CN114465760B - Data encryption method and device and electronic equipment - Google Patents

Data encryption method and device and electronic equipment Download PDF

Info

Publication number
CN114465760B
CN114465760B CN202111574555.3A CN202111574555A CN114465760B CN 114465760 B CN114465760 B CN 114465760B CN 202111574555 A CN202111574555 A CN 202111574555A CN 114465760 B CN114465760 B CN 114465760B
Authority
CN
China
Prior art keywords
data
historical
encrypted
decrypted
encryption
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202111574555.3A
Other languages
Chinese (zh)
Other versions
CN114465760A (en
Inventor
曾令江
周国剑
苏飞
蒋伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tianyi Cloud Technology Co Ltd
Original Assignee
Tianyi Cloud Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tianyi Cloud Technology Co Ltd filed Critical Tianyi Cloud Technology Co Ltd
Priority to CN202111574555.3A priority Critical patent/CN114465760B/en
Publication of CN114465760A publication Critical patent/CN114465760A/en
Application granted granted Critical
Publication of CN114465760B publication Critical patent/CN114465760B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0236Filtering by address, protocol, port number or service, e.g. IP-address or URL
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to the field of computer science, in particular to a data encryption method and device and electronic equipment, wherein the method comprises the following steps: the method comprises the steps of obtaining data to be encrypted, extracting a preset number of historical original data in the historical encrypted data, encrypting the data to be encrypted based on the historical original data to determine the encrypted data, adding the data to be encrypted into the historical encrypted data to obtain updated historical encrypted data, and encrypting the new data by utilizing the historical data to realize low-cost high-randomness key generation, reduce the risk of data disclosure and greatly improve the working efficiency.

Description

Data encryption method and device and electronic equipment
Technical Field
The invention relates to the field of computer science, in particular to a data encryption method and device and electronic equipment.
Background
Replication technology is one of the main methods available today to achieve high database availability. In the existing replication technical scheme, in order to deal with data theft when replication authority is broken, a white list auditing method is mainly used, the method maintains a white list in a master library, registers the internet protocol (Internet Protocol, IP) address (information such as a port) of a legal slave library into the list, and can only modify the white list when the master library has specific authority. However, the method also has the weakness of being capable of attacking the white list auditing mechanism, such as an IP address attack method, a white list attack method and the like.
Therefore, there is a need for a method and apparatus for encrypting data, and an electronic device, so as to overcome the above-mentioned drawbacks.
Disclosure of Invention
In view of the above, the embodiments of the present invention provide a method and apparatus for encrypting data, and an electronic device, so as to solve the problem that the encryption method is not secure in the prior art.
According to a first aspect, an embodiment of the present invention provides a data encryption method, including:
acquiring data to be encrypted;
extracting a preset number of historical original data in the historical encrypted data;
and encrypting the data to be encrypted based on the historical original data to determine encrypted data, and adding the data to be encrypted into the historical encrypted data to obtain updated historical encrypted data.
According to the data encryption method provided by the embodiment of the invention, the new data is encrypted by utilizing the historical data, so that the key generation with low cost and high randomness is realized, the risk of data disclosure is reduced, and the working efficiency is greatly improved.
With reference to the first aspect, in a first implementation manner of the first aspect, the encrypting the data to be encrypted based on the historical original data to determine encrypted data includes:
obtaining a difference value between the number of the historical original data and a preset displacement threshold value;
and encrypting the data to be encrypted based on the difference value and a preset mapping relation to determine encrypted data.
With reference to the first aspect, in a second implementation manner of the first aspect, before the step of extracting a preset number of historical original data in the historical encrypted data, the method includes:
judging whether the historical encryption data exists currently or not;
and when the historical encryption data does not exist, encrypting the data to be encrypted by adopting a preset encryption mode to determine the encryption data, and taking the data to be encrypted as the historical encryption data.
In a second aspect, an embodiment of the present invention provides a data decryption method, including:
obtaining data to be decrypted;
extracting a preset number of historical original data in the historical decryption data;
and decrypting the data to be decrypted based on the historical original data to determine decrypted data, and adding the data to be decrypted into the historical decrypted data to obtain updated historical decrypted data.
With reference to the second aspect, in a first implementation manner of the second aspect, the decrypting the data to be decrypted based on the historical original data to determine decrypted data includes:
obtaining a difference value between the number of the historical original data and a preset displacement threshold value;
and decrypting the data to be decrypted based on the difference value and a preset mapping relation to determine decrypted data.
With reference to the second aspect, in a second implementation manner of the second aspect, before the step of extracting a preset number of historical original data in the historical decrypted data, the method includes:
judging whether the historical decryption data exists currently or not;
and when the historical decryption data does not exist, decrypting the data to be decrypted by adopting a preset decryption mode to determine decryption data, and taking the data to be decrypted as the historical decryption data.
According to a third aspect, an embodiment of the present invention provides a data encryption apparatus, including:
an acquisition unit configured to acquire data to be encrypted;
the first processing unit is used for extracting a preset number of historical original data in the historical encrypted data;
and the second processing unit is used for encrypting the data to be encrypted based on the historical original data to determine encrypted data, and adding the data to be encrypted into the historical encrypted data to obtain updated historical encrypted data.
According to a fourth aspect, an embodiment of the present invention provides a data decryption apparatus, including:
the acquisition unit is used for acquiring the data to be decrypted;
the first processing unit is used for extracting a preset number of historical original data in the historical decryption data;
and the second processing unit is used for decrypting the data to be decrypted based on the historical original data to determine decrypted data, and adding the data to be decrypted into the historical decrypted data to obtain updated historical decrypted data.
According to a fifth aspect, an embodiment of the present invention provides an electronic device, including: the system comprises a memory and a processor, wherein the memory and the processor are in communication connection, the memory stores computer instructions, and the processor executes the computer instructions, so as to execute the data encryption method in the first aspect or any implementation manner of the first aspect, or execute the data decryption method in the second aspect or any implementation manner of the second aspect.
According to a sixth aspect, an embodiment of the present invention provides a computer-readable storage medium storing computer instructions for causing a computer to perform the data encryption method described in the first aspect or any implementation manner of the first aspect, or to perform the data decryption method described in the second aspect or any implementation manner of the second aspect.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings that are needed in the description of the embodiments or the prior art will be briefly described, and it is obvious that the drawings in the description below are some embodiments of the present invention, and other drawings can be obtained according to the drawings without inventive effort for a person skilled in the art.
FIGS. 1A-1D are schematic diagrams of an attack replication process in the prior art;
FIG. 2 is a flow chart of a data encryption method according to an embodiment of the invention;
FIG. 3 is a flow chart of a data encryption method according to an embodiment of the invention;
FIG. 4 is a flow chart of a data encryption method according to an embodiment of the invention;
FIG. 5 is a flowchart of a data decryption method according to an embodiment of the present invention;
FIG. 6 is a flowchart of a data decryption method according to an embodiment of the present invention;
fig. 7 is a block diagram of a data encryption apparatus according to an embodiment of the present invention;
fig. 8 is a schematic diagram of a hardware structure of an electronic device according to an embodiment of the present invention.
Fig. 9 is a block diagram of a data decryption apparatus according to an embodiment of the present invention;
fig. 10 is a schematic diagram of a hardware structure of an electronic device according to an embodiment of the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made apparent and fully in view of the accompanying drawings, in which some, but not all embodiments of the invention are shown. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
In the description of the present invention, it should be noted that the directions or positional relationships indicated by the terms "center", "upper", "lower", "left", "right", "vertical", "horizontal", "inner", "outer", etc. are based on the directions or positional relationships shown in the drawings, are merely for convenience of describing the present invention and simplifying the description, and do not indicate or imply that the devices or elements referred to must have a specific orientation, be configured and operated in a specific orientation, and thus should not be construed as limiting the present invention. Furthermore, the terms "first," "second," and "third" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance.
In the description of the present invention, it should be noted that, unless explicitly specified and limited otherwise, the terms "mounted," "connected," and "connected" are to be construed broadly, and may be either fixedly connected, detachably connected, or integrally connected, for example; can be mechanically or electrically connected; the two components can be directly connected or indirectly connected through an intermediate medium, or can be communicated inside the two components, or can be connected wirelessly or in a wired way. The specific meaning of the above terms in the present invention will be understood in specific cases by those of ordinary skill in the art.
In the description of the invention, it is to be noted that the term "and/or" as used in this specification and the appended claims refers to any and all possible combinations of one or more of the associated listed items, and includes such combinations.
In addition, the technical features of the different embodiments of the present invention described below may be combined with each other as long as they do not collide with each other.
In the prior art, a white list mode is mainly adopted for safety protection, however, in the occasion application, the method for breaking the white list is not enumerated, and referring to fig. 1a,1b,1c and 1d, common attack methods aiming at the white list in fig. 4 are listed, namely a link layer eavesdropping method, a man-in-the-middle attack method, an IP address attack method and a white list attack method.
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are some embodiments of the present invention, but not all embodiments of the present invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to fall within the scope of the invention.
According to the data encryption method provided by the embodiment of the invention, the new data is encrypted by utilizing the historical data, so that the key generation with low cost and high randomness is realized, the risk of data disclosure is reduced, and the working efficiency is greatly improved.
According to an embodiment of the present invention, there is provided a data encryption method embodiment, it being noted that the steps shown in the flowcharts of the drawings may be performed in a computer system such as a set of computer executable instructions, and that although a logical order is shown in the flowcharts, in some cases the steps shown or described may be performed in an order different from that herein.
In this embodiment, a data encryption method is provided, which may be used in an electronic device, such as a computer, a server, a tablet computer, etc., fig. 2 is a flowchart of the data encryption method according to an embodiment of the present invention, and as shown in fig. 2, the flowchart includes the following steps:
s11, obtaining data to be encrypted;
specifically, in practical application, data to be encrypted needs to be obtained from a main library.
For example, assuming that there is a database a, the database a needs to set a slave database B, where the data of the database B must be guaranteed to be consistent with the data in the database a in real time, and thus the database B needs to copy the data in the database a.
S12, extracting a preset number of historical original data in the historical encrypted data;
for example, in practical applications, the master database a and the slave database B are still taken as examples, and when the information sent from the slave database a needs to be encrypted, the data sent from the slave database a to the database B can be used as the material for encrypting the data to be sent.
This step will be described in detail later in detail.
S13, encrypting the data to be encrypted based on the historical original data to determine encrypted data, and adding the data to be encrypted into the historical encrypted data to obtain updated historical encrypted data.
Specifically, the data is encrypted according to a preset rule and an encryption function.
In practical applications, for example, it is assumed that the information transmitted by the database a is a, and when the information is not encrypted, the data is a, and when the information is encrypted, the data is represented as a, and only after the information is decrypted by a specific decryption function, the data can be restored as a.
It should be noted that, in the above examples, a and a are only logical correspondence, and are not specific correspondence in practical applications, here only examples, and strict function calculation is required in practical applications.
This step will be described in detail later in detail.
According to the data encryption method provided by the embodiment of the invention, the new data is encrypted by utilizing the historical data, so that the key generation with low cost and high randomness is realized, the risk of data disclosure is reduced, and the working efficiency is greatly improved.
In this embodiment, a data encryption method is provided, which may be used in an electronic device, such as a computer, a server, a tablet computer, etc., and fig. 3 is a flowchart of the data encryption method according to an embodiment of the present invention, as shown in fig. 3, where the flowchart includes the following steps:
s21, obtaining data to be encrypted;
please refer to the embodiment S11 shown in fig. 2 in detail, which is not described herein.
S22, extracting a preset number of historical original data in the historical encrypted data;
specifically, the step S22 includes:
s221, judging whether the historical encryption data exists currently or not;
specifically, when there is history encrypted data, encryption is performed according to the encryption method shown in the present invention.
S222, when the historical encryption data does not exist, encrypting the data to be encrypted by adopting a preset encryption mode to determine encryption data, and taking the data to be encrypted as the historical encryption data.
Specifically, whether historical encrypted data exists or not is determined by means of preset displacement threshold value
Assuming that ten data to be transmitted exist, assuming that the ten data are required to be transmitted in sequence, namely 1,2,3,4,5,6,7,8,9 and 10, and assuming that the displacement threshold is 2, when the data 1 is transmitted, the historical encryption data do not exist, and the data to be encrypted are encrypted in a preset encryption mode to determine the encryption data, however, when the data 3 is adopted, the historical encryption data exist, the encryption method is used for encrypting.
S23, encrypting the data to be encrypted based on the historical original data to determine encrypted data, and adding the data to be encrypted into the historical encrypted data to obtain updated historical encrypted data.
Specifically, the step S23 includes:
s231, obtaining a difference value between the number of the historical original data and a preset displacement threshold value;
for example, assuming that there are 10 data to be transmitted, the preset displacement threshold is 3, and there are 6 data that have been transmitted currently, the difference between the number of the historical original data and the preset displacement threshold is 3.
S232, encrypting the data to be encrypted based on the difference value and a preset mapping relation to determine encrypted data.
Specifically, encryption may be performed according to the following formula:
encrypted data=f (α, β)
Wherein alpha is data to be encrypted, beta is the difference value between the number of the historical original data and a preset displacement threshold value, and f (parameters) is a mapping rule. The encryption function is determined by customizing a mapping f, wherein W is W < - > W, W is a value domain of data to be encrypted, f (parameter, k) is a substitution function on W after one parameter k is determined, a function space is k, and the mapping g, W < - > kappa, g (k) =f (, k) is a single shot is satisfied. In particular, both the cyclic addition and the bitwise exclusive or satisfy the above conditions.
As a specific application example of the present embodiment, as shown in fig. 4, the data encryption method includes:
s1, obtaining data to be encrypted.
S2, judging whether the historical encryption data exists currently or not; if yes, go to step S3, otherwise go to step S4.
S3, encrypting the data to be encrypted based on the historical original data to determine encrypted data, and adding the data to be encrypted into the historical encrypted data to obtain updated historical encrypted data.
S4, encrypting the data to be encrypted by adopting a preset encryption mode to determine encrypted data, and taking the data to be encrypted as the historical encrypted data.
Further, in this embodiment, a data decryption method is provided, which may be used in an electronic device, such as a computer, a server, a tablet computer, etc., and fig. 5 is a flowchart of the data decryption method according to an embodiment of the present invention, as shown in fig. 5, where the flowchart includes the following steps:
s51, obtaining data to be decrypted;
specifically, the encryption is logically the same, and the difference is only the inverse of the encryption process, so that the description is omitted here.
S52, extracting the original historical data with preset quantity in the decrypted historical data;
specifically, the encryption is logically the same, and the difference is only the inverse of the encryption process, so that the description is omitted here.
S53, decrypting the data to be decrypted based on the historical original data to determine decrypted data, and adding the data to be decrypted into the historical decrypted data to obtain updated historical decrypted data.
Specifically, the encryption is logically the same, and the difference is only the inverse of the encryption process, so that the description is omitted here.
As a specific application example of the present embodiment, as shown in fig. 6, the data decryption method includes:
s501, obtaining data to be decrypted.
S502, judging whether the historical decryption data exists currently; if yes, step S3 is executed, otherwise step S504 is executed.
S503, decrypting the data to be decrypted based on the historical original data to determine decrypted data, and adding the data to be decrypted into the historical decrypted data to obtain updated historical decrypted data.
S504, decrypting the data to be decrypted by adopting a preset decryption mode to determine decrypted data, and taking the data to be decrypted as the historical decrypted data.
The embodiment also provides a data encryption device, which is used for implementing the above embodiment and the preferred implementation manner, and is not described in detail. As used below, the term "module" may be a combination of software and/or hardware that implements a predetermined function. While the means described in the following embodiments are preferably implemented in software, implementation in hardware, or a combination of software and hardware, is also possible and contemplated.
The present embodiment provides a data encryption apparatus, as shown in fig. 7, including:
an acquisition unit 71 for acquiring data to be encrypted;
a first processing unit 72 for extracting a preset number of historical raw data from the historical encrypted data;
the second processing unit 73 is configured to encrypt the data to be encrypted based on the historical original data to determine encrypted data, and add the data to be encrypted to the historical encrypted data to obtain updated historical encrypted data.
The firmware refreshing means in this embodiment are presented in the form of functional units, where a unit refers to an ASIC circuit, a processor and a memory executing one or more software or fixed programs, and/or other devices that can provide the above-mentioned functions.
Further functional descriptions of the above respective modules are the same as those of the above corresponding embodiments, and are not repeated here.
The embodiment of the invention also provides electronic equipment, which is provided with the data encryption device shown in the figure 7.
Referring to fig. 8, fig. 8 is a schematic structural diagram of an electronic device according to an alternative embodiment of the present invention, as shown in fig. 8, the electronic device may include: at least one processor 81, such as a CPU (Central Processing Unit ), at least one communication interface 83, a memory 84, at least one communication bus 82. Wherein the communication bus 82 is used to enable connected communication between these components. The communication interface 83 may include a Display screen (Display) and a Keyboard (Keyboard), and the optional communication interface 83 may further include a standard wired interface and a wireless interface. The memory 84 may be a high-speed RAM memory (Random Access Memory, volatile random access memory) or a non-volatile memory (non-volatile memory), such as at least one disk memory. The memory 84 may also optionally be at least one memory device located remotely from the aforementioned processor 81. Wherein the processor 81 may be in conjunction with the apparatus described in fig. 8, the application program is stored in the memory 84, and the processor 81 invokes the program code stored in the memory 84 for performing any of the method steps described above.
The communication bus 82 may be a peripheral component interconnect standard (peripheral component interconnect, PCI) bus or an extended industry standard architecture (extended industry standard architecture, EISA) bus, among others. The communication bus 82 may be divided into an address bus, a data bus, a control bus, and the like. For ease of illustration, only one thick line is shown in fig. 8, but not only one bus or one type of bus.
Wherein the memory 84 may include volatile memory (English) such as random-access memory (RAM); the memory may also include a nonvolatile memory (english: non-volatile memory), such as a flash memory (english: flash memory), a hard disk (english: hard disk drive, abbreviated as HDD) or a solid state disk (english: solid-state drive, abbreviated as SSD); the memory 84 may also include a combination of the types of memory described above.
The processor 81 may be a central processor (English: central processing unit, abbreviated: CPU), a network processor (English: network processor, abbreviated: NP) or a combination of CPU and NP.
The processor 81 may further include a hardware chip. The hardware chip may be an application-specific integrated circuit (ASIC), a Programmable Logic Device (PLD), or a combination thereof (English: programmable logic device). The PLD may be a complex programmable logic device (English: complex programmable logic device, abbreviated: CPLD), a field programmable gate array (English: field-programmable gate array, abbreviated: FPGA), a general-purpose array logic (English: generic array logic, abbreviated: GAL), or any combination thereof.
Optionally, the memory 84 is also used for storing program instructions. The processor 81 may invoke program instructions to implement a data encryption method as shown in any of the embodiments of the present application.
The embodiment of the invention also provides a non-transitory computer storage medium, which stores computer executable instructions that can execute the data encryption method in any of the above method embodiments. Wherein the storage medium may be a magnetic Disk, an optical Disk, a Read-Only Memory (ROM), a random access Memory (Random Access Memory, RAM), a Flash Memory (Flash Memory), a Hard Disk (HDD), or a Solid State Drive (SSD); the storage medium may also comprise a combination of memories of the kind described above.
The present embodiment provides a data decryption apparatus, as shown in fig. 9, including:
an acquisition unit 91 for acquiring data to be decrypted;
a first processing unit 92 for extracting a preset number of history raw data from the history decrypted data;
and a second processing unit 93, configured to decrypt the data to be decrypted based on the historical original data to determine decrypted data, and add the data to be decrypted to the historical decrypted data to obtain updated historical decrypted data.
The firmware refreshing means in this embodiment are presented in the form of functional units, where a unit refers to an ASIC circuit, a processor and a memory executing one or more software or fixed programs, and/or other devices that can provide the above-mentioned functions.
Further functional descriptions of the above respective modules are the same as those of the above corresponding embodiments, and are not repeated here.
The embodiment of the invention also provides electronic equipment, which is provided with the data encryption device shown in the figure 9.
Referring to fig. 10, fig. 10 is a schematic structural diagram of an electronic device according to an alternative embodiment of the present invention, and as shown in fig. 10, the electronic device may include: at least one processor 101, such as a CPU (Central Processing Unit ), at least one communication interface 103, a memory 104, at least one communication bus 102. Wherein the communication bus 102 is used to enable connected communication between these components. The communication interface 103 may include a Display screen (Display) and a Keyboard (Keyboard), and the selectable communication interface 103 may further include a standard wired interface and a wireless interface. The memory 104 may be a high-speed RAM memory (Random Access Memory, volatile random access memory) or a non-volatile memory (non-volatile memory), such as at least one disk memory. The memory 104 may also optionally be at least one storage device located remotely from the aforementioned processor 101. Where the processor 101 may be as described in connection with fig. 10, the memory 104 stores an application program, and the processor 101 invokes the program code stored in the memory 104 for performing any of the method steps described above.
The communication bus 102 may be a peripheral component interconnect standard (peripheral component interconnect, PCI) bus or an extended industry standard architecture (extended industry standard architecture, EISA) bus, among others. The communication bus 102 may be classified as an address bus, a data bus, a control bus, or the like. For ease of illustration, only one thick line is shown in fig. 10, but not only one bus or one type of bus.
The memory 104 may include volatile memory (english) such as random-access memory (RAM); the memory may also include a nonvolatile memory (english: non-volatile memory), such as a flash memory (english: flash memory), a hard disk (english: hard disk drive, abbreviated as HDD) or a solid state disk (english: solid-state drive, abbreviated as SSD); the memory 104 may also include a combination of the types of memory described above.
The processor 101 may be a central processor (English: central processing unit, abbreviated: CPU), a network processor (English: network processor, abbreviated: NP) or a combination of CPU and NP.
The processor 101 may further include a hardware chip. The hardware chip may be an application-specific integrated circuit (ASIC), a Programmable Logic Device (PLD), or a combination thereof (English: programmable logic device). The PLD may be a complex programmable logic device (English: complex programmable logic device, abbreviated: CPLD), a field programmable gate array (English: field-programmable gate array, abbreviated: FPGA), a general-purpose array logic (English: generic array logic, abbreviated: GAL), or any combination thereof.
Optionally, the memory 104 is also used for storing program instructions. The processor 101 may invoke program instructions to implement a data encryption method as shown in any of the embodiments of the present application.
The embodiment of the invention also provides a non-transitory computer storage medium, which stores computer executable instructions that can execute the data encryption method in any of the above method embodiments. Wherein the storage medium may be a magnetic Disk, an optical Disk, a Read-Only Memory (ROM), a random access Memory (Random Access Memory, RAM), a Flash Memory (Flash Memory), a Hard Disk (HDD), or a Solid State Drive (SSD); the storage medium may also comprise a combination of memories of the kind described above.
Although embodiments of the present invention have been described in connection with the accompanying drawings, various modifications and variations may be made by those skilled in the art without departing from the spirit and scope of the invention, and such modifications and variations fall within the scope of the invention as defined by the appended claims.

Claims (10)

1. A data encryption method, comprising:
acquiring data to be encrypted;
extracting a preset number of historical original data in the historical encrypted data;
encrypting the data to be encrypted based on the historical original data to determine encrypted data, and adding the data to be encrypted into the historical encrypted data to obtain updated historical encrypted data;
the encrypting the data to be encrypted based on the historical original data to determine encrypted data comprises the following steps: the encryption is performed according to the following formula,
encrypted data=f (α, β)
Wherein alpha is data to be encrypted, beta is the difference value between the number of the historical original data and a preset displacement threshold value, and f (parameters ) is a mapping rule; the self-defined mapping f is that W is W- > W to determine an encryption function, W is a value domain of data to be encrypted, f (parameter, k) is a substitution function on W after a parameter k is determined, a function space is kappa, and the mapping g is that W- > kappa, g (k) =f (, k) is a single shot.
2. The method of claim 1, wherein encrypting the data to be encrypted based on the historical raw data to determine encrypted data comprises:
obtaining a difference value between the number of the historical original data and a preset displacement threshold value;
and encrypting the data to be encrypted based on the difference value and a preset mapping relation to determine encrypted data.
3. The method of claim 1, wherein the step of extracting a predetermined amount of historical raw data from the historical encrypted data is preceded by:
judging whether the historical encryption data exists currently or not;
and when the historical encryption data does not exist, encrypting the data to be encrypted by adopting a preset encryption mode to determine the encryption data, and taking the data to be encrypted as the historical encryption data.
4. A data decryption method, comprising:
obtaining data to be decrypted;
extracting a preset number of historical original data in the historical decryption data;
decrypting the data to be decrypted based on the historical original data to determine decrypted data, and adding the data to be decrypted into the historical decrypted data to obtain updated historical decrypted data;
the process of decrypting the data to be decrypted based on the historical original data to determine decrypted data is as follows: encrypting the data to be encrypted based on the historical original data to determine the inverse process of the encrypted data;
the encrypting the data to be encrypted based on the historical original data to determine encrypted data comprises the following steps: the encryption is performed according to the following formula,
encrypted data=f (α, β)
Wherein alpha is data to be encrypted, beta is the difference value between the number of the historical original data and a preset displacement threshold value, and f (parameters ) is a mapping rule; the self-defined mapping f is that W is W- > W to determine an encryption function, W is a value domain of data to be encrypted, f (parameter, k) is a substitution function on W after a parameter k is determined, a function space is kappa, and the mapping g is that W- > kappa, g (k) =f (, k) is a single shot.
5. The method of claim 4, wherein decrypting the data to be decrypted based on the historical raw data determines decrypted data, comprising:
obtaining a difference value between the number of the historical original data and a preset displacement threshold value;
and decrypting the data to be decrypted based on the difference value and a preset mapping relation to determine decrypted data.
6. The method of claim 4, wherein the step of extracting a predetermined number of historical raw data from the historical decrypted data comprises:
judging whether the historical decryption data exists currently or not;
and when the historical decryption data does not exist, decrypting the data to be decrypted by adopting a preset decryption mode to determine decryption data, and taking the data to be decrypted as the historical decryption data.
7. A data encryption apparatus, comprising:
an acquisition unit configured to acquire data to be encrypted;
the first processing unit is used for extracting a preset number of historical original data in the historical encrypted data;
the second processing unit is used for encrypting the data to be encrypted based on the historical original data to determine encrypted data, and adding the data to be encrypted into the historical encrypted data to obtain updated historical encrypted data;
wherein, the second processing unit is specifically configured to:
the encryption is performed according to the following formula,
encrypted data=f (α, β)
Wherein alpha is data to be encrypted, beta is the difference value between the number of the historical original data and a preset displacement threshold value, and f (parameters ) is a mapping rule; the self-defined mapping f is that W is W- > W to determine an encryption function, W is a value domain of data to be encrypted, f (parameter, k) is a substitution function on W after a parameter k is determined, a function space is kappa, and the mapping g is that W- > kappa, g (k) =f (, k) is a single shot.
8. A data decryption apparatus, comprising:
the acquisition unit is used for acquiring the data to be decrypted;
the first processing unit is used for extracting a preset number of historical original data in the historical decryption data;
the second processing unit is used for decrypting the data to be decrypted based on the historical original data to determine decrypted data, and adding the data to be decrypted into the historical decrypted data to obtain updated historical decrypted data;
wherein, the second processing unit is specifically configured to:
the process of decrypting the data to be decrypted based on the historical original data is completed by adopting an inverse process corresponding to the process of encrypting the data to be encrypted based on the historical original data to determine encrypted data;
the encrypting the data to be encrypted based on the historical original data to determine encrypted data comprises the following steps: the encryption is performed according to the following formula,
encrypted data=f (α, β)
Wherein alpha is data to be encrypted, beta is the difference value between the number of the historical original data and a preset displacement threshold value, and f (parameters ) is a mapping rule; the self-defined mapping f is that W is W- > W to determine an encryption function, W is a value domain of data to be encrypted, f (parameter, k) is a substitution function on W after a parameter k is determined, a function space is kappa, and the mapping g is that W- > kappa, g (k) =f (, k) is a single shot.
9. An electronic device, comprising: at least one processor; and a memory communicatively coupled to the at least one processor; wherein the memory stores instructions executable by the at least one processor to cause the at least one processor to perform the steps of the method of any of claims 1-3 or 4-6.
10. A computer readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the steps of the method according to any of claims 1-3 or 4-6.
CN202111574555.3A 2021-12-21 2021-12-21 Data encryption method and device and electronic equipment Active CN114465760B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111574555.3A CN114465760B (en) 2021-12-21 2021-12-21 Data encryption method and device and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111574555.3A CN114465760B (en) 2021-12-21 2021-12-21 Data encryption method and device and electronic equipment

Publications (2)

Publication Number Publication Date
CN114465760A CN114465760A (en) 2022-05-10
CN114465760B true CN114465760B (en) 2023-08-08

Family

ID=81405332

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111574555.3A Active CN114465760B (en) 2021-12-21 2021-12-21 Data encryption method and device and electronic equipment

Country Status (1)

Country Link
CN (1) CN114465760B (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106845253A (en) * 2016-12-27 2017-06-13 迈普通信技术股份有限公司 Historical operation recording of encrypted method and device
CN110727949A (en) * 2019-09-06 2020-01-24 上海陆家嘴国际金融资产交易市场股份有限公司 Data storage method and device, computer equipment and storage medium
CN112019541A (en) * 2020-08-27 2020-12-01 平安国际智慧城市科技股份有限公司 Data transmission method and device, computer equipment and storage medium
CN112202754A (en) * 2020-09-25 2021-01-08 中国建设银行股份有限公司 Data encryption method and device, electronic equipment and storage medium
KR20210016838A (en) * 2019-08-05 2021-02-17 삼성전자주식회사 Server and data management method
CN113162763A (en) * 2021-04-20 2021-07-23 平安消费金融有限公司 Data encryption and storage method and device, electronic equipment and storage medium
WO2021243900A1 (en) * 2020-06-04 2021-12-09 株洲中车时代电气股份有限公司 Information security protection method and apparatus
CN113794706A (en) * 2021-09-06 2021-12-14 北京百度网讯科技有限公司 Data processing method and device, electronic equipment and readable storage medium

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10951395B2 (en) * 2018-08-20 2021-03-16 Fujitsu Limited Data fetching in data exchange networks

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106845253A (en) * 2016-12-27 2017-06-13 迈普通信技术股份有限公司 Historical operation recording of encrypted method and device
KR20210016838A (en) * 2019-08-05 2021-02-17 삼성전자주식회사 Server and data management method
CN110727949A (en) * 2019-09-06 2020-01-24 上海陆家嘴国际金融资产交易市场股份有限公司 Data storage method and device, computer equipment and storage medium
WO2021243900A1 (en) * 2020-06-04 2021-12-09 株洲中车时代电气股份有限公司 Information security protection method and apparatus
CN112019541A (en) * 2020-08-27 2020-12-01 平安国际智慧城市科技股份有限公司 Data transmission method and device, computer equipment and storage medium
CN112202754A (en) * 2020-09-25 2021-01-08 中国建设银行股份有限公司 Data encryption method and device, electronic equipment and storage medium
CN113162763A (en) * 2021-04-20 2021-07-23 平安消费金融有限公司 Data encryption and storage method and device, electronic equipment and storage medium
CN113794706A (en) * 2021-09-06 2021-12-14 北京百度网讯科技有限公司 Data processing method and device, electronic equipment and readable storage medium

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
基于区块链的共享数据访问控制研究;潘启青;《中国优秀硕士学位论文全文数据库 信息科技辑》;I138-11页 *

Also Published As

Publication number Publication date
CN114465760A (en) 2022-05-10

Similar Documents

Publication Publication Date Title
EP3934295A2 (en) Key protection processing method, apparatus, device and storage medium
US9762548B2 (en) Controlling encrypted data stored on a remote storage device
EP3682364B1 (en) Cryptographic services utilizing commodity hardware
US11424933B2 (en) Method and apparatus for exchanging messages
US11190354B2 (en) Randomness verification system and method of verifying randomness
CN110019075B (en) Log encryption method and device and log decryption method and device
KR20190018612A (en) Method, system, and medium for using dynamic public key infrastructure
JP2018523360A (en) Method and system for secure SMS communication
CN113890728A (en) Key processing method, system, equipment and medium based on FPGA encryption card
CN112733180A (en) Data query method and device and electronic equipment
CN114785524A (en) Electronic seal generation method, device, equipment and medium
CN114465760B (en) Data encryption method and device and electronic equipment
CN117201120A (en) Information encryption method, device, computer equipment and storage medium
CN109426727B (en) Data encryption method, data decryption method, data encryption system and data decryption system
CN110611674B (en) Protocol interaction method, system and storage medium between different computer systems
CN114969794A (en) SoC system and data encryption method
CN112217806B (en) Data transmission encryption method, server and storage medium
CN114996671A (en) Server information processing method, device and medium
CN113489589A (en) Data encryption and decryption method and device and electronic equipment
US9734154B2 (en) Method and apparatus for storing a data file
CN113556333A (en) Computer network data secure transmission method and device
CN112468289A (en) Key generation method
US8800017B2 (en) Method and apparatus for copy protecting a digital electronic device
CN111865891A (en) Data transmission method, user side, electronic equipment and readable storage medium
US8880906B2 (en) Storing encrypted contents in digital archives

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant