CN113297591A - Webpage resource encryption method, equipment and storage medium - Google Patents

Webpage resource encryption method, equipment and storage medium Download PDF

Info

Publication number
CN113297591A
CN113297591A CN202110495532.7A CN202110495532A CN113297591A CN 113297591 A CN113297591 A CN 113297591A CN 202110495532 A CN202110495532 A CN 202110495532A CN 113297591 A CN113297591 A CN 113297591A
Authority
CN
China
Prior art keywords
sequence
encrypted
server
ciphertext
webpage
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110495532.7A
Other languages
Chinese (zh)
Other versions
CN113297591B (en
Inventor
欧阳斌
黄科
廖亦凡
高金定
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hunan Yaosheng Communication Technology Co ltd
Original Assignee
Hunan Yaosheng Communication Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hunan Yaosheng Communication Technology Co ltd filed Critical Hunan Yaosheng Communication Technology Co ltd
Priority to CN202110495532.7A priority Critical patent/CN113297591B/en
Publication of CN113297591A publication Critical patent/CN113297591A/en
Application granted granted Critical
Publication of CN113297591B publication Critical patent/CN113297591B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Bioethics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a webpage resource encryption method, equipment and a storage medium, wherein the method comprises the following steps: receiving a webpage resource request instruction sent by a browser; converting the webpage resources corresponding to the webpage resource request instruction into a first sequence to be encrypted according to the webpage resource request instruction, and adding a random number before the first sequence to be encrypted to obtain a second sequence to be encrypted as a binary sequence; carrying out information source processing on the second sequence to be encrypted to obtain a third sequence to be encrypted; coding the third sequence to be encrypted based on the weighted probability model to obtain a ciphertext, wherein binary ciphers are implanted into weight coefficients of the weighted probability model and are more than or equal to 512 bits; and sending the ciphertext to the browser so that the browser decodes the ciphertext according to the weighted probability model and detects a decoding result based on a result of information source processing. The invention not only can realize the encryption and decryption of the webpage resources, but also can effectively protect the safety of the encrypted webpage resources.

Description

Webpage resource encryption method, equipment and storage medium
Technical Field
The present invention relates to the field of web resource protection technologies, and in particular, to a method, an apparatus, and a storage medium for encrypting web resources.
Background
Webpage programs (such as Html, CSS, JavaScript, connection addresses, websocket data transmission and the like) and webpage contents (such as news, comments, pictures and texts, videos, audios and the like) are all embodied by source codes, so that various content acquisition tools (such as CMS, web crawlers, hundredth Google and other search engines) can easily acquire the contents of the webpage, and a great number of false titles, false softwares and pictures and videos are copied and abused. The direct source code acquisition also causes the primary reason why Html5 cannot be operated commercially in the gaming field.
Taking JavaScript as an example, the conventional method can only perform obfuscation processing on a JavaScript program, so that the program lacks readability and is difficult to read, but decryption only needs to be performed by anti-obfuscation. For some creative programs, for example, games need to be protected by not only JavaScript programs, but also resources of games (text, images, even game interaction data, etc.). Therefore, the traditional method cannot realize the encryption and decryption of webpage resource safety.
Disclosure of Invention
The present invention is directed to at least solving the problems of the prior art. Therefore, the invention provides a webpage resource encryption method, equipment and a storage medium. The encryption and decryption of the webpage resources can be realized, and the safety of the encrypted webpage resources can be effectively protected.
The invention provides a webpage resource encryption method, which is applied to a server and comprises the following steps:
receiving a webpage resource request instruction sent by a browser;
converting the webpage resources corresponding to the webpage resource request instruction into a first sequence to be encrypted according to the webpage resource request instruction, and adding a random number before the first sequence to be encrypted to obtain a second sequence to be encrypted as a binary system;
carrying out information source processing on the second sequence to be encrypted to obtain a third sequence to be encrypted;
coding the third sequence to be encrypted based on a weighted probability model to obtain a ciphertext, wherein binary ciphers are implanted into weight coefficients of the weighted probability model and are more than or equal to 512 bits;
and sending the ciphertext to the browser so that the browser decodes the ciphertext according to the weighted probability model and detects a decoding result based on a result of the information source processing.
According to the embodiment of the invention, at least the following technical effects are achieved:
(1) the traditional method only can perform confusion processing on a JavaScript program, so that the program is lack of readability and large in reading difficulty, but the decryption only needs to be performed by anti-confusion, and creative programs, such as games, need to be protected, not only the JavaScript program but also game resources are included, so that the traditional method cannot realize encryption and decryption of webpage resources. The method can realize stream encryption and data encryption, can encrypt and decrypt the webpage resources, cannot decrypt a ciphertext to obtain a correct plaintext under the condition of unknown password and password length for any attacker, can effectively protect the safety of the ciphertext, and ensures that the webpage resources are safely applied. The method has the double effects of symmetric encryption and lossless compression, and can improve the load capacity of the server by more than 10% when the webpage resources are repeatedly requested.
(2) According to the method, the random number is added before the first sequence to be encrypted, so that the random number is encoded before a certain plaintext is encoded, because the random number is unknown, and the random number in front of the linear coding and decoding characteristic of the weighted probability model cannot be correctly decrypted, the subsequent plaintext cannot be correctly decrypted, and therefore the random number plays a role of a secret key, the safety can be greatly improved, and the guarantee is improved.
The second aspect of the present invention provides a method for encrypting web page resources, which is applied to a browser and comprises the following steps:
sending a webpage resource request instruction to a server so that the server converts webpage resources corresponding to the webpage resource request instruction into a first sequence to be encrypted according to the webpage resource request instruction, and adding a random number before the first sequence to be encrypted to obtain a second sequence to be encrypted which is used as a binary system; the server performs information source processing on the second sequence to be encrypted to obtain a third sequence to be encrypted; enabling the server to encode the third sequence to be encrypted based on a weighted probability model to obtain a ciphertext, wherein binary ciphers are implanted into weight coefficients of the weighted probability model and are more than or equal to 512 bits;
and receiving the ciphertext sent by the server, decoding the ciphertext according to the weighted probability model, and detecting a decoding result based on the result of the information source processing.
According to the embodiment of the invention, at least the following technical effects are achieved:
(1) the traditional method only can perform confusion processing on a JavaScript program, so that the program is lack of readability and large in reading difficulty, but the decryption only needs to be performed by anti-confusion, and creative programs, such as games, need to be protected, not only the JavaScript program but also game resources are included, so that the traditional method cannot realize encryption and decryption of webpage resources. The method can realize stream encryption and data encryption, can encrypt and decrypt the webpage resources, cannot decrypt a ciphertext to obtain a correct plaintext under the condition of unknown password and password length for any attacker, can effectively protect the safety of the ciphertext, and ensures that the webpage resources are safely applied. The method has the double effects of symmetric encryption and lossless compression, and can improve the load capacity of the server by more than 10% when the webpage resources are repeatedly requested.
(2) According to the method, the random number is added before the first sequence to be encrypted, so that the random number is encoded before a certain plaintext is encoded, because the random number is unknown, and the random number in front of the linear coding and decoding characteristic of the weighted probability model cannot be correctly decrypted, the subsequent plaintext cannot be correctly decrypted, and therefore the random number plays a role of a secret key, the safety can be greatly improved, and the guarantee is improved.
Additional aspects and advantages of the invention will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the invention.
Drawings
The above and/or additional aspects and advantages of the present invention will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings of which:
FIG. 1 is a diagram illustrating an encoding operation process of a binary weighting model according to the present invention;
FIG. 2 is a schematic diagram of a relationship between a coding rate R of the weighting model and a probability p of a symbol 0 in a sequence X according to the present invention;
FIG. 3 is a schematic representation of the present invention
Figure BDA0003054113420000041
Time of day and
Figure BDA0003054113420000042
when the formula is shown in the specification, the relation between R and p is shown schematically;
fig. 4 is a schematic flowchart of a method for encrypting web page resources according to a first embodiment of the present invention;
FIG. 5 is a flowchart illustrating a direct decryption method based on a password according to a first embodiment of the present invention;
fig. 6 is a flowchart illustrating a method for encrypting web page resources according to a second embodiment of the present invention;
fig. 7 is a flowchart illustrating a decryption method based on authentication according to a second embodiment of the present invention;
fig. 8 is a schematic flow chart of the jielin code hash encryption according to the second embodiment of the present invention.
Detailed Description
Reference will now be made in detail to embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the accompanying drawings are illustrative only for the purpose of explaining the present invention, and are not to be construed as limiting the present invention.
For facilitating understanding of those skilled in the art, before introducing the embodiment of the present invention, reasoning is performed on the principle of the technical solution of the embodiment of the present invention, which mainly includes three parts, namely, an information source processing part, a weighted probability model coding and decoding method, and an encryption coding and decoding part, and the following are specifically shown:
firstly, processing a source.
The source at the transmitting end generates a binary bernoulli sequence X of length n (n 1, 2. -), with all possibilities. For example: linearly replacing "1" in X with "10" results in a binary sequence Q, which then satisfies the following constraint: "the number of consecutive symbols 1 is at most 1". The sequence X is processed to obtain a sequence Q which must satisfy the condition that the number of continuous symbols 1 is at most 1. For example: x is 0110111100101, and Q is 010100101010100010010, which is obtained by "the number of consecutive symbols 1 is at most 1". From left to right, replacing "10" in sequence Q with "1" results in sequence X. The length of sequence Q is denoted as l.
And the sequence Q is encoded through a weighted probability model with the cipher length of k to obtain a cipher text, the receiving end cannot determine whether the cipher information is correct or not to perform weighted probability model decoding on the cipher text, and Y is a decoded binary sequence. There are many possibilities for sequence Y, since it is uncertain whether the cryptographic information is correct or not. However, if the sequence Y does not satisfy "the number of consecutive symbols 1 is at most 1", the cipher information is erroneous or the ciphertext data is falsified.
Let event E denote a set of sequences Y satisfying "the number of consecutive symbols 1 is at most 1", and event E has f (l) sequences Y.
When l is 1, E is (0, 1), f (1) is 2, and the complementary event is
Figure BDA0003054113420000051
When l is 2, E is (00, 01, 10), f (2) is 3,
Figure BDA0003054113420000052
when l is 3, E is (000,001, 010, 100, 101), f (3) is 5,
Figure BDA0003054113420000053
by analogy, when l is more than or equal to 3:
f(l)=f(l-1)+f(l-2) (1)
the probability of an available event E is:
Figure BDA0003054113420000054
let f (l) sequences Y in event E obey a uniform distribution, then:
Figure BDA0003054113420000061
then, the probability that Y ∈ E and Y ═ Q is:
Figure BDA0003054113420000062
p (Y ═ Q | Y ∈ E) is a wrong cipher and the probability of correct decryption is recorded as PerrI.e. Perr=P(Y=Q|Y∈E)。
Theorem 1: the sequence Y satisfies the condition that the number of continuous symbols 1 is at most 1, liml→∞Perr=0。
And (3) proving that: because the rate of l → ∞ is,
Figure BDA0003054113420000063
so liml→∞Perr=0。
By theorem 1, it is easy to obtain that the longer the information source X is, the probability that the plaintext is decrypted by the wrong password of the receiving end is 0. By passing
Figure BDA0003054113420000064
It can be judged that the encryption system is attempted to be decrypted by an illegal password. A password self-verifying password system can be constructed without the need for storage or independent verification of the password. Namely, it is
Figure BDA0003054113420000065
The password is wrong; y belongs to E, then the password is correct.
Also, since the password is self-verifiable, it provides an attacker with a way to try and error, but needs to do 2kAnd (4) trial and error. k is a custom value, and when k is large enough, the number of attempts approaches infinity. There are two main ways to increase the length of the password: (1) different bits are encrypted and encoded by adopting independent passwords; (2) and each bit of the same password is encrypted and encoded by using different parts of the password.
And secondly, a coding and decoding method of the weighted probability model.
Based on the above "source processing" section, let sequence Q be 0100100001010, sequence Q consisting of "0" and "10". Based on Markov chain or conditional probability analysis, there are two probability mass functions for symbol 0, p (0|0), p (0| 1). The symbol 1 presents a probability mass function p (1| 0). When coding, because the sequence Q is known, the probability quality function used by each symbol can be accurately selected. However, the receiving end cannot accurately select the probability mass function when decoding unknown password information. If "0" is decoded, since there are two probability mass functions for symbol 0, it is not possible to correctly select which probability mass function to decode the next symbol. When a "1" has been decoded, there is a unique choice of p (1|0) since a "1" is necessarily followed by a symbol 0. Since the probability mass function is not unique, it is not feasible to construct a cryptographic encoding method using a markov chain or a conditional probability.
Let sequence Q be 010100101010100010010. The conventional encoding method is: from left to right, replacing "10" with "1" in sequence Q gives a sequence X: 0110111100101, the sequence X is then encoded to approximate H (X), which is the entropy of the information. However, the traditional encoding method cannot encrypt during decoding, only has the function of data compression, and cannot realize password self-verification. If the sequence Q is coded, because redundant information is added, H (Q) > H (X), the traditional coding method cannot approach H (X). Because H (X) cannot be approached, redundant information in the sequence Q is not completely removed, and cracking possibility exists.
Setting presence function
Figure BDA0003054113420000071
p (x) is the probability of the symbol x. r characterize the morphological features of sequence Q, called weight coefficients.
Figure BDA0003054113420000072
Called a weighted probability mass function, based on
Figure BDA0003054113420000073
The structure encoding/decoding method includes:
(1) r may adopt the value given by the independent cipher when each bit is encoded; (2) r may take the value given by different parts of the same cipher when each bit is encoded.
2.1, coding a weighted probability model;
definition 2.1: let X be a discrete random variable X, X ∈ {0, 1}, P { X ═ a } ═ P (a) (a ∈ {0, 1}), and the weighted probability mass function be
Figure BDA0003054113420000074
p (a) is a probability mass function of the symbol a, 0 ≦ p (a ≦ 1), r is a weight coefficient, and
F(a)=∑i≤ap(i) (5)
if F (a, r) satisfies F (a, r) ═ rf (a), F (a, r) is referred to as a weighted cumulative distribution function, and is simply referred to as a weighted distribution function. It is apparent that the weighted probability sum of all symbols is
Figure BDA0003054113420000075
According to formula (5), F (X)i-1)=F(Xi)-p(Xi),XiWhen F (X) is 0i-1)=0,XiWhen 1 is true
Figure BDA0003054113420000076
Let the weighted distribution function of the sequence Q be denoted as F (Q, r):
when l is 1, F (Q, r) ═ rF (X)1-1)+rp(X1). When l is 2, F (Q, r) ═ rF (X)1-1)+r2F(X2-1)p(X1)+r2p(X1)p(X2). When l is 3, F (Q, r) ═ rF (X)1-1)+r2F(X2-1)p(X1)+r3F(X3-1)p(X1)p(X2)+r3p(X1)p(X2)p(X3)。
Order to
Figure BDA0003054113420000081
When l is more than or equal to 1:
Figure BDA0003054113420000082
a binary weighting model, abbreviated as weighting model, is defined by the set of weighting distribution functions satisfying equation (6), and is denoted as { F (Q, r) }. Order to
Hl=F(Q,r) (7)
Figure BDA0003054113420000083
Figure BDA0003054113420000084
Wherein XiE {0, 1}, l 1, 2. When r is 1:
Figure BDA0003054113420000085
Hl=F(Q,1),
Figure BDA0003054113420000086
Ll=Hl-Rlthe available arithmetic coding (also called interval coding) is a lossless coding method based on a weighted distribution function when r is 1. The weighting model is extensible to XiE {0, 1, 2. } which is not discussed here.
Due to XiMust take the value in ASo that p (X)i) Is more than or equal to 0. It is obvious that the expressions (7), (8) and (9) are interval rows. L isi,HiIs the variable X of the source sequence X at time i (i ═ 0, 1, 2.., n)iSubscript, R, on corresponding intervali=Hi-LiIs the length of the interval. The iterative formula of the weighted probability model linear coding is as follows according to the formulas (7), (8) and (9):
Figure BDA0003054113420000087
let r > 1 and the 3 symbols of sequence Q starting from the i +1 position be 0, 1, 0. The encoding operation procedure according to the binary weighting model of equation (11) is shown in fig. 1.
According to FIG. 1, if Hi+3>Hi+1Reason interval [ H ]i+1,Hi+3)∈[Hi+1,Hi+1+Ri+1) And [ H ] isi+1,Hi+Ri) Corresponding to symbol 1, the i +1 th symbol 0 may be erroneously decoded as symbol 1. If H isi+3≤Hi+1Then [ L ]i+3,Hi+3)∈[Li+1,Hi+1). As in FIG. 1 [ L ]i+1,Hi+1) Uniquely corresponds to the symbol 0, so that the symbol 0 at the i +1 position is L-numberedi+3Correctly decoded, and the symbol 1 and symbol 0 at the i +2 and i +3 positions can also be correctly decoded. When r is more than 0 and less than or equal to 1, L is present at any timei+1,Hi+1)∈[Li,Hi) Lossless coding is possible. Since F (0-1) ═ 0 and F (0) ═ p (0), it can be obtained from formula (11):
Figure BDA0003054113420000091
Figure BDA0003054113420000092
because of Hi+3≤Hi+1Therefore:
Figure BDA0003054113420000093
let equation ar2+ br + c ═ 0, where a ═ p (1) p (0), b ═ p (0), c ═ 1, and r > 0. The positive real number satisfying the equation is
Figure BDA0003054113420000094
Since r is 1 when p (1) is 1-p (0) and p (1) is 0, then:
Figure BDA0003054113420000095
order to
Figure BDA0003054113420000096
rmaxIs the maximum value of r, apparently rmaxL can only be passed if the sequence Q satisfies "the number of consecutive symbols 1 is at most 1iAnd (6) complete decoding.
Let j +2( j 1, 2, 3..) symbols from the i +1 th position in the sequence Q be 0, 1,. and 1, 0, where j is the number of consecutive symbols 1, and j is equal to or less than 1 according to the "number of consecutive symbols 1 is at most 1". Due to Hi+j+2≤Hi+1According to formula (11) there are:
Figure BDA0003054113420000097
thus:
Figure BDA0003054113420000098
equation (16) is subtracted from equation (15) to simplify:
r-rj+2p(1)j+1+rj+2p(1)j+2≥1 (17)
p (1) is known, and r can be obtained by taking the equal sign of formula (17)max. When p (1) ═ 1 or p (0) ═ 0, r max1 is ═ 1; when 0 < p (0) < 1, j → ∞ rmax j+2p(1)j+1→0,rmax j+2p(1)j+2→ 0, then rmax→ 1. When j < 1 or r < rmaxRp (0) + r2p(0)p(1)+r3p(0)p(1)2+…+rj+1p(0)p(1)j<1。
2.2, proving the feasibility of lossless decoding;
theorem 2.2: the weighting model satisfies:
(1)Ll<Hl∧Ll<Hl-1∧...∧Ll<H1through LlThe sequence Q can be completely reduced; (2) lim (small)l→∞(Hl-Ll) 0, i.e. convergence; (3) lim (small)l→∞Hl=LlI.e. uniqueness.
Proof (1): according to formula (15), j > t or r > rmaxHas Hi+j+2>Hi+1Due to [ H ]i+j+2,Hi+1) Corresponding to symbol 1, then the (i + 1) th symbol cannot be decoded accurately as symbol 0 and does not comply with the lossless decoding requirement, so 0 ≦ j ≦ t and 0 ≦ rmaxMust be satisfied simultaneously. Since F (0-1, r) is 0, LI-1≥0,Ri-1Not less than 0, so LlIs a monotonous non-decreasing function. If and only if Ll∈[Ll,Hl)∧Ll∈[Ll-1,Hl-1)∧...∧Ll∈[L1,H1) When, due to [ L ]i,Hi) (i ═ 1, 2.. times, l) and variable XiIs a unique mapping relationship, so when L isl∈[Li,Hi) (i ═ 1, 2.. times, l) yields a unique symbol XiTo obtain the source sequence X, then L completelyl<Hl∧Ll<Hl-1∧...∧Ll<H1
Proof (2): because j is less than or equal to t and r is less than or equal to rmaxIs provided with
Figure BDA0003054113420000101
Figure BDA0003054113420000102
Therefore, it is not only easy to useHi+j+2≤Hi+1. If and only if j and r are t and rmaxWhen Hi+j+2=Hi+1. Order to
Figure BDA0003054113420000103
Thus Rl=∏Rj+1∏Rj...∏R2∏R1. When j is less than t and r is less than rmaxWhen this is the case, it is obtained from the formula (15)
Figure BDA0003054113420000104
Figure BDA0003054113420000105
So l → ∞ time Rl→ 0, then liml→∞(Hl-Ll)=liml→∞RlThe weighted probability model is convergent, 0.
Proof (3): { LlIs a strictly monotonic non-decreasing but bounded series of numbers, defined by a monotonic bounded theorem, given liml→∞LlXi, and xi is more than or equal to Ll. Because liml→∞(Hl-Ll) Not greater than 0, so liml→∞Ll=liml→∞HlXi, so xi is Ll,liml→∞Hl=ξ=LlAnd L islIs unique.
Inference 2.3: is provided with
Figure BDA0003054113420000111
When in use
Figure BDA0003054113420000112
The weighted model is passed through LlThe sequence Q can be completely reduced.
And (3) proving that: according to formula (15), when
Figure BDA0003054113420000113
Time of flight
Figure BDA0003054113420000114
Then
Figure BDA0003054113420000115
According to the inference 2.3, because
Figure BDA0003054113420000116
Then
Figure BDA0003054113420000117
But cannot derive
Figure BDA0003054113420000118
Taking t as an example to be 1,
Figure BDA0003054113420000119
solving by substituting formula (13) when
Figure BDA00030541134200001110
The time equation (13) holds, and the weighting model satisfies theorem 2.2 (1). When t is 1, in sequence Q
Figure BDA00030541134200001111
Therefore, it is not only easy to use
Figure BDA00030541134200001112
So rmax-rmax j+2p(1)j+1+rmax j+2p(1)j+21(j ≦ t) is a sufficient condition for weighted model lossless coding.
2.3, weighting model information entropy;
when r is equal to 1, the compound is,
Figure BDA00030541134200001113
the information entropy of Q is:
H(Q)=-p(0)log2 p(0)-p(1)log2 p(1) (18)
when r ≠ 1, the definition has a weighted probability
Figure BDA00030541134200001114
Random variable X ofiThe self information quantity is as follows:
Figure BDA00030541134200001115
set of { XiIn a (i ═ 1, 2., l, a ∈ {0, 1}) there is caA. When the value of r is determined, the total information amount of the sequence Q is:
Figure BDA00030541134200001116
the average amount of information per symbol is then:
Figure BDA00030541134200001117
wherein
Figure BDA0003054113420000121
And
Figure BDA0003054113420000122
is a probability mass function of symbol 0 and symbol 1 in sequence Q. Based on the introduction of the '2.1 weighted probability model coding' and '2.2 lossless decoding feasibility test', r is less than or equal to rmaxDue to rmax> 1 and-log r + H (Q) < H (Q). Because r is greater than rmaxThe time-weighted model cannot restore the sequence Q, so r ═ rmaxWhen I (X)iAnd r) minimum. The information entropy of the weighting model is then:
Figure BDA0003054113420000123
2.4, coding rate of a weighting model;
according to the introduction of the weighted model information entropy of 2.3, the weighted model coding and decoding satisfy the following conditions:
(1) when encoding and decoding, the symbol 0 and the symbol 1 have unique probability quality functions p (0) and p (1); (2) r ismax1 hour-log rmax< 0, so that H (Q, r)max) < H (Q). The weighted model code is closer to h (x). (3) And V is decoded without errors, and Y belongs to B. (4) n → ∞ time l → ∞ when
Figure BDA0003054113420000124
V errors or password errors; when Y belongs to B and V is correct, Y is Q. (5) r ismaxAs a real number, independent password information may be implanted, or partial information of a password may be implanted.
Therefore, at the transmitting end, the sequence Q is encoded into a sequence V (ciphertext) through the weighting model, the sequence V (ciphertext) is transmitted to the receiving end through the channel, and the receiving end decodes the binary sequence Y through the weighting model through the V (ciphertext). When Y is Q, the password is correct, and the plaintext is decrypted; when Y is not equal to Q, the password is wrong, and the decryption fails.
According to equation (22), the amount of information carried by each bit in sequence Q is on average H (Q, r)max) (bit/bit), the total information amount is lH (Q, r)max) (bit). The total information amount of the information source sequence X is nH (X) and (bit), and the coding code rate of the obtained weighting model is as follows:
Figure BDA0003054113420000125
when R is 1, the result of the weighted model coding reaches the information entropy of the sequence X. Let the probability of symbol 0 in the binary bernoulli source sequence X with length n be p (p is more than or equal to 0 and less than or equal to 1). Then nH (X) ═ pn log2 p-(1-p)n log2(1-p). Obtaining a sequence Q after the treatment of the formula (2), wherein the length of the sequence Q is l ═ 2-p) n, and then
Figure BDA0003054113420000131
Theorem 2.4: (s → ∞, t ═ 1), when n → ∞ and
Figure BDA0003054113420000132
when R is 1, i.e. the weighted model coding reaches the information entropy. Wherein s, t respectively represent: the number of consecutive symbols 0 in sequence Q is at most s, and the number of consecutive symbols 1 in sequence Q is at most t.
And (3) proving that:
Figure BDA0003054113420000133
when nh (x) is n. According to the above reasoning 2.3 have
Figure BDA0003054113420000134
Figure BDA0003054113420000135
Then
Figure BDA0003054113420000136
From formula (23):
Figure BDA0003054113420000137
probability mass function of symbol 0 and symbol 1 in sequence Q
Figure BDA0003054113420000138
And is
Figure BDA0003054113420000139
When p (0) is 1 according to formula (14), r max1, p is 1; when in use
Figure BDA00030541134200001310
When the temperature of the water is higher than the set temperature,
Figure BDA00030541134200001311
Figure BDA00030541134200001312
theorem 2.5(s → ∞, t ═ 1), when n → ∞, R ≦ 1, i.e., the weighted model coding may reach the entropy of information.
And (3) proving that: according to formula (25)
Figure BDA00030541134200001313
Since p is 0. ltoreq. p.ltoreq.1, 4(1-p)2Not less than 0, 4-8p +4p2Is more than or equal to 0. Since 4-8p +4p2=(3-2p)2- (5-4p) ≥ 0, so
Figure BDA00030541134200001314
Due to the fact that
Figure BDA00030541134200001315
Figure BDA0003054113420000141
Can obtain the product
Figure BDA0003054113420000142
Then
Figure BDA0003054113420000143
Because of the fact that
Figure BDA0003054113420000144
And 2-2p is more than or equal to 0,
Figure BDA0003054113420000145
therefore, it is not only easy to use
Figure BDA0003054113420000146
I.e., lH (Q, r)max) -nH (X) is not less than 0
Figure BDA0003054113420000147
And thirdly, encrypting, coding and decoding.
Let the probability of a symbol 0 in a binary bernoulli source sequence X (as plaintext) of length n be p (0 ≦ p ≦ 1). The binary Bernoulli information source sequence X is processed by the information source to obtain a sequence Q, and the sequence Q is obtained according to the theorems 2.4 and 2.5
Figure BDA0003054113420000148
And carrying out weighted model coding on the sequence Q. Then the basic operational variables:
Figure BDA0003054113420000149
Figure BDA00030541134200001410
p (0) represents the probability of symbol 0 in sequence Q; p (1) represents the probability of symbol 1 in sequence Q;
Figure BDA00030541134200001411
represents the weighted probability of symbol 0 in sequence Q;
Figure BDA00030541134200001412
representing the weighted probability of symbol 1 in sequence Q.
3.1, the sender implants the cipher in the weighting model weight coefficient (namely the secret key).
For example, assuming the bit length of the cipher is k, the cipher is divided into h segments, each segment containing
Figure BDA00030541134200001413
A bit, and an s (i-1, 2. -, h) th binary symbol is implanted into rmaxThere are many ways of doing this, a simple example is given below:
Figure BDA00030541134200001414
Figure BDA0003054113420000151
TABLE 1
Table 1 shows the implantation of a password into rmaxThe pseudo code in Algorithm (1), v needs to be initialized to 0. Where v is compared to 100 (which may be any integer customized to be greater than 100, etc.) for the purpose of bringing r closer to rmaxSo as to ensure lossless compression and encryption. When v is too large, then
Figure BDA0003054113420000152
Approaches to 0, r ═ rmaxSo that the weight coefficient has no any password information and no additionAnd (4) performing a sealing function. Therefore, it is necessary to control the magnitude of v, for example, to control 100 ≦ v ≦ 216And the like. R is obtained by Algorithm (1)maxThe relation between the encryption coding rate of the weighting model and p is shown in fig. 2 and fig. 3; FIG. 2 shows that
Figure BDA0003054113420000153
Then, symbols in the sequence X are interchanged; as can be taken from the figure 3, it is,
Figure BDA0003054113420000154
the code rate of the time-weighted model coding is minimum, and min R is 0.85108.
3.2, the transmitting end carries out an encoding process based on a weighted probability model of the implanted password;
the applicant found in the course of research that: on the premise of knowing the plaintext, the plaintext and the decrypted data are compared one by one, so that the weighting coefficient and the password used in the weighting coefficient are deduced. The main point is that the weighted probability model is the flow of linear coding and decoding in bit unit, and the cipher is implanted into the weighting coefficient, so that each bit must be the correct coefficient when encrypting and decrypting. The known plaintext can calculate a weighting coefficient through a weighting probability model theory, and the open-source encryption and decryption algorithm can know how to implant the weighting coefficient into the password, so that whether the decrypted file is the same as the plaintext or not is continuously tried and compared, and the actual password is obtained. Then the vulnerability is mainly reflected in breaking other files with known plaintext. For example, a user may encrypt more than two files using the same password, which is a subjective cause of the user, and the user may not want to remember different passwords, and one of the files is a plaintext known to the cracker. The logic loophole can be used by a cracker to deduce the encrypted coefficient and the actually used password through known plaintext, ciphertext and encryption algorithm source programs. Although the time required for this guess is long and complicated.
In order to solve the problem, the applicant researches and discovers that: during encryption and decryption, a random number with the length of t (t can be defined) bits is coded before a certain plaintext is coded. Since the random number is unknown and the linearity of the probabilistic model is weightedThe random number in front of the codec feature cannot be decrypted correctly, and consequently, the subsequent plaintext cannot be decrypted correctly. Therefore, t bits of random number play the role of a secret key, and the greater t is, the greater the difficulty of cracking is, namely 2tOnly one of these possibilities is correctly decryptable.
According to the idea that the random number with the length of t (t can be defined by user) bits is coded before a certain plaintext is coded, when the weighted probability model is coded, the random number with t bits is coded first, and then the plaintext is coded. It is noted that the random number of t bits is different from the cipher described in Algorithm (1). The Algorithm Algorithm (2) is shown in the following table:
Figure BDA0003054113420000161
Figure BDA0003054113420000171
TABLE 2
Obtain OutBitArray through algorithmm (2), and then perform an encoding step on OutBitArray (note that OutBitArray is sequence X after integration). Coding is divided into two cases:
the weighted probability model is based on a bit-based linear encoding according to the iterative equation of the weighted probability model, i.e., equation (11) above. It should be noted that the ciphertext is obtained by the transmitting end encoding the sequence Q obtained after source processing, where the source processing procedure of the sequence X is incorporated in the encoding step (the process of "source processing" to be performed is shown in table 3 below). According to fig. 3, two cases are coded in time division:
(1) when in use
Figure BDA0003054113420000172
When the symbol 0 in the code sequence X is zero
Figure BDA0003054113420000173
Li=Li-1(ii) a Mid symbol of coding sequence XNumber 1, the actual encoding is "10" because the source processing of sequence X is incorporated in the encoding step.
Figure BDA0003054113420000174
(2) When in use
Figure BDA0003054113420000175
When the symbol 0 in the code sequence X is used, the code is actually 10,
Figure BDA0003054113420000176
Figure BDA0003054113420000177
when the symbol 1 in the coding sequence X
Figure BDA0003054113420000178
Li=Li-1
The encryption coding logic is as follows:
Figure BDA0003054113420000179
Figure BDA0003054113420000181
Figure BDA0003054113420000191
TABLE 3
Table 3 shows the pseudo code for encoding the source processed sequence X based on the weighted probability model of the implant cipher. The pseudo-code is for the purpose of implementing logic, V, R among othersiAnd LiEtc. are defined as real numbers of infinite precision; VBitArray output by the pseudo code of Table 3 is the ciphertext. In practical application, only the components need to be replaced
Figure BDA0003054113420000192
And
Figure BDA0003054113420000193
substituting arithmetic coding (interval coding) to realize weighted model encryption coding and decoding.
3.3, the receiving end decodes the ciphertext sent by the sending end;
the decryption decoding process for the cryptographic error check is given below. Because the number of "consecutive symbols 1 in sequence X after source processing is at most 1", i.e. the number of "consecutive symbols 1 in sequence Q is at most 1". Therefore, when a ciphertext is decoded, it can be determined that a cipher error or V has been tampered when 2 or more than 2 symbols 1 are decoded consecutively. When the receiving end decrypts, the binary sequences V and c, n + t are known.
The decoding check logic is as follows:
Figure BDA0003054113420000201
Figure BDA0003054113420000211
Figure BDA0003054113420000221
TABLE 4
Table 4 shows the pseudo code for the receiving end to decode the ciphertext and cryptographically self-check. When Algorithm (4) returns null, the password is wrong or V is tampered with. When the Algorithm (4) does not return null, the decrypted plaintext is returned, and it should be noted that since a random number is added during encoding, the plaintext can be obtained only by discarding t bits of data during decoding. According to the theorem 2.5, the method can reach the information entropy, so the method has lossless compression and encryption functions, and the probability of each symbol of the coded ciphertext is equal. Wherein, the cipher array SecretkeyBitAlrray with the length of k is generated by the system or given by the user.
In contrast to the attacker,vbit array, c and n are known, and the password is protected or private. Since c and n are known, an attacker can formulate rmaxHowever, since the password and the length of the password are unknown, the correct r cannot be obtained by Algorithm (1). Since the weighting model is a linear coding and decoding process, the next symbol must be correctly decrypted when decoding the next symbol, as shown in equation (11), so that the wrong r causes
Figure BDA0003054113420000222
And
Figure BDA0003054113420000223
and an error, thereby decrypting the erroneous symbol. The method is also safe because each symbol or each part of symbols uses different r, and thus r cannot be approximated or guessed.
And when encrypting and decrypting, a random number with the length of t bits is coded before a certain plaintext is coded. Because the random number is unknown and the random number in front of the linear coding feature of the weighted probability model cannot be decrypted correctly, the subsequent plaintext cannot be decrypted correctly. Therefore, the random number with t bits plays the role of a secret key, and the greater t is, the greater the difficulty of cracking is. This further proves that the present method is sufficiently safe.
The examples section;
referring to fig. 4 and 5, a first embodiment of the present invention provides a method for encrypting web page resources, including the following steps:
s101, the server receives a webpage resource request instruction sent by the browser.
The browser and the server can be transmitted through an http protocol or an https protocol.
S102, the server converts the webpage resources corresponding to the webpage resource request instruction into a first sequence to be encrypted according to the webpage resource request instruction, and adds a random number before the first sequence to be encrypted to obtain a second sequence to be encrypted which is used as a binary system.
In this step, the web page resource can be represented in bytes (i.e., in plaintext). The purpose of adding a random number here before the first sequence to be encrypted is: the random number with the length of t bits is coded before a certain plaintext is coded, because the random number is unknown, and the random number in front of the linear coding and decoding characteristic of the weighted probability model cannot be correctly decrypted, the subsequent plaintext cannot be correctly decrypted, so that the random numbers with t bits play a role of a secret key, the safety can be greatly improved, and the guarantee is improved.
S103, the server performs information source processing on the second sequence to be encrypted to obtain a third sequence to be encrypted.
The information source processing enables the browser to detect whether the decoded sequence has the situation that the password information is wrong or the ciphertext data is tampered. As an optional implementation manner, after performing source processing on the second sequence to be encrypted, the present embodiment makes the number of consecutive symbols 1 in the third sequence to be encrypted be at most 1.
S104, the server encodes the third sequence to be encrypted based on the weighted probability model to obtain a ciphertext, wherein binary ciphers are implanted into weight coefficients of the weighted probability model and are more than or equal to 512 bits.
The encoding process in step S104 is as follows:
when in use
Figure BDA0003054113420000231
By passing
Figure BDA0003054113420000232
And Li=Li-1Coding a symbol 0 in the third sequence to be encrypted; by passing
Figure BDA0003054113420000233
And
Figure BDA0003054113420000234
the symbols 10 in the third sequence to be encrypted are encoded.
When in use
Figure BDA0003054113420000235
By passing
Figure BDA0003054113420000236
And
Figure BDA0003054113420000237
encoding the symbols 10 in the third sequence to be encrypted; by passing
Figure BDA0003054113420000238
And Li=Li-1The symbol 1 in the third sequence to be encrypted is encoded.
Wherein p represents the probability of the symbol 0 in the second sequence to be encrypted; rI,Li,Ri-1,Li-1Encoding parameters respectively representing corresponding bit positions; r0=1,L0=0,i∈(0,1,2,...,n);
Figure BDA0003054113420000241
Figure BDA0003054113420000242
p (1) represents the probability of symbol 1 in the third sequence to be encrypted; p (0) represents the probability of symbol 0 in the third sequence to be encrypted;
Figure BDA0003054113420000243
rmaxis the maximum value of the weight coefficient, rmaxIn which a binary cipher is implanted. Specific encoding procedures can be found in Algorithm (3) above. Wherein the binary cipher is greater than or equal to 512 bits to satisfy the encryption process for random encryption and lossless compression. It should be noted that, compared with encryption using symmetric encryption such as AES, SM4, DES3, etc., the advantage of the method is that lossless compression capability is provided while encryption is performed, and when a web resource repeat request is made, the load capacity of the server can be increased by more than 10%.
S105, the server sends the ciphertext to the browser.
The cipher text is transmitted in a recessive mode, and parameters required by decoding the cipher text are transmitted to the browser in a recessive mode.
S106, the browser decodes the ciphertext according to the weighted probability model, and detects a decoding result based on a result of information source processing.
The specific decoding and detecting process can be referred to the above Algorithm (4), which will not be described in detail here. The detection process is for example: in step S103, source processing is performed, so that the number of consecutive symbols 1 in the third sequence to be encrypted is at most 1, and if the decoded result does not meet the constraint condition that the number of consecutive symbols 1 is at most 1, an error inevitably occurs in decoding. The browser can package the weighted probability model into a program and can directly call the program when in use.
And S107, if the correct decoding result is obtained, the browser displays the decoding result.
It should be noted that after the decoding result is detected in step S106, if the decoding result is correct, the decoding result also needs to be processed by an anti-random number and an anti-source, that is, the random number added in the encoding process and the source processing data added in the encoding process are removed at the corresponding position, so as to obtain a plaintext converted from the web resource, and finally, the web resource is displayed on the browser.
The above steps S101 to S107 have the following advantageous effects:
for an attacker, even if the information such as the ciphertext, the ciphertext length, the number of the symbols 0 in the first sequence to be encrypted and the like is known, but the password is protected or private, the length of the password and the password are given by a system or a user, which cannot be accurately known by the attacker, and the attacker can obtain r through a formulamaxHowever, since the password and the length of the password are unknown, the correct r cannot be obtained by Algorithm (1). Since the weighting model is a linear encoding/decoding process, the following symbol must be correctly decrypted when decoding the preceding symbol, as shown in the above equation (11), so that the wrong r causes
Figure BDA0003054113420000251
And
Figure BDA0003054113420000252
error, thereby decrypting the errorAnd (4) a symbol. Moreover, the method is safe because each symbol or each part of symbols can use different r when encoding, and thus r cannot be approximated or guessed. That is, the attacker cannot decrypt the ciphertext to obtain correct plaintext without knowing the password and the length of the password.
(1) The traditional method only can perform confusion processing on a JavaScript program, so that the program is lack of readability and large in reading difficulty, but the decryption only needs to be performed by anti-confusion, and creative programs, such as games, need to be protected, not only the JavaScript program but also game resources are included, so that the traditional method cannot realize encryption and decryption of webpage resources. The method can realize stream encryption and data encryption, can encrypt and decrypt the webpage resources, cannot decrypt a ciphertext to obtain a correct plaintext under the condition of unknown password and password length for any attacker, can effectively protect the safety of the ciphertext, and ensures that the webpage resources are safely applied. The method has the double effects of symmetric encryption and lossless compression, and can improve the load capacity of the server by more than 10% when the webpage resources are repeatedly requested.
(2) The random number is added before the first sequence to be encrypted, so that the random number with the length of t bits is coded before a certain plaintext is coded, because the random number is unknown, and the random number in front of the linear coding and decoding characteristic of the weighted probability model cannot be correctly decrypted, the subsequent plaintext cannot be correctly decrypted, and therefore, the random number with t bits plays a role of a secret key, the safety can be greatly improved, and the guarantee is promoted.
Referring to fig. 6 and 7, a second embodiment of the present invention provides a method for encrypting web page resources, including the following steps:
s201, the server receives a webpage resource request instruction sent by the browser.
S202, the server converts the webpage resources corresponding to the webpage resource request instruction into a first sequence to be encrypted according to the webpage resource request instruction, and adds a random number before the first sequence to be encrypted to obtain a second sequence to be encrypted which is used as a binary system.
S203, the server performs information source processing on the second sequence to be encrypted to obtain a third sequence to be encrypted.
S204, the server encodes the third sequence to be encrypted based on the weighted probability model to obtain a ciphertext, wherein binary ciphers are implanted into weight coefficients of the weighted probability model and are more than or equal to 512 bits.
S205, the server sets the unique identification of the signature, and encrypts the unique identification through the Jielin code to obtain a hash value.
Referring to fig. 8, as an alternative embodiment, the encryption of the unique identifier by the jalin code includes the following steps (the symbolic representation used in the step is different from the symbolic representation used in the above steps S201 to S205):
s2051, converting the unique identifier into a binary sequence;
s2052, setting positive real number r to 2H(x)-LenH (x) is the normalized information entropy of the binary sequence, Len is the preset digital fingerprint length of the binary sequence;
s2053, for the ith bit symbol x in the binary sequence, according to the coding formula Ri=Ri-1rp(x),Li=Li-1+Ri-1F (x-1, r) is encoded, and L after encoding is outputiAs a hash value; coding variable RiIs 1, encodes a variable LiIs 0; p (x) is the normalized probability of the symbol x, and F (x-1, r) is the non-normalized distribution function of the symbol x-1.
The process from step S2051 to step S2053 is a jilin code hash algorithm, which is well known in the art and will not be described in detail herein. It should be noted that the symbolic representation used in the jalin code hash encryption/decryption process described herein is different from the symbolic representation used in the weighted probability model encryption/decryption, and the symbolic representation in fig. 8 is the same, please note the distinction. It should be noted that hash algorithms such as SM3, MD5, MAC, SHA, and the like may also be used instead of the jilin code hash algorithm, but these hash algorithms have fixed hash value lengths, and the hash value lengths cannot be automatically adjusted according to the load capacity of the actual system.
S206, the server sends the ciphertext and the hash value to the browser.
And S207, the browser sends an authentication request instruction of the hash value to the server.
And S208, the server authenticates the hash value based on the authentication request instruction, and if the authentication is successful, the server sends an authentication success instruction to the browser.
S209, the browser decodes the ciphertext according to the weighted probability model based on the authentication success command, and detects a decoding result based on the result of the information source processing.
And S210, if a correct decoding result is obtained, the browser displays the decoding result.
Compared with the first embodiment, the first embodiment is to complete communication directly by means of encryption and decryption of the password, and the embodiment adds a step of signature unique identification and authentication of the server on the basis of the first embodiment. In this embodiment, the ciphertext completed by the server may be stolen by another website and installed in the website after the ciphertext is received by the browser in the channel, and in such a case, because the program developer and the operating platform (and the server system of the operating platform) are authenticated and unique by real name, when the unique identifier is used to perform hash check with the server, decryption and operation are performed, so that security is ensured, and tampering is prevented. But also ensures that the current connection and the visitor are authenticated by the correct and unique server, and that the encrypted file of the server is not infected by virus (because the ciphertext is wrong or the hash value is different after the virus infection). It should be noted that the advantageous effects of the present embodiment and the first embodiment are not repeated herein.
Based on the first embodiment and the second embodiment, the server and the browser are transmitted through https protocol. Unlike the https protocol, the methods of the first and second embodiments protect the resources that the page needs to display. While traditional https only protects the security of page resources at the time of transmission. The method of the first embodiment or the method of the second embodiment in combination with the http protocol transmission can make up for the security of the whole page resource, and the security is higher than that using the http protocol.
To facilitate a full understanding of the contents of the first and second embodiments by those skilled in the art, one embodiment is provided below. In a third embodiment of the present invention, a Web resource encryption system includes two parts, which are an encryption program at a server side and a JavaScript decryption program at a Web side (i.e., a browser side). Considering the WebAssembly technology as a browser technology "execute JavaScript correctly" start, it provides a platform-independent runtime whose binaries can be compiled from many different languages and can run on any platform supported by the runtime (without any further modification or recompilation). Obviously, as a compiling technology, the WebAssembly aims at not the inherent security property of the JavaScript source code, but a supporting technology to extend the support of the browser for other languages. The method comprises the following specific steps:
firstly, a server side;
encrypting webpage resources (such as javascript, html, css, byte data of images, audios and videos, characters required to be displayed by webpages and the like) into a ciphertext, and writing the ciphertext into a xxx.
function test(){
alert ("jerlin code web resource encryption"); }
1) Setting a unique identifier of the signature: com (which may be a telephone number, a user name, a domain name, or a certificate number, etc.), the unique identifier may be hashed by jielin code hash encryption (see fig. 8).
2) Setting a password: 123456. the password can be any digital information, if the password is a symbol, the symbol can be converted into a number through binary system, and then the number is added into r of the weighted probability modelmaxPerforming the following steps; and then taking the javascript program in the example as a plaintext in a byte form, adding a random number with a set length in front of the plaintext, carrying out information source processing, and finally carrying out weighted probability model symmetric encryption to obtain a ciphertext. The specific process can be seen in Algorithm (1) to Algorithm (3) of the above principle section. The exemplary source code can be encrypted into a ciphertext through the two steps, and the ciphertext is in the following form:
var Datas=[34,124,6,241,17,181,15,178,156,15,177,15,183,23,23,88,223,174,45,107,45,232,141,105,185,194,189,31,113,2,32,207,237,213,217,118,7,100,139,34,107,187,250,5,188,173,12,5,22,56,219,243,3,145,19,132,238,151,27,1,237,182,145,192,253,143,215,220,163,100,161,213,161,139,157,228,145,53,30,171,80,80,100,243,151,207,6,97,55,64,40,31,42,130,202,233,231,115,59,65,239,230,228,217,200,138,27,69,59,196,54,147,228,65,78,44,35,1,208,0,98,70,58,66,171,88,211,166,112,20,121,171,209,12,8,225,140,42,247,244,35,169,206,66,232,60,41,187,246,198,218,110,103,147,36,239,70,70,131,244,166,105,117,175,135,28,216,244,65,197,6,197,48,221,246,153,197,168,161,210,78,74,139,41,24,207,229,137,184,238,200,192,50,141,35,20,133,235,83,16,255,123,53,197,148,107,202,57,25,39,34,106,234,146,176,172,129,153,13,253,204,15,255,164,76,192,92,219,93,37,117,109,165,213,50,65,67,189,231,97,139,152,122,0];
3) the ciphertext is stored in xxx.
V/encrypted data, the encrypted data has at least 64 bytes of extra key, and the length of the key is random
var Datas=[34,124,6,241,17,181,15,178,156,15,177,15,183,23,23,88,223,174,45,107,45,232,141,105,185,194,189,31,113,2,32,207,237,213,217,118,7,100,139,34,107,187,250,5,188,173,12,5,22,56,219,243,3,145,19,132,238,151,27,1,237,182,145,192,253,143,215,220,163,100,161,213,161,139,157,228,145,53,30,171,80,80,100,243,151,207,6,97,55,64,40,31,42,130,202,233,231,115,59,65,239,230,228,217,200,138,27,69,59,196,54,147,228,65,78,44,35,1,208,0,98,70,58,66,171,88,211,166,112,20,121,171,209,12,8,225,140,42,247,244,35,169,206,66,232,60,41,187,246,198,218,110,103,147,36,239,70,70,131,244,166,105,117,175,135,28,216,244,65,197,6,197,48,221,246,153,197,168,161,210,78,74,139,41,24,207,229,137,184,238,200,192,50,141,35,20,133,235,83,16,255,123,53,197,148,107,202,57,25,39,34,106,234,146,176,172,129,153,13,253,204,15,255,164,76,192,92,219,93,37,117,109,165,213,50,65,67,189,231,97,139,152,122,0];
var Decryptionbytes=JielinCodeDecryption(Datas);
The above is the information in xxx. The following codes can also be added into the html page of the web system:
<script language="javascript">
var unique_sign="jielincode.com";
var Datas=[34,124,6,241,17,181,15,178,156,15,177,15,183,23,23,88,223,174,45,107,45,232,141,105,185,194,189,31,113,2,32,207,237,213,217,118,7,100,139,34,107,187,250,5,188,173,12,5,22,56,219,243,3,145,19,132,238,151,27,1,237,182,145,192,253,143,215,220,163,100,161,213,161,139,157,228,145,53,30,171,80,80,100,243,151,207,6,97,55,64,40,31,42,130,202,233,231,115,59,65,239,230,228,217,200,138,27,69,59,196,54,147,228,65,78,44,35,1,208,0,98,70,58,66,171,88,211,166,112,20,121,171,209,12,8,225,140,42,247,244,35,169,206,66,232,60,41,187,246,198,218,110,103,147,36,239,70,70,131,244,166,105,117,175,135,28,216,244,65,197,6,197,48,221,246,153,197,168,161,210,78,74,139,41,24,207,229,137,184,238,200,192,50,141,35,20,133,235,83,16,255,123,53,197,148,107,202,57,25,39,34,106,234,146,176,172,129,153,13,253,204,15,255,164,76,192,92,219,93,37,117,109,165,213,50,65,67,189,231,97,139,152,122,0];
var Decryptionbytes=JielinCodeDecryption(Datas);
</script>
the unique _ sign is a unique identifier, the browser pushes the unique identifier to the server for uniqueness check (namely signature check) through a Get or post method after obtaining the unique identifier, it is ensured that the current connection and the visitor pass through correct and unique server authentication, it is ensured that the encrypted file of the server is not infected with viruses (because the ciphertext is wrong or the hash value of the file is different after the virus infection), and the specific method will be described in detail in the browser part. The data is a cipher text which contains signature data and encrypted and encoded bytes, and because the embodiment adopts the password of 512 bits to 768 bits and the signature of 64 bytes, the small file is larger after encrypted and encoded, and the large file can realize lossless compression. Jielinncodedecryption is a decryption function that can be run in the browser.
4) Xxx.js files are contained between < head > </head > of a certain webpage (such as test. html) in a browser, the method is as follows:
< script src >
The relative path of the server refers to (same below): http:// domain name/Web server current js file located folder-
5) Html < head > </head > contains jielin codedecryption min. js files, and the program has an open source program for weighted probability model symmetric decryption (see Algorithm (4) above) and jilin code hash check.
< script src ═ relative Path of Server/JeilinCodeDecryption _ min. js "> < script >
Html is a Web page on a Web server.
Secondly, a Web end;
html page is analyzed by browser to obtain jielin codedecryption _ min.js and xxx.js, wherein jielin codedecryption _ min.js is a source program for symmetric decryption and hash check, and js is encrypted by yunoncompressor and close-component, so that the browser can correctly identify and run a decryption program. Js is decrypted by calling a jielincocoddedecryption (datas) function. Expressed in a step-wise manner as:
1) html webpage is obtained by the browser through the domain name;
2) html is obtained by the browser through kernel analysis test.html to obtain jielin codedecryption _ min.js and xxx.js;
3) js, data is decrypted by the jielincocordedecryption function, where unique _ sign must be correct.
Obviously, the above 3 steps complete the direct decryption flow of fig. 5.
The security protection of the web page resource is encryption on one hand and authentication on the other hand, namely that the current access is performed based on the correct domain name or not.
For example, the encrypted files jielinncodedecryption _ min.js and xxx.js can be stolen by other websites and installed in the websites. When the situation occurs, because the program developer and the operating platform (and the server system of the operating platform) are authenticated by real names and are unique, the security can be guaranteed by performing decryption and operation after the hash check of the unique identifier and the server is completed. Because the browser cannot know whether the current program is a stolen source program, the method for signature authentication between the browser and the server is as follows:
1) the browser gets jielin codedecryption min. js and xxx. js, since the unique identifier exists in xxx. js, the jielin codedecryption function can be decrypted correctly. At this time, a callback verification function needs to be provided in the encrypted javascript program, and the callback verification function is provided for programmers to develop. Such as the following function:
Figure BDA0003054113420000331
and then, the whole source program is encoded into a ciphertext by using symmetric encryption, and because the source program adopts javascript' eval (decryption bytes) functions (wherein decryption bytes are decrypted source codes), the functions have the maximum characteristic that the functions can be called after decryption, and the decrypted source program cannot be viewed.
2) The unique identifier and the corresponding hash algorithm need to be pushed to the server in the callback function, and the server side verifies the unique identifier and the corresponding hash value pushed back by the browser. By taking unique _ sign as an example of a domain name and java as an example of a server side, a unique and correct identifier is stored by the server side through the following steps:
String url=request.getRequestURL();
and acquiring whether the current access is carried out through the correct domain name, if the url is the same as the unique _ sign, returning to pass the check, and otherwise, returning to fail. The uniqueness of callback verification can be ensured by adopting a Hash algorithm, and repeated submission is avoided.
3) Executing eval (decryption bytes) function, if the return check is not passed, not decrypting the core source code, otherwise, decrypting the application.
The javascript source program is a core code with webpage effect and interaction, so the javascript is taken as an example of a webpage resource encryption system, and the server side is also a callback explanation which is only java as an example, but does not represent that only javascript and java application can be performed.
According to a fourth embodiment of the present invention, a web resource encryption device is provided, which may be any type of intelligent terminal, such as a mobile phone, a tablet computer, a personal computer, and so on. Specifically, the apparatus includes: one or more control processors and memory, here exemplified by a control processor. The control processor and the memory may be connected by a bus or other means, here exemplified by a connection via a bus.
The memory, which is a non-transitory computer readable storage medium, may be used to store non-transitory software programs, non-transitory computer executable programs, and modules, such as program instructions/modules corresponding to the web resource encryption device in the embodiments of the present invention. The control processor implements the web page resource encryption method of the above method embodiments by running non-transitory software programs, instructions, and modules stored in the memory.
The memory may include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the memory may include high speed random access memory, and may also include non-transitory memory, such as at least one magnetic disk storage device, flash memory device, or other non-transitory solid state storage device. In some embodiments, the memory optionally includes memory located remotely from the control processor, and the remote memory may be connected to the web resource encryption device via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The one or more modules are stored in the memory and, when executed by the one or more control processors, perform the web page resource encryption method of the above embodiments.
The embodiment of the invention also provides a computer-readable storage medium, wherein the computer-readable storage medium stores computer-executable instructions, and the computer-executable instructions are used for one or more control processors to execute the webpage resource encryption method in the embodiment.
Through the above description of the embodiments, those skilled in the art can clearly understand that the embodiments can be implemented by software plus a general hardware platform. Those skilled in the art will appreciate that all or part of the processes in the methods for implementing the embodiments described above can be implemented by hardware related to instructions of a computer program, which can be stored in a computer-readable storage medium, and when executed, can include the processes in the embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a Read Only Memory (ROM), a Random Access Memory (RAM), or the like.
While embodiments of the invention have been shown and described, it will be understood by those of ordinary skill in the art that: various changes, modifications, substitutions and alterations can be made to the embodiments without departing from the principles and spirit of the invention, the scope of which is defined by the claims and their equivalents.

Claims (10)

1. A webpage resource encryption method is applied to a server and comprises the following steps:
receiving a webpage resource request instruction sent by a browser;
converting the webpage resources corresponding to the webpage resource request instruction into a first sequence to be encrypted according to the webpage resource request instruction, and adding a random number before the first sequence to be encrypted to obtain a second sequence to be encrypted as a binary system;
carrying out information source processing on the second sequence to be encrypted to obtain a third sequence to be encrypted;
coding the third sequence to be encrypted based on a weighted probability model to obtain a ciphertext, wherein binary ciphers are implanted into weight coefficients of the weighted probability model and are more than or equal to 512 bits;
and sending the ciphertext to the browser so that the browser decodes the ciphertext according to the weighted probability model and detects a decoding result based on a result of the information source processing.
2. The web page resource encryption method according to claim 1, further comprising the steps of:
setting a unique identifier of the signature, and encrypting the unique identifier through a Jielin code to obtain a hash value;
sending the hash value to the browser, so that the browser sends an authentication request instruction of the hash value to the server before decoding the ciphertext;
and authenticating the hash value according to the authentication request instruction, and if the authentication is successful, sending an authentication success instruction to the browser so that the browser decodes the ciphertext according to the weighted probability model.
3. A method for encrypting web page resources according to claim 2, wherein the step of encrypting the unique identifier by jilin code to obtain a hash value comprises the steps of:
converting the unique identifier into a binary sequence;
setting a positive real number r to 2H(X)-LenH (x) is the normalized information entropy of the binary sequence, and Len is the preset digital fingerprint length of the binary sequence;
for the ith bit symbol x in the binary sequence, according to a coding formula Ri=Ri-1rp(x),Li=Li-1+Ri-1F (x-1, r) is encoded, and L after encoding is outputiAs the hash value; coding variable RiInitial value of (2)Is 1, encodes a variable LiIs 0; p (x) is the normalized probability of the symbol x, and F (x-1, r) is the non-normalized distribution function of the symbol x-1.
4. The method for encrypting webpage resources according to claim 1, wherein the encoding the third sequence to be encrypted based on the weighted probability model comprises the steps of:
when in use
Figure FDA0003054113410000021
By passing
Figure FDA0003054113410000022
And Li=Li-1Encoding a symbol 0 in the third sequence to be encrypted; by passing
Figure FDA0003054113410000023
And
Figure FDA0003054113410000024
encoding the symbols 10 in the third sequence to be encrypted; and when
Figure FDA0003054113410000025
By passing
Figure FDA0003054113410000026
And
Figure FDA0003054113410000027
encoding the symbols 10 in the third sequence to be encrypted; by passing
Figure FDA0003054113410000028
And Li=Li-1Encoding a symbol 1 in the third sequence to be encrypted;
wherein p represents the probability of the symbol 0 in the second sequence to be encrypted; the R isi,Li,Ri-1,Li-1Encoding parameters respectively representing corresponding bit positions; the R is0=1,L00, i ∈ (0, 1, 2,..., n); the above-mentioned
Figure FDA0003054113410000029
The above-mentioned
Figure FDA00030541134100000210
The p (1) represents the probability of the symbol 1 in the third sequence to be encrypted; p (0) represents the probability of the symbol 0 in the third sequence to be encrypted; the above-mentioned
Figure FDA00030541134100000211
Figure FDA00030541134100000212
Said rmaxIs the maximum value of the weight coefficient, rmaxIn which the binary cipher is implanted.
5. A method for encrypting web page resources according to claim 1, wherein the web page resources include web page programs and web page contents.
6. A method for encrypting web page resources according to claim 1, wherein the server and the browser are transmitted by https protocol.
7. A webpage resource encryption method is characterized by being applied to a browser and comprising the following steps:
sending a webpage resource request instruction to a server so that the server converts webpage resources corresponding to the webpage resource request instruction into a first sequence to be encrypted according to the webpage resource request instruction, and adding a random number before the first sequence to be encrypted to obtain a second sequence to be encrypted which is used as a binary system; the server performs information source processing on the second sequence to be encrypted to obtain a third sequence to be encrypted; enabling the server to encode the third sequence to be encrypted based on a weighted probability model to obtain a ciphertext, wherein binary ciphers are implanted into weight coefficients of the weighted probability model and are more than or equal to 512 bits;
and receiving the ciphertext sent by the server, decoding the ciphertext according to the weighted probability model, and detecting a decoding result based on the result of the information source processing.
8. The web page resource encryption method according to claim 7, further comprising the steps of:
receiving a hash value sent by the server, wherein the hash value is obtained by setting a unique signature of a signature by the server and encrypting the unique signature by a Jielin code;
sending an authentication request instruction of the hash value to the server, wherein the authentication request instruction is used for enabling the server to authenticate the hash value;
and receiving an authentication success instruction sent by the server, and decoding the ciphertext according to the weighted probability model.
9. A web resource encryption device, comprising: at least one control processor and a memory for communicative connection with the at least one control processor; the memory stores instructions executable by the at least one control processor to enable the at least one control processor to perform a web resource encryption method of any one of claims 1 to 6 and/or a web resource encryption method of any one of claims 7 to 8.
10. A computer-readable storage medium having stored thereon computer-executable instructions for causing a computer to perform a method for encrypting a web resource according to any one of claims 1 to 6 and/or a method for encrypting a web resource according to any one of claims 7 to 8.
CN202110495532.7A 2021-05-07 2021-05-07 Webpage resource encryption method, equipment and storage medium Active CN113297591B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110495532.7A CN113297591B (en) 2021-05-07 2021-05-07 Webpage resource encryption method, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110495532.7A CN113297591B (en) 2021-05-07 2021-05-07 Webpage resource encryption method, equipment and storage medium

Publications (2)

Publication Number Publication Date
CN113297591A true CN113297591A (en) 2021-08-24
CN113297591B CN113297591B (en) 2022-05-31

Family

ID=77320984

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110495532.7A Active CN113297591B (en) 2021-05-07 2021-05-07 Webpage resource encryption method, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN113297591B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113922947A (en) * 2021-09-18 2022-01-11 湖南遥昇通信技术有限公司 Adaptive symmetric coding method and system based on weighted probability model
CN113922946A (en) * 2021-09-06 2022-01-11 湖南遥昇通信技术有限公司 Data encryption method, system, equipment and medium based on SM3
CN113938273A (en) * 2021-09-30 2022-01-14 湖南遥昇通信技术有限公司 Symmetric encryption method and system capable of resisting vector parallel computing attack
CN113992413A (en) * 2021-10-28 2022-01-28 中国银行股份有限公司 Message encryption and decryption method and device for hybrid application
CN114039718A (en) * 2021-10-18 2022-02-11 湖南遥昇通信技术有限公司 Hash coding method and system of self-adaptive weighted probability model
CN114189324A (en) * 2021-11-12 2022-03-15 湖南遥昇通信技术有限公司 Message security signature method, system, device and storage medium

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170161478A1 (en) * 2015-08-12 2017-06-08 Kryptowire LLC Active Authentication of Users
CN109495211A (en) * 2018-09-30 2019-03-19 湖南瑞利德信息科技有限公司 A kind of channel coding and coding/decoding method
CN109711173A (en) * 2019-02-03 2019-05-03 北京大学 A kind of password file leakage detection method
CN110688092A (en) * 2019-09-04 2020-01-14 湖南遥昇通信技术有限公司 Random number generation method, device, equipment and storage medium
CN110717151A (en) * 2019-09-04 2020-01-21 湖南遥昇通信技术有限公司 Digital fingerprint processing and signature processing method
CN111222177A (en) * 2020-01-13 2020-06-02 湖南遥昇通信技术有限公司 Digital fingerprint processing and signature processing method
CN112039531A (en) * 2020-08-26 2020-12-04 湖南遥昇通信技术有限公司 Jielin code error correction optimization method and device

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170161478A1 (en) * 2015-08-12 2017-06-08 Kryptowire LLC Active Authentication of Users
CN109495211A (en) * 2018-09-30 2019-03-19 湖南瑞利德信息科技有限公司 A kind of channel coding and coding/decoding method
CN109711173A (en) * 2019-02-03 2019-05-03 北京大学 A kind of password file leakage detection method
CN110688092A (en) * 2019-09-04 2020-01-14 湖南遥昇通信技术有限公司 Random number generation method, device, equipment and storage medium
CN110717151A (en) * 2019-09-04 2020-01-21 湖南遥昇通信技术有限公司 Digital fingerprint processing and signature processing method
CN111222177A (en) * 2020-01-13 2020-06-02 湖南遥昇通信技术有限公司 Digital fingerprint processing and signature processing method
CN112039531A (en) * 2020-08-26 2020-12-04 湖南遥昇通信技术有限公司 Jielin code error correction optimization method and device

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
杰林码: "真正的JavaScript加密和网页资源加密系统,从原理到实现", 《CSDN》 *
杰林码: "真正的JavaScript加密和网页资源加密系统,从原理到实现", 《CSDN》, 7 April 2021 (2021-04-07), pages 1 - 10 *

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113922946A (en) * 2021-09-06 2022-01-11 湖南遥昇通信技术有限公司 Data encryption method, system, equipment and medium based on SM3
CN113922946B (en) * 2021-09-06 2024-02-13 湖南遥昇通信技术有限公司 SM 3-based data encryption method, system, equipment and medium
CN113922947A (en) * 2021-09-18 2022-01-11 湖南遥昇通信技术有限公司 Adaptive symmetric coding method and system based on weighted probability model
CN113922947B (en) * 2021-09-18 2023-11-21 湖南遥昇通信技术有限公司 Self-adaptive symmetrical coding method and system based on weighted probability model
CN113938273A (en) * 2021-09-30 2022-01-14 湖南遥昇通信技术有限公司 Symmetric encryption method and system capable of resisting vector parallel computing attack
CN113938273B (en) * 2021-09-30 2024-02-13 湖南遥昇通信技术有限公司 Symmetric encryption method and system capable of resisting quantitative parallel computing attack
CN114039718A (en) * 2021-10-18 2022-02-11 湖南遥昇通信技术有限公司 Hash coding method and system of self-adaptive weighted probability model
CN114039718B (en) * 2021-10-18 2023-12-19 湖南遥昇通信技术有限公司 Hash coding method and system of self-adaptive weighted probability model
CN113992413A (en) * 2021-10-28 2022-01-28 中国银行股份有限公司 Message encryption and decryption method and device for hybrid application
CN114189324A (en) * 2021-11-12 2022-03-15 湖南遥昇通信技术有限公司 Message security signature method, system, device and storage medium
CN114189324B (en) * 2021-11-12 2024-03-22 湖南遥昇通信技术有限公司 Message security signature method, system, equipment and storage medium

Also Published As

Publication number Publication date
CN113297591B (en) 2022-05-31

Similar Documents

Publication Publication Date Title
CN113297591B (en) Webpage resource encryption method, equipment and storage medium
JP6810348B2 (en) Cryptographic data processing method, cryptographic data processing device and cryptographic data processing program
CN110868287B (en) Authentication encryption ciphertext coding method, system, device and storage medium
CN112202754B (en) Data encryption method and device, electronic equipment and storage medium
CN112865961B (en) Symmetric encryption method, system and equipment based on weighted probability model
JP2016521875A (en) Data protection
WO2022193620A1 (en) Encoding method and apparatus for network file protection, and decoding method and apparatus for network file protection
CN103780379A (en) Password encryption method and system, and cryptographic check method and system
JP2011135464A (en) Authentication system, authentication apparatus, terminal device, authentication method and program
CN112469036A (en) Message encryption and decryption method and device, mobile terminal and storage medium
Pavithran et al. A novel cryptosystem based on DNA cryptography, hyperchaotic systems and a randomly generated Moore machine for cyber physical systems
CN112822228A (en) Browser file encryption uploading method and system based on state cryptographic algorithm
WO2018038444A1 (en) Method and device for registering and authenticating biometric code
Sun et al. [Retracted] Face Security Authentication System Based on Deep Learning and Homomorphic Encryption
CN116866029B (en) Random number encryption data transmission method, device, computer equipment and storage medium
Song et al. Iris ciphertext authentication system based on fully homomorphic encryption
Mihaljević et al. Security evaluation and design elements for a class of randomised encryptions
CN117834186A (en) Data encryption transmission method and system
CN116170131B (en) Ciphertext processing method, ciphertext processing device, storage medium and trusted execution device
CN113556381B (en) Optimization method of HTTP request, terminal and storage medium
CN114584291B (en) Key protection method, device, equipment and storage medium based on HMAC algorithm
CN114978711B (en) Dynamic key symmetric encryption data transmission method and system
CN114329415A (en) Mobile Web login password encryption method based on random image scheme
JP2015154291A (en) Eigen-device information generation apparatus, eigen-device information generation system and eigen-device information generation method
CN115103357B (en) 5G communication encryption system based on FPGA

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant