the confusion value and a preset confusion encryption method to obtain an encrypted file.
The other technical scheme for solving the technical problems is as follows:
a file decryption method based on confusion processing comprises the following steps:
determining an encryption parameter, generating a hash value of the encryption parameter, and generating a confusion value of the encryption parameter according to a preset confusion value generation algorithm;
obtaining a file to be decrypted, and performing confusion decryption on the file to be decrypted according to the confusion value and a preset confusion decryption method to obtain a mixed byte code;
extracting the hash value byte codes of the hash value from the mixed byte codes according to a preset extraction method, and performing reverse compiling on the hash value byte codes to obtain decrypted hash values;
and judging whether the decrypted hash value is the same as the hash value generated according to the encryption parameter, and if so, reversely compiling the extracted mixed byte code into a decrypted file.
The other technical scheme for solving the technical problems is as follows:
a storage medium having instructions stored therein, which when read by a computer, cause the computer to perform the obfuscated file encryption method according to the above-described technical scheme, or cause the computer to perform the obfuscated file decryption method according to the above-described technical scheme.
The other technical scheme for solving the technical problems is as follows:
a document encryption and decryption apparatus based on confusion processing, comprising:
a memory for storing a computer program;
and the processor is used for executing the computer program to realize the file encryption method based on the confusion processing according to the technical scheme or realize the file decryption method based on the confusion processing according to the technical scheme.
The beneficial effects of the application are as follows: the file encryption and decryption method provided by the application is realized based on confusion processing, the calculation amount is smaller by carrying out the confusion processing on the byte codes of the file, the file encryption speed is faster, and the file decryption difficulty is further increased by adding the hash value byte codes into the byte codes.
Additional aspects of the application will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the application.
Drawings
FIG. 1 is a schematic flow chart of an embodiment of a file encryption method according to the present application;
FIG. 2 is a schematic diagram of an encryption result provided by an embodiment of the file encryption method of the present application;
FIG. 3 is a schematic diagram of an encryption result provided by an embodiment of the file encryption method of the present application;
FIG. 4 is a schematic diagram of a primary encryption result MD5 value provided by an embodiment of a file encryption method according to the present application;
FIG. 5 is a schematic diagram of MD5 values of multiple encryption results according to an embodiment of the present application;
FIG. 6 is a schematic diagram of encryption results provided by an embodiment of the file encryption method of the present application;
FIG. 7 is a schematic diagram of CPU usage in an encryption process according to an embodiment of the present application;
FIG. 8 is a schematic diagram of memory usage during encryption provided in an embodiment of a method for encrypting files according to the present application;
FIG. 9 is a flowchart of a file decryption method according to an embodiment of the present application;
fig. 10 is a structural frame diagram of an embodiment of the file encrypting and decrypting apparatus of the present application.
Detailed Description
The principles and features of the present application are described below with reference to the drawings, the illustrated embodiments are provided for illustration only and are not intended to limit the scope of the present application.
As shown in fig. 1, a flow chart is provided for an embodiment of a file encryption method according to the present application, where the file encryption method is implemented based on confusion processing, and is applicable to encryption of various types of files, and includes:
s11, determining encryption parameters, generating hash values of the encryption parameters, and compiling the hash values into hash value byte codes.
It should be noted that the encryption parameter may be a key agreed by both parties needing encryption and decryption, the key may be a combination of character strings, and specific contents of the character strings may be set according to actual requirements, for example, may include numbers, letters, symbols, and the like.
For example, the encryption parameter may be "57e4sa6×45/hh", may be "455268sgewcfg", may be "56136574412", may be "sfhdjhdhdstws", and may be converted by a hash algorithm to generate a hash value of the encryption parameter. It should be understood that the specific generation manner of the hash value is the prior art, and will not be described herein.
It should be noted that, the bytecode is a file preprocessed by the compiler, is in the form of an execution file of JAVA, is a binary file, but cannot be directly executed by the system, and needs to be interpreted and executed by the virtual machine.
In the present application, the hash value may be compiled into bytecode by a compiler.
For example, an exemplary hash value bytecode is given below, assuming a hash value of "17f", assuming 1 as 1,7 as 111, and f as 1001, then the hash value bytecode is "1111 1001" after compiling.
S12, obtaining a file to be encrypted, compiling the file to be encrypted into a file byte code, and writing the hash value byte code into the file byte code according to a preset writing method to obtain a mixed byte code.
It should be noted that the file to be encrypted may also be compiled into the file bytecode by a compiler.
It should be understood that, because the file byte code is a binary file, the application is not limited by the format of the file to be encrypted, such as rar, doc, xml, pdf, jpg, the file in the format can be converted, and the applicability of file encryption can be improved.
It should be noted that, the preset writing method may be set according to actual requirements, for example, each value of the byte code of the hash value may be inserted into the file byte code from the beginning at a certain interval, the hash value byte code may be inserted into the front side of the file byte code, or the hash value byte code may be inserted into the rear side of the file byte code, and the specific writing method may be agreed by both encryption and decryption parties, so that a person skilled in the art may select the writing method according to actual requirements.
Taking the hash value of the bytecode "1111 1001" as an example, the file bytecode is assumed to be "10 10 10 10 10 10", and several alternative writing methods are given below.
The first writing method is as follows: the byte code of the hash value can be written into the beginning of the file byte code, and the obtained mixed byte code is'1 111 100110 10 10 10 10 10", wherein hash value bytecodes are underlined.
The method of writing the byte code of the hash value into the file byte code is similar, and will not be described again.
And a second writing method: the byte code of the hash value can be written into every other value from the first value of the file byte code, and the obtained mixed byte code is'1 10 111 10 100110 10 10 10", wherein hash value bytecodes are underlined.
It should be appreciated that the interval may be set according to actual requirements, for example, or may be set to write a hash value byte code every two values.
Optionally, to increase the encryption level, the interval may be set to an increment sequence, a decrement sequence, an exponent sequence, and so on, where the increment sequence is the simplest increment sequence of "1,2,3,4, …", which indicates that there is 1 file byte code between the second hash value byte code and the first hash value byte code, 2 file byte codes between the third hash value byte code and the second hash value byte code, and so on, and the final mixed byte code is "110 111 10 10 100110 10", wherein hash value bytecodes are underlined.
By flexibly setting the writing method of the hash value byte codes, the cracking difficulty of the file can be further improved, and the security level of the file can be improved.
S13, generating a confusion value of the encryption parameter according to a preset confusion value generation algorithm, and carrying out confusion encryption on the mixed byte codes according to a preset confusion encryption method according to the confusion value to obtain an encrypted file.
Preferably, real-time dynamic confusion values may be generated, i.e. the confusion values generated each time are different.
It should be noted that, the specific confusion value generating algorithm may be selectively set according to actual requirements, for example, a random value may be generated as a confusion value, for example, a real-time random value may be generated as a confusion value, for example, a confusion value may be generated according to the number of communications, for example, a terminal is used to encrypt a file, where the confusion value may be 1 for the first encryption, 2 for the second encryption, and so on.
It should be understood that the function of the confusion value is to perform confusion encryption on the mixed byte code, and those skilled in the art may select other confusion value generating algorithms within the scope of the present application to obtain the confusion value, which is not described herein.
The preset confusion encryption method can be set according to actual requirements, and several simple confusion processing methods are given below, for example, a confusion value can be directly added, subtracted, multiplied with each value in the mixed byte codes, and the like, and for example, mixed byte codes corresponding to the confusion value can also be processed, such as a fixed value is inverted, added or multiplied, and several alternative embodiments are given below by taking the confusion value as 3 and the mixed byte code as "1111 1001 10 10 10 10 10 10" as an example.
Confusion encryption method one: directly adding the obfuscated value to each value in the mixed bytecode, each of which is processed, the resulting encrypted file is "4 114 1004 13 13 13 13 13 13".
And a second confusion encryption method: the value of the mixed byte codes is added with a fixed value of 10 every 3 mixed byte codes by taking the mixed value as an interval, and the obtained encrypted file is'11 111 1001 10 20 10 10 10 20"wherein the mixed bytecode underlined is processed.
It should be understood that there are many ways of confusion processing, and those skilled in the art can select an appropriate confusion processing method according to actual needs, which are not beyond the protection scope of the present application, and are not described herein.
As shown in fig. 2, an exemplary encryption result is shown, and assuming that the format suffix of the encrypted file obtained after confusion encryption is gw, then, since the format suffix is not the existing format suffix, the difficulty of cracking the file by a cracker is increased, and it is difficult to find a suitable execution program to execute the file, thereby effectively preventing the file from being cracked.
It should be understood that the format suffix of the encrypted file can be freely set according to actual requirements to improve the encryption level. For example, the file can be set to be in a common file format, so that the difficulty of cracking the armor is improved, for example, as shown in fig. 3, the format suffix of an encrypted file can be changed to be in the same format as that of an original file, and thus when a cracker clicks the file, the cracker can prompt that the data of the file is damaged, so that the cracking attention of the cracker is diverted to the direction of repairing the file, the file cannot be easily thought to be confused and encrypted, and the file is cracked by adopting a method of modifying the file, so that the safety of the encrypted file can be improved, and the file is prevented from being cracked.
Meanwhile, as can be seen from fig. 2 and fig. 3, the file size before and after encryption and decryption is not changed, that is, the encryption algorithm provided by the application does not cause extra data volume, so that the encrypted file can be better disguised, for example, the data volume of the encrypted file is obviously increased, so that the file is easy to be inspired by a decryptor to be decrypted, and the security of the file is reduced.
It should be understood that for convenience of explanation, the original file and the decrypted file are retained in fig. 2 and 3, and in actual use, the original file should be deleted and only the encrypted file is retained. Therefore, the encrypted file can be carried and transmitted by a physical hard disk, the encrypted file is stored by the storage equipment, and then the data is transported by the transportation storage equipment, so that the security of file transmission is further improved.
In order to further illustrate the effect of the application, the encryption test is performed on the 4GB oversized file by using the file encryption method provided by the application, and the related test structure is described as follows.
As shown in fig. 4, taking primary encryption of a file as an example, an MD5 value diagram of an encryption result is provided, by comparing the MD5 values of an original file and a decrypted file, it can be seen that the MD5 value of the file is unchanged after decryption, and the encrypted file is completely restored to the original file, which means that the present application does not damage or change the source file, and complete restoration can be achieved.
As shown in fig. 5, taking multiple encryption of a file as an example, a plurality of MD5 values of an encryption result are provided, and because the obfuscated value in the present application is dynamically generated in real time and is different each time, it can be seen that even for the same file, the MD5 values encrypted each time using the dynamic obfuscated value are different, so that the anti-cracking capability of the file is greatly improved.
As shown in fig. 6, when an exemplary test for encrypting a 4GB oversized file is provided, it can be seen from the graph that, in 10 results, the average time spent for encrypting the 4GB oversized file is 7.3 seconds, and the average time spent for decrypting is 3.9 seconds, so that the file can be encrypted quickly.
As shown in fig. 7, an exemplary CPU usage in the encryption process is provided, since the present application processes the byte code, the system requirement is low, and it can be seen in conjunction with fig. 7 that the CPU usage is always in a steady state, about 10% or less, and it can be seen that the present application is negligible for the CPU usage.
As shown in fig. 8, in the encryption and decryption process of the 4GB oversized file for 10 times, the highest point of the memory usage is only 106M, and the occupation of the memory is still very small under the condition that the file is oversized.
Therefore, the file encryption method provided by the embodiment is realized based on confusion processing, the calculation amount is smaller by carrying out confusion processing on the byte codes of the file, the file encryption speed is higher, and the file decryption difficulty is further increased by adding the hash value byte codes into the byte codes.
Optionally, in some possible embodiments, before obtaining the mixed bytecode, the method further includes:
selecting characters from the hash values according to a preset summation method and summing to obtain hash sum values;
and writing the hash sum value into the file byte code according to a preset writing method.
It should be understood that the preset summation method may be set according to actual requirements, and is agreed by both encryption and decryption parties, for example, the summation may be performed by extracting values at regular intervals in the hash value, the summation may be performed by taking values at specific positions, for example, the summation may be performed by taking the first 5 values, the summation may be performed by taking the values from 6 to 10, the summation may be performed by taking the last 5 values, etc., which may be set by those skilled in the art according to actual requirements.
It should be understood that each hash value is a specific numerical value, and thus, for example, for convenience of description, regardless of the length of the hash value, assuming that the hash value is "17546782", several summing methods that can be implemented are given:
the summation method is as follows: for a hash value "17546782", it is extracted with values 1,4,8, and the sum gives a hash sum value of 13, assuming that the sum is made every 2 values.
And a summation method II: the values at the specific locations are summed, for example, assuming that the values at bits 2-4 are summed, the extracted value is 7,5,4, and the summation results in a hash sum value of 16.
It will be appreciated that after the hash sum value is obtained, the file bytecode may then be written in the same manner as the hash value bytecode.
It should be appreciated that the file bytecode may also be written in a different writing manner.
In the following, a hash sum 13 is taken as an example to provide several hash sum writing methods that can be implemented in combination with a hash value byte code writing method.
The first writing method is as follows: assuming that the mixed bytecode obtained by writing the bytecode of the hash value to the beginning of the file bytecode is "1111 1001 10 10 10 10 10 10", the mixed bytecode obtained by writing the hash sum value 13 to the beginning of the file bytecode may be "13 1111 1001 10 10 10 10 10 10".
The hash sum value 13 may also be written to the end of the file bytecode, resulting in a mixed bytecode of "1111 1001 10 10 10 10 10 10 13".
And a second writing method: the hash sum value may be written as an additional hash value bytecode into the file bytecode in the same manner as the hash value bytecode. For example, assume that the byte code of the hash value is written every other value starting from the first value of the file byte code, and the resulting byte code is "1 10 111 10 100110 10 10 10", wherein hash value bytecodes are underlined. Then the hash sum 13 is written into the file byte code continuously according to the same method, and the mixed byte code is 1 10 111 10 1001 101310 10", wherein hash sums are underlined.
The hash sum value is also written into the file byte code, so that when the file is decoded, whether the hash value is correct or not can be judged through the hash sum value, and the decryption security is further improved.
Optionally, in some possible embodiments, before obtaining the mixed bytecode, the method further includes:
determining a format suffix of a file to be encrypted, compiling the format suffix into a format byte code, and writing the format byte code into the file byte code according to a method;
and generating a new format suffix of the file to be encrypted according to a preset format generating method, and replacing the current format suffix of the file to be encrypted with the new format suffix.
For example, assuming that the file of the. Rar is encrypted, the. Rar may be compiled to generate a format bytecode and then written to the file bytecode in the same way as or a different way than the hash value bytecode.
Since the byte codes are the same after compiling, the writing method can be universal, and the writing method can refer to the writing method of the hash value, which is not described herein.
It should be noted that, the preset format may be set according to the actual requirement of the user, for example, the preset formats may be. Gw,. Fw,. Df, etc., or may be existing formats, such as. Rar,. Zip,. Doc, etc.
By hiding the format suffix of the original file and generating a new format suffix, the file to be encrypted can be better protected, and the cracking difficulty is improved.
Optionally, in some possible embodiments, compiling the file to be encrypted into file byte codes specifically includes:
judging whether the size of the file to be encrypted is larger than a preset size, if so, slicing the file to be encrypted according to a preset slicing method to obtain at least two file slices to be encrypted, and compiling each file slice to be encrypted into file byte codes;
if not, directly compiling the file to be encrypted into file byte codes.
It should be noted that, the preset size may be set according to actual requirements, for example, files larger than 100KB may be fragmented, then each file is encrypted by using the same file encryption method, and by fragmenting a large file, the encryption program may occupy less memory, so as to improve the encryption speed.
It should be understood that the size of each file piece specifically divided may be set according to actual requirements, for example, assuming that the preset size is 100KB, each file may be divided into 100KB, thereby improving processing efficiency.
It will be appreciated that in some embodiments, some or all of the above embodiments may be included.
As shown in fig. 9, a flow chart provided for an embodiment of a file decryption method according to the present application, where the file decryption method is implemented based on confusion processing, and is suitable for decrypting a file encrypted by using the file encryption method, and includes:
s21, determining encryption parameters, generating hash values of the encryption parameters, and generating confusion values of the encryption parameters according to a preset confusion value generation algorithm.
S22, obtaining the file to be decrypted, and performing confusion decryption on the file to be decrypted according to the confusion value and a preset confusion decryption method to obtain the mixed byte code.
S23, extracting hash value byte codes of the hash values from the mixed byte codes according to a preset extraction method, and performing reverse compiling on the hash value byte codes to obtain decrypted hash values.
S24, judging whether the decrypted hash value is the same as the hash value generated according to the encryption parameter, and if so, reversely compiling the extracted mixed byte code into a decrypted file.
The file decryption process is the inverse of the file encryption process, and thus, various decryption methods used in the decryption process also correspond to the encryption method.
For example, assuming that the confusion encryption algorithm adds a confusion value to each file byte code, the mixed byte codes can be obtained by performing confusion decryption on the file to be decrypted according to the confusion value and a preset confusion decryption method and subtracting the confusion value from each byte code of the decrypted file.
Specifically, assuming that, as soon as the mixed encryption method provided according to the above embodiment of the file encryption method is used for encryption, the mixed value 3 is added to each value in the mixed byte code "1111 1001 10 10 10 10 10 10", the obtained encrypted file is "4 114 1004 13 13 13 13 13 13", and when the file is decrypted, the mixed byte code "1111 1001 10 10 10 10 10 10" can be restored by subtracting the mixed value 3 from each byte code "4 114 1004 13 13 13 13 13 13" of the file to be decrypted.
Further, assuming that, as soon as the writing method provided in the above embodiment of the file encryption method is used, the byte codes of the hash value are written into the beginning of the file byte codes, and the obtained mixed byte code is "1111 1001 10 10 10 10 10 10", then the hash value byte codes of the hash value are extracted from the mixed byte codes according to the preset extraction method, the hash value byte codes are reversely compiled to obtain the decrypted hash value, then the preset number of byte codes can be extracted from the beginning of the mixed byte codes "1111 1001 10 10 10 10 10 10" as the hash value byte codes, the remaining byte codes are file byte codes, and since the number of the hash value byte codes is 3, the hash value byte codes can be obtained as "1111 1001", the file byte codes are "10 10 10 10 10 10", the hash value can be obtained through reversely compiling, so as to determine whether the hash value is correct, and then the file byte codes "10 10 10 10 10 10" are reversely compiled to obtain the original file.
According to the file decryption method, based on the implementation of confusion processing, the calculation amount is smaller and the file encryption speed is higher by carrying out the confusion processing on the byte codes of the file, and the difficulty of file decryption is further increased by adding the hash value byte codes into the byte codes.
Optionally, in some possible embodiments, before the step of reversely compiling the extracted mixed bytecode into the decrypted file, the method further includes:
extracting a first hash sum value from the mixed byte code according to a preset extraction method;
selecting characters from the hash values according to a preset summation method and summing to obtain a second hash sum value;
and judging whether the first hash sum value is the same as the second hash sum value, and if the hash sum value is the same and the hash value is the same, reversely compiling the extracted mixed byte code into a decrypted file.
It should be noted that, the hash and value extraction process depends on the writing method used in encryption, and specific examples thereof may refer to the decryption process of the hash value bytecode, which is not described herein.
Optionally, in some possible embodiments, the method further includes:
extracting the format byte codes of the file to be decrypted from the mixed byte codes according to a preset extraction method, and performing reverse compiling on the format byte codes to obtain decrypted format suffixes;
and replacing the current format suffix of the file to be decrypted with the decrypted format suffix.
It should be noted that, the decryption process of the format byte code is the same as the decryption process of the hash value byte code, and depends on the method used in encryption, and specific examples thereof may refer to the decryption process of the hash value byte code, which is not described herein.
Optionally, in some possible embodiments, the method includes:
and judging whether the obtained decrypted file is a file piece, if so, splicing all the obtained file pieces according to a preset splicing method to obtain the final decrypted file.
It should be noted that, the splicing method of the file slices depends on the slicing method used in encryption, which is the inverse of the slicing method, and specific examples thereof can refer to the slicing method of the file, for example, assuming that each file slice is 100KB, when in splicing, the file slices are only required to be connected in sequence according to the sequence of slicing, so that the complete file can be obtained.
It will be appreciated that in some embodiments, some or all of the above embodiments may be included.
It should be noted that, the foregoing embodiments are file decryption embodiments corresponding to the previous file encryption method embodiments, and the file decryption process is an inverse process of file encryption, so that the description of the file decryption embodiment related to file encryption may refer to the corresponding description in the foregoing embodiments of the foregoing file encryption methods, and will not be repeated herein.
In other embodiments of the present application, there is also provided a storage medium having stored therein instructions that, when read by a computer, cause the computer to perform the obfuscated processing-based file encryption method disclosed in any of the above embodiments, or cause the computer to perform the obfuscated processing-based file decryption method disclosed in any of the above embodiments.
It should be understood that the storage medium may also have stored therein instructions of the file encryption method alone or instructions of the file decryption method alone.
As shown in fig. 10, a structural frame diagram is provided for an embodiment of a file encrypting and decrypting apparatus of the present application, which implements encryption and/or decryption of a file based on a confusion process, including:
a memory 1 for storing a computer program;
and a processor 2 for executing a computer program to implement the obfuscated file encryption method disclosed in any of the above embodiments, or to implement the obfuscated file decryption method disclosed in any of the above embodiments.
It should be understood that the file encrypting and decrypting device may be a terminal, such as a computer, a mobile phone, a tablet computer, etc., or may be a server. The file encryption and decryption device may be realized by itself, or may have both encryption and decryption functions.
It should be understood that, as those skilled in the art will understand, the encryption and decryption device is a functional name summarization, and may be actually divided into two independent encryption devices and decryption devices to implement file encryption and file decryption respectively,
for example, taking the transmission of encrypted communication between the server and the terminal as an example, it is assumed that the server only serves as an encrypted file sending end, encrypts a file, transmits the encrypted file to the terminal, and the terminal only serves as an encrypted file receiving end, decrypts the file transmitted by the server. Thus, the server is the encryption device and the terminal is the decryption device.
The reader will appreciate that in the description of this specification, a description of terms "one embodiment," "some embodiments," "examples," "specific examples," or "some examples," etc., means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the application. In this specification, schematic representations of the above terms are not necessarily directed to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples. Furthermore, the different embodiments or examples described in this specification and the features of the different embodiments or examples may be combined and combined by those skilled in the art without contradiction.
In the several embodiments provided by the present application, it should be understood that the disclosed apparatus and method may be implemented in other manners. For example, the method embodiments described above are merely illustrative, e.g., the division of steps is merely a logical function division, and there may be additional divisions of actual implementation, e.g., multiple steps may be combined or integrated into another step, or some features may be omitted or not performed.
The above-described method, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on such understanding, the technical solution of the present application is essentially or a part contributing to the prior art, or all or part of the technical solution may be embodied in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the methods of the embodiments of the present application. And the aforementioned storage medium includes: a usb disk, a removable hard disk, a Read-only memory (ROM), a random access memory (RAM, randomAccessMemory), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
The present application is not limited to the above embodiments, and various equivalent modifications and substitutions can be easily made by those skilled in the art within the technical scope of the present application, and these modifications and substitutions are intended to be included in the scope of the present application. Therefore, the protection scope of the application is subject to the protection scope of the claims.
Claims (8)
1. A method for encrypting a file based on obfuscation, comprising:
determining an encryption parameter, generating a hash value of the encryption parameter, and compiling the hash value into a hash value byte code;
acquiring a file to be encrypted, compiling the file to be encrypted into a file byte code, and writing the hash value byte code into the file byte code according to a preset writing method to obtain a mixed byte code;
generating a confusion value of the encryption parameter according to a preset confusion value generation algorithm, and carrying out confusion encryption on the mixed byte codes according to the confusion value and a preset confusion encryption method to obtain an encrypted file;
before obtaining the mixed byte code, the method further comprises the following steps:
selecting characters from the hash values according to a preset summation method and summing to obtain hash sum values;
and writing the hash sum value into the file byte code according to the preset writing method.
2. The method for encrypting a file based on obfuscation according to claim 1, further comprising, before obtaining the mixed bytecode:
determining a format suffix of the file to be encrypted, compiling the format suffix into a format byte code, and writing the format byte code into the file byte code according to the preset writing method;
and generating a new format suffix of the file to be encrypted according to a preset format generating method, and replacing the current format suffix of the file to be encrypted with the new format suffix.
3. The method for encrypting a file based on obfuscation according to any one of claims 1 to 2, wherein compiling the file to be encrypted into file bytecode specifically comprises:
judging whether the size of the file to be encrypted is larger than a preset size, if so, slicing the file to be encrypted according to a preset slicing method to obtain at least two file slices to be encrypted, and compiling each file slice to be encrypted into file byte codes;
if not, directly compiling the file to be encrypted into file byte codes.
4. A method of decrypting a document based on a obfuscation process, characterized by referring to a document encryption method based on an obfuscation process as claimed in claims 1-3, comprising:
determining an encryption parameter, generating a hash value of the encryption parameter, and generating a confusion value of the encryption parameter according to a preset confusion value generation algorithm;
obtaining a file to be decrypted, and performing confusion decryption on the file to be decrypted according to the confusion value and a preset confusion decryption method to obtain a mixed byte code;
extracting hash value byte codes and file byte codes from the mixed byte codes according to a preset extraction method, and performing reverse compiling on the hash value byte codes to obtain decrypted hash values;
judging whether the decrypted hash value is the same as the hash value generated according to the encryption parameter, and if so, reversely compiling the extracted file byte code into a decrypted file;
before reversely compiling the extracted mixed byte codes into the decrypted file, the method further comprises the following steps:
extracting a first hash sum value from the mixed byte code according to the preset extraction method;
selecting characters from the hash values according to a preset summation method and summing the characters to obtain a second hash sum value;
and judging whether the first hash sum value is the same as the second hash sum value, and if the hash sum value is the same and the hash value is the same, reversely compiling the extracted file byte code into a decrypted file.
5. The obfuscation-based file decryption method according to claim 4, further comprising:
extracting the format byte codes of the file to be decrypted from the mixed byte codes according to the preset extraction method, and performing reverse compiling on the format byte codes to obtain decrypted format suffixes;
and replacing the current format suffix of the file to be decrypted with the decrypted format suffix.
6. The obfuscation-process-based file decrypting method according to any one of claims 4 to 5, further comprising:
and judging whether the obtained decrypted file is a file piece, if so, splicing all the obtained file pieces according to a preset splicing method to obtain the final decrypted file.
7. A storage medium having instructions stored therein, which when read by a computer, cause the computer to perform the obfuscated processing-based file encryption method according to any one of claims 1 to 3, or cause the computer to perform the obfuscated processing-based file decryption method according to any one of claims 4 to 6.
8. A document encryption/decryption apparatus based on confusion processing, comprising:
a memory for storing a computer program;
a processor for executing the computer program to implement the obfuscated processing-based file encryption method according to any one of claims 1 to 3 or to implement the obfuscated processing-based file decryption method according to any one of claims 4 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010880174.7A CN111967032B (en) | 2020-08-27 | 2020-08-27 | File encryption method and decryption method based on confusion processing |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010880174.7A CN111967032B (en) | 2020-08-27 | 2020-08-27 | File encryption method and decryption method based on confusion processing |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111967032A CN111967032A (en) | 2020-11-20 |
| CN111967032B true CN111967032B (en) | 2023-08-25 |
Family
ID=73401226
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010880174.7A Active CN111967032B (en) | 2020-08-27 | 2020-08-27 | File encryption method and decryption method based on confusion processing |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111967032B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114462054A (en) * | 2021-11-16 | 2022-05-10 | 马上消费金融股份有限公司 | Multimedia file label adding and checking method and equipment |
| CN114221755B (en) * | 2021-12-17 | 2023-06-13 | 建信金融科技有限责任公司 | Method and apparatus for sample alignment |
Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103377347A (en) * | 2012-04-24 | 2013-10-30 | 腾讯科技(深圳)有限公司 | File encryption and decryption method and device |
| CN105608391A (en) * | 2015-12-17 | 2016-05-25 | 北京奇虎科技有限公司 | Multi-ELF (Executable and Linkable Format)-file protection method and system |
| CN105956488A (en) * | 2016-05-03 | 2016-09-21 | 叶江鹏 | APK file protection method and device based on DEX file transfer prevention |
| CN106778103A (en) * | 2016-12-30 | 2017-05-31 | 上海掌门科技有限公司 | Reinforcement means, system and decryption method that a kind of Android application program anti-reversing is cracked |
| CN107423628A (en) * | 2016-05-23 | 2017-12-01 | 中兴通讯股份有限公司 | File encrypting method, device and terminal |
| CN107784231A (en) * | 2016-08-24 | 2018-03-09 | 北京花甲科技有限公司 | The execution of instruction and on-the-flier compiler method, apparatus and electronic equipment |
| KR101861341B1 (en) * | 2017-05-30 | 2018-05-28 | 올댓소프트 코. | Deobfuscation apparatus of application code and method of deobfuscating application code using the same |
| CN109992987A (en) * | 2017-12-29 | 2019-07-09 | 深圳市融汇通金科技有限公司 | Script file guard method, device and terminal device based on Nginx |
| CN110069905A (en) * | 2019-04-26 | 2019-07-30 | 深圳智慧园区信息技术有限公司 | A kind of device and method of Springboot program encryption and decryption |
| CN111159662A (en) * | 2019-12-25 | 2020-05-15 | 郑州阿帕斯数云信息科技有限公司 | Data processing method and device |
| CN111314270A (en) * | 2018-12-12 | 2020-06-19 | 上海领甲数据科技有限公司 | Data encryption and decryption method based on validity period uniform distribution symmetric algorithm |
| CN111314053A (en) * | 2018-12-12 | 2020-06-19 | 上海领甲数据科技有限公司 | Data encryption and decryption method based on uniform distribution symmetric algorithm |
| CN111314052A (en) * | 2018-12-12 | 2020-06-19 | 上海领甲数据科技有限公司 | Data encryption and decryption method based on uniformly distributed symmetric compression algorithm |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7197750B2 (en) * | 2001-06-28 | 2007-03-27 | Sun Microsystems, Inc. | Java Bytecode instruction for determining hashcode values |
-
2020
- 2020-08-27 CN CN202010880174.7A patent/CN111967032B/en active Active
Patent Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103377347A (en) * | 2012-04-24 | 2013-10-30 | 腾讯科技(深圳)有限公司 | File encryption and decryption method and device |
| CN105608391A (en) * | 2015-12-17 | 2016-05-25 | 北京奇虎科技有限公司 | Multi-ELF (Executable and Linkable Format)-file protection method and system |
| CN105956488A (en) * | 2016-05-03 | 2016-09-21 | 叶江鹏 | APK file protection method and device based on DEX file transfer prevention |
| CN107423628A (en) * | 2016-05-23 | 2017-12-01 | 中兴通讯股份有限公司 | File encrypting method, device and terminal |
| CN107784231A (en) * | 2016-08-24 | 2018-03-09 | 北京花甲科技有限公司 | The execution of instruction and on-the-flier compiler method, apparatus and electronic equipment |
| CN106778103A (en) * | 2016-12-30 | 2017-05-31 | 上海掌门科技有限公司 | Reinforcement means, system and decryption method that a kind of Android application program anti-reversing is cracked |
| KR101861341B1 (en) * | 2017-05-30 | 2018-05-28 | 올댓소프트 코. | Deobfuscation apparatus of application code and method of deobfuscating application code using the same |
| CN109992987A (en) * | 2017-12-29 | 2019-07-09 | 深圳市融汇通金科技有限公司 | Script file guard method, device and terminal device based on Nginx |
| CN111314270A (en) * | 2018-12-12 | 2020-06-19 | 上海领甲数据科技有限公司 | Data encryption and decryption method based on validity period uniform distribution symmetric algorithm |
| CN111314053A (en) * | 2018-12-12 | 2020-06-19 | 上海领甲数据科技有限公司 | Data encryption and decryption method based on uniform distribution symmetric algorithm |
| CN111314052A (en) * | 2018-12-12 | 2020-06-19 | 上海领甲数据科技有限公司 | Data encryption and decryption method based on uniformly distributed symmetric compression algorithm |
| CN110069905A (en) * | 2019-04-26 | 2019-07-30 | 深圳智慧园区信息技术有限公司 | A kind of device and method of Springboot program encryption and decryption |
| CN111159662A (en) * | 2019-12-25 | 2020-05-15 | 郑州阿帕斯数云信息科技有限公司 | Data processing method and device |
Non-Patent Citations (1)
| Title |
|---|
| 一种结合混淆思想的代码虚拟化保护方法;侯留洋;罗森林;焦龙龙;张笈;潘丽敏;;科学技术与工程(14);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111967032A (en) | 2020-11-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108595989B (en) | Mobile APP safety protection system and method under iOS | |
| JP5167348B2 (en) | Software encryption method, software decryption method, software encryption device, and software decryption device | |
| CN102890758B (en) | Method and system for protecting executable file | |
| CN107977553A (en) | The method and device of the security hardening of mobile applications | |
| CN111967032B (en) | File encryption method and decryption method based on confusion processing | |
| US8412926B1 (en) | Using file metadata for data obfuscation | |
| US20120226823A1 (en) | Document distribution system and method | |
| CN101261666B (en) | A method for realizing software copyright protection based on encrypted executable program file | |
| CN108830096B (en) | Data processing method and device, electronic equipment and storage medium | |
| CN106650330A (en) | Android application software reinforcement protection method based on DexClassloader | |
| KR20120061405A (en) | A code encryption and decryption device against reverse engineering based on indexed table and the method thereof | |
| CN111385084A (en) | Key management method and device for digital assets and computer readable storage medium | |
| Jayapandian et al. | Secure deduplication for cloud storage using interactive message-locked encryption with convergent encryption, to reduce storage space | |
| WO2019062015A1 (en) | Source code protection method, application server, and computer-readable storage medium | |
| Kim et al. | A method for decrypting data infected with hive ransomware | |
| CN109510702A (en) | A method of it key storage based on computer characteristic code and uses | |
| CN114168976A (en) | Slice file encryption method, slice file decryption method, storage medium and electronic device | |
| CN113946863A (en) | Data encryption storage method, system, equipment and storage medium | |
| CN109299611A (en) | File encrypting method, device, equipment/terminal/server and computer readable storage medium | |
| CN112532379A (en) | File protection method and device | |
| WO2016188134A1 (en) | Application reinforcing implementation method and apparatus | |
| Kapusta et al. | Circular AON: A very fast scheme to protect encrypted data against key exposure | |
| EP2674892A1 (en) | A method, a device and a computer program support for execution of encrypted computer code | |
| CN115033870A (en) | Anti-malicious tampering code method and device based on big data cloud deployment | |
| CN104392182B (en) | A kind of method and apparatus of shredding documents |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP01 | Change in the name or title of a patent holder | ||
| CP01 | Change in the name or title of a patent holder |
Address after: 100190 17-19 / F, building a 1, 66 Zhongguancun East Road, Haidian District, Beijing Patentee after: New Great Wall Technology Co.,Ltd. Address before: 100190 17-19 / F, building a 1, 66 Zhongguancun East Road, Haidian District, Beijing Patentee before: GREAT WALL COMPUTER SOFTWARE & SYSTEMS Inc. |