CN113469683A - Key storage method and device, electronic equipment and storage medium - Google Patents
Key storage method and device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN113469683A CN113469683A CN202110736675.2A CN202110736675A CN113469683A CN 113469683 A CN113469683 A CN 113469683A CN 202110736675 A CN202110736675 A CN 202110736675A CN 113469683 A CN113469683 A CN 113469683A
- Authority
- CN
- China
- Prior art keywords
- key
- pattern
- obfuscated
- segment
- coding
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/04—Payment circuits
- G06Q20/06—Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme
- G06Q20/065—Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme using e-cash
Abstract
The invention discloses a secret key storage method and device, electronic equipment and a storage medium, and relates to the technical field of computers. One embodiment of the method comprises: acquiring a target key, and calling at least two calculation models to calculate an obfuscated key of the target key corresponding to each calculation model, wherein the obfuscated key comprises obfuscated data, and positions of the obfuscated data in each obfuscated key are different; and for each obfuscated key, splitting the obfuscated key based on a preset splitting rule to obtain key sections, and inquiring patterns corresponding to the key sections so as to combine the patterns to generate and store the patterns corresponding to the obfuscated key. The implementation mode can solve the problems that in the prior art, the whole amount of information of the secret key is directly stored at fixed points, the risk of disclosure of the private key is improved, and the storage safety of the private key is reduced.
Description
Technical Field
The present invention relates to the field of computer technologies, and in particular, to a method and an apparatus for storing a secret key, an electronic device, and a storage medium.
Background
For the digital wallet of the blockchain, the private key is very important key information, so how to store the private key safely becomes an important issue. In the prior art, the storage mode of the private key mainly adopts file storage, hand-copy private key storage and the like. However, no matter the file storage or the hand-copy private key storage mode is adopted, the whole amount of information of the private key is directly stored at fixed points, so that the risk of private key leakage is increased, and the security of private key storage is reduced.
Disclosure of Invention
In view of this, embodiments of the present invention provide a key storage method and apparatus, an electronic device, and a storage medium, which can solve the problems in the prior art that the whole amount of information of a key is directly stored at a fixed point, the risk of private key leakage is increased, and the security of private key storage is reduced.
To achieve the above object, according to an aspect of an embodiment of the present invention, there is provided a key storage method.
The key storage method of the embodiment of the invention comprises the following steps: acquiring a target key, and calling at least two calculation models to calculate an obfuscated key of each calculation model corresponding to the target key, wherein the obfuscated key comprises obfuscated data, and positions of the obfuscated data in each obfuscated key are different; and for each obfuscated key, splitting the obfuscated key based on a preset splitting rule to obtain key sections, and inquiring patterns corresponding to the key sections so as to combine the patterns to generate and store the patterns corresponding to the obfuscated key.
In an embodiment, the splitting based on the preset splitting rule to obtain the key segment includes:
and converting the obfuscated key into a key code with a preset format, and splitting the key code based on a preset splitting rule to obtain a code segment.
In another embodiment, splitting based on a preset splitting rule to obtain a code segment includes:
determining the coding length of the pattern code corresponding to the pattern, splitting the key code based on the coding length, and obtaining a coding section with the same length as the coding length.
In yet another embodiment, the pattern comprises a pattern style and a pattern color;
the querying a pattern corresponding to each key segment includes:
dividing the coding segment into a first coding segment and a second coding segment;
inquiring the pattern corresponding to the coding segment based on the first coding segment, and inquiring the pattern color corresponding to the coding segment based on the second coding segment;
and combining the pattern patterns and the pattern colors corresponding to the coding segments to generate the patterns corresponding to the coding segments.
In yet another embodiment, dividing the encoded segment into a first encoded segment and a second encoded segment includes:
determining a middle position of the encoded segment based on the length of the encoded segment;
and determining the codes in the code segments before the middle position as a first code segment, and determining the codes in the code segments after the middle position as a second code segment.
In another embodiment, combining the patterns to generate the pattern corresponding to the obfuscated key includes:
and combining the pattern corresponding to each key segment based on the position of each key segment in the obfuscated key to generate the pattern corresponding to the obfuscated key.
In yet another embodiment, further comprising:
acquiring two stored patterns;
analyzing the acquired pattern to determine a key section corresponding to the acquired pattern, combining the key sections corresponding to the acquired patterns to generate an obfuscated key corresponding to the acquired pattern, and inquiring the position of obfuscated data included in the obfuscated key corresponding to the acquired pattern to delete the obfuscated data included in the obfuscated key corresponding to the acquired pattern;
and combining the confusion keys of the deleted confusion data to obtain the target key.
In another embodiment, the calculating the obfuscated key of the target key corresponding to each calculation model includes:
for each calculation model, calling the calculation model, determining a corresponding confusion position, inquiring key data of the target key corresponding to the confusion position, negating the key data to obtain confusion data, replacing the key data with the confusion data, and obtaining the confusion key of the target key corresponding to the calculation model.
To achieve the above object, according to another aspect of an embodiment of the present invention, there is provided a key storage device.
A key storage device of an embodiment of the present invention includes: the device comprises an acquisition unit, a calculation unit and a calculation unit, wherein the acquisition unit is used for acquiring a target key and calling at least two calculation models to calculate an obfuscated key of each calculation model corresponding to the target key, the obfuscated key comprises obfuscated data, and the position of the obfuscated data in each obfuscated key is different; and the storage unit is used for splitting each obfuscated key based on a preset splitting rule to obtain a key segment, inquiring the pattern corresponding to each key segment, combining the patterns to generate the pattern corresponding to the obfuscated key and storing the pattern.
In one embodiment, the storage unit is specifically configured to:
and converting the obfuscated key into a key code with a preset format, and splitting the key code based on a preset splitting rule to obtain a code segment.
In another embodiment, the storage unit is specifically configured to:
determining the coding length of the pattern code corresponding to the pattern, splitting the key code based on the coding length, and obtaining a coding section with the same length as the coding length.
In yet another embodiment, the pattern comprises a pattern style and a pattern color;
the storage unit is specifically configured to:
dividing the coding segment into a first coding segment and a second coding segment;
inquiring the pattern corresponding to the coding segment based on the first coding segment, and inquiring the pattern color corresponding to the coding segment based on the second coding segment;
and combining the pattern patterns and the pattern colors corresponding to the coding segments to generate the patterns corresponding to the coding segments.
In another embodiment, the storage unit is specifically configured to:
determining a middle position of the encoded segment based on the length of the encoded segment;
and determining the codes in the code segments before the middle position as a first code segment, and determining the codes in the code segments after the middle position as a second code segment.
In another embodiment, the storage unit is specifically configured to:
and combining the pattern corresponding to each key segment based on the position of each key segment in the obfuscated key to generate the pattern corresponding to the obfuscated key.
In yet another embodiment, the acquiring unit is further configured to acquire two stored patterns;
the device further comprises:
the processing unit is used for analyzing the acquired patterns to determine key sections corresponding to the acquired patterns, combining the key sections corresponding to the acquired patterns to generate confusion keys corresponding to the acquired patterns, and inquiring the positions of confusion data included in the confusion keys corresponding to the acquired patterns to delete the confusion data included in the confusion keys corresponding to the acquired patterns;
and the combination unit is used for combining the confusion keys for deleting the confusion data to obtain the target key.
In another embodiment, the obtaining unit is specifically configured to:
for each calculation model, calling the calculation model, determining a corresponding confusion position, inquiring key data of the target key corresponding to the confusion position, negating the key data to obtain confusion data, replacing the key data with the confusion data, and obtaining the confusion key of the target key corresponding to the calculation model.
To achieve the above object, according to still another aspect of an embodiment of the present invention, there is provided an electronic apparatus.
An electronic device of an embodiment of the present invention includes: one or more processors; the storage device is used for storing one or more programs, and when the one or more programs are executed by the one or more processors, the one or more processors realize the key storage method provided by the embodiment of the invention.
To achieve the above object, according to still another aspect of an embodiment of the present invention, there is provided a computer-readable medium.
A computer-readable medium of an embodiment of the present invention stores thereon a computer program, which, when executed by a processor, implements a key storage method provided by an embodiment of the present invention.
One embodiment of the above invention has the following advantages or benefits: in the embodiment of the invention, for the target key, at least two obfuscated keys corresponding to the target key can be calculated based on different calculation models, then each obfuscated key is split to obtain a key segment, and a pattern corresponding to each key segment is inquired, so that the patterns are combined to generate and store a pattern corresponding to the obfuscated key. In the embodiment of the invention, a plurality of obfuscated keys are generated for the target key to be stored, and the positions of obfuscated data in the obfuscated keys are different, so that the target key can be obtained based on any two obfuscated keys, and the target key is stored by the plurality of mixed keys, so that the direct storage of the full amount of information of the key is avoided, the risk of key leakage is reduced, and the security of key storage is improved. In addition, in the embodiment of the invention, the obfuscated key is converted into the pattern and then stored when being stored, so that the risk of key leakage is further reduced, and the security of key storage is improved.
Further effects of the above-mentioned non-conventional alternatives will be described below in connection with the embodiments.
Drawings
The drawings are included to provide a better understanding of the invention and are not to be construed as unduly limiting the invention. Wherein:
FIG. 1 is a schematic diagram of one principal flow of a method of key storage according to an embodiment of the invention;
FIG. 2 is a schematic diagram of obfuscating keys corresponding to computational models, according to an embodiment of the invention;
fig. 3 is a schematic diagram of a main flow of a method of key acquisition according to an embodiment of the present invention;
FIG. 4 is a schematic diagram of the main elements of an apparatus for key generation according to an embodiment of the present invention;
FIG. 5 is an exemplary system architecture diagram in which embodiments of the present invention may be employed;
FIG. 6 is a schematic block diagram of a computer system suitable for use in implementing embodiments of the present invention.
Detailed Description
Exemplary embodiments of the present invention are described below with reference to the accompanying drawings, in which various details of embodiments of the invention are included to assist understanding, and which are to be considered as merely exemplary. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the invention. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
It should be noted that the embodiments and features of the embodiments may be combined with each other without conflict.
Embodiments of the present invention provide a key storage system, which may be used in a scenario of key storage, for example, a scenario in which a user may store a private key of a digital wallet of a blockchain.
An embodiment of the present invention provides a key storage method, which may be executed by a key storage system, as shown in fig. 1, and the method includes:
s101: and acquiring a target key, and calling at least two calculation models to calculate the confusion key of each calculation model corresponding to the target key.
The obfuscated key comprises obfuscated data, and positions of the obfuscated data in the obfuscated keys are different.
In the embodiment of the invention, the calculation models are all used for calculating the obfuscated key, and the obfuscated key represents a key obtained after obfuscated data is mixed in a correct key. However, in the embodiment of the present invention, the confusion data in the confusion key calculated by each calculation model is located at different positions. Namely, the positions of the obfuscated data in the obfuscated data calculated by inputting the target key into different calculation models are different. In the embodiment of the invention, at least two calculation models are called, so that at least two different obfuscating keys can be calculated, namely the obfuscating key of each calculation model corresponding to the target key.
In particular, for each computational model, the manner in which the obfuscated key is computed may be implemented as: and calling the calculation model, determining the corresponding confusion position, inquiring the key data of the target key corresponding to the confusion position, negating the key data to obtain the confusion data, and replacing the key data with the confusion data to obtain the confusion key of the calculation model corresponding to the target key.
The position of the obfuscated data, i.e. the obfuscated position, in each calculation model may be preset, which means that the key data in the target key at the obfuscated position is modified to generate the obfuscated key. Therefore, after the calculation model is called, the confusion position corresponding to the calculation model can be determined, and then the key data of the confusion position corresponding to the target key can be inquired. In the embodiment of the present invention, the key data may be modified by inverting the key data to obtain obfuscated data, for example, if the key data is 0, the inverted value is 1, that is, the obfuscated data is 1. And after the obfuscated data is determined, replacing the key data with the obfuscated data to obtain an obfuscated key of the calculation model corresponding to the target key.
For example, for the case shown in FIG. 2, the calculation models include A, B, C, with each model having a corresponding confusion location as shown in FIG. 2. Where XXXX denotes the target key,? Representing obfuscated data, calling A, B, C three computational models may result in obfuscated data for each computational model for the target key as shown in FIG. 2.
S102: and for each obfuscated key, splitting the obfuscated key based on a preset splitting rule to obtain key sections, and inquiring patterns corresponding to the key sections so as to combine the patterns to generate and store the patterns corresponding to the obfuscated key.
After calculating each obfuscated key, the process of this step may be performed on each obfuscated key.
For each obfuscated key, splitting may be performed based on a preset splitting rule, that is, the obfuscated key is split into key segments, and then patterns corresponding to each key segment may be queried, and then the patterns are combined to generate and store patterns corresponding to the obfuscated key.
In the embodiment of the invention, the corresponding relation between each pattern and the pattern code can be established in advance, so that after the code segment is split, the pattern code corresponding to the code segment can be inquired, and the pattern corresponding to the code segment can be further determined. Specifically, in this step, the pattern code may be represented by data in a preset format, so that after the obfuscated key is obtained, the format of the obfuscated key may be converted into the preset format, that is, the obfuscated key is converted into the key code in the preset format, and then the key code is split based on a preset splitting rule, so as to obtain a code segment, that is, the key segment in the preset format. When the corresponding pattern is inquired, the pattern code corresponding to the code segment can be directly inquired so as to determine the corresponding pattern.
For example, the pattern code may be represented by a two-bit binary number, and in this step, the obfuscated key may be converted into a key code in a binary format, and then split.
In order to facilitate querying of the pattern corresponding to the encoding segment, in the embodiment of the present invention, the key code may be split based on the encoding length of the pattern code, that is, the encoding length of the pattern code corresponding to the pattern code is determined, and the key code is split based on the encoding length to obtain the encoding segment with the length equal to the encoding length. In this step, the length of the split encoding segment is the same as the encoding length of the pattern code, and then the pattern code that is the same as the encoding segment can be queried, and the pattern corresponding to the pattern code is determined as the pattern corresponding to the encoding segment.
In the embodiment of the invention, the pattern can comprise a pattern style and a pattern color, namely, the pattern code is divided into two parts, one part is used as the pattern style code, and the other part is used as the pattern color code, so that the corresponding relation between the pattern style code and the pattern style and the corresponding relation between the pattern color code and the pattern color are respectively established. Thus, querying the pattern corresponding to each key segment in this step may be specifically performed as: dividing the coding section into a first coding section and a second coding section; inquiring the pattern corresponding to the coding segment based on the first coding segment, and inquiring the pattern color corresponding to the coding segment based on the second coding segment; and combining the pattern patterns and the pattern colors corresponding to the coding segments to generate the patterns corresponding to the coding segments.
Since the pattern coding comprises pattern coding and pattern color coding, each coding segment can be further divided, namely, the coding segment is divided into a first coding segment and a second coding segment, the pattern is inquired by the first coding segment, and the pattern color is inquired by the second coding segment. Then, the inquired pattern and the pattern color are combined, and the pattern corresponding to the code segment can be generated. In the embodiment of the present invention, the lengths of the pattern code and the pattern color code may be set to be the same, and when dividing the code segment, the middle position of the code segment may be determined based on the length of the code segment, then the code in the code segment before the middle position is determined as the first code segment, and the code in the code segment after the middle position is determined as the second code segment.
Specifically, the embodiment of the present invention takes a four-bit binary number as an example to represent the pattern code, wherein the first two bits in the pattern code represent the pattern code, the last two bits in the pattern code represent the pattern color code, the correspondence between the pattern code and the pattern is established as shown in table 1, and the correspondence between the pattern color code and the pattern color is established as shown in table 2. Taking the encoding segment as 1001 as an example, the encoding segment may be divided into a first encoding segment 10 and a second encoding segment 01, and then look up tables 1 and 2 to determine the pattern and the pattern color corresponding to the encoding segment, and then combine the pattern and the pattern color to generate the pattern corresponding to the encoding segment.
TABLE 1
TABLE 2
| Pattern color coding | Color (CMYK) |
| 00 | Blue color |
| 01 | Red colour |
| 10 | Yellow colour |
| 11 | Black color |
In the embodiment of the invention, for one obfuscated key, after the cipher sections are split, the patterns corresponding to the cipher sections can be combined based on a splitting mode to generate the pattern corresponding to the obfuscated key. Specifically, the following may be implemented: and combining the patterns corresponding to the key sections based on the positions of the key sections in the obfuscated key to generate the patterns corresponding to the obfuscated key.
In addition, in the embodiment of the present invention, a combination manner of the patterns corresponding to each key segment may be preset, and then the pattern corresponding to the obfuscated key may be generated according to the preset combination manner. For example, in the embodiment of the present invention, a hexadecimal character with an obfuscation key having a length of 64 bits is taken as an example of the pattern encoding setting mode shown in table 1 and table 2, the obfuscation key may be split into 64 key segments having a length of 4 binary numbers, that is, 64 corresponding patterns may be determined, so that in the embodiment of the present invention, the 64 corresponding patterns may be arranged in rows and columns and in a manner of 8 × 8, and a pattern corresponding to the obfuscation key may be obtained.
In the embodiment of the invention, a plurality of obfuscated keys are generated for the target key to be stored, and the positions of obfuscated data in the obfuscated keys are different, so that the target key can be obtained based on any two obfuscated keys, and the target key is stored by the plurality of mixed keys, so that the direct storage of the full amount of information of the key is avoided, the risk of key leakage is reduced, and the security of key storage is improved. In addition, in the embodiment of the invention, the obfuscated key is converted into the pattern and then stored when being stored, so that the risk of key leakage is further reduced, and the security of key storage is improved.
It should be noted that, in the embodiment of the present invention, the target key may be stored in different positions corresponding to the patterns of the obfuscated keys, so as to avoid storing the mixed key at a fixed point, and reduce the security of key storage. In addition, in the embodiment of the invention, the pattern of the obfuscated key can be printed out and then stored, so that the printing entity is stored to improve the security of the key.
In the embodiment of the invention, as the positions of the mixed data of the obfuscated keys are different, the target key can be determined based on any two obfuscated keys. With reference to the embodiment shown in fig. 1, a method for acquiring a target key after step S102 in the embodiment of the present invention is specifically described, and as shown in fig. 3, the method includes:
s301: two stored patterns are acquired.
The stored pattern is the pattern of each obfuscated key generated in step S102. Since the target key can be determined based on any two obfuscated keys, only two stored patterns may be obtained in this step.
S302: analyzing the acquired pattern to determine a key segment corresponding to the acquired pattern, combining the key segments corresponding to the acquired patterns to generate an obfuscated key corresponding to the acquired pattern, and querying the position of obfuscated data included in the obfuscated key corresponding to the acquired pattern to delete the obfuscated data included in the obfuscated key corresponding to the acquired pattern.
After the stored patterns are acquired, the process of this step may be performed on each acquired pattern, so that the obfuscated data included in the obfuscated key corresponding to each acquired pattern is deleted.
In this step, the obtained pattern is analyzed, and the pattern composed of the obtained pattern is determined, so that the corresponding relation between the pattern and the pattern code can be inquired, and the pattern code composing the obtained pattern, that is, each key segment corresponding to the pattern can be obtained. Then, each key segment combination corresponding to the pattern obtained in this step may be combined in a manner of generating a pattern corresponding to the obfuscated key based on the pattern combination corresponding to the code segment in step S102, so as to generate an obfuscated key of the obtained pattern, where the obfuscated key is the obfuscated key corresponding to the target key. In the embodiment of the invention, after the target key generates each obfuscated key, the position information of obfuscated data in the obfuscated key can be recorded, so that after the obfuscated key corresponding to the acquired pattern is obtained in the step, the position of obfuscated data included in the obfuscated key corresponding to the acquired pattern can be inquired, and thus, the obfuscated data included in the obfuscated key corresponding to the acquired pattern can be deleted.
S303: and combining the confusion keys of the deleted confusion data to obtain a target key.
After the obfuscated data in the obfuscated keys are deleted, the remaining data of each obfuscated key are the data of the target key, and thus the target key can be obtained by combining the two obfuscated keys from which the obfuscated data are deleted.
In the embodiment of the invention, the target key is stored in a pattern corresponding to each obfuscated key, and the target key is generated based on two patterns so as to improve the security of key storage.
In order to solve the problems in the prior art, an embodiment of the present invention provides a key storage apparatus 400, as shown in fig. 4, where the apparatus 400 includes:
an obtaining unit 401, configured to obtain a target key, and invoke at least two calculation models to calculate an obfuscated key corresponding to each calculation model of the target key, where the obfuscated key includes obfuscated data, and positions of the obfuscated data in each obfuscated key are different;
a storage unit 402, configured to split each obfuscated key based on a preset splitting rule to obtain a key segment, query a pattern corresponding to each key segment, combine the patterns to generate a pattern corresponding to the obfuscated key, and store the pattern.
It should be understood that the manner of implementing the embodiment of the present invention is the same as the manner of implementing the embodiment shown in fig. 1, and the description thereof is omitted.
In an implementation manner of the embodiment of the present invention, the storage unit 402 is specifically configured to:
and converting the obfuscated key into a key code with a preset format, and splitting the key code based on a preset splitting rule to obtain a code segment.
In another implementation manner of the embodiment of the present invention, the storage unit 402 is specifically configured to:
determining the coding length of the pattern code corresponding to the pattern, splitting the key code based on the coding length, and obtaining a coding section with the same length as the coding length.
In yet another implementation of the embodiment of the present invention, the pattern includes a pattern style and a pattern color;
the storage unit 402 is specifically configured to:
dividing the coding segment into a first coding segment and a second coding segment;
inquiring the pattern corresponding to the coding segment based on the first coding segment, and inquiring the pattern color corresponding to the coding segment based on the second coding segment;
and combining the pattern patterns and the pattern colors corresponding to the coding segments to generate the patterns corresponding to the coding segments.
In another implementation manner of the embodiment of the present invention, the storage unit 402 is specifically configured to:
determining a middle position of the encoded segment based on the length of the encoded segment;
and determining the codes in the code segments before the middle position as a first code segment, and determining the codes in the code segments after the middle position as a second code segment.
In another implementation manner of the embodiment of the present invention, the storage unit 402 is specifically configured to:
and combining the pattern corresponding to each key segment based on the position of each key segment in the obfuscated key to generate the pattern corresponding to the obfuscated key.
In another implementation manner of the embodiment of the present invention, the obtaining unit 401 is further configured to obtain two stored patterns;
the apparatus 400 further comprises:
the processing unit is used for analyzing the acquired patterns to determine key sections corresponding to the acquired patterns, combining the key sections corresponding to the acquired patterns to generate confusion keys corresponding to the acquired patterns, and inquiring the positions of confusion data included in the confusion keys corresponding to the acquired patterns to delete the confusion data included in the confusion keys corresponding to the acquired patterns;
and the combination unit is used for combining the confusion keys for deleting the confusion data to obtain the target key.
In another implementation manner of the embodiment of the present invention, the obtaining unit 401 is specifically configured to:
for each calculation model, calling the calculation model, determining a corresponding confusion position, inquiring key data of the target key corresponding to the confusion position, negating the key data to obtain confusion data, replacing the key data with the confusion data, and obtaining the confusion key of the target key corresponding to the calculation model.
It should be understood that the embodiment of the present invention is implemented in the same manner as the embodiment shown in fig. 1 or fig. 3, and is not repeated herein.
In the embodiment of the invention, a plurality of obfuscated keys are generated for the target key to be stored, and the positions of obfuscated data in the obfuscated keys are different, so that the target key can be obtained based on any two obfuscated keys, and the target key is stored by the plurality of mixed keys, so that the direct storage of the full amount of information of the key is avoided, the risk of key leakage is reduced, and the security of key storage is improved. In addition, in the embodiment of the invention, the obfuscated key is converted into the pattern and then stored when being stored, so that the risk of key leakage is further reduced, and the security of key storage is improved.
According to an embodiment of the present invention, an electronic device and a readable storage medium are also provided.
The electronic device of the embodiment of the invention comprises: at least one processor; and a memory communicatively coupled to the at least one processor; wherein the memory stores instructions executable by the processor, and the instructions are executed by the at least one processor to cause the at least one processor to execute the key storage method provided by the embodiment of the invention.
Fig. 5 illustrates an exemplary system architecture 500 to which the key storage method or key storage device of an embodiment of the invention may be applied.
As shown in fig. 5, the system architecture 500 may include terminal devices 501, 502, 503, a network 504, and a server 505. The network 504 serves to provide a medium for communication links between the terminal devices 501, 502, 503 and the server 505. Network 504 may include various connection types, such as wired, wireless communication links, or fiber optic cables, to name a few.
The user may use the terminal devices 501, 502, 503 to interact with a server 505 over a network 504 to receive or send messages or the like. Various client applications may be installed on the terminal devices 501, 502, 503.
The terminal devices 501, 502, 503 may be, but are not limited to, smart phones, tablet computers, laptop portable computers, desktop computers, and the like.
The server 505 may be a server that provides various services, and the server may analyze and perform processing such as analysis on data such as a received key storage request, and feed back a processing result (for example, a storage result — just an example) to the terminal device.
It should be noted that the key storage method provided by the embodiment of the present invention is generally executed by the server 505, and accordingly, the key storage device is generally disposed in the server 505.
It should be understood that the number of terminal devices, networks, and servers in fig. 5 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation.
Referring now to FIG. 6, a block diagram of a computer system 600 suitable for use in implementing embodiments of the present invention is shown. The computer system illustrated in FIG. 6 is only one example and should not impose any limitations on the scope of use or functionality of embodiments of the invention.
As shown in fig. 6, the computer system 600 includes a Central Processing Unit (CPU)601 that can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM)602 or a program loaded from a storage section 608 into a Random Access Memory (RAM) 603. In the RAM 603, various programs and data necessary for the operation of the system 600 are also stored. The CPU 601, ROM 602, and RAM 603 are connected to each other via a bus 604. An input/output (I/O) interface 605 is also connected to bus 604.
The following components are connected to the I/O interface 605: an input portion 606 including a keyboard, a mouse, and the like; an output portion 607 including a display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage section 608 including a hard disk and the like; and a communication section 609 including a network interface card such as a LAN card, a modem, or the like. The communication section 609 performs communication processing via a network such as the internet. The driver 610 is also connected to the I/O interface 605 as needed. A removable medium 611 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 610 as necessary, so that a computer program read out therefrom is mounted in the storage section 608 as necessary.
In particular, according to the embodiments of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network through the communication section 609, and/or installed from the removable medium 611. The computer program performs the above-described functions defined in the system of the present invention when executed by the Central Processing Unit (CPU) 601.
It should be noted that the computer readable medium shown in the present invention can be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present invention, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In the present invention, however, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a unit, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units described in the embodiments of the present invention may be implemented by software or hardware. The described units may also be provided in a processor, and may be described as: a processor includes an acquisition unit and a storage unit. Where the names of these units do not in some cases constitute a limitation of the unit itself, for example, an acquisition unit may also be described as a "unit of the function of the acquisition unit".
As another aspect, the present invention also provides a computer-readable medium that may be contained in the apparatus described in the above embodiments; or may be separate and not incorporated into the device. The computer-readable medium carries one or more programs which, when executed by a device, cause the device to perform the key storage method provided by the present invention.
The above-described embodiments should not be construed as limiting the scope of the invention. Those skilled in the art will appreciate that various modifications, combinations, sub-combinations, and substitutions can occur, depending on design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (16)
1. A method of storing a key, comprising:
acquiring a target key, and calling at least two calculation models to calculate an obfuscated key of each calculation model corresponding to the target key, wherein the obfuscated key comprises obfuscated data, and positions of the obfuscated data in each obfuscated key are different;
and for each obfuscated key, splitting the obfuscated key based on a preset splitting rule to obtain key sections, and inquiring patterns corresponding to the key sections so as to combine the patterns to generate and store the patterns corresponding to the obfuscated key.
2. The method according to claim 1, wherein splitting based on a preset splitting rule to obtain a key segment includes:
and converting the obfuscated key into a key code with a preset format, and splitting the key code based on a preset splitting rule to obtain a code segment.
3. The method of claim 2, wherein splitting based on a preset splitting rule to obtain the encoded segment comprises:
determining the coding length of the pattern code corresponding to the pattern, splitting the key code based on the coding length, and obtaining a coding section with the same length as the coding length.
4. The method of claim 3, wherein the pattern comprises a pattern style and a pattern color;
the querying a pattern corresponding to each key segment includes:
dividing the coding segment into a first coding segment and a second coding segment;
inquiring the pattern corresponding to the coding segment based on the first coding segment, and inquiring the pattern color corresponding to the coding segment based on the second coding segment;
and combining the pattern patterns and the pattern colors corresponding to the coding segments to generate the patterns corresponding to the coding segments.
5. The method of claim 4, wherein dividing the coded segment into a first coded segment and a second coded segment comprises:
determining a middle position of the encoded segment based on the length of the encoded segment;
and determining the codes in the code segments before the middle position as a first code segment, and determining the codes in the code segments after the middle position as a second code segment.
6. The method of claim 1, wherein combining patterns to generate a pattern corresponding to the obfuscated key comprises:
and combining the pattern corresponding to each key segment based on the position of each key segment in the obfuscated key to generate the pattern corresponding to the obfuscated key.
7. The method of claim 1, further comprising:
acquiring two stored patterns;
analyzing the acquired pattern to determine a key section corresponding to the acquired pattern, combining the key sections corresponding to the acquired patterns to generate an obfuscated key corresponding to the acquired pattern, and inquiring the position of obfuscated data included in the obfuscated key corresponding to the acquired pattern to delete the obfuscated data included in the obfuscated key corresponding to the acquired pattern;
and combining the confusion keys of the deleted confusion data to obtain the target key.
8. The method of claim 1, wherein computing the obfuscated key for each computational model corresponding to the target key comprises:
for each calculation model, calling the calculation model, determining a corresponding confusion position, inquiring key data of the target key corresponding to the confusion position, negating the key data to obtain confusion data, replacing the key data with the confusion data, and obtaining the confusion key of the target key corresponding to the calculation model.
9. A key storage device, comprising:
the device comprises an acquisition unit, a calculation unit and a calculation unit, wherein the acquisition unit is used for acquiring a target key and calling at least two calculation models to calculate an obfuscated key of each calculation model corresponding to the target key, the obfuscated key comprises obfuscated data, and the position of the obfuscated data in each obfuscated key is different;
and the storage unit is used for splitting each obfuscated key based on a preset splitting rule to obtain a key segment, inquiring the pattern corresponding to each key segment, combining the patterns to generate the pattern corresponding to the obfuscated key and storing the pattern.
10. The apparatus according to claim 9, wherein the storage unit is specifically configured to:
and converting the obfuscated key into a key code with a preset format, and splitting the key code based on a preset splitting rule to obtain a code segment.
11. The apparatus according to claim 10, wherein the storage unit is specifically configured to:
determining the coding length of the pattern code corresponding to the pattern, splitting the key code based on the coding length, and obtaining a coding section with the same length as the coding length.
12. The apparatus of claim 11, wherein the pattern comprises a pattern style and a pattern color;
the storage unit is specifically configured to:
dividing the coding segment into a first coding segment and a second coding segment;
inquiring the pattern corresponding to the coding segment based on the first coding segment, and inquiring the pattern color corresponding to the coding segment based on the second coding segment;
and combining the pattern patterns and the pattern colors corresponding to the coding segments to generate the patterns corresponding to the coding segments.
13. The apparatus according to claim 12, wherein the storage unit is specifically configured to:
determining a middle position of the encoded segment based on the length of the encoded segment;
and determining the codes in the code segments before the middle position as a first code segment, and determining the codes in the code segments after the middle position as a second code segment.
14. The apparatus according to claim 9, wherein the storage unit is specifically configured to:
and combining the pattern corresponding to each key segment based on the position of each key segment in the obfuscated key to generate the pattern corresponding to the obfuscated key.
15. An electronic device, comprising:
one or more processors;
a storage device for storing one or more programs,
when executed by the one or more processors, cause the one or more processors to implement the method of any one of claims 1-8.
16. A computer-readable medium, on which a computer program is stored, which, when being executed by a processor, carries out the method according to any one of claims 1-8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110736675.2A CN113469683B (en) | 2021-06-30 | 2021-06-30 | Key storage method and device, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110736675.2A CN113469683B (en) | 2021-06-30 | 2021-06-30 | Key storage method and device, electronic equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113469683A true CN113469683A (en) | 2021-10-01 |
| CN113469683B CN113469683B (en) | 2022-09-27 |
Family
ID=77876461
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110736675.2A Active CN113469683B (en) | 2021-06-30 | 2021-06-30 | Key storage method and device, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113469683B (en) |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130322618A1 (en) * | 2012-06-05 | 2013-12-05 | Wikifamilies SA | System and method for securing multiple data segments having different lengths using pattern keys having multiple different strengths |
| CN104298926A (en) * | 2013-07-19 | 2015-01-21 | 腾讯科技(深圳)有限公司 | Method and device for running encrypted file |
| CN106936763A (en) * | 2015-12-29 | 2017-07-07 | 航天信息股份有限公司 | Data encryption and the method and apparatus of decryption |
| CN109635573A (en) * | 2018-11-12 | 2019-04-16 | 北京海泰方圆科技股份有限公司 | System, method, apparatus, electronic equipment and the medium of data distribution formula encryption and decryption |
| CN109902494A (en) * | 2019-01-24 | 2019-06-18 | 北京融链科技有限公司 | Data encryption storage method, device and document storage system |
| CN110177073A (en) * | 2019-04-09 | 2019-08-27 | 北京奇艺世纪科技有限公司 | Data processing method, device, system and computer readable storage medium |
| CN111428254A (en) * | 2020-03-24 | 2020-07-17 | 财付通支付科技有限公司 | Key storage method, device, equipment and storage medium |
| CN111538781A (en) * | 2020-04-13 | 2020-08-14 | 深圳创客区块链技术有限公司 | Block chain cross-chain key secure access method, device and storage medium |
| CN112182593A (en) * | 2019-07-02 | 2021-01-05 | 华控清交信息科技(北京)有限公司 | Data processing method and device and electronic equipment |
| CN112235104A (en) * | 2020-10-23 | 2021-01-15 | 苏州浪潮智能科技有限公司 | Data encryption transmission method, system, terminal and storage medium |
-
2021
- 2021-06-30 CN CN202110736675.2A patent/CN113469683B/en active Active
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130322618A1 (en) * | 2012-06-05 | 2013-12-05 | Wikifamilies SA | System and method for securing multiple data segments having different lengths using pattern keys having multiple different strengths |
| CN104298926A (en) * | 2013-07-19 | 2015-01-21 | 腾讯科技(深圳)有限公司 | Method and device for running encrypted file |
| CN106936763A (en) * | 2015-12-29 | 2017-07-07 | 航天信息股份有限公司 | Data encryption and the method and apparatus of decryption |
| CN109635573A (en) * | 2018-11-12 | 2019-04-16 | 北京海泰方圆科技股份有限公司 | System, method, apparatus, electronic equipment and the medium of data distribution formula encryption and decryption |
| CN109902494A (en) * | 2019-01-24 | 2019-06-18 | 北京融链科技有限公司 | Data encryption storage method, device and document storage system |
| CN110177073A (en) * | 2019-04-09 | 2019-08-27 | 北京奇艺世纪科技有限公司 | Data processing method, device, system and computer readable storage medium |
| CN112182593A (en) * | 2019-07-02 | 2021-01-05 | 华控清交信息科技(北京)有限公司 | Data processing method and device and electronic equipment |
| CN111428254A (en) * | 2020-03-24 | 2020-07-17 | 财付通支付科技有限公司 | Key storage method, device, equipment and storage medium |
| CN111538781A (en) * | 2020-04-13 | 2020-08-14 | 深圳创客区块链技术有限公司 | Block chain cross-chain key secure access method, device and storage medium |
| CN112235104A (en) * | 2020-10-23 | 2021-01-15 | 苏州浪潮智能科技有限公司 | Data encryption transmission method, system, terminal and storage medium |
Non-Patent Citations (1)
| Title |
|---|
| 余宇劲等: "基于多云存储的Android密钥管理技术", 《计算机应用与软件》 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113469683B (en) | 2022-09-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108269062B (en) | Electronic contract making method, device, equipment and medium based on H5 | |
| CN111191255B (en) | Information encryption processing method, server, terminal, device and storage medium | |
| CN115358911B (en) | Screen watermark generation method, device, equipment and computer readable storage medium | |
| CN111931474A (en) | Information table generation method and device, electronic equipment and computer readable medium | |
| CN112399027B (en) | Picture encryption and decryption method and device, storage medium and electronic equipment | |
| CN112231718B (en) | Data encryption processing method, device, computer equipment and storage medium | |
| CN113469683B (en) | Key storage method and device, electronic equipment and storage medium | |
| CN109582654B (en) | PDF document compression method and device, computer equipment and storage medium | |
| US11748661B2 (en) | Training method and apparatus for a distributed machine learning model and medium | |
| CN113987556B (en) | Data processing method and device, electronic equipment and storage medium | |
| AU2017100438A4 (en) | Methods and Apparatus for Encrypting Multimedia Information | |
| CN110751251A (en) | Method and device for generating and transforming two-dimensional code image matrix | |
| CN115550030A (en) | Data encryption method and device, storage medium and electronic equipment | |
| CN115757535A (en) | Data query method, data storage method and device and electronic equipment | |
| CN115426111A (en) | Data encryption method and device, electronic equipment and storage medium | |
| CN111131270B (en) | Data encryption and decryption method and device, electronic equipment and storage medium | |
| CN115086428A (en) | Network request sending method and device and electronic equipment | |
| CN112182593A (en) | Data processing method and device and electronic equipment | |
| KR20200054117A (en) | Server and method for logarithm calculation of data encrypted with homomorphic encryption technique | |
| CN117040913B (en) | Cloud resource sharing data security transmission method and system | |
| US11580676B1 (en) | Method for embedding user information in webpages and electronic device implementing method | |
| CN111625231B (en) | Software development method based on data security | |
| CN113343269B (en) | Encryption method and device | |
| CN113872753B (en) | Encryption transmission method and device based on SHA256 sequence form data | |
| CN115906128A (en) | Character string processing method, device, equipment and medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |