CN115238296A - HID (high intensity discharge) -based encryption and decryption method and device, computer equipment and storage medium - Google Patents
HID (high intensity discharge) -based encryption and decryption method and device, computer equipment and storage medium Download PDFInfo
- Publication number
- CN115238296A CN115238296A CN202211162102.4A CN202211162102A CN115238296A CN 115238296 A CN115238296 A CN 115238296A CN 202211162102 A CN202211162102 A CN 202211162102A CN 115238296 A CN115238296 A CN 115238296A
- Authority
- CN
- China
- Prior art keywords
- hid
- encryption
- decryption
- file
- terminal equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 43
- 238000012795 verification Methods 0.000 claims abstract description 18
- 238000004590 computer program Methods 0.000 claims description 13
- 238000001914 filtration Methods 0.000 claims description 12
- 230000006870 function Effects 0.000 claims description 11
- 230000009471 action Effects 0.000 claims description 5
- 238000005516 engineering process Methods 0.000 claims description 4
- 230000007547 defect Effects 0.000 abstract description 3
- 241000699666 Mus <mouse, genus> Species 0.000 description 44
- 230000008569 process Effects 0.000 description 11
- 238000012545 processing Methods 0.000 description 10
- 238000010586 diagram Methods 0.000 description 4
- 230000003993 interaction Effects 0.000 description 4
- 238000004891 communication Methods 0.000 description 2
- 241000699660 Mus musculus Species 0.000 description 1
- 238000012790 confirmation Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000001939 inductive effect Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
Abstract
The embodiment of the invention provides an encryption and decryption method, device, computer equipment and storage medium based on HID, wherein the method comprises the following steps: the HID is accessed to the terminal equipment and completes verification and transparent encryption and decryption initialization; the HID sends a first operation instruction to the terminal equipment; and the terminal equipment encrypts the set file according to the file information and an encryption algorithm by using the secret key on the HID. According to the method, through a transparent encryption algorithm, when the HID is connected with the terminal device, the set file or data is automatically encrypted and decrypted, the defect that the traditional system encryption operation is inconvenient is avoided, meanwhile, the user operation efficiency and the use experience are improved through a transparent encryption mode, and the data safety and the use convenience are both considered.
Description
Technical Field
The invention relates to the technical field of transparent encryption and decryption, in particular to an encryption and decryption method and device based on HID, computer equipment and a storage medium.
Background
With the rapid development of information technology and mobile internet, people have higher and higher dependence on terminal equipment in life and work, and people adopt a plurality of ways to encrypt data in order to better enhance the reliability of information and prevent some confidential data from being leaked. In the encryption and decryption process, program data processing, data layer filtering and interception and encryption and decryption operations are necessarily carried out. Although the security of the data is enhanced, a plurality of user processing steps are added in the process, so that the operation is inconvenient, and certain learning cost is required.
At present, file encryption and decryption systems on the market all aim at the whole operating system and encrypt all user files, so that the file encryption and decryption systems are not suitable for scenes in which only part of files are required to be encrypted. At present, the way of opening the encrypted and decrypted file or data is usually a password or a special program way, the former is easy to leak and forget based on the password set by the user, and the latter has no universality and is inconvenient. The HID (Human Interface Devices) transparent encryption and decryption provides a feasible method, but the HID encryption and decryption is specific to the operating system and cannot be performed for specific operations, which still causes inconvenience.
Disclosure of Invention
The embodiment of the invention provides an encryption and decryption method and device based on HID, computer equipment and a storage medium, and aims to solve the technical problem that an existing encryption and decryption mode is inconvenient to use.
In order to achieve the purpose, the technical scheme provided by the invention is as follows:
in a first aspect, the present invention provides an HID-based encryption and decryption method, which includes the following steps:
the HID is accessed to the terminal equipment, and the terminal equipment completes the access verification and the transparent encryption and decryption initialization of the HID;
the HID sends a first operation instruction to the terminal equipment, the terminal equipment responds to the first operation instruction and starts a corresponding encryption execution instruction, and the encryption execution instruction is carried out aiming at a set file;
the terminal equipment encrypts the set file according to file information and an encryption algorithm by using a secret key on the HID;
the HID sends a second operation instruction to the terminal device, the terminal device responds to the second operation instruction and starts a corresponding decryption execution instruction, and the decryption execution instruction is carried out aiming at the encrypted setting file;
and the terminal equipment decrypts the encrypted setting file according to a decryption algorithm by using the secret key on the HID.
Wherein, the encryption execution instruction is carried out aiming at the setting file and the decryption execution instruction is carried out aiming at the encrypted setting file, and the selection of the setting file comprises the following steps:
replacing a driving module in an operating system of the terminal equipment with a kernel driving module of the HID, and determining an instruction sent by the HID through a hook technology;
and installing a hook program in a file manager in an operating system of the terminal equipment, and starting encryption and decryption actions through a file HID driver and a file filtering driver when the HID event is determined to be a file function received and processed by the hook program.
The step of the terminal device decrypting the encrypted setting file according to a decryption algorithm by using the key on the HID device includes:
the transparent encryption and decryption system filters the IO request of the HID on a Minifilter layer driven by a file system;
judging whether the set file is encrypted or not according to the file information;
if so, decrypting the setting file by using a secret key in the HID;
and returning the decrypted IO data.
The step of sending an encryption operation instruction to the terminal device by the HID device, wherein the encryption operation instruction aiming at the encryption execution instruction in the setting file comprises the following steps: new creation or storage of files or data.
The step of sending, by the HID device, a decryption operation instruction to the terminal device, where the decryption operation instruction in progress for the encrypted setting file includes: opening or modifying of files.
In a second aspect, an embodiment of the present invention provides an HID-based transparent encryption and decryption apparatus, which includes the following units:
the connection unit is used for accessing the HID into the terminal equipment, and the terminal equipment completes the access verification and the transparent encryption and decryption initialization of the HID;
the encryption request unit is used for sending a first operation instruction to the terminal equipment by the HID equipment, responding the first operation instruction by the terminal equipment and starting a corresponding encryption execution instruction, wherein the encryption execution instruction is carried out aiming at the setting file;
and the encryption unit is used for encrypting the setting file by the terminal equipment according to the file information and the encryption algorithm by using the secret key on the HID.
Wherein, still include:
the decryption request unit is used for sending a second operation instruction to the terminal equipment by the HID equipment, responding the second operation instruction by the terminal equipment and starting a corresponding decryption execution instruction, wherein the decryption execution instruction is carried out aiming at the encrypted setting file;
and the decryption unit is used for the terminal equipment to decrypt the encrypted setting file according to a decryption algorithm by using the key on the HID.
Wherein the decryption unit includes:
the filtering unit is used for filtering the IO request of the HID by the transparent encryption and decryption system on a Minifilter layer driven by the file system;
the judging unit is used for judging whether the set file is encrypted or not according to the file information;
a file decryption unit for decrypting the setting file using a key in the HID;
and the data return unit is used for returning the decrypted IO data.
In a third aspect, an embodiment of the present invention provides a computer device, where the computer device includes a memory and a processor, where the memory stores a computer program, and the processor implements the HID based encryption and decryption method as described above when executing the computer program.
In a fourth aspect, an embodiment of the present invention provides a computer-readable storage medium, which stores a computer program, and when the computer program is executed by a processor, the HID based encryption and decryption method may be implemented as described above.
Compared with the prior art, the embodiment of the invention provides an encryption and decryption method, device, computer equipment and storage medium based on HID, wherein the method comprises the following steps: the HID is accessed to the terminal equipment and completes verification and transparent encryption and decryption initialization; the HID sends a first operation instruction to the terminal equipment; and the terminal equipment encrypts the set file according to the file information and an encryption algorithm by using the secret key on the HID. According to the method, through a transparent encryption algorithm, when the HID is connected with the terminal device, the set file or data is automatically encrypted and decrypted, and conventional operation processing can be performed on other files or data, so that the defect that the traditional operation for system encryption is inconvenient is avoided, meanwhile, the operation efficiency and the use experience of a user are improved through a transparent encryption mode, and the data safety and the use convenience are both considered.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a main flow chart of an HID-based encryption and decryption method according to an embodiment of the present invention.
Fig. 2 is a sub-flowchart of an HID-based encryption and decryption method according to an embodiment of the present invention.
Fig. 3 is a timing diagram of an HID-based encryption and decryption method according to an embodiment of the present invention.
Fig. 4 is a schematic diagram of an HID-based transparent encryption and decryption device according to an embodiment of the present invention.
FIG. 5 is a schematic block diagram of a computer device provided by an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It will be understood that the terms "comprises" and/or "comprising," when used in this specification and the appended claims, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
It is also to be understood that the terminology used in the description of the invention herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used in the specification of the present invention and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise.
It should be further understood that the term "and/or" as used in this specification and the appended claims refers to any and all possible combinations of one or more of the associated listed items and includes such combinations.
Referring to fig. 1 to 3, fig. 1 is a main flow chart of an HID-based encryption and decryption method according to an embodiment of the present invention, where the HID-based encryption and decryption method according to the embodiment of the present invention takes encryption and decryption between an HID device and a terminal device as an example, the method mainly includes the following steps:
step S100, the HID is accessed to the terminal equipment, and the terminal equipment completes the access verification and the transparent encryption and decryption initialization of the HID; the HID refers to human-computer interaction interface equipment such as a mouse, a keyboard and the like, and the terminal equipment comprises a computer, a tablet, wearable equipment and the like; in this embodiment, a terminal device is taken as a computer, and an HID device is taken as a mouse.
In step S100, the mouse is connected to the computer in a wired or wireless manner, and is installed to automatically perform the functions of being keyed in and initializing the driver with the operating system on the computer according to the access of the PNP device. The mouse is pre-stored with a set key, so that after the computer drives the mouse, the key in the mouse needs to be read, so as to perform encryption and decryption operations on corresponding data or files in the following process. Specifically, the computer reads the key in the mouse and verifies the key according to a transparent encryption system preinstalled at the computer end, wherein the verification refers to the initial connection between the specific mouse and the specific computer, and the initial verification and the encryption and decryption functions are required to be confirmed between the specific mouse and the specific computer. And after the verification and the transparent encryption are initialized, returning to a front-end program, and displaying mouse access information to remind a user that the mouse and the computer are in a transparent encryption state currently.
Step S200, the HID sends a first operation instruction to the terminal device, the terminal device responds to the first operation instruction and starts a corresponding encryption execution instruction, and the encryption execution instruction is carried out aiming at a set file; the first operation instruction refers to a conventional operation when the user operates the mouse, such as clicking a left button and a right button of the mouse or sliding the mouse or a mouse wheel, and the operation on the mouse has corresponding function options for different programs or files. In this embodiment, the step HID device sends an encryption operation instruction to the terminal device, where the encryption operation instruction in progress for the setting file includes: creation or storage of files or data. That is, the encryption instruction mainly performs encryption operation on file or data information. Specifically, when a user operates a mouse to drag a cursor to a set file or a software icon, authority encryption is automatically performed on the set file and the software operation, for the user, the whole process is not different, and the operation is the same as that of a common mouse, so that the non-inductive operation is realized. Meanwhile, the encryption process is not performed on all software or data files of the computer, but according to the initial setting of the user, for the software or files which are not set to be encrypted, the transparent encryption algorithm does not need to be started to encrypt the software or files during the operation of the user. It is understood that, in other embodiments, the encryption operation command may further include, but is not limited to, a command of creating, storing, or modifying a file. According to an encryption and decryption system on the terminal equipment, encryption processing can be carried out on a certain type of files or applications, and other data, file types and applications do not need to be encrypted, so that the conventional human-computer interaction can be carried out just like the connection mode of an unencrypted mouse and a computer. For example, the encryption and decryption algorithm automatically starts encryption processing for document class data and applications thereof, and does not perform encryption processing for other applications or data except for the document class. The first operation instruction is preferably that when a cursor of a mouse of a user is dragged to a corresponding file or software icon, an encryption action is automatically triggered.
And step S300, the terminal equipment encrypts the setting file according to file information and an encryption algorithm by using the secret key on the HID. The terminal equipment responds to the mouse operation instruction by using the key which is automatically acquired in the initialization verification step, executes a corresponding encryption algorithm, for example, when a user closes or saves a corresponding document, the file is automatically encrypted, for the user, the encryption process is automatically performed in a background, and the user does not need to execute a specific encryption option, so that the operation efficiency and the higher user experience are greatly improved.
Step S400, the HID sends a second operation instruction to the terminal device, the terminal device responds to the second operation instruction and starts a corresponding decryption execution instruction, and the decryption execution instruction is carried out aiming at the encrypted setting file. Similarly, the second operation instruction is also an action of automatically triggering decryption when a cursor of a mouse of a user is dragged to a corresponding icon of the file or the software, and for subsequent operations of the user, the user does not feel that the mouse is automatically decrypted before specific operations.
And S500, the terminal equipment decrypts the encrypted setting file according to a decryption algorithm by using the secret key on the HID.
The process of how the HID device selects a specific file or data encryption and decryption is as follows:
firstly, a kernel driver of the keyboard and mouse equipment is written to replace a default driver of Microsoft, and then when a mouse clicks, usb data can be analyzed through hook technology to determine an instruction sent by the hid;
then, when the user layer program is started, a hook program is installed for processes such as a desktop and a document manager, and the hook program comprises functions such as hook CreateProprocesses (), openProcesses (), createFile (), closeHandle (), writeFile (), and the like; when the mouse event is determined to be received by the hook program and the file processing function is processed (the function of the file operation), the file is determined to be opened, and the file encryption and decryption actions are completed through the file HID driver and the file filtering driver in a matching mode.
Specifically, referring to fig. 2 again, the step S500 of the terminal device performing a decryption operation on the encrypted setting file according to a decryption algorithm by using the key on the HID device includes:
s501, filtering the IO request of the HID by the transparent encryption and decryption system on a Minifilter layer driven by a file system; wherein the Minifilter of the file system driver refers to the virtual file system.
Step S502, judging whether the set file is encrypted or not according to the file information; the file information includes: a file type suffix, etc., for example, for a file of a format such as. Doc,. Xls, etc., it is determined as a set encrypted file.
Step S503, if yes, the key in the HID is used for decrypting the setting file; if not, starting the corresponding application or operation in a conventional mode.
And step S504, the decrypted IO data is returned. That is, the driver returns the decrypted data to the R3 layer application for the user to continue using.
The step of sending a decryption operation instruction to the terminal device by the HID device, where the decryption operation instruction in progress for the encrypted setting file includes: opening or modifying of files. It is understood that, in other embodiments, the encryption operation command further includes other editing commands and the like.
Referring to fig. 4, an embodiment of the invention provides an HID-based transparent encryption and decryption apparatus 100, which includes:
the connection unit 101 is used for accessing the HID into the terminal equipment, and the terminal equipment completes the access verification and the transparent encryption and decryption initialization of the HID;
the encryption request unit 102 is used for sending a first operation instruction to the terminal equipment by the HID, responding the first operation instruction by the terminal equipment and starting a corresponding encryption execution instruction, wherein the encryption execution instruction is carried out aiming at the setting file;
and the encryption unit 103 is used for the terminal equipment to perform encryption operation on the setting file according to the file information and the encryption algorithm by using the key on the HID equipment.
The decryption request unit 104 is configured to send a second operation instruction to the terminal device by the HID device, where the terminal device responds to the second operation instruction and starts a corresponding decryption execution instruction, where the decryption execution instruction is performed on the encrypted setting file;
and the decryption unit 105 is used for the terminal equipment to decrypt the encrypted setting file according to a decryption algorithm by using the key on the HID.
Wherein the decryption unit 105 comprises:
the filtering unit 1051 is used for filtering the IO request of the HID device on the Minifilter layer driven by the file system by the transparent encryption and decryption system;
a judging unit 1052 for judging whether the setting file is encrypted or not based on the file information;
a file decryption unit 1053 for decrypting the setting file using the key in the HID;
a data returning unit 1054, configured to return the decrypted IO data.
Referring to fig. 5, an embodiment of the present invention provides a computer device, which includes a memory and a processor, where the memory stores a computer program, and the processor implements the method when executing the computer program. The program instructions include:
step S100, the HID is accessed to the terminal equipment, and the terminal equipment completes the access verification and the transparent encryption and decryption initialization of the HID;
step S200, sending a first operation instruction to the terminal equipment by the HID, responding the first operation instruction by the terminal equipment and starting a corresponding encryption execution instruction, wherein the encryption execution instruction is carried out aiming at a set file;
s300, the terminal equipment encrypts the setting file according to file information and an encryption algorithm by using a secret key on the HID;
step S400, the HID sends a second operation instruction to the terminal device, the terminal device responds to the second operation instruction and starts a corresponding decryption execution instruction, and the decryption execution instruction performs the following steps for the encrypted setting file:
and S500, the terminal equipment decrypts the encrypted setting file according to a decryption algorithm by using the secret key on the HID.
The computer equipment can be a terminal or a server, wherein the terminal can be an electronic equipment with a communication function, such as a smart phone, a tablet computer, a notebook computer, a desktop computer, a personal digital assistant and a wearable device. The server may be an independent server or a server cluster composed of a plurality of servers.
The computer device 500 includes a processor 502, memory, and a network interface 505 connected by a system bus 501, where the memory may include a non-volatile storage medium 503 and an internal memory 504.
The non-volatile storage medium 503 may store an operating system 5031 and a computer program 5032. The computer programs 5032 include program instructions that, when executed, cause the processor 502 to perform an HID based encryption/decryption method.
The processor 502 is used to provide computing and control capabilities to support the operation of the overall computer device 500.
The internal memory 504 provides an environment for the operation of the computer program 5032 in the non-volatile storage medium 503, and when the computer program 5032 is executed by the processor 502, the processor 502 can be enabled to execute an HID-based encryption and decryption method.
The network interface 505 is used for network communication with other devices. Those skilled in the art will appreciate that the configuration shown in fig. 5 is a block diagram of only a portion of the configuration associated with the present application and does not constitute a limitation of the computer device 500 to which the present application may be applied, and that a particular computer device 500 may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.
Embodiments of the present invention also provide a storage medium storing a computer program comprising program instructions which, when executed by a processor, implement the above-described method. The program instructions include the steps of:
step S100, the HID is accessed to the terminal equipment, and the terminal equipment completes the access verification and the transparent encryption and decryption initialization of the HID; the HID refers to human-computer interaction interface equipment such as a mouse, a keyboard and the like, and the terminal equipment comprises a computer, a tablet, wearable equipment and the like; in this embodiment, a description will be given by taking a terminal device as a computer and an HID device as a mouse as an example.
In step S100, the mouse is connected to the computer in a wired or wireless manner, and the driver is automatically loaded and initialized by the operating system installed on the computer according to the access of the PNP device. The mouse is pre-stored with a set key, so that after the computer drives the mouse, the key in the mouse needs to be read, so as to perform encryption and decryption operations on corresponding data or files in the following process. Specifically, the computer reads the key in the mouse and verifies the key according to a transparent encryption system preinstalled at the computer end, wherein verification refers to initial connection between the specific mouse and the specific computer, and initial verification and encryption and decryption function confirmation are required between the specific mouse and the specific computer. And after the verification and the transparent encryption are initialized, returning to a front-end program, and displaying mouse access information to remind a user that the mouse and the computer are in a transparent encryption state currently.
Step S200, the HID sends a first operation instruction to the terminal device, the terminal device responds to the first operation instruction and starts a corresponding encryption execution instruction, and the encryption execution instruction is carried out aiming at a set file; the first operation instruction refers to a conventional operation when the user operates the mouse, such as clicking a left button and a right button of the mouse or sliding the mouse or a mouse wheel, and the operation on the mouse has corresponding function options for different programs or files. In this embodiment, the step HID device sends an encryption operation instruction to the terminal device, where the encryption operation instruction in progress for the setting file includes: creation or storage of files or data. That is, the encryption instruction mainly performs encryption operation on file or data information. It is understood that, in other embodiments, the encryption operation command may further include, but is not limited to, a command of creating, storing, or modifying a file. According to an encryption and decryption system on the terminal equipment, encryption processing can be carried out on a certain type of files or applications, and other data, file types and applications do not need to be encrypted, so that the conventional human-computer interaction can be carried out just like the connection mode of an unencrypted mouse and a computer. For example, the encryption and decryption algorithm automatically starts encryption processing for document class data and applications thereof, and does not perform encryption processing for other applications or data except for the document class.
And step S300, the terminal equipment encrypts the setting file according to file information and an encryption algorithm by using the secret key on the HID. The terminal equipment responds to the mouse operation instruction by using the key which is automatically acquired in the initialization verification step, executes a corresponding encryption algorithm, for example, when a user closes or saves a corresponding document, the file is automatically encrypted, for the user, the encryption process is automatically performed in a background, and the user does not need to execute a specific encryption option, so that the operation efficiency and the higher user experience are greatly improved.
Step S400, the HID sends a second operation instruction to the terminal device, the terminal device responds to the second operation instruction and starts a corresponding decryption execution instruction, and the decryption execution instruction is carried out aiming at the encrypted setting file.
And S500, the terminal equipment decrypts the encrypted setting file according to a decryption algorithm by using the secret key on the HID.
Specifically, referring to fig. 2 again, the step S500 of the terminal device performing a decryption operation on the encrypted setting file according to a decryption algorithm by using the key on the HID device includes:
s501, filtering the IO request of the HID by the transparent encryption and decryption system on a Minifilter layer driven by a file system; wherein the Minifilter of the file system driver refers to the virtual file system.
Step S502, judging whether the set file is encrypted or not according to the file information; the file information includes: a file type suffix, etc., for example, for a format file such as. Doc,. Xls, etc., it is determined as a set encrypted file.
Step S503, if yes, the key in the HID is used for decrypting the setting file; if not, starting the corresponding application or operation in a conventional manner.
And step S504, the decrypted IO data is returned. That is, the driver returns the decrypted data to the R3 layer application for the user to continue using.
The step of sending a decryption operation instruction to the terminal device by the HID device, where the decryption operation instruction in progress for the encrypted setting file includes: opening or modifying of files. It is understood that, in other embodiments, the encryption operation command further includes other editing commands and the like.
The storage medium may be a usb disk, a removable hard disk, a Read-Only Memory (ROM), a magnetic disk, or an optical disk, which can store various computer readable storage media of program codes.
Compared with the prior art, the embodiment of the invention provides an HID-based encryption and decryption method, device, computer equipment and storage medium, which automatically encrypt and decrypt the set file or data when the HID is connected with the terminal equipment through a transparent encryption algorithm, so that the defect of inconvenient operation of traditional system encryption is avoided, the encryption algorithm is to only transparently encrypt the set file or software according to initial setting, other files or software normally start all operation permissions through the HID, the set file or software can be operated only after being connected with the HID such as a specific mouse, the operation efficiency and the use experience of a user are improved through the transparent encryption mode, the encryption and decryption process is not sensitive, and the data safety and the use convenience are considered.
The above-mentioned embodiments are merely preferred examples of the present invention, and not intended to limit the present invention, and those skilled in the art can easily make various changes and modifications according to the main concept and spirit of the present invention, so that the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (9)
1. An HID-based encryption and decryption method is characterized by comprising the following steps:
the HID is accessed to the terminal equipment, and the terminal equipment completes the access verification and the transparent encryption and decryption initialization of the HID;
the HID sends a first operation instruction to the terminal equipment, the terminal equipment responds to the first operation instruction and starts a corresponding encryption execution instruction, and the encryption execution instruction is carried out aiming at a set file;
the terminal equipment encrypts the set file according to file information and an encryption algorithm by using the secret key on the HID equipment;
the HID sends a second operation instruction to the terminal equipment, the terminal equipment responds to the second operation instruction and starts a corresponding decryption execution instruction, and the decryption execution instruction is carried out aiming at the encrypted setting file;
and the terminal equipment decrypts the encrypted setting file according to a decryption algorithm by using the key on the HID.
2. The HID based encryption and decryption method according to claim 1, wherein the encryption execution instruction is executed for a setting file and the decryption execution instruction is executed for an encrypted setting file, and the selection of the setting file comprises the steps of:
replacing a driver module in an operating system of the terminal equipment with a kernel driver module of the HID equipment, and determining an instruction sent by the HID equipment through a hook technology;
and installing a hook program in a file manager in an operating system of the terminal equipment, and starting encryption and decryption actions through a file HID driver and a file filtering driver when the HID event is determined to be a file function received and processed by the hook program.
3. The HID-based encryption and decryption method according to claim 1, wherein the step of the terminal device decrypting the encrypted profile according to a decryption algorithm by using a key on the HID device comprises:
the transparent encryption and decryption system filters the IO request of the HID on a Minifilter layer driven by a file system;
judging whether the set file is encrypted or not according to the file information;
if so, decrypting the setting file by using a key in the HID;
and returning the decrypted IO data.
4. The HID-based encryption and decryption method according to claim 1, wherein the HID device sends a first operation instruction to the terminal device, the terminal device responds to the first operation instruction and starts a corresponding encryption execution instruction, the encryption execution instruction is in progress for a setting file, and the encryption execution instruction includes: creation or storage of files or data.
5. The HID-based encryption and decryption method according to claim 1, wherein the HID device sends a second operation instruction to the terminal device, the terminal device responds to the second operation instruction and starts a corresponding decryption execution instruction, the decryption execution instruction is in progress for the encrypted setting file, and the decryption execution instruction includes: opening or modifying of files.
6. An HID-based transparent encryption and decryption device is characterized by comprising the following units:
the connection unit is used for accessing the HID into the terminal equipment, and the terminal equipment completes the access verification of the HID and the initialization of transparent encryption and decryption;
the encryption request unit is used for sending a first operation instruction to the terminal equipment by the HID equipment, responding the first operation instruction by the terminal equipment and starting a corresponding encryption execution instruction, wherein the encryption execution instruction is carried out aiming at the setting file;
the encryption unit is used for encrypting the setting file by the terminal equipment according to file information and an encryption algorithm by using a secret key on the HID equipment;
the decryption request unit is used for sending a second operation instruction to the terminal equipment by the HID equipment, the terminal equipment responds to the second operation instruction and starts a corresponding decryption execution instruction, and the decryption execution instruction is carried out aiming at the encrypted setting file;
and the decryption unit is used for the terminal equipment to decrypt the encrypted setting file according to a decryption algorithm by using the key on the HID.
7. The HID based transparent encryption and decryption device according to claim 6, wherein the decryption unit includes:
the filtering unit is used for filtering the IO request of the HID by the transparent encryption and decryption system on a Minifilter layer driven by the file system;
the judging unit is used for judging whether the set file is encrypted or not according to the file information;
the file decryption unit is used for decrypting the setting file by using the key in the HID;
and the data return unit is used for returning the decrypted IO data.
8. A computer device comprising a memory having a computer program stored thereon and a processor that, when executed, implements the HID based encryption/decryption method of any of claims 1-5.
9. A computer-readable storage medium, characterized in that the storage medium stores a computer program which, when executed by a processor, implements the HID based encryption/decryption method of any of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211162102.4A CN115238296A (en) | 2022-09-23 | 2022-09-23 | HID (high intensity discharge) -based encryption and decryption method and device, computer equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211162102.4A CN115238296A (en) | 2022-09-23 | 2022-09-23 | HID (high intensity discharge) -based encryption and decryption method and device, computer equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115238296A true CN115238296A (en) | 2022-10-25 |
Family
ID=83667122
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211162102.4A Pending CN115238296A (en) | 2022-09-23 | 2022-09-23 | HID (high intensity discharge) -based encryption and decryption method and device, computer equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115238296A (en) |
Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102053925A (en) * | 2009-11-04 | 2011-05-11 | 许燕 | Realization method of data encryption in hard disk |
| CN103617399A (en) * | 2013-11-06 | 2014-03-05 | 北京深思数盾科技有限公司 | Data file protecting method and device |
| JP2014078770A (en) * | 2012-10-06 | 2014-05-01 | Mitsubishi Electric Corp | Encryption device with access right, cryptographic system with access right, encryption method with access right and encryption program with access right |
| CN104091106A (en) * | 2014-07-11 | 2014-10-08 | 北京释码大华科技有限公司 | Mouse and method supporting iris encryption |
| CN104200176A (en) * | 2014-08-28 | 2014-12-10 | 电子科技大学 | System and method for carrying out transparent encryption and decryption on file in intelligent mobile terminal |
| US20180034804A1 (en) * | 2016-08-01 | 2018-02-01 | Timothy Wayne Steiner | Portable Authentication and Encryption Device and System |
| CN111241556A (en) * | 2019-12-31 | 2020-06-05 | 重庆特斯联智慧科技股份有限公司 | Data security storage method and device, storage medium and terminal |
| CN112035885A (en) * | 2020-08-26 | 2020-12-04 | 山谷网安科技股份有限公司 | Transparent encryption and decryption file driving method based on minifilter and usbkey |
| CN112329036A (en) * | 2020-11-03 | 2021-02-05 | 平安信托有限责任公司 | File security processing method, device, equipment and storage medium |
| CN113536369A (en) * | 2021-06-29 | 2021-10-22 | 上海浩霖汇信息科技有限公司 | Electronic file real-time transparent storage encryption and decryption method and system and related products |
| CN113835769A (en) * | 2021-11-29 | 2021-12-24 | 深圳雷柏科技股份有限公司 | Method, device and related assembly for cross-computer control and file sharing of HID (human interface device) |
-
2022
- 2022-09-23 CN CN202211162102.4A patent/CN115238296A/en active Pending
Patent Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102053925A (en) * | 2009-11-04 | 2011-05-11 | 许燕 | Realization method of data encryption in hard disk |
| JP2014078770A (en) * | 2012-10-06 | 2014-05-01 | Mitsubishi Electric Corp | Encryption device with access right, cryptographic system with access right, encryption method with access right and encryption program with access right |
| CN103617399A (en) * | 2013-11-06 | 2014-03-05 | 北京深思数盾科技有限公司 | Data file protecting method and device |
| CN104091106A (en) * | 2014-07-11 | 2014-10-08 | 北京释码大华科技有限公司 | Mouse and method supporting iris encryption |
| CN104200176A (en) * | 2014-08-28 | 2014-12-10 | 电子科技大学 | System and method for carrying out transparent encryption and decryption on file in intelligent mobile terminal |
| US20180034804A1 (en) * | 2016-08-01 | 2018-02-01 | Timothy Wayne Steiner | Portable Authentication and Encryption Device and System |
| CN111241556A (en) * | 2019-12-31 | 2020-06-05 | 重庆特斯联智慧科技股份有限公司 | Data security storage method and device, storage medium and terminal |
| CN112035885A (en) * | 2020-08-26 | 2020-12-04 | 山谷网安科技股份有限公司 | Transparent encryption and decryption file driving method based on minifilter and usbkey |
| CN112329036A (en) * | 2020-11-03 | 2021-02-05 | 平安信托有限责任公司 | File security processing method, device, equipment and storage medium |
| CN113536369A (en) * | 2021-06-29 | 2021-10-22 | 上海浩霖汇信息科技有限公司 | Electronic file real-time transparent storage encryption and decryption method and system and related products |
| CN113835769A (en) * | 2021-11-29 | 2021-12-24 | 深圳雷柏科技股份有限公司 | Method, device and related assembly for cross-computer control and file sharing of HID (human interface device) |
Non-Patent Citations (1)
| Title |
|---|
| 张坤等: "基于SMM的密钥传输方案的设计与实现", 《山东大学学报(理学版)》 * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9015848B2 (en) | Method for virtualizing a personal working environment and device for the same | |
| CN112513857A (en) | Personalized cryptographic security access control in a trusted execution environment | |
| US7962755B2 (en) | System and method for biometrically secured, transparent encryption and decryption | |
| US7447895B2 (en) | BIOS locking device, computer system with a BIOS locking device and control method thereof | |
| WO2016192165A1 (en) | Data encryption method and apparatus | |
| US9378344B2 (en) | Method and apparatus for protecting information based on data card | |
| EA012863B1 (en) | Computer session management device and system | |
| EP2179536A2 (en) | Virtual token for transparently self-installing security environment | |
| US8607071B2 (en) | Preventing replay attacks in encrypted file systems | |
| US11625480B2 (en) | Mobile device with secure private memory | |
| US20150319147A1 (en) | System and method for file encrypting and decrypting | |
| US11735319B2 (en) | Method and system for processing medical data | |
| CN109155733B (en) | Information processing apparatus and information processing system | |
| CN101398764A (en) | Portable usb device that boots a computer as a server with security measure | |
| JP2001202484A (en) | Security management system and its program storage medium | |
| US20110055589A1 (en) | Information certification system | |
| JP4767619B2 (en) | External storage device and SBC control method | |
| US20100174902A1 (en) | Portable storage media with high security function | |
| CN113127844A (en) | Variable access method, device, system, equipment and medium | |
| CN115544586B (en) | Secure storage method for user data, electronic device and storage medium | |
| WO2003102795A1 (en) | Network multi-access method and electronic device having biological information authentication function for network multi-access | |
| WO2023046104A1 (en) | Object moving method and device | |
| CN115238296A (en) | HID (high intensity discharge) -based encryption and decryption method and device, computer equipment and storage medium | |
| CN108696355B (en) | Method and system for preventing head portrait of user from being embezzled | |
| CN106326712B (en) | Picture processing method and mobile terminal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20221025 |
|
| RJ01 | Rejection of invention patent application after publication |