CN115296852B - Data encryption and decryption methods, devices and data encryption and decryption system - Google Patents
Data encryption and decryption methods, devices and data encryption and decryption system Download PDFInfo
- Publication number
- CN115296852B CN115296852B CN202210800715.XA CN202210800715A CN115296852B CN 115296852 B CN115296852 B CN 115296852B CN 202210800715 A CN202210800715 A CN 202210800715A CN 115296852 B CN115296852 B CN 115296852B
- Authority
- CN
- China
- Prior art keywords
- target
- data
- primitive
- secret key
- preset
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S40/00—Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
- Y04S40/20—Information technology specific aspects, e.g. CAD, simulation, modelling, system security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The data encryption and decryption method, the data encryption and decryption device and the data encryption and decryption system provided by the embodiment of the invention encrypt the obtained original data according to a preset target secret key to obtain encrypted data; the target secret key is a secret key selected from a prestored target sub-secret key book, and the target sub-secret key book comprises a plurality of secret keys and associated data corresponding to each secret key; combining the encrypted data with preset target associated data to obtain target data; the target associated data is associated data corresponding to the target secret key. By adopting the method and the device, the target secret key can be randomly selected from the plurality of sets of secret keys to encrypt the data by establishing the mapping relation between the secret keys and the associated data, and then the encrypted data and the target associated data are combined to obtain the target data, so that the difficulty of violent cracking is increased, and the safety of the encrypted data is improved.
Description
Technical Field
The present invention relates to the field of data encryption processing technologies, and in particular, to a data encryption method, a data decryption method, a data encryption device, a data decryption device, and a data encryption system.
Background
In the current stage of high-speed development of internet, more and more user data are stored in electronic devices, in order to avoid data leakage, in the prior art, a random private key encryption-based manner is adopted to encrypt data, for example, single symmetric encryption, asymmetric encryption and the like, and the security of the encryption manner is not enough.
Disclosure of Invention
The embodiment of the invention provides a data encryption and decryption method, a data encryption and decryption device and a data encryption and decryption system, which can randomly select a target secret key from a plurality of sets of secret keys to encrypt data by establishing a mapping relation between the secret keys and associated data, and then combine the encrypted data and the target associated data to obtain target data, thereby increasing the difficulty of violent cracking and increasing the safety of the encrypted data.
In order to achieve the above object, an embodiment of the present invention provides a data encryption method, including:
encrypting the obtained original data according to a preset target secret key to obtain encrypted data; the target secret key is a secret key selected from a prestored target sub-secret key book, and the target sub-secret key book comprises a plurality of secret keys and associated data corresponding to each secret key;
combining the encrypted data with preset target associated data to obtain target data; the target associated data is associated data corresponding to the target secret key.
As an improvement of the above scheme, the method further comprises:
before the encrypted data and the target associated data are combined, encrypting the encrypted data according to a preset target encryption algorithm to obtain updated encrypted data;
or before encrypting the obtained original data according to a preset target secret key, encrypting the original data according to a preset target primitive;
wherein the target encryption algorithm is obtained by:
determining the target encryption algorithm according to a preset target primitive based on a preset primitive configuration file; the primitive configuration file comprises a plurality of encryption algorithms and primitives corresponding to each encryption algorithm;
the target primitive is obtained by:
and selecting a target primitive from the primitive configuration file based on a preset primitive usage rule.
As an improvement of the above scheme, the method further comprises:
and encoding the target data according to a preset encoding rule to obtain encoded target data.
As an improvement of the above scheme, the method further comprises:
and when the using time of the primitive using rule reaches a preset time threshold, generating replacement prompt information and displaying the replacement prompt information to remind a user to update the primitive using rule.
In order to achieve the above object, an embodiment of the present invention further provides a data decryption method, including:
analyzing the obtained target data to obtain encrypted data and target associated data;
selecting a target secret key from a prestored target subsecret key book according to the target associated data; the target sub-key book comprises a plurality of keys and associated data corresponding to each key;
and decrypting the encrypted data according to the target secret key to restore the original data.
In order to achieve the above object, an embodiment of the present invention further provides a data encryption device, including:
the encryption module is used for encrypting the obtained original data according to a preset target secret key to obtain encrypted data; the target secret key is a secret key selected from a prestored target sub-secret key book, and the target sub-secret key book comprises a plurality of secret keys and associated data corresponding to each secret key;
the merging data module is used for merging the encrypted data and preset target associated data to obtain target data; the target associated data is associated data corresponding to the target secret key.
In order to achieve the above object, an embodiment of the present invention further provides a data decryption device, including:
the analysis module is used for analyzing the obtained target data to obtain encrypted data and target associated data;
the key determining module is used for selecting a target key from a prestored target sub-key book according to the target associated data; the target sub-key book comprises a plurality of keys and associated data corresponding to each key;
and the decryption module is used for decrypting the encrypted data according to the target secret key and recovering the original data.
In order to achieve the above object, an embodiment of the present invention further provides a data encryption and decryption system, including:
the data transmitting side is used for encrypting the obtained original data according to a preset target secret key to obtain encrypted data; the target secret key is a secret key selected from a prestored target sub-secret key book, and the target sub-secret key book comprises a plurality of secret keys and associated data corresponding to each secret key;
the data sender is further configured to combine the encrypted data with preset target associated data to obtain target data, and send the target data to the data receiver; wherein the target associated data is associated data corresponding to the target secret key;
the data receiver is used for analyzing the target data to obtain the encrypted data and the target associated data;
the data receiver is further configured to select the target secret key from a pre-stored target subsecret key book according to the target association data;
the data receiving party is also used for decrypting the encrypted data according to the target secret key and recovering the original data.
As an improvement of the above-described scheme, the data sender, before merging the encrypted data and the target associated data, is further configured to: encrypting the encrypted data according to a preset target encryption algorithm to obtain updated encrypted data;
or the data sender is further used for encrypting the obtained original data according to a preset target primitive before encrypting the original data according to a preset target secret key;
wherein the data sender obtains a target encryption algorithm by:
determining the target encryption algorithm according to a preset target primitive based on a preset primitive configuration file; the primitive configuration file comprises a plurality of encryption algorithms and primitives corresponding to each encryption algorithm;
the target primitive is obtained by:
selecting a target primitive from the primitive configuration file based on a preset primitive usage rule;
the data receiver restores the original data by:
selecting the target primitive from a pre-stored primitive configuration file according to a preset original usage rule, and selecting an encryption algorithm corresponding to the target primitive as a target encryption algorithm;
and decrypting the encrypted data according to the target secret key and the target encryption algorithm, and recovering the original data.
As an improvement of the above-described scheme, after completing encryption of the original data, the data sender is further configured to, before sending the encrypted data to a data receiver: combining the encrypted data and the target associated data to obtain target data, and encoding the target data based on a preset encoding rule so that a data sender sends the target data to a data receiver;
the data receiver is further configured to, prior to decrypting the encrypted data: and decoding the target data based on a preset decoding rule to obtain the encrypted data and the target associated data.
Compared with the prior art, the data encryption and decryption method, device and system provided by the embodiment of the invention encrypt the original data through the target key selected from the preset target key book to obtain the encrypted data, and combine the target associated data corresponding to the target key and the encrypted data to obtain the target data, so as to complete the encryption of the data. According to the embodiment of the invention, the target secret key is randomly selected from the plurality of secret keys to encrypt the data by establishing the mapping relation between the secret keys and the associated data, and then the encrypted data and the target associated data are combined to obtain the target data, so that the difficulty of violent cracking is increased, and the safety of the encrypted data is improved.
Drawings
FIG. 1 is a flow chart of a data encryption method according to an embodiment of the present invention;
FIG. 2 is a flowchart of a data decryption method according to an embodiment of the present invention;
FIG. 3 is a block diagram illustrating a data encryption device according to an embodiment of the present invention;
fig. 4 is a block diagram of a data decryption device according to an embodiment of the present invention;
FIG. 5 is a flow chart of data encryption according to an embodiment of the present invention;
fig. 6 is a data decryption flow chart according to an embodiment of the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Referring to fig. 1, a flowchart of a data encryption method according to an embodiment of the present invention is provided. The method comprises the steps of S11 to S12:
s11, encrypting the obtained original data according to a preset target secret key to obtain encrypted data; the target secret key is a secret key selected from a prestored target sub-secret key book, and the target sub-secret key book comprises a plurality of secret keys and associated data corresponding to each secret key;
s12, combining the encrypted data with preset target associated data to obtain target data; the target associated data is associated data corresponding to the target secret key.
Specifically, a plurality of secret keys and associated data corresponding to each secret key are stored in a target sub-secret key book, in a data encryption process, first, original data needing to be encrypted are obtained, then, one secret key is selected from the target sub-secret key book to serve as a target secret key, corresponding target associated data is found according to the target secret key, then, the original data is encrypted by the target secret key to obtain encrypted data, finally, the encrypted data and the target associated data are combined to obtain target data, and a data encryption process is completed.
According to the embodiment of the invention, the target secret key is randomly selected from the plurality of secret keys to encrypt the data by establishing the mapping relation between the secret keys and the associated data, and then the encrypted data and the target associated data are combined to obtain the target data, so that the difficulty of violent cracking is increased, and the safety of the encrypted data is improved.
In one embodiment, the method further comprises:
before the encrypted data and the target associated data are combined, encrypting the encrypted data according to a preset target encryption algorithm to obtain updated encrypted data;
or before encrypting the obtained original data according to a preset target secret key, encrypting the original data according to a preset target primitive;
wherein the target encryption algorithm is obtained by:
determining the target encryption algorithm according to a preset target primitive based on a preset primitive configuration file; the primitive configuration file comprises a plurality of encryption algorithms and primitives corresponding to each encryption algorithm;
the target primitive is obtained by:
and selecting a target primitive from the primitive configuration file based on a preset primitive usage rule.
Specifically, in the embodiment of the invention, besides the mode of combining the related data after encrypting the data by using the secret key, a primitive encryption mode is additionally arranged, a plurality of encryption algorithms are preset, primitives corresponding to the encryption algorithms are generated according to each encryption algorithm, and primitive configuration files are established, wherein each encryption algorithm is configured with at least one primitive; firstly, before or after the key encryption is adopted, selecting a target primitive from a pre-stored primitive configuration file according to a preset primitive use rule, then selecting an encryption algorithm corresponding to the target primitive as a target encryption algorithm, and then encrypting the data by using the target encryption algorithm. By selecting the target primitive from among a plurality of sets of primitives, security of data encryption may be increased as compared to single primitive encryption. The primitive usage rule may be to confirm the target primitive according to the time period, or select the primitive according to the data type (i.e. establish a mapping relation between the primitive and the data type, determine the target primitive according to the type of the original data), or select the primitive according to the network environment, for example, assume that the primitive configuration file includes a first primitive, a second primitive and a third primitive, form a closed loop according to the mode of the first primitive, the second primitive, the third primitive and the first primitive, use one primitive every day, and perform primitive selection in the mode of replacement the next day.
In one embodiment, the method further comprises:
and encoding the target data according to a preset encoding rule to obtain encoded target data.
Specifically, after the encryption and merging operations are performed on the original data, a preset encoding rule, such as base64, is used to encode the target data. It should be noted that the encoding rule is not limited to the specific arrangement, and the encoding rule may be selected according to practical situations.
In one embodiment, the method further comprises:
and when the using time of the primitive using rule reaches a preset time threshold, generating replacement prompt information and displaying the replacement prompt information to remind a user to update the primitive using rule.
Specifically, the likelihood of leakage of primitive usage rules increases gradually over time, and therefore, primitive usage rules may be modified to form new usage rules. Such as by originally ordering primitives in a certain order, the primitive selection is modified to the frequency of one hour to one hour or the primitive arrangement order according to the frequency of one hour to one hour.
Further, the method further comprises the step of sending the target data to a data receiver.
Referring to fig. 2, a flowchart of a data decryption method according to an embodiment of the present invention is shown. The method comprises the steps of S13 to S15:
s13, analyzing the obtained target data to obtain encrypted data and target associated data;
s14, selecting a target secret key from a prestored target sub-secret key book according to the target associated data; the target sub-key book comprises a plurality of keys and associated data corresponding to each key;
s15, decrypting the encrypted data according to the target secret key, and recovering the original data.
Specifically, corresponding to the data encryption method, decrypting in a corresponding manner, firstly analyzing target data to obtain encrypted data and target associated data, selecting a target key from a prestored target sub-key book according to the target associated data, and decrypting the encrypted data by using the target key to restore the original data.
In one embodiment, the original data is restored specifically by:
selecting a target primitive from a pre-stored primitive configuration file according to a preset original use rule; the target primitive is a primitive selected from a pre-stored primitive configuration file according to a preset primitive usage rule, and the primitive configuration file comprises a plurality of primitives generated by different preset encryption algorithms;
and decrypting the encrypted data according to the target secret key and the target primitive to restore the original data.
In one embodiment, before parsing the obtained target data to obtain the encrypted data and the target associated data, the method further includes:
and decoding the target data based on a preset decoding rule.
Further, the target data sent by the data sender is received before the target data is parsed.
Referring to fig. 3, a schematic structural diagram of a data encryption device according to an embodiment of the present invention is provided, where the device includes:
the encryption module 11 is configured to encrypt the obtained original data according to a preset target key to obtain encrypted data; the target secret key is a secret key selected from a prestored target sub-secret key book, and the target sub-secret key book comprises a plurality of secret keys and associated data corresponding to each secret key;
a merging data module 12, configured to merge the encrypted data and preset target association data to obtain target data; the target associated data is associated data corresponding to the target secret key.
It should be noted that, the working process of the data encryption device may refer to the working process of the data encryption method in the above embodiment, and will not be described herein.
Referring to fig. 4, a schematic structural diagram of a data decryption device according to an embodiment of the present invention is provided, where the device includes:
a parsing module 13, configured to parse the obtained target data to obtain encrypted data and target associated data;
a key determining module 14, configured to select a target key from a pre-stored target sub-key book according to the target association data; the target sub-key book comprises a plurality of keys and associated data corresponding to each key;
and the decryption module 15 is used for decrypting the encrypted data according to the target key and recovering the original data.
It should be noted that, the working process of the data decryption device may refer to the working process of the data decryption method in the above embodiment, and will not be described herein.
An embodiment of the present invention provides a data encryption and decryption system, including:
the data transmitting side is used for encrypting the obtained original data according to a preset target secret key to obtain encrypted data; the target secret key is a secret key selected from a prestored target sub-secret key book, and the target sub-secret key book comprises a plurality of secret keys and associated data corresponding to each secret key;
the data sender is further configured to combine the encrypted data with preset target associated data to obtain target data, and send the target data to the data receiver; wherein the target associated data is associated data corresponding to the target secret key;
the data receiver is used for analyzing the target data to obtain the encrypted data and the target associated data;
the data receiver is further configured to select the target secret key from a pre-stored target subsecret key book according to the target association data;
the data receiving party is also used for decrypting the encrypted data according to the target secret key and recovering the original data.
Further, the target subkey is generated by the data sender, and before the data receiver decrypts the data, the target subkey is distributed to the data receiver in an offline mode (such as a U disk, a hard disk and the like). It can be appreciated that the offline mode of password distribution can avoid network transmission attacks, thereby increasing security.
It should be noted that, the target subkey is generated by the data sender, and may be generated by the following ways: generating a plurality of sets of random passwords, generating at least one piece of random associated data for each password, establishing a mapping relation between the random passwords (secret keys) and the associated data, and forming a total secret key book. When a data sender has a plurality of corresponding data receivers, splitting a total secret key according to the situation of the data receivers, generating a sub-secret key to be distributed to the corresponding data receivers, and when the data sender needs to send data, selecting a secret key from the split sub-secret key corresponding to a sending destination (target receiver) to encrypt; for public information (here, public information refers to data transmitted to all receivers), keys existing in the sub-key books of all receivers are selected. It can be understood that each data receiver can only acquire part of the key library through the differential distribution strategy of the key library, so that the data aiming at a specific receiver can be protected from being decrypted by other people, the differential processing of the common data and the private data is realized, and the global data security is ensured.
Further, the data transmission is made safer by periodically updating the master key book and the sub key books.
In one embodiment, the data sender, prior to merging the encrypted data and the target associated data, is further configured to: encrypting the encrypted data according to a preset target encryption algorithm to obtain updated encrypted data;
or the data sender is further used for encrypting the obtained original data according to a preset target encryption algorithm before encrypting the obtained original data according to a preset target secret key;
wherein the data sender obtains a target encryption algorithm by:
determining the target encryption algorithm according to a preset target primitive based on a preset primitive configuration file; the primitive configuration file comprises a plurality of encryption algorithms and primitives corresponding to each encryption algorithm;
the target primitive is obtained by:
selecting a target primitive from the primitive configuration file based on a preset primitive usage rule;
the data receiver restores the original data by:
selecting the target primitive from a pre-stored primitive configuration file according to a preset original usage rule, and selecting an encryption algorithm corresponding to the target primitive as a target encryption algorithm;
and decrypting the encrypted data according to the target secret key and the target encryption algorithm, and recovering the original data.
It should be noted that, the primitive configuration file is generated by the data sender, and before the data receiver performs data decryption, the primitive configuration file is distributed to the data receiver in an offline manner (for example, a usb disk, a hard disk, etc.). It can be understood that the offline file distribution can avoid the attack of network transmission and increase the security. In order to increase the security, the original usage rules agreed by the data sender and different data receivers are not identical, the data sender selects primitive usage rules corresponding to the data receiver before data transmission, and the data is processed by using the selected primitive usage rules.
In another embodiment, the data sender and the data receiver do not have agreed primitive usage rules, and a primitive corresponding to the target encryption algorithm may be attached to the sent data, and the data receiver parses the received data to obtain the target primitive, so as to select the target encryption algorithm for decryption from the primitive configuration file according to the target primitive.
In one embodiment, after the encryption of the original data is completed, the data sender is further configured to, before sending the encrypted data to a data receiver: combining the encrypted data and the target associated data to obtain target data, and encoding the target data based on a preset encoding rule so that a data sender sends the target data to a data receiver;
the data receiver is further configured to, prior to decrypting the encrypted data: and decoding the target data based on a preset decoding rule to obtain the encrypted data and the target associated data.
It will be appreciated that the encoding rules and decoding rules are corresponding.
It should be noted that, the specific encryption and decryption processes of the data encryption and decryption system may refer to the data encryption method and the working process of the data encryption method in the above embodiment, which are not described herein.
The processes of data encryption, transmission, reception and decryption of the data encryption and decryption system according to the embodiment of the invention can also be seen in fig. 5 to 6.
Compared with the prior art, the data encryption and decryption method, device and system provided by the embodiment of the invention encrypt the original data through the target key selected from the preset target key book to obtain the encrypted data, and combine the target associated data corresponding to the target key and the encrypted data to obtain the target data, so as to complete the encryption of the data. The embodiment of the invention can avoid violent decryption by a fixed decryption algorithm by randomly selecting a proper encryption data algorithm, can control the complexity of data decryption of various versions by adopting completely different encryption methods by randomly generating primitives of the encryption and decryption algorithm, and can better protect key information and reduce the probability of being decrypted by periodically updating a scheme of the key library by using associated data under the condition that a complete key library is not available.
While the foregoing is directed to the preferred embodiments of the present invention, it will be appreciated by those skilled in the art that changes and modifications may be made without departing from the principles of the invention, such changes and modifications are also intended to be within the scope of the invention.
Claims (7)
1. A data encryption method, comprising:
encrypting the obtained original data according to a preset target secret key to obtain encrypted data; the target secret key is a secret key selected from a prestored target sub-secret key book, and the target sub-secret key book comprises a plurality of secret keys and associated data corresponding to each secret key;
combining the encrypted data with preset target associated data to obtain target data; wherein the target associated data is associated data corresponding to the target secret key;
before the encrypted data and the target associated data are combined, encrypting the encrypted data according to a preset target encryption algorithm to obtain updated encrypted data;
or before encrypting the obtained original data according to a preset target secret key, encrypting the original data according to a preset target primitive;
wherein the target encryption algorithm is obtained by:
determining the target encryption algorithm according to a preset target primitive based on a preset primitive configuration file; the primitive configuration file comprises a plurality of encryption algorithms and at least one primitive corresponding to each encryption algorithm;
the target primitive is obtained by:
selecting a target primitive from the primitive configuration file based on a preset primitive usage rule;
and when the using time of the primitive using rule reaches a preset time threshold, generating replacement prompt information and displaying the replacement prompt information to remind a user to update the primitive using rule.
2. The data encryption method according to claim 1, characterized by further comprising:
and encoding the target data according to a preset encoding rule to obtain encoded target data.
3. A data decryption method, comprising:
analyzing the obtained target data to obtain encrypted data and target associated data;
selecting a target secret key from a prestored target subsecret key book according to the target associated data; the target sub-key book comprises a plurality of keys and associated data corresponding to each key;
decrypting the encrypted data according to the target secret key to restore the original data; the target data are data obtained by combining the encrypted data and the target associated data; the target associated data is associated data corresponding to the target secret key;
the decrypting the encrypted data according to the target secret key, recovering the original data, includes:
selecting a target primitive from a pre-stored primitive configuration file according to a preset primitive usage rule, and selecting an encryption algorithm corresponding to the target primitive as a target encryption algorithm; the primitive configuration file comprises a plurality of encryption algorithms and at least one primitive corresponding to each encryption algorithm;
decrypting the encrypted data according to the target secret key and the target encryption algorithm, and recovering the original data; the encrypted data is data obtained by encrypting the target secret key and the target encryption algorithm;
and when the using time of the primitive using rule reaches a preset time threshold, generating replacement prompt information and displaying the replacement prompt information to remind a user to update the primitive using rule.
4. A data encryption apparatus, comprising:
the encryption module is used for encrypting the obtained original data according to a preset target secret key to obtain encrypted data; the target secret key is a secret key selected from a prestored target sub-secret key book, and the target sub-secret key book comprises a plurality of secret keys and associated data corresponding to each secret key;
the merging data module is used for merging the encrypted data and preset target associated data to obtain target data; wherein the target associated data is associated data corresponding to the target secret key;
the encryption module is further configured to:
before the encrypted data and the target associated data are combined, encrypting the encrypted data according to a preset target encryption algorithm to obtain updated encrypted data;
or before encrypting the obtained original data according to a preset target secret key, encrypting the original data according to a preset target primitive;
wherein the target encryption algorithm is obtained by:
determining the target encryption algorithm according to a preset target primitive based on a preset primitive configuration file; the primitive configuration file comprises a plurality of encryption algorithms and at least one primitive corresponding to each encryption algorithm;
the target primitive is obtained by:
selecting a target primitive from the primitive configuration file based on a preset primitive usage rule;
and when the using time of the primitive using rule reaches a preset time threshold, generating replacement prompt information and displaying the replacement prompt information to remind a user to update the primitive using rule.
5. A data decryption apparatus, comprising:
the analysis module is used for analyzing the obtained target data to obtain encrypted data and target associated data; the target data are data obtained by combining the encrypted data and the target associated data;
the key determining module is used for selecting a target key from a prestored target sub-key book according to the target associated data; the target sub-key book comprises a plurality of keys and associated data corresponding to each key; the target associated data is associated data corresponding to the target secret key;
the decryption module is used for decrypting the encrypted data according to the target secret key and recovering the original data;
the decryption module is configured to decrypt the encrypted data according to the target key, and restore original data, and includes:
selecting a target primitive from a pre-stored primitive configuration file according to a preset primitive usage rule, and selecting an encryption algorithm corresponding to the target primitive as a target encryption algorithm; the primitive configuration file comprises a plurality of encryption algorithms and at least one primitive corresponding to each encryption algorithm;
decrypting the encrypted data according to the target secret key and the target encryption algorithm, and recovering the original data; the encrypted data is data obtained by encrypting the target secret key and the target encryption algorithm;
the decryption module is further configured to: and when the using time of the primitive using rule reaches a preset time threshold, generating replacement prompt information and displaying the replacement prompt information to remind a user to update the primitive using rule.
6. A data encryption and decryption system, comprising:
the data transmitting side is used for encrypting the obtained original data according to a preset target secret key to obtain encrypted data; the target secret key is a secret key selected from a prestored target sub-secret key book, and the target sub-secret key book comprises a plurality of secret keys and associated data corresponding to each secret key;
the data sender is further configured to combine the encrypted data with preset target associated data to obtain target data, and send the target data to a data receiver; wherein the target associated data is associated data corresponding to the target secret key;
the data receiver is used for analyzing the target data to obtain the encrypted data and the target associated data;
the data receiver is further configured to select the target secret key from a pre-stored target subsecret key book according to the target association data;
the data receiving party is also used for decrypting the encrypted data according to the target secret key and recovering the original data;
the data sender, prior to merging the encrypted data and the target-associated data, is further configured to: encrypting the encrypted data according to a preset target encryption algorithm to obtain updated encrypted data;
or the data sender is further used for encrypting the obtained original data according to a preset target encryption algorithm before encrypting the obtained original data according to a preset target secret key;
wherein the data sender obtains a target encryption algorithm by:
determining the target encryption algorithm according to a preset target primitive based on a preset primitive configuration file; the primitive configuration file comprises a plurality of encryption algorithms and at least one primitive corresponding to each encryption algorithm;
the target primitive is obtained by:
selecting a target primitive from the primitive configuration file based on a preset primitive usage rule;
the data receiver restores the original data by:
selecting the target primitive from a pre-stored primitive configuration file according to a preset primitive usage rule, and selecting an encryption algorithm corresponding to the target primitive as a target encryption algorithm;
decrypting the encrypted data according to the target secret key and the target encryption algorithm, and recovering the original data;
the data sender and the data receiver are further configured to: and when the using time of the primitive using rule reaches a preset time threshold, generating replacement prompt information and displaying the replacement prompt information to remind a user to update the primitive using rule.
7. The data encryption and decryption system according to claim 6, wherein the data sender, after completing encryption of the original data, before sending the encrypted data to a data receiver, is further configured to: combining the encrypted data and the target associated data to obtain target data, and encoding the target data based on a preset encoding rule so that a data sender sends the target data to a data receiver;
the data receiver is further configured to, prior to decrypting the encrypted data: and decoding the target data based on a preset decoding rule to obtain the encrypted data and the target associated data.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210800715.XA CN115296852B (en) | 2022-07-08 | 2022-07-08 | Data encryption and decryption methods, devices and data encryption and decryption system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210800715.XA CN115296852B (en) | 2022-07-08 | 2022-07-08 | Data encryption and decryption methods, devices and data encryption and decryption system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115296852A CN115296852A (en) | 2022-11-04 |
| CN115296852B true CN115296852B (en) | 2023-09-01 |
Family
ID=83822876
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210800715.XA Active CN115296852B (en) | 2022-07-08 | 2022-07-08 | Data encryption and decryption methods, devices and data encryption and decryption system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115296852B (en) |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101449511A (en) * | 2006-06-14 | 2009-06-03 | 威尔塞斯 | Methods for broadcasting and receiving a scrambled multimedia programme, network head, terminal, receiver and security processor for these methods |
| CN108449172A (en) * | 2017-01-31 | 2018-08-24 | 慧与发展有限责任合伙企业 | Input/output data is encrypted |
| CN109241760A (en) * | 2018-09-28 | 2019-01-18 | 北京北信源信息安全技术有限公司 | Data ciphering method, decryption method, encryption device and decryption device |
| CN110768787A (en) * | 2018-07-27 | 2020-02-07 | 中国移动通信集团吉林有限公司 | Data encryption and decryption method and device |
| CN111600879A (en) * | 2020-05-14 | 2020-08-28 | 杭州海康威视数字技术股份有限公司 | Data output/acquisition method and device and electronic equipment |
| CN111786777A (en) * | 2020-06-05 | 2020-10-16 | 京东数字科技控股有限公司 | Stream data encryption and decryption method, device, system and storage medium |
| EP3761556A1 (en) * | 2019-07-04 | 2021-01-06 | Basf Se | New method for pseudo-random number generation for information encryption |
| WO2021196915A1 (en) * | 2020-04-02 | 2021-10-07 | 深圳壹账通智能科技有限公司 | Encryption and decryption operation-based data transmission methods and systems, and computer device |
| CN114417387A (en) * | 2022-01-24 | 2022-04-29 | 中国电子科技集团公司第五十四研究所 | Message encryption method based on semantic connotation |
| CN114422134A (en) * | 2021-12-23 | 2022-04-29 | 山东浪潮工业互联网产业股份有限公司 | Data secure transmission method and equipment |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20200151356A1 (en) * | 2017-08-11 | 2020-05-14 | Duality Technologies, Inc. | System and method for fast and efficient searching of encrypted ciphertexts |
-
2022
- 2022-07-08 CN CN202210800715.XA patent/CN115296852B/en active Active
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101449511A (en) * | 2006-06-14 | 2009-06-03 | 威尔塞斯 | Methods for broadcasting and receiving a scrambled multimedia programme, network head, terminal, receiver and security processor for these methods |
| CN108449172A (en) * | 2017-01-31 | 2018-08-24 | 慧与发展有限责任合伙企业 | Input/output data is encrypted |
| CN110768787A (en) * | 2018-07-27 | 2020-02-07 | 中国移动通信集团吉林有限公司 | Data encryption and decryption method and device |
| CN109241760A (en) * | 2018-09-28 | 2019-01-18 | 北京北信源信息安全技术有限公司 | Data ciphering method, decryption method, encryption device and decryption device |
| EP3761556A1 (en) * | 2019-07-04 | 2021-01-06 | Basf Se | New method for pseudo-random number generation for information encryption |
| WO2021196915A1 (en) * | 2020-04-02 | 2021-10-07 | 深圳壹账通智能科技有限公司 | Encryption and decryption operation-based data transmission methods and systems, and computer device |
| CN111600879A (en) * | 2020-05-14 | 2020-08-28 | 杭州海康威视数字技术股份有限公司 | Data output/acquisition method and device and electronic equipment |
| CN111786777A (en) * | 2020-06-05 | 2020-10-16 | 京东数字科技控股有限公司 | Stream data encryption and decryption method, device, system and storage medium |
| CN114422134A (en) * | 2021-12-23 | 2022-04-29 | 山东浪潮工业互联网产业股份有限公司 | Data secure transmission method and equipment |
| CN114417387A (en) * | 2022-01-24 | 2022-04-29 | 中国电子科技集团公司第五十四研究所 | Message encryption method based on semantic connotation |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115296852A (en) | 2022-11-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10785019B2 (en) | Data transmission method and apparatus | |
| CN107086915B (en) | Data transmission method, data sending end and data receiving end | |
| US8155311B2 (en) | Method and apparatus for encrypting message for maintaining message integrity, and method and apparatus for decrypting message for maintaining message integrity | |
| EP3476078B1 (en) | Systems and methods for authenticating communications using a single message exchange and symmetric key | |
| US8433066B2 (en) | Method for generating an encryption/decryption key | |
| JP2016513825A (en) | Safety communication method and apparatus | |
| US8335314B2 (en) | Adaptive and secure modular connection | |
| CN113779619B (en) | Ceph distributed object storage system encryption and decryption method based on cryptographic algorithm | |
| US20090010433A1 (en) | Schryption method and device | |
| JP2005252384A (en) | Encrypted data storage server system, encrypted data storage method, and re-encryption method | |
| CN115051797A (en) | Distributed key escrow system with password | |
| CN113300842B (en) | Method for improving security of symmetric encryption algorithm | |
| CN111541652B (en) | System for improving security of secret information keeping and transmission | |
| US20030123672A1 (en) | Optimized enveloping via key reuse | |
| CN112702332A (en) | Chain key exchange method, client, server and system | |
| CN115296852B (en) | Data encryption and decryption methods, devices and data encryption and decryption system | |
| AU753951B2 (en) | Voice and data encryption method using a cryptographic key split combiner | |
| CN110784870A (en) | Wireless local area network secure communication method and system and authentication server | |
| JP2001285278A (en) | Encryption communication method and encryption communication system | |
| CN114978564B (en) | Data transmission method and device based on multiple encryption | |
| CN115102750B (en) | Private data processing method, system, computer terminal and readable storage medium | |
| CN112751858B (en) | Data encryption communication terminal method, device, terminal, server and storage medium | |
| Pujol et al. | A client/server implementation of an encryption system for fingerprint user authentication | |
| KR101500652B1 (en) | Apparatus and method for securely sending or receiving message | |
| KR20230064893A (en) | Federated learning method based on partial decryption key |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |