CN112615816A - Cloud document transmission encryption and decryption method - Google Patents
Cloud document transmission encryption and decryption method Download PDFInfo
- Publication number
- CN112615816A CN112615816A CN202011375945.3A CN202011375945A CN112615816A CN 112615816 A CN112615816 A CN 112615816A CN 202011375945 A CN202011375945 A CN 202011375945A CN 112615816 A CN112615816 A CN 112615816A
- Authority
- CN
- China
- Prior art keywords
- data
- plaintext
- ciphertext
- storage space
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a cloud document transmission encryption and decryption method, and belongs to the field of computer data security processing. A cloud document transmission encryption and decryption method includes the steps that after reference data are selected, binary data of plaintext data are encrypted in combination with preset encryption rules, ciphertext data are generated, and in the decryption process, the ciphertext data are restored into the plaintext data in combination with the ciphertext data, the reference data and the corresponding decryption rules. The method is generally used for cloud data backup and data safety protection in the remote disaster recovery process.
Description
Technical Field
The invention relates to a cloud document transmission encryption and decryption method, and belongs to the field of computer data security processing.
Background
In recent years, data backup services are increasingly used, and the requirements on data security are higher and higher. With the rapid development of computer networks, the importance of information security becomes more and more obvious, but the security in the transmission process of cloud documents, which is an important content of information security, is often ignored by people. Whenever data transmission, data storage and data exchange occur, data failure may occur. At this time, if data security encryption and data decryption means and measures are not taken, data leakage may result. Even causing immeasurable losses. Statistically, throughout 2005, only 8.7 bugs per day were discovered by the Microsoft operating system. The vulnerabilities mean countless system potential safety hazards, serious data leakage events also occur to the Saimazec which is a famous security manufacturer recently, and the potential safety hazards of the existing computer system can be said to be ubiquitous and ubiquitous. So how to share your important data on the cloud is a very serious and urgent problem. Although security issues may be felt to be far away from you when they are not happening. But once the data is peeped, leaked and lost, the loss can not be reversed. It is known what data security means now. Therefore, when important data are required to be shared, the cloud document encryption and decryption technology is adopted, so that the data of the user are safer and more reliable, the secret level can be set for the user according to the enterprise confidentiality requirement, files which have the confidentiality requirement correspondingly are also set for the secret level, the user with the low confidentiality level cannot access the user with the high confidentiality level, and the confidential information of the files is effectively prevented from being leaked. The administrator can set a filing library for files to be filed, and the file is highly encrypted by adopting the A security encryption and decryption technology, so that the storage security of the files is ensured.
Important data, files or historical records in the cloud are of great importance to enterprise users and individual users, once data leakage occurs in the transmission process, the data leakage can cause immeasurable loss regardless of individuals or enterprises, data is intercepted and stolen in the data transmission process can cause serious consequences, the accumulated hearts and blood are easily paid to east flow, the normal operation of the enterprises can be seriously influenced, and great loss is caused to scientific research and production. Therefore, it is necessary to encrypt and decrypt the cloud data in the transmission process.
Disclosure of Invention
The invention aims to ensure that data is not stolen in the transmission process of cloud data. And carrying out safe transmission on the cloud document by adopting a cloud document transmission encryption and decryption technology method.
In order to achieve the security of cloud document transmission, the technical scheme of the invention is realized as follows:
during the transmission of the cloud document, setting corresponding encryption rules and corresponding decryption rules for different binary digits of the key data in the transmission process; after plaintext data is read in the encryption process, selecting reference data, reading key data, selecting a binary bit of the key data, and performing read-write processing on the binary bit of the plaintext data by combining the selected reference data according to an encryption rule corresponding to the binary bit so as to generate ciphertext data; and reading the key data during decryption, and performing read-write processing on the binary bits of the ciphertext data by combining the reference data according to a decryption rule corresponding to the binary bits selected in the encryption process so as to obtain restored plaintext data.
The method comprises the following specific steps:
first, the cloud document data is decomposed into 1% of key data and 99% of plaintext data (the specific ratio is adjustable).
Reading the byte number of the plaintext data, opening a plaintext storage space in a computer memory according to the byte number, reading the plaintext file and storing the plaintext file in the plaintext storage space, and creating a plaintext character pointer Pm to point to the first address of the plaintext storage space. And selecting the reference data according to the byte number of the plaintext data. According to the byte number of the plaintext data, after a reference storage space is opened up in a computer memory, the reference data is read and stored in the reference storage space, and a reference character pointer Pf is created to point to the first address of the reference storage space. Reading the byte number of the key data, opening up a key storage space in a computer memory according to the byte number of the key data, reading the key data and storing the key data in the key storage space, and creating a key character pointer PP to point to the first address of the key storage space. According to the byte number of plaintext data, a ciphertext storage space is opened up in a computer memory, and a ciphertext character pointer pc is created to point to the first address of the ciphertext storage space. And according to an encryption rule defined by the bits of the binary character string pointed by the key character pointer pp, sequentially scanning the bits of the binary character string pointed by the reference character pointer Pf, and filling the binary character string pointed by the plaintext character pointer Pm into a ciphertext storage space pointed by the ciphertext character pointer pc by combining the scanning condition and the encryption rule. And reading bytes of the ciphertext storage space, thereby generating ciphertext data.
Then, when decrypting, reading the byte number of the ciphertext data, opening up a ciphertext storage space in a computer memory according to the byte number, reading the ciphertext data and storing the ciphertext data in the ciphertext storage space, and creating a ciphertext character pointer pc to point to the first address of the ciphertext storage space. According to the byte number of the ciphertext data, after a reference storage space is opened up in a computer memory, reference data used in the encryption process of generating the ciphertext data are read and stored in the reference storage space, and a reference character pointer Pf is created to point to the first address of the reference storage space. Reading the byte number of the key data, opening up a key storage space in a computer memory according to the byte number of the key data, reading the key data and storing the key data in the key storage space, and creating a key character pointer PP to point to the first address of the key storage space. According to the byte number of the ciphertext data, a plaintext storage space is opened up in a computer memory, and a plaintext character pointer Pm is created to point to the first address of the plaintext storage space. According to a decryption rule defined by bits of a binary character string pointed by the key character pointer pp, scanning the bits of the binary character string pointed by the reference character pointer Pf in sequence, and combining the scanning condition and the decryption rule, reading two entering sub-character strings pointed by the ciphertext character pointer Pc and filling the two entering sub-character strings into a plaintext storage space pointed by the plaintext sub-character pointer pm. Reading the bytes of the plaintext storage space, thereby obtaining restored plaintext data.
The method can be used in the data transmission processes of data cloud backup, remote disaster recovery, disaster recovery and the like, and the method protects the integrity in the data transmission process, simultaneously protects the data from being maliciously intercepted and improves the safety of data transmission. And the data backup is safer and more reliable.
Drawings
Fig. 1 is a flow chart of cloud document transmission encryption.
Detailed Description
The invention provides an encryption and decryption method in a cloud document transmission process.
As shown in fig. 1, cloud document data is divided into 99% plaintext data and 1% key data by a nine-gate monitoring algorithm, the plaintext data and the key data are respectively placed in a plaintext storage space and a secret storage space, reference data is selected according to the number of bytes of the plaintext data, a reference data space is opened up, and respective pointers point to first addresses of respective spaces.
According to the encryption rule defined by the bit of binary character string pointed by key character pointer, the bit of binary character string pointed by reference character pointer is scanned in order, and the binary character string pointed by plaintext character pointer is filled into the ciphertext storage space pointed by ciphertext character pointer by combining the scanning condition and encryption rule, and the byte in ciphertext storage space is read to obtain ciphertext data
And (4) performing reverse deduction, and converting the ciphertext data into plaintext data.
Claims (11)
1. The cloud document data are decomposed into 1% of secret key data and 99% of plaintext data, and then the number of bytes of the plaintext data is read.
2. The method of claim 1, wherein the ratio of the key data to the plaintext data is adjustable.
3. The method according to claim 1, characterized in that, according to the number of bytes of the plaintext data, a plaintext storage space is opened up in a computer memory, a plaintext file is read and stored in the plaintext storage space, a plaintext character pointer Pm is created to point to the first address of the plaintext storage space, and reference data is selected according to the number of bytes of the plaintext data.
4. The method of claim 1, wherein a reference memory space is created in the computer memory according to the number of bytes of the plaintext data, the reference data is read and stored in the reference memory space, a reference character pointer Pf is created to point to a first address of the reference memory space, and the number of bytes of the key data is read.
5. A method as claimed in claim 4, characterized in that, depending on the number of bytes of the key data, a key memory space is opened up in the computer memory, the key data is read and stored in the key memory space, and a key character pointer PP is created pointing to the head address of the key memory space.
6. The method of claim 1, wherein a ciphertext storage space is opened up in the computer memory according to the number of bytes of plaintext data, and a first address of a ciphertext character pointer pc pointing to the ciphertext storage space is created, the bits of the binary character string pointed by the reference character pointer Pf are sequentially scanned according to an encryption rule defined by the bits of the binary character string pointed by the key character pointer pp, the binary character string pointed by the plaintext character pointer Pm is filled into the ciphertext storage space pointed by the ciphertext character pointer pc in combination with the scanning and the encryption rule, and the bytes of the ciphertext storage space are read, thereby generating ciphertext data.
7. The method as claimed in claim 6, characterized in that the byte number of the ciphertext data is read, according to the byte number, after the ciphertext storage space is opened up in the computer memory, the ciphertext data is read and stored in the ciphertext storage space, and a ciphertext character pointer pc is created to point to the first address of the ciphertext storage space.
8. The method of claim 6, wherein a reference storage space is opened up in the computer memory according to the number of bytes of the ciphertext data, the reference data used in the encryption process for generating the ciphertext data is read and stored in the reference storage space, and a reference character pointer Pf is created to point to the head address of the reference storage space.
9. A method as claimed in claim 4, characterized in that the number of bytes of the key data is read, a key storage space is opened up in the computer memory on the basis of the number of bytes of the key data, the key data is read and stored in the key storage space, and a key character pointer PP is created pointing to the head address of the key storage space.
10. The method as claimed in claim 6, characterized in that a plaintext memory space is opened up in the computer memory according to the byte number of the ciphertext data, and a plaintext character pointer Pm is created to point to the first address of the plaintext memory space.
11. The method of claim 6, wherein the bits of the binary string pointed to by the reference character pointer Pf are sequentially scanned according to the decryption rule defined by the bits of the binary string pointed to by the key character pointer pp, and the binary sub-string pointed to by the ciphertext character pointer Pc is read and then filled into the plaintext storage space pointed to by the plaintext sub-character pointer pm in combination with the scanning and the decryption rule. Reading the bytes of the plaintext storage space, thereby obtaining restored plaintext data.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011375945.3A CN112615816A (en) | 2020-11-30 | 2020-11-30 | Cloud document transmission encryption and decryption method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011375945.3A CN112615816A (en) | 2020-11-30 | 2020-11-30 | Cloud document transmission encryption and decryption method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112615816A true CN112615816A (en) | 2021-04-06 |
Family
ID=75228157
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011375945.3A Pending CN112615816A (en) | 2020-11-30 | 2020-11-30 | Cloud document transmission encryption and decryption method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112615816A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116760631A (en) * | 2023-08-09 | 2023-09-15 | 国网浙江省电力有限公司 | Multi-service data hierarchical management and control method and system based on regulation and control cloud platform |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102983972A (en) * | 2012-10-18 | 2013-03-20 | 郎六琪 | Dynamic encryption and decryption method based on stream cipher |
| CN103095449A (en) * | 2013-01-16 | 2013-05-08 | 司玉娟 | Dynamic encryption and decryption method based on stream ciphers |
| CN103595524A (en) * | 2013-10-21 | 2014-02-19 | 吉林大学 | Encryption and decryption method for bit loss encryption-bit filling decryption on basis of stream cipher |
| US20160112188A1 (en) * | 2014-10-20 | 2016-04-21 | Hong-Mook Choi | Encryptor/decryptor, electronic device including encryptor/decryptor, and method of operating encryptor/decryptor |
-
2020
- 2020-11-30 CN CN202011375945.3A patent/CN112615816A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102983972A (en) * | 2012-10-18 | 2013-03-20 | 郎六琪 | Dynamic encryption and decryption method based on stream cipher |
| CN103095449A (en) * | 2013-01-16 | 2013-05-08 | 司玉娟 | Dynamic encryption and decryption method based on stream ciphers |
| CN103595524A (en) * | 2013-10-21 | 2014-02-19 | 吉林大学 | Encryption and decryption method for bit loss encryption-bit filling decryption on basis of stream cipher |
| US20160112188A1 (en) * | 2014-10-20 | 2016-04-21 | Hong-Mook Choi | Encryptor/decryptor, electronic device including encryptor/decryptor, and method of operating encryptor/decryptor |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116760631A (en) * | 2023-08-09 | 2023-09-15 | 国网浙江省电力有限公司 | Multi-service data hierarchical management and control method and system based on regulation and control cloud platform |
| CN116760631B (en) * | 2023-08-09 | 2023-10-31 | 国网浙江省电力有限公司 | Multi-service data hierarchical management and control method and system based on regulation and control cloud platform |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8571220B2 (en) | Method and apparatus for securing data in a memory device | |
| JP3229148B2 (en) | Encryption method and system | |
| CN108667595B (en) | Compression encryption method for big data file | |
| EP1279249B1 (en) | One-time-pad encryption with central key service and keyable characters | |
| US7571327B2 (en) | Exclusive encryption | |
| US20140032937A1 (en) | Systems and methods for information security using one-time pad | |
| US20100250968A1 (en) | Device for data security using user selectable one-time pad | |
| CN1776563A (en) | File encrypting device based on USB interface | |
| US20090046848A1 (en) | Encryption management system | |
| Park et al. | Research on Note-Taking Apps with Security Features. | |
| JP2002351742A (en) | Data protecting device | |
| CN118051937B (en) | Data security destroying method based on data encryption and overwriting | |
| CN112615816A (en) | Cloud document transmission encryption and decryption method | |
| JP2002539545A (en) | Anonymization method | |
| JPH10271104A (en) | Ciphering method and decipherinc method | |
| KR102542213B1 (en) | Real-time encryption/decryption security system and method for data in network based storage | |
| KR100859651B1 (en) | Storage medium of recording data structure for storing variable size data, method of storing variable size data, and computer-readable storage medium of storing program for executing method of storing variable size data | |
| US20100250602A1 (en) | Computer storage apparatus for multi-tiered data security | |
| CN102883039A (en) | Method for encrypting multimedia private diary of mobile phone | |
| KR20230095750A (en) | Whitebox cryptographic method and device based on block cipher mode of operation using one-way function | |
| CN1514572A (en) | Distribution type data encryption method | |
| CN103838986A (en) | Multimedia file encryption method and device | |
| CN106254358B (en) | Rapid file encryption and decryption method and device | |
| JP2006004301A (en) | Method of managing data, and information processing device | |
| US20240089095A1 (en) | File encrypting method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20210406 |