CN115550058B

CN115550058B - Shared file transparent encryption method and system

Info

Publication number: CN115550058B
Application number: CN202211454377.5A
Authority: CN
Inventors: 杨旻
Original assignee: Aspire Technologies Shenzhen Ltd
Current assignee: Aspire Technologies Shenzhen Ltd
Priority date: 2022-11-21
Filing date: 2022-11-21
Publication date: 2023-03-10
Anticipated expiration: 2042-11-21
Also published as: CN115550058A

Abstract

The invention discloses a shared file transparent encryption method and a system, wherein on the basis of file sharing, an encryption and decryption KEY is designed with safety, so that the transmission of a symmetric KEY on a network is avoided, the symmetric encryption and decryption and the asymmetric encryption and decryption of the encryption and decryption KEY are both executed by a private KEY in a local hardware user USB-KEY, the user USB-KEY is plugged and used, and the decryption cannot be carried out if the user USB-KEY is dialed, so that the hidden danger of the transmission of the symmetric KEY on the network is avoided, and the problem of cross-terminal transparent access is also solved.

Description

Shared file transparent encryption method and system

Technical Field

The invention belongs to the technical field of mobile internet identity authentication in the computer information technology management industry, and particularly relates to a shared file transparent encryption method and system.

Background

Definition of terms:

hook procedure: the operating system API HOOK program.

Operating the system: operating system for Windows, linux and UNIX

User USB-KEY: the medium is a hardware U shield and can be inserted into a USB port, a user can generate a public/private KEY pair and a certificate for the USB-KEY in advance on the side of the certificate management platform before using the USB-KEY, and the public/private KEY pair and the certificate are finally implanted into the USB-KEY.

The user public key: the public KEY in the certificate in the USB-KEY, API HOOK HOOK program may be obtained using the USB-KEY interface.

The private key of the user: the private KEY in the USB-KEY, API HOOK HOOK program can be obtained by using the USB-KEY interface.

User certificate: the certificate in the USB-KEY and the API HOOK HOOK program can be obtained by using the USB-KEY interface.

Asymmetric encryption: and carrying out SM2 asymmetric encryption on the original text by using the national secret public key in the national secret certificate. The SM2 asymmetric encryption is an elliptic curve public key cryptographic algorithm issued by the national crypto-authority in 2010, 12 months and 17 days, and the SM2 is asymmetric encryption and is based on ECC. The algorithm is disclosed to be based on ECC, so the signature speed and the key generation speed are faster than those of RSA. The 256-bit security strength of ECC is higher than that of RSA 2048 bit, the operation speed is faster than that of RSA, SM2 performance is better and safer, the password complexity is high, the processing speed is fast, and the machine performance consumption is smaller.

Asymmetric decryption: and carrying out the SM2 asymmetric decryption on the ciphertext by using the SM2 private KEY of the national password of the user USB-KEY. The decryption process of the SM2 cryptographic algorithm is to calculate a key stream used in encryption according to a multiple point operation result of a random number, perform exclusive or on ciphertext data and the key stream to obtain a data plaintext, subsequently confirm whether the calculated digest value is consistent with the digest value in the ciphertext, and complete SM2 decryption if the calculated digest value is consistent with the digest value in the ciphertext, namely the reverse operation of SM2 asymmetric encryption.

Symmetric encryption: the SM4 encryption is a packet data encryption algorithm of a wireless local area network standard, the key length and the packet length of the symmetric encryption are both 128 bits, the SM4 encryption algorithm used by the national crypto-administrative office of China is published in 2012, the SM4 encryption algorithm used by wireless local area network products is also called commercial encryption algorithm, the SM4 encryption algorithm is one of the packet algorithms, and the algorithm is characterized by design simplicity, characteristic structure, safety and high efficiency. When encrypting, the data grouping is carried out on the original text, the length of the original text data grouping is 128 bits, and the length of the secret key is 128 bits. The encryption algorithm and the key expansion algorithm both adopt a 32-round iteration structure. The SM4 cipher algorithm performs data processing in units of bytes (8 bits) and words (32 bits).

Symmetric decryption: SM4 deciphers, SM4 cryptographic algorithm is to involution the operation, therefore SM4 decipher algorithm and SM4 ciphering algorithm structure the same, only the use order of round key is opposite, decipher round key is the reverse order of encryption round key.

Symmetric key: the SM4 symmetric encryption/decryption algorithm uses the obtained symmetric key.

A certificate management platform: the platform is independently deployed and can be connected with the CA, and the certificate management platform provides user certificate management and provides an external interface.

The application program comprises the following steps: the application program refers to a document editing program on an operating system, such as word.

With the development of mobile internet, a large number of important data files, such as various confidential office documents, design drawings, customer directories, financial statements, purchasing channels, bidding documents, personal privacy information and the like, need to be stored in the daily office work of units such as national organs, enterprises, public institutions, group organizations, social organizations and the like. If these confidential documents are accessed by unauthorized users, information leaks can result, resulting in immeasurable loss of benefit to the enterprise and public institution organization. Typically, one encrypts the file with compressed software, and sets a password to prevent unauthorized access. However, when the user accesses the system, the user needs to input the password for decryption, and unnecessary complicated operation is brought to daily use of the user. In addition, this method also makes it difficult for many people to operate the file cooperatively, for example, if the first author encrypts the file, others cannot access the file, and conversely, if the first author informs others of the password, the key may be leaked to more people, so that the confidentiality of the file cannot be guaranteed.

To solve the above problems, the computer information technology management industry has conducted research work on transparent encryption technology for files.

The method for realizing transparent encryption of files based on the API injection technology of the operating system is a technical route commonly adopted in the industry, and the common realization modes include three types:

1) The first type, software mode, stores the user's key in the local machine to realize the encryption and decryption of the single file.

2) The second type, the escrow method, escrows the user's key on the remote key platform, and returns the key from the remote end to the local terminal for use during encryption and decryption.

3) The third category, hardware mode, stores the user's password in the hardware USB-KEY (U shield), reads the KEY from the USB-KEY during encryption, otherwise inserts the same USB-KEY to decrypt during decryption, and other users cannot decrypt because they cannot get the USB-KEY, thus ensuring the confidentiality of the document.

Most of the manufacturers who make transparent file encryption realize three types of implementation modes of file encryption based on the API injection technology of the operating system, and all the manufacturers have various technical limitations:

1) In the first type of software mode, a public key is stored in a local machine, and an original file is encrypted and decrypted by using a certain encryption algorithm. Meanwhile, in a cross-terminal access scene, if a plurality of terminals try to check the file, the problem that the file cannot be shared due to the fact that the keys are not synchronous exists.

2) In the second type of escrow mode, the key is escrowed on the remote key management platform, and decryption is completed on the device terminal of the user, which can solve the problem of access across multiple terminals, but because the key is transmitted on the network, the security risk exists, for example, when the user accesses the internet through the proxy gateway, the key may be stolen by the proxy gateway, and the risk of the key being leaked exists.

3) In the third type of hardware mode, the KEY is placed in the hardware USB-KEY, the symmetric KEY of the USB-KEY is used for encryption when the file is encrypted, the file can only be decrypted by a person holding the USB-KEY when the file is decrypted, and the USB-KEY is usually held by a first author, so that the problem that the file cannot be shared and accessed exists.

Disclosure of Invention

In order to solve the above problems in the prior art, an object of the present invention is to provide a method and a system for transparently encrypting a shared file, which can implement shared access of encrypted files, have a high security factor, ensure that each authorized user can normally access the file, and deny the file access of unauthorized users.

The technical scheme adopted by the invention is as follows:

a shared file transparent encryption system comprises a plurality of user terminals, a plurality of user USB-KEY, an encryption and decryption auxiliary module, a hook program and a certificate management platform;

the certificate management platform is used for storing a certificate list of authorized users, and each certificate comprises a user USB-KEY public KEY; each user USB-KEY comprises a user USB-KEY private KEY respectively, and each user USB-KEY public KEY and the corresponding user USB-KEY private KEY are matched with each other to form a user USB-KEY public/private KEY pair;

the certificate management platform is also provided with a KEY management function module which is used for generating a user USB-KEY public/private KEY pair;

each user terminal is respectively provided with a hook program, an application program, an operating system, an encryption and decryption auxiliary module and a storage auxiliary module;

the hook program is used for monitoring the execution action of the application program of the user terminal and suspending the application program when the application program executes the saving and/or reading action, so that the execution action of the hook program is processed preferentially; the execution action of the hook program comprises public KEY inquiry, certificate inquiry, public KEY asymmetric encryption, private KEY asymmetric decryption, symmetric encryption and symmetric decryption which are carried out through a user USB-KEY;

the hook program is also used for carrying out asymmetric encryption and decryption on the symmetric key of the document through the encryption and decryption auxiliary module, and carrying out SM4 symmetric encryption and decryption on the original document through the symmetric key;

the application program is used for authoring, saving and/or reading the original document;

the operating system is used for supporting the conventional operation of the user terminal;

the storage auxiliary module is used for storing operating system functions;

each user USB-KEY is provided with an asymmetric encryption interface, an asymmetric decryption interface, a symmetric encryption interface, a symmetric decryption interface, a random number generator and a USB-KEY container, wherein the asymmetric encryption interface is used for asymmetric encryption, the asymmetric decryption interface is used for asymmetric decryption, the symmetric encryption interface is used for symmetric encryption, the symmetric decryption interface is used for symmetric decryption, the random number generator is used for generating random numbers, and the USB-KEY container is used for storing a user USB-KEY public/private KEY pair and a user CA certificate.

Further, the user USB-KEY is a hardware U shield.

Further, the HOOK program is an API HOOK program.

The invention also relates to a sharing type file transparent encryption method of the sharing type file transparent encryption system, which comprises the following steps:

s01, making a USB-KEY of a user;

s02, a first author authors an original document through an application program of a user side, when an operating system of the user side receives a storage message of the application program, a hook program suspends the application program, and pre-encrypts the original document needing to be stored to generate an SM4 symmetric encryption and decryption key;

s03, carrying out secondary encryption on the SM4 symmetric encryption and decryption key of the original document;

s031, the hook program obtains the user USB-KEY public KEY of the certificate management platform;

s0311, the hook program obtains the user certificate list of the user to be authorized from the certificate management platform;

s0312, the hook pops up the dialog box interface and shows the user 'S certificate list, through check box unit or multiple-choice, the first author checks the N authorizes the user' S certificate on the interface of the list, N is greater than or equal to 1 positive integer; after the checking is finished, the hook acquires a corresponding user certificate from the certificate management platform, so that a corresponding user USB-KEY public KEY is acquired;

s032, the hook program calls an encryption and decryption auxiliary module on a first author user end through each user USB-KEY public KEY in sequence, and asymmetric encryption is carried out through an asymmetric encryption interface of the user USB-KEY of the first author;

transmitting the user USB-KEY public KEY of each user certificate into an asymmetric encryption interface, transmitting the symmetric KEY into the asymmetric encryption interface, and after taking each user USB-KEY public KEY from the asymmetric encryption interface, respectively carrying out SM2 asymmetric encryption on SM4 symmetric encryption and decryption KEYs to generate an SM2 asymmetric encryption ciphertext corresponding to each user USB-KEY;

s033, storing the SM2 asymmetric encryption ciphertext;

the hook program stores the SM2 asymmetric encryption ciphertext as additional information in the first N lines of the storage file;

s034, setting a separation line at the (N + 1) th row of the storage file by the hook program; the hook program uses an SM4 symmetric encryption and decryption key to carry out SM4 symmetric encryption on the original file to obtain a ciphertext, and the ciphertext is stored in a position below an N +2 line of the storage file;

s035, the hook program releases the application program, the process of continuing to execute the storage process is returned, and the storage file after the secondary encryption is stored;

s04, decrypting the storage file by the user side;

s041, inserting a user USB-KEY into the user side;

s042, when the operating system of the user side receives the message of reading the storage file of the application program, the hook program suspends the application program, and the SM2 asymmetric encryption ciphertext corresponding to the user certificate of the current user USB-KEY is searched in the additional information of the storage file through the encryption and decryption auxiliary module;

s043, the hook program calls a user USB-KEY private KEY in the current user USB-KEY through the encryption and decryption auxiliary module to carry out asymmetric decryption to obtain a symmetric KEY plaintext;

s044, the hook program carries out SM4 symmetric decryption on the ciphertext to obtain an original document plaintext;

s045, the hook program writes the original document plaintext into the memory of the application program; and releasing the application program, and returning to continue executing the reading process.

Further, the step S01 includes the following operations:

s011, receiving the USB-KEY making information of the user by a certificate management platform administrator;

s012, the administrator of the certificate management platform confirms the user USB-KEY making information;

s013, a certificate management platform administrator makes user USB-KEY on the certificate management platform and respectively generates a public/private KEY pair for each user USB-KEY;

s014, the certificate platform administrator takes out the user USB-KEY public KEY from the KEY management function module of the KEY management platform to apply for the certificate to the CA;

s015, the certificate platform administrator writes the certificate into the user USB-KEY in the certificate management platform;

s016, the certificate platform administrator distributes the user USB-KEY to the corresponding user;

s017, the user receives the user USB-KEY and checks whether the user USB-KEY is effective.

Further, the step S02 includes the following operations:

s021, inserting a corresponding user USB-KEY into the current user side, and creating an original document through an operating system and an application program;

s022, after the original document creation is finished, clicking a save button, and calling an operating system function of a storage auxiliary module of an operating system by an application program of a current user side;

s023, when the operating system of the current user receives the save message of the application program, the hook program hooks the save message first, i.e. the application program is suspended, and the hook program preferentially processes the own save flow to generate a random SM4 symmetric encryption/decryption key for the original document.

Further, the step S032 includes the following operations:

s0321, the hook program calls a random number generator of the USB-KEY of the user through the encryption and decryption auxiliary module to generate a random number k;

s0322, the encryption and decryption auxiliary module calculates an elliptic curve point C1 and converts the data type of the C1 into a bit string;

s0323, the encryption and decryption auxiliary module calculates an elliptic curve point S;

s0324, the encryption/decryption assisting module calculates an elliptic curve point [ k ] PB = (x 2, y 2), and converts the data type of the coordinates x2 and y2 into a bit string; x2 and y2 are the actual coordinate point values of the user public key;

s0325, the encryption and decryption auxiliary module calculates a variable t;

s0326, the encryption and decryption auxiliary module calculates an elliptic curve point C2;

s0327, the encryption and decryption auxiliary module calculates an elliptic curve point C3;

and S0328, the encryption and decryption auxiliary module calculates to obtain an SM2 asymmetric encryption ciphertext C, informs the hook program of the calculation result, completes asymmetric encryption, and generates an SM2 asymmetric encryption ciphertext corresponding to each user USB-KEY.

Still further, the step S034 includes the following operations:

s0341, grouping the original documents;

the length of each group is 128 bits, and the length of the SM4 symmetric key is also 128 bits; splitting the original document into a plurality of groups with the length of 128 bits;

s0342, taking a first group of 128-bit data, and splitting the data into 4 32-bit data x0, x1, x2 and x3 according to bits;

s0343, performing iterative operation for 32 times;

when i =0, the first round of transformation is performed until i =31 is finished, and xi +1, xi +2, xi +3 and the round key rki are subjected to exclusive or to obtain data of 32 bits, namely sbox-input = xi +1 ^ xi +2 ^ xi +3 ^ rki, and ^ x represents exclusive or operation;

s0344, performing reverse order transformation;

performing reverse order transformation on the last round of data to obtain a ciphertext, splitting the sbox _ input into 4 8-bit data, performing box transformation respectively, and combining 4 8-bit outputs into a 32-bit sbox _ output variable;

s0345, calculating to obtain a ciphertext;

and circularly left-shifting the sbox _ output obtained in the last step by 2, 10, 18 and 24 bits respectively to obtain 4 32-bit results, recording the shift result as y2 y10, y18, exclusive OR of y24 and sbox _ output and xi output by box conversion to obtain xi +4, namely xi +4= sbox _ output [. Gty 2 [. Gty 10 [. Y18 [. 24 [. Xi ], and obtaining a symmetrically encrypted ciphertext by xi + 4.

S0346, after the encryption and decryption auxiliary module obtains the result feedback of the USB-KEY, the hook program is informed of the symmetric encrypted ciphertext.

Still further, the asymmetric decryption in step S043 includes the following operations:

a1, verifying user identity by inputting a PIN code of a current user USB-KEY, calling a private KEY value of the user USB-KEY in the current user USB-KEY, and obtaining an SM2 asymmetric encryption ciphertext C;

a2, the encryption and decryption auxiliary module splits the SM2 asymmetric encrypted ciphertext C, and extracts an elliptic curve point C1 from the SM2 asymmetric encrypted ciphertext C;

a3, an encryption and decryption auxiliary module calculates an elliptic curve point S;

a4, the encryption and decryption auxiliary module converts the variable [ dB ] C1 into a bit string;

a5, calculating by an encryption and decryption auxiliary module to obtain a variable t;

a6, the encryption and decryption auxiliary module obtains a plaintext M' of an SM4 symmetric encryption and decryption key through bit string calculation;

and A7, the encryption and decryption auxiliary module informs the hook program of the plaintext M' to complete asymmetric decryption to obtain a symmetric key plaintext.

Finally, in step S044, the SM4 symmetric decryption is performed on the ciphertext after the separation line in the stored document, where the SM4 symmetric decryption includes the following operation contents:

m1, inputting an original key, and splitting the key into 4 32-bit data K0, K1, K2 and K3 according to bits;

m2, the encryption and decryption auxiliary module calculates a round key, and the initial key K0, K1, K2, K3 are xored with the fixed parameters FK0, FK1, FK2, FK3 respectively to obtain the keys K0, K1, K2, K3 for the round, i.e. K0= K0 ≧ FK0, K1= K1 ^ FK1, K2= K2 ^ FK2, K3= K3 ^ FK3;

m3, generating a round key by an encryption and decryption auxiliary module, performing first round transformation when i =0, ending until i =31, performing exclusive or on ki +1, ki +2, ki +3 and a fixed parameter CKi to obtain 32-bit data, namely sbox _ input = ki +1 ki +2 ki +3 CKi, splitting sbox _ input into 4 8-bit data, performing box transformation respectively, and then combining 4 8-bit data outputs into a 32-bit sbox _ output variable;

m4, the encryption and decryption auxiliary module calculates decrypted rki, the sbox _ output variable is circularly moved to the left by 13 and 23 bits respectively to obtain 2 32-bit shift results, the 2 shift results are recorded as y13, y23, the shift results y13 and y23 are subjected to XOR with the box transformation output sbox _ output and ki to obtain ki +4, namely rki = ki +4= sbox _outputy 13 &y23 &ki, 32 rounds of operation are executed, 32 different CKi are used simultaneously, CKi is a fixed parameter, and decrypted rki is obtained after 32 rounds of execution are finished;

m5, performing round key reverse order operation by the encryption and decryption auxiliary module, wherein the operation steps are rk' i = rk31-i;

m6, calculating a plain text after SM4 symmetric decryption by the encryption and decryption auxiliary module, assigning ciphertexts x35, x34, x33 and x32 to be x '0, x1, x2, x3, and assigning x '0, x1, x2, x3 and rk ' i to be inverse x '4= x35 = T (x 34 ^ x33 ^ x32 ^ rk 31) = x31 = T (\ 8943) = T (\\ 8943) = x31 to obtain x ' i = x35-i;

and M7, the encryption and decryption auxiliary module calculates a 32-round function to obtain the original document after SM4 symmetric decryption, and informs a hook program to complete SM4 symmetric decryption.

The beneficial effects of the invention are as follows:

a shared file transparent encryption method and system are disclosed, wherein a set of shared security protection strategy based on key protection is established to realize secure file sharing access, each authorized user is ensured to normally access files, file access of unauthorized users is denied, encryption and decryption keys are not required to be transmitted on the network, the encryption and decryption keys used by each file are encrypted by the public key of each user certificate to form a key ciphertext after encryption, the certificates of each user and the key ciphertext encrypted by using each user public key are embedded into a protected file as additional information, and the format of the embedded additional information is not limited.

Each encrypted file is composed of encrypted data and additional information. The encrypted data is a ciphertext encrypted using an encryption/decryption key. In the additional information, multiple groups of certificates of authorized users and corresponding key ciphertexts can be contained so as to support shared access of multiple authorized users to the file.

When an authorized user reads a document, the hook program reads the additional information from the encrypted file, finds out the corresponding KEY ciphertext according to the certificate of each user, calls the USB-KEY private KEY of the user to decrypt the encrypted and decrypted KEY ciphertext into the KEY plaintext, and then decrypts the encrypted data by using the KEY plaintext.

After the user with the right to be granted dials out the USB-KEY hardware, the hook program cannot call the USB-KEY private KEY of the user to decrypt the cipher KEY ciphertext, so that the security of the symmetric cipher KEY can be protected to the maximum extent in a file sharing mode, and file access of an unauthorized user can be prevented.

The method and the device provided by the invention are used for transparently encrypting the internal confidential documents, and the transparently encryption can be used for personal privacy protection, limited sharing protection and secondary sharing protection, wherein the confidential documents are of types such as design drawings, client directories, financial statements, purchasing channels, bidding documents and the like.

Drawings

FIG. 1 is a schematic flow chart of a certificate management platform for making a user USB-KEY according to the transparent encryption method for shared files of the present invention;

FIG. 2 is a schematic diagram illustrating a process of creating an encrypted file by a first author of the method for transparent encryption of a shared file according to the present invention;

FIG. 3 is a schematic diagram of the file decryption process of other readers in the shared file transparent encryption method of the present invention.

Detailed Description

The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.

As shown in fig. 1, in order to solve the problems commonly existing in the prior art, the present invention provides a method and a system for transparently encrypting shared files, which take secure file sharing access as a key objective, establish a set of shared security protection policies based on key protection, ensure that each authorized user can normally access files, and deny file access of unauthorized users. According to the scheme, encryption and decryption keys are not transmitted on the network, the encryption and decryption keys used by each file are encrypted by the public key of each user certificate, a key ciphertext is formed after encryption and is embedded into the protected file as additional information, the format of the embedded additional information is not limited, but the embedded additional information comprises the following key contents:

1) Certificates of individual users

2) And encrypting the encrypted key ciphertext by using the public key of each user.

When each authorized user reads the document, the hook reads the additional information from the encrypted file, finds out the corresponding KEY ciphertext according to the certificate of each user, calls the USB-KEY private KEY to decrypt the encrypted and decrypted KEY ciphertext into the KEY plaintext, and then decrypts the encrypted data by using the KEY plaintext.

If a user with a granted right dials out the USB-KEY hardware of the user, the hook program cannot call the USB-KEY private KEY of the user to decrypt the cipher KEY ciphertext, so that the security of the symmetric cipher KEY can be protected to the maximum extent in a file sharing mode, and file access of an unauthorized user can also be prevented.

The above-mentioned method for assembling encrypted files is not to be construed as limiting the present application, and those skilled in the art can assemble encrypted files in different assembly formats and content sequences.

The overall planning scheme is as follows:

a shared file transparent encryption system is provided with a plurality of user terminals, a plurality of user USB-KEY, an encryption and decryption auxiliary module, a hook program and a certificate management platform according to the use requirements of an application scene;

the certificate management platform is used for storing a certificate list of authorized users, each certificate comprises a user USB-KEY public KEY, and each user USB-KEY comprises a user USB-KEY private KEY; each user USB-KEY public KEY is matched with a corresponding user USB-KEY private KEY to form a user USB-KEY public/private KEY pair;

the certificate management platform is also provided with a KEY management function module which is used for generating a USB-KEY public/private KEY pair of the user;

the HOOK program is an API HOOK HOOK program; the hook program is used for monitoring the execution action of the application program of the user terminal and pausing the application program when the application program executes the saving and/or reading action so as to preferentially process the execution action of the hook program; the execution action of the hook program comprises public KEY inquiry, certificate inquiry, public KEY asymmetric encryption, private KEY asymmetric decryption, symmetric encryption and symmetric decryption which are carried out through a user USB-KEY;

the storage auxiliary module is used for storing operating system functions;

the user USB-KEY is a hardware U shield; each user USB-KEY is respectively provided with an asymmetric encryption interface, an asymmetric decryption interface, a symmetric encryption interface, a symmetric decryption interface, a random number generator and a USB-KEY container, wherein the asymmetric encryption interface is used for asymmetric encryption, the asymmetric decryption interface is used for asymmetric decryption, the symmetric encryption interface is used for symmetric encryption, the symmetric decryption interface is used for symmetric decryption, the random number generator is used for generating random numbers, and the USB-KEY container is used for storing a user USB-KEY public/private KEY pair and a user CA certificate.

The invention also relates to a shared file transparent encryption method of the shared file transparent encryption system, which comprises the following steps:

s01, making a user USB-KEY;

s015, the certificate platform administrator writes the certificate into user USB-KEY in the certificate management platform;

S02, a first author authors an original document through an application program of a user end, when an operating system of the user end receives a storage message of the application program, a hook program suspends the application program, and pre-encrypts the original document needing to be stored to generate an SM4 symmetric encryption and decryption key;

s021, inserting a corresponding user USB-KEY into the current user terminal, and creating an original document through an operating system and an application program;

s031, obtain the user USB-KEY public KEY of the certificate management platform;

s0311, the hook program obtains the certificate list of the user to be authorized from the certificate management platform;

s0312, the hook pops up a dialog box interface to display a certificate list, check boxes can be selected more, a first author checks a plurality of authorized user certificates on the list interface, and after checking, the hook acquires a corresponding user USB-KEY public KEY from the certificate management platform;

transmitting the user USB-KEY public KEY of each user certificate into an asymmetric encryption interface, transmitting the symmetric KEY into the asymmetric encryption interface (the symmetric KEY is 123 for example), and after taking the user USB-KEY public KEY and the symmetric KEY from the asymmetric encryption interface, carrying out SM2 asymmetric encryption to generate an SM2 asymmetric encryption ciphertext corresponding to each user USB-KEY;

s0324, the encryption and decryption assist module calculates an elliptic curve point [ k ] PB = (x 2, y 2), and converts the data type of the coordinates x2 and y2 into a bit string; x2 and y2 are the actual coordinate point values of the user public key;

s0325, the encryption and decryption auxiliary module calculates a variable t;

and S0328, the encryption and decryption auxiliary module calculates to obtain an SM2 asymmetric encryption ciphertext C, and informs the hook program of the calculation result to complete asymmetric encryption and generate an SM2 asymmetric encryption ciphertext corresponding to each user USB-KEY.

S033, storing the SM2 asymmetric encryption ciphertext;

s0341, grouping the original documents;

s0343, performing iterative operation for 32 times;

s0344, performing reverse order transformation;

carrying out reverse order transformation on the last round of data to obtain a ciphertext, splitting the sbox _ input into 4 8-bit data, respectively carrying out box transformation, and then combining 4 8-bit outputs into a 32-bit sbox _ output variable;

s0345, calculating to obtain a ciphertext;

the sbox _ output obtained in the last step is circularly and leftwards shifted by 2, 10, 18 and 24 bits respectively, 4 32bit results are obtained, the shift result is y2 y10 y18 y24, and the sbox _ output and xi exclusive OR of box conversion output is obtained, xi +4 is obtained, namely xi +4=sbox _ output & y2 & y10 & y18 & y24 & xi, and xi +4 is obtained as a symmetric encrypted ciphertext.

S035, the hook program releases the application program, the process is returned to continue to execute the storage process, and the storage file after the secondary encryption is stored;

s04, decrypting the storage file by the user side;

s041, inserting a user USB-KEY into the user side;

asymmetric decryption includes the following operations:

a1, verifying user identity by inputting PIN code of current user USB-KEY, calling user USB-KEY private KEY value in current user USB-KEY, and obtaining SM2 asymmetric encryption ciphertext C;

a5, an encryption and decryption auxiliary module calculates to obtain a variable t;

and performing SM4 symmetric decryption on the ciphertext behind the separation line in the stored document, wherein the SM4 symmetric decryption comprises the following operation contents:

m3, generating a round key by an encryption and decryption auxiliary module, performing first round transformation when i =0, ending until i =31, performing exclusive or on ki +1, ki +2, ki +3 and a fixed parameter CKi to obtain 32-bit data, namely sbox _ input = ki +1 ^ ki +2 ^ ki +3 ^ CKi, splitting sbox _ input into 4 8-bit data, performing box transformation respectively, and then outputting and combining the 4 8-bit data into a 32-bit sbox _ output variable;

and M7, the encryption and decryption auxiliary module calculates 32 round functions to obtain the original document after SM4 symmetric decryption, and informs a hook program to finish SM4 symmetric decryption.

The invention relates to a shared file transparent encryption method and a system, which establish a set of shared security protection strategy based on key protection to realize secure file sharing access, ensure that each authorized user can normally access files, and refuse file access of unauthorized users without transmitting encryption and decryption keys on a network, wherein the encryption and decryption keys used by each file are encrypted by a public key of each user certificate to form a key ciphertext after encryption, the certificates of all users and the key ciphertext encrypted by the public keys of all users are embedded into protected files as additional information, and the format of the embedded additional information is not limited.

When an authorized user reads a document, the hook program reads the additional information from the encrypted file, finds out the corresponding KEY ciphertext according to the certificate of each user, calls the USB-KEY private KEY to decrypt the encrypted and decrypted KEY ciphertext into the KEY plaintext, and then decrypts the encrypted data by using the KEY plaintext.

After the authorized user dials out the USB-KEY hardware, the hook program cannot call the USB-KEY private KEY to decrypt the KEY ciphertext, so that the security of the symmetric KEY can be protected to the maximum extent in a file sharing mode, and file access of an unauthorized user can also be prevented.

The invention relates to transparent encryption of internal confidential documents, wherein the transparent encryption can be used for personal privacy protection, limited sharing protection and secondary sharing protection, and the types of the confidential documents are design drawings, client directories, financial statements, purchasing channels, bidding documents and the like.

Based on a HOOK HOOK message processing mechanism provided by an operating system, the invention allows the logic processed by the user-defined program to be loaded in the running process of the application program, in short, when the application program saves a document, the invention calls the savFile operating system function of the operating system. When an application reads a document, it calls the readFile operating system function of the operating system. When the application program is saved as a document, the application program calls the operating system function of the saveAsFile (saved as a file) of the operating system. When the message arrives, the logic of the hook program is processed, and then the logic of the original application program is processed. The method monitors the saving, reading and saving of the application program as actions through the hook program, and the following description is developed one by one on the three actions.

When an operating system receives a storage message initiated by a first author, a hook program hooks the storage message (which can be understood as pause) to prevent the storage message from being executed, then the hook program preferentially processes the self-existing storage process, the hook program generates a random encryption and decryption KEY (plaintext) for an original file, a certificate list of a user to be authorized is obtained from a certificate management platform, a hook pop-up dialog box interface displays the certificate list, a check box can be selected more frequently, the first author hooks a plurality of authorized user certificates on the list interface, after the hook completion, a corresponding user USB-KEY public KEY is obtained from the certificate management platform, the hook sequentially uses the hooked certificate public KEYs to call an asymmetric encryption interface of the USB-KEY, the encryption and decryption KEY (plaintext) is encrypted, the encrypted encryption and decryption KEY (ciphertext) is stored in the file as additional information, the hook completes the storage process, and then returns to the original storage execution process of the application program after the processing is completed.

When an operating system receives a read message of a user, a hook program hooks the message (which can be understood as pause) first to prevent the message from being executed, then the hook program preferentially processes the self-existing read flow, the process that the hook program processes the user to read a file is that the operating system pushes the read message to the hook program, the hook searches an encryption and decryption KEY (ciphertext) corresponding to a self-existing USB-KEY certificate in file additional information, and decrypts the encryption and decryption KEY (ciphertext) by using a USB-KEY private KEY, so that the encryption and decryption KEY (plaintext) is obtained. Note that the user is prompted to input a PIN code of the USB-KEY to verify the user identity when decrypting the KEY (ciphertext), the file ciphertext is then symmetrically decrypted according to the KEY (plaintext) that has just been obtained, and finally the file plaintext that is symmetrically decrypted is written into the memory of the application program by the hook program. And the hook converts the plaintext and then returns to the reading flow of the original application program.

When the operating system receives the message of the alternate memory initiated by the user, the hook program hooks the alternate memory as the message (which can be understood as pause) and does not execute the message, then the hook program preferentially processes the own alternate memory as a flow, the hook searches the encryption and decryption KEY (ciphertext) corresponding to the own USB-KEY certificate in the file additional information, decrypts the encryption and decryption KEY (ciphertext) by using the USB-KEY private KEY to obtain the encryption and decryption KEY (plaintext), and the user is prompted to input the PIN code of the USB-KEY to verify the identity of the user when the encryption KEY (ciphertext) is decrypted. Then the hook obtains the certificate list of the authorized and to-be-authorized users from the certificate management platform, the hook pops up a dialog box interface to display the certificate list, the authorized user certificate is checked by a check box and grey of the authorized user certificate cannot be changed, the to-be-authorized user can be selected by multiple times, the user checks a plurality of authorized user certificates on the list interface, after checking is finished, the corresponding user USB-KEY public KEY is obtained from the certificate management platform, the hook uses the checked certificate public KEY to call an asymmetric encryption interface of the USB-KEY in sequence to encrypt the encryption and decryption KEY (plaintext), the encrypted encryption and decryption KEY (ciphertext) is added to additional information to be stored in a file, the hook completes the additional storage as processing, and then returns to the original application program for additional storage as processing flow after the processing is finished.

And the certificate management platform is responsible for user certificate (public key) hosting and provides a certificate inquiry interface outwards.

Note: the above module division is only an exemplary reference for one implementation manner, and is not to be understood as a limitation to the present application, and those skilled in the art may combine and split the module definitions in different manners, and may combine the module definitions into one module, or split the module definitions into multiple modules.

The hook program transparent encryption is realized in detail:

1. the user inserts the USB-KEY into the USB serial port of the notebook computer, and the information in the USB-KEY can uniquely identify one user.

The certificate in the USB-KEY designates the name, the mobile phone number or the identity number of the user.

When the USB-KEY private KEY signs the original file, the hook prompts the user to input a PIN code of the USB-KEY, and the PIN code is only known by the user. If the error times of inputting the PIN code are too many, the USB-KEY is locked, and the USB-KEY needs to go to the certificate management platform for unlocking after being locked.

2. The method comprises the steps that a first author saves a document scene, an operating system pushes a message to a hook program, the message carries an original document (plaintext), a hook generates a random encryption and decryption KEY (plaintext) for the original document, a certificate list of a user to be authorized is obtained from a certificate management platform, a hook pops up a dialog box interface to display the certificate list, check boxes can be selected in multiple ways, the first author checks multiple authorized user certificates on the list interface, after checking, a corresponding user USB-KEY public KEY is obtained from the certificate management platform, the hook calls an asymmetric encryption interface of the USB-KEY by sequentially using the checked certificate public KEYs to perform asymmetric encryption on the encryption and decryption KEY (plaintext) (asymmetric encryption refers to asymmetric encryption description of the previous S032), and the encrypted encryption and decryption KEY (ciphertext) is stored in the document as additional information.

Each encrypted document is composed of encrypted data and additional information. The encrypted data is a ciphertext encrypted using an encryption/decryption key. In the additional information, multiple groups of certificates of authorized users and corresponding key ciphertexts can be contained so as to support shared access of multiple authorized users to the document. The hook program combines the encrypted data and the additional information according to S033.

The format of the additional information is a text format and is formed by multiple lines, a user sequentially selects certificates on a hook interface, the USB-KEY inserted into the notebook is called by using the selected certificates, the hook carries out asymmetric encryption on the symmetric KEYs (plain texts), the encrypted KEYs (cipher texts) are stored in the multiple lines of texts, the format of each line is that the user certificate, the separator and the KEY (cipher) form one line, and each authorized user occupies one line.

The encrypted data format is also a text, only one line is used, the hook symmetrically encrypts an original file (plaintext) by a symmetric key (plaintext) to form a ciphertext, and the ciphertext only has one line and is the encrypted data.

And in the combining process, the attachment information is placed at the top of the file, the encrypted data is placed at the bottom of the file, the middle of the file is separated by a middle line, the hook combines the attachment information and the encrypted data, and the hook writes the combined file into a disk.

3. An authorized user reads a document scene, an operating system pushes a read message to a hook program, the hook searches an encryption and decryption KEY (ciphertext) corresponding to a certificate in a USB-KEY in document additional information, and uses a private KEY to carry out asymmetric decryption on the encryption and decryption KEY (ciphertext) (asymmetric decryption refers to asymmetric decryption description of S0362, so that an encryption and decryption KEY (plaintext) is obtained.

4. And (3) the user shares the document scene for the second time, the operating system pushes the read message to the hook program, the hook searches the encryption and decryption KEY (ciphertext) corresponding to the certificate in the user USB-KEY in the document additional information, and uses the private KEY to carry out asymmetric decryption on the encryption and decryption KEY (ciphertext) (asymmetric decryption refers to the asymmetric decryption description in the third section), so that the encryption and decryption KEY (plaintext) is obtained. Note that the user is prompted to enter the PIN code of the USB-KEY to verify the user's identity when decrypting the KEY (ciphertext). After a decryption KEY (plaintext) is obtained, a hook obtains a certificate list of a user to be authorized from a certificate management platform, the hook pops up a dialog box interface to display the certificate list, the authorized user certificate is checked by a check box and the gray color cannot be changed, the user to be authorized can select more than one check box, the user checks a plurality of authorized user certificates on the list interface, after the checking is finished, a corresponding user USB-KEY public KEY is obtained from the certificate management platform, the hook sequentially uses the checked certificate public KEYs to call an asymmetric encryption interface of the USB-KEY, asymmetric encryption (asymmetric encryption refers to asymmetric encryption description of a third chapter) is carried out on the KEY (plaintext), and the encrypted KEY (ciphertext) is added to additional information. Each encrypted file is composed of encrypted data and additional information. The encrypted data is a ciphertext encrypted using an encryption/decryption key. In the additional information, multiple groups of certificates of authorized users and corresponding key ciphertexts can be contained so as to support shared access of multiple authorized users to the file. The hook combines the encrypted data and the additional information, and the combining process is consistent with that of "5.1.2 first author saves document scene".

5. Detailed implementation of a certificate management platform

The certificate management platform manages the certificate of the user, provides functions of application, downloading, revoking, freezing, unfreezing, unlocking, mailing express tracking and the like of the certificate of the user, provides a WEB interface of a background manager, and is additionally provided with an external interface mode.

Note: the transparent encryption method used in the scheme cannot be understood as a limitation to the present application, and a person skilled in the art can use different encryption and decryption algorithms to realize similar functions, for example, a national encryption algorithm implemented in China can be used, and algorithms such as RSA, AES, 3DES and the like in international standards can also be used.

The application provides a shared file transparent encryption method, which carries out encryption protection on a file of a first author and allows the first author to share the file to other authorized users for access, and the main protection points comprise:

1. the scheme is based on a transparent encryption mode for the shared file, encryption and decryption keys are not transmitted on the network, and the protection of the keys is completed on the side of the user terminal. The KEY encryption is carried out in the hardware USB-KEY, and the KEY decryption is also completed in the hardware USB-KEY, so that the transmission of the symmetric KEY on the network can be avoided, and the protection level and the security of the symmetric KEY are improved.

2. The method and the device realize the file transparent access control of the authorized user, do not need to share encryption and decryption keys among a plurality of users, have no additional operation for the authorized user, are consistent with the conventional file access, and reduce the operation complexity of the authorized user.

The application provides a shared file transparent encryption method, on the basis of file sharing, an encryption and decryption KEY is designed safely, so that transmission of a symmetric KEY on the network is avoided, decryption of the encryption and decryption KEY depends on a private KEY in local hardware USB-KEY for decryption, the USB-KEY is used in a plug-and-play mode, decryption cannot be performed if the USB-KEY is dialed out, hidden dangers of transmission of the symmetric KEY on the network are avoided, and the problem of cross-terminal transparent access is solved.

The first embodiment is as follows:

1. the company leader sends an email to an administrator of the certificate management platform, the email is proposed to apply for USB-KEY for company employees, and the name of the employee is noted in the email. The USB-KEY is in a U shield hardware form.

2. After receiving the mail, the certificate management platform administrator replies the mail, and the 'authorized' is written in the mail body.

3. The administrator of the certificate management platform starts to operate on the certificate management platform to make USB-KEY, and respectively generates a public/private KEY pair for each user USB-KEY.

4. The administrator of the certificate platform takes out the USB-KEY public KEY of the user from the KEY management platform to apply for the certificate to the CA.

5. The certificate platform administrator writes the certificate into the user USB-KEY at the KEY management platform.

6. The certificate platform administrator mails the USB-KEY to each user respectively.

7. The method comprises the steps that company staff receive USB-KEY, and after receiving the USB-KEY, the company staff respectively check whether the USB-KEY is damaged in the mailing process, and the checking process is that a user inserts the USB-KEY into a USB serial port of a notebook computer and checks whether the USB-KEY is lighted.

8. A HOOK program HOOK, hereinafter referred to as a HOOK, is installed on a notebook of a company employee.

9. An assistant exe, namely an encryption and decryption auxiliary module, hereinafter referred to as assistant exe or assistant, is installed on the notebook of the company staff.

10. The first author notebook inserts the USB-KEY and begins authoring the document.

11. The first author has authored the document, clicks the save button, and calls the savFile operating system function of the operating system.

12. When the operating system receives a saveFile save message initiated by a first author, the hook program hooks the save message (which may be understood as a pause) to not execute the save message, and then the hook program preferentially processes the own save flow, and at this time, the hook program generates a random encryption/decryption key (e.g., 123) for the original file.

13. And the hook program acquires the certificate list of the user to be authorized from the certificate management platform.

14. And the hook pops up a dialog box interface to display a certificate list, check boxes can be selected for multiple times, a first author checks a plurality of authorized user certificates on the list interface, and after checking is finished, the hook acquires a corresponding user USB-KEY public KEY from the certificate management platform.

15. And the hook calls an assistant exe by sequentially using the checked certificate public KEY to perform asymmetric encryption on the encryption and decryption KEY (123) by using an asymmetric encryption interface of the USB-KEY. Starting asymmetric encryption, the hook first invokes the random number generator of the USB-KEY with helper exe to generate a random number k.

16. Helper exe calculates an elliptic curve point C1 with the formula C1= [ k ] G = (x 1, y 1), and converts the data type of C1 into a bit string.

17. The helper exe calculates the elliptic curve point S with the formula S = [ h ] PB.

18. The helper exe calculates an elliptic curve point [ k ] PB = (x 2, y 2), and converts the data type of the coordinates x2, y2 into a bit string.

19. Helper exe calculates variable t = KDF (x 2/y 2, klen).

20. The helper exe calculates the elliptic curve point C2 by the formula C2 = M ≦ t.

21. Helper exe calculates the elliptic curve point C3 by the formula C3 = Hash (x 2/M/y 2).

22. The assistant exe calculates to obtain an SM2 asymmetric encryption ciphertext C (for example, the ciphertext asymmetrically encrypted by the zhang three public key pair 123 is aaaa, the ciphertext asymmetrically encrypted by the liqi public key pair 123 is bbbb), the calculation formula is C = C1/C2/C3, so far the helper exe tells the calculation result to the hook, and the asymmetric encryption is completed.

23. The hook stores the encrypted encryption and decryption keys (ciphertexts, such as aaaa and bbbb) as additional information in the first and second lines of the file.

24. The hooks are separated in the middle by a separation line (e.g., the third row is separated by a separation line).

25. The hook is below the separation line, is a ciphertext that is SM4 symmetrically encrypted using a key (123) on an author original (a first author original, e.g., "one million"), and the hook begins SM4 symmetric encryption with an assistant. The SM4 symmetric encryption algorithm groups the first acting ciphertext, wherein the length of each group is 128 bits, and the length of the secret key is 128 bits. The original text length is divided into a group according to 128 bits, and the group is divided into a plurality of groups.

26. The assistant takes out the first group of 128-bit data and splits it into 4 data x0, x1, x2, x3 of 32 bits by bit.

27. The assistant performs 32 iterative operations, when i =0i =0, it is the first round conversion, and it is proceeded until i =31i =31 and ends, xoring x i +1, x i +2, x i +3 and the round key r k i to obtain data of 32 bits, that is, sbox-input = x i +1 × i +2 × i +3 × r k i, where symbol represents an xor operation.

28. And the assistant performs reverse order conversion, the steps are that reverse order conversion is performed on the last round of data to obtain a ciphertext, the sbox _ input is split into 4 8-bit data, box conversion is performed respectively, and then 4 8-bit outputs are combined into a 32-bit sbox _ output variable.

29. The helper calculates to obtain ciphertexts, the steps are that the sbox _ output obtained just now is circularly moved left by 2, 10, 18 and 24 bits respectively, the result of obtaining 4 32 bits is recorded as y2 y10, y18, y24 is exclusive-or with sbox _ output and xi output by box transformation, xi +4 is obtained, that is xi +4=sbox _ output ^ y2 ^ y10 ^ y18 ^ y24 ^ xi, xi +4 is the ciphertexts obtained by symmetric encryption, and the helper tells the ciphertexts obtained by symmetric encryption to the hook.

30. After the hook finishes the symmetric encryption, the hook finishes the storage processing after the ciphertext is placed on the separation line, and then the hook returns to the original storage execution flow of the application program after the processing is finished, so that the flow of file encryption storage is finished.

31. The user starts reading the encrypted file, and the user notebook inserts the USB-KEY.

32. The user clicks to open the read file, when the operating system receives the read message of the user, the hook program hooks the message (which can be understood as pause) first to prevent the message from being executed, then the hook program preferentially processes the self-read flow, and the process that the hook program processes the user read file is that the operating system pushes the read message to the hook program.

33. The hook searches a symmetric encryption KEY (symmetric KEY cryptogram, for example aaaa) corresponding to the self-owned USB-KEY certificate in the file additional information by using an assistant.

34. After the hook takes the symmetric KEY ciphertext (the symmetric KEY ciphertext, such as aaaa), the assistant is used for adjusting the private KEY in the USB-KEY to perform asymmetric decryption, and the assistant performs asymmetric decryption in the first step to obtain an asymmetric ciphertext variable C (the ciphertext, such as aaaa) in advance. Note that the asymmetric decryption KEY (e.g., aaaa) prompts the user to enter the PIN for the USB-KEY to verify the user's identity.

35. The assistant splits the ciphertext, the splitting formula is that the ciphertext C = C1/C2/C3, values are taken from the asymmetric ciphertext C, and an elliptic curve point C1 is taken from C.

36. The assistant calculates an elliptic curve point S with a formula of S = [ h ] C1.

37. The assistant converts the variable [ dB ] C1 into a bit string, and calculates the conversion formula as [ dB ] C1= (x 2, y 2).

38. The helper calculates to obtain a variable t, which has the formula of t = KDF (x 2/y 2, klen).

39. The helper calculates to obtain the plaintext M ', the process of obtaining the plaintext M ' is to take out the bit string C2 from the asymmetric ciphertext C, apply a calculation formula M ' = C2 ≦ t, and after the helper obtains the plaintext, tell the plaintext to the hook, so that the asymmetric decryption is completed (the symmetric key plaintext is, for example, 123).

40. After the hook obtains the symmetric key plaintext (the symmetric key plaintext is 123 for example), the ciphertext after the middle line is decrypted, the hook symmetric decryption still calls the capability of the assistant to perform symmetric decryption, and the original text of the first author can be obtained after the assistant SM4 performs symmetric decryption.

41. The helper starts the SM4 symmetric decryption for the ciphertext after the midamble line. The SM4 asymmetrically decrypts the original key (symmetric key plaintext is 123 for example) input first, and splits it into 4 data K0, K1, K2, K3 of 32 bits by bit.

42. The helper calculates the round key by xoring the initial key K0, K1, K2, K3 with the fixed parameters FK0, FK1, FK2, FK3, respectively, to obtain the key K0 for the round, K1, K2, K3, i.e. K0= K0 ^ FK0, K1= K1 ^ FK1, K2= K2 ^ FK2, K3= K3 ^ FK3.

43. The assistant generates a round key, the round key rki generation step is that when i =0, the first round transformation is performed until i =31 is finished, ki +1,ki +2,ki +3 and a fixed parameter CKi are subjected to exclusive OR to obtain 32-bit data, namely sbox _ input = ki +1 ^ ki +2 ^ ki +3 ^ CKi, the sbox _ input is split into 4 8-bit data, box transformation is performed respectively, and then the 4 8-bit outputs are combined into a 32-bit sbox _ output variable.

44. The helper calculates the decrypted rki by respectively moving the sbox _ output obtained just now to the left by 13 and 23 bits to obtain 2 32-bit results, recording the shift results as y13 and y23, carrying out exclusive or on the shift results y13 and y23 and box transform output sbox _ output and ki to obtain ki +4, namely rki = ki +4= sbox_ _ output [. Y13 [. Y23 [. Ki ], carrying out 32 rounds of operation, simultaneously using 32 different CKi, CKi is a fixed parameter, and obtaining the decrypted rki after 32 rounds of operation.

45. The assistant performs round key inverse operation, and the operation steps are rk' i = rk31-i.

46. The helper calculates the plaintext after SM4 symmetric decryption by assigning ciphertexts x35, x34, x33, x32 to x '0, x1, x2, x3, and x '0, x1, x2, x3 and rk ' i in reverse order of x '4= x35 = T (x 34:. X33:. X32. Rk 31) = x31 = T (\ 8943) } T (= 8943) = T (= x 31) = x31, so that x ' i = x35-i, and the result obtained after the last 32 rounds of functions is the first author original (the first author original, for example, one million) decrypted by SM4, and the helper hooks the result, so far as to finish the SM4 symmetric decryption operation.

47. And the hook program writes the file plaintext after symmetric decryption into the memory of the application program. And the hook converts the plaintext and then returns to the reading flow of the original application program, so that the action of opening the file by the reader is completed.

The application scene one:

scenario for private protection of a file by a first author:

the security level of a working computer of a certain company is high, the copying and pasting functions are shielded, and at the moment, a public notebook computer exists, and a plurality of employees use the public notebook computer in turn. On a certain day, one of the employees makes new suggestions for the development of the company, but the timing is immature and inconvenient to disclose, so that the security is needed and only one person is allowed to read the information. The method can meet the requirements of the employee, and comprises the steps that the employee inserts the own USB-KEY into the notebook, clicks a storage button on the document before leaving work, the employee colludes the name of the own certificate in a page popped up by the hook, the hook generates an encrypted file to finish the storage action, and the employee returns home after dialing the USB-KEY. When the user wants to continuously write the document next day, the user inserts the USB-KEY and directly opens the document to continuously write the document.

Application scenario two:

the first author makes a limited sharing scenario for the file:

the method comprises the steps that the designer inserts own USB-KEY into a notebook computer, clicks a save button, and the designer picks the names of door manager certificates of several parts in a page popped up by a hook to generate an encrypted file to finish the save action. The designer copies the encrypted file to the several-site gate manager over the network. The department manager receives the encrypted file through the network and then prepares to read, and at the moment, each department manager inserts the own USB-KEY respectively and can read the file by directly opening the file. Others cannot read it.

Application scenario three:

the authorized readers can do a secondary sharing scene on the file:

continuing to implement the second example, wherein a department manager feels that the reconstruction scheme of a designer is very creative and wants to be shared by a backbone developer of the department for reference, but is inconvenient to be opened to all people, at the moment, the scene of the invention can meet the appeal of the department manager. Designers copy the new encrypted files over the network to the backbone developer. And the backbone developer starts reading after receiving the encrypted file through the network, inserts the USB-KEY of the backbone developer and can read the file by directly opening the file. And other unauthorized persons cannot read the information.

The invention is not limited to the above alternative embodiments, and any other various forms of products can be obtained by anyone in the light of the present invention, but any changes in shape or structure thereof, which fall within the scope of the present invention as defined in the claims, fall within the scope of the present invention.

Claims

1. A shared file transparent encryption system, characterized by: the system comprises a plurality of user terminals, a plurality of user USB-KEY, an encryption and decryption auxiliary module, a hook program and a certificate management platform;

the hook program is used for monitoring the execution action of the application program of the user terminal and suspending the application program when the application program executes the saving and/or reading action, so that the execution action of the hook program is processed preferentially; the executing action of the hook program comprises public KEY inquiry, certificate inquiry, public KEY asymmetric encryption, private KEY asymmetric decryption, symmetric encryption and symmetric decryption which are carried out through a user USB-KEY;

the storage auxiliary module is used for storing operating system functions;

2. The shared file transparent encryption system of claim 1, wherein: the user USB-KEY is a hardware U shield.

3. The shared file transparent encryption system of claim 1, wherein: the HOOK program is an API HOOK HOOK program.

4. A shared file transparent encryption method using the shared file transparent encryption system according to any one of claims 1 to 3, characterized in that: the method comprises the following steps:

s01, making a USB-KEY of a user;

s0312, the hook pops up the dialog box interface and shows the user 'S certificate list, through check box unit or multiple-choice, the first author checks N authorization user' S certificates on the list interface, N is greater than or equal to 1 positive integer; after the checking is finished, the hook acquires a corresponding user certificate from the certificate management platform, so that a corresponding user USB-KEY public KEY is acquired;

the user USB-KEY public KEY of each user certificate is transmitted into the asymmetric encryption interface, the symmetric KEY is also transmitted into the asymmetric encryption interface, after the user USB-KEY public KEY is taken out from the asymmetric encryption interface, SM2 asymmetric encryption is respectively carried out on the SM4 symmetric encryption and decryption KEY, and an SM2 asymmetric encryption ciphertext corresponding to each user USB-KEY is generated;

s033, SM2 asymmetric encryption ciphertext storage;

s04, decrypting the storage file by the user side;

s041, inserting a user USB-KEY into the user side;

s042, when an operating system of the user side receives a message of reading the storage file of the application program, the hook program suspends the application program, and searches an SM2 asymmetric encryption ciphertext corresponding to a user certificate of the current user USB-KEY in the additional information of the storage file through the encryption and decryption auxiliary module;

5. The method for transparently encrypting a shared file according to claim 4, wherein: the step S01 includes the following operations:

s011, a certificate management platform administrator receives user USB-KEY making information;

and S017, the user receives the user USB-KEY and checks whether the user USB-KEY is valid.

6. The method for transparently encrypting the shared file according to claim 4, wherein: the step S02 includes the following operations:

s022, after the creation of the original document is finished, clicking a storage button, and calling an operating system function of a storage auxiliary module of an operating system by an application program of a current user side;

s023, when the operating system of the current user receives the save message of the application program, the hook program hooks the save message first, i.e. suspends the application program, and the hook program preferentially processes the own save flow to generate a random SM4 symmetric encryption and decryption key for the original document.

7. The method for transparently encrypting the shared file according to claim 4, wherein: the step S032 includes the following operations:

s0325, the encryption and decryption auxiliary module calculates a variable t;

8. The method for transparently encrypting the shared file according to claim 4, wherein: the step S034 includes the following operations:

s0341, grouping the original documents;

the length of each group is 128 bits, and the length of the SM4 symmetric key is also 128 bits; splitting an original document into a plurality of groups with the length of 128 bits;

s0342, taking a first group of 128-bit data, and splitting the data into 4 data x0, x1, x2 and x3 of 32 bits according to bits;

s0343, performing iterative operation for 32 times;

when i =0, the first round of transformation is performed until i =31 is finished, xi +1, xi +2, xi +3 and the round key rki are subjected to exclusive or to obtain data of 32 bits, namely sbox _ input = xi +1 ^ xi +2 ^ xi +3 ^ rki, and ^ x represents exclusive or operation;

s0344, performing reverse order transformation;

s0345, calculating to obtain a ciphertext;

circularly left-shifting the sbox _ output obtained in the previous step by 2, 10, 18 and 24 bits respectively to obtain 4 results of 32 bits, recording the shift results as y2, y10 and y18, y24 is exclusive-or-ored with sbox _ output and xi output by box transformation to obtain xi +4, namely xi +4= sbox _output ^ y2 ^ y10 ^ y18 ^ y24 ^ xi, and xi +4 is obtained into a symmetrically encrypted ciphertext;

9. The method for transparently encrypting the shared file according to claim 4, wherein: the asymmetric decryption of step S043 includes the following operations:

10. The method for transparently encrypting the shared file according to claim 4, wherein: in step S044, SM4 symmetric decryption is performed on the ciphertext after the separation line in the stored document, where the SM4 symmetric decryption includes the following operation contents:

m2, the encryption and decryption auxiliary module calculates a cyclic key, and the initial keys K0, K1, K2, and K3 are respectively exclusive-ored with fixed parameters FK0, FK1, FK2, and FK3 to obtain keys K0, K1, K2, and K3 for the cyclic, that is, K0= K0 bolafk 0, K1= K1 bolafk 1, K2= K2 bolafk 2, and K3= K3 bolafk 3;

m4, the encryption and decryption auxiliary module calculates decrypted rki, the sbox _ output variable is circularly moved to the left by 13 and 23 bits respectively to obtain 2 32-bit shift results, the 2 shift results are recorded as y13, y23, the shift results y13 and y23 are subjected to exclusive OR with the box transformation output sbox _ output and ki to obtain ki +4, namely rki = ki +4= sbox _outputy 13 &23 &, 32 rounds of operation are executed, 32 different cki are used simultaneously, the cki is a fixed parameter, and the decrypted rki is obtained after the 32 rounds of execution are finished;

m6, the encryption and decryption auxiliary module calculates a plaintext after SM4 symmetric decryption, ciphertext x35, x34, x33 and x32 are assigned to x '0, x1, x2, x3, x '0, x1, x2, x3 and rk ' i are assigned to the inverse sequence x '4= x35 = T (x 34 ^ x33 ^ x32 ^ rk 31) = x31 = T (\\ 8943;) T (\\ 8943) = x31, and x ' i = x35-i is obtained;

and M7, the encryption and decryption auxiliary module calculates 32 rounds of functions to obtain the original document after SM4 symmetric decryption, and informs a hook program to finish SM4 symmetric decryption.