CN116579000A - Security information protection method, electronic device and storage medium - Google Patents
Security information protection method, electronic device and storage medium Download PDFInfo
- Publication number
- CN116579000A CN116579000A CN202310362633.6A CN202310362633A CN116579000A CN 116579000 A CN116579000 A CN 116579000A CN 202310362633 A CN202310362633 A CN 202310362633A CN 116579000 A CN116579000 A CN 116579000A
- Authority
- CN
- China
- Prior art keywords
- information
- user
- input
- security information
- notification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 73
- 230000004044 response Effects 0.000 claims abstract description 45
- 230000006870 function Effects 0.000 claims description 27
- 230000008569 process Effects 0.000 abstract description 18
- 230000005540 biological transmission Effects 0.000 abstract description 9
- 238000012544 monitoring process Methods 0.000 abstract description 5
- 238000013528 artificial neural network Methods 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 5
- 238000012545 processing Methods 0.000 description 4
- 238000010586 diagram Methods 0.000 description 3
- 239000000470 constituent Substances 0.000 description 2
- 230000009466 transformation Effects 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- 238000013473 artificial intelligence Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
- 238000012549 training Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F7/00—Methods or arrangements for processing data by operating upon the order or content of the data handled
- G06F7/58—Random or pseudo-random number generators
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Computational Mathematics (AREA)
- Mathematical Analysis (AREA)
- Mathematical Optimization (AREA)
- Pure & Applied Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The application relates to a security information protection method, electronic equipment and a storage medium. The security information protection method comprises the following steps: responding to a safety information input request of a user in an application program, and generating an information protection instruction; intercepting safety information input by a user in response to an information protection instruction; encrypting the safety information to obtain encrypted information and storing the encrypted information; sending a user input notification to the application program so that the application program can acquire the encryption information in response to the user input notification and feed back a stop interception notification; stopping intercepting the security information input by the user in response to the stopping interception notification. According to the scheme provided by the application, the safety information input by the user can be protected in the process of inputting the safety information by the user, other monitoring programs are prevented from acquiring the safety information of the user, the plaintext transmission is prevented from being easily broken, and the information safety is improved.
Description
Technical Field
The present application relates to the field of security protection technologies, and in particular, to a security information protection method, an electronic device, and a storage medium.
Background
Domestic commercial cryptographic algorithms include algorithms such as SM2, SM3 and SM 4. Here, SM2 is an asymmetric encryption algorithm based on elliptic curve, SM3 is a data digest algorithm, and SM4 is a symmetric block encryption algorithm with 16 bytes as a packet. The information technology application innovation industry is applied to an information technology application innovation industry, wherein the information technology application innovation industry comprises an IT infrastructure, and the IT infrastructure can comprise a CPU chip, a server, a storage, a switch, a router, various clouds and related service contents; the system also comprises basic software, wherein the basic software comprises a database, an operating system and middleware; the system also comprises application software, wherein the application software can comprise OA, ERP, office software, government application and flow label software; information security products may also be included, which may include border security products, terminal security products, and the like. In the credit system, when a user logs in various websites, security information such as passwords is required to be input through an input box of a page, the security information is not protected in the input process, the security information can be acquired by other monitoring programs in the system in the user input process, and the security information is easy to crack due to the fact that the password plaintext is used for transmission in storage and transmission.
In view of the foregoing, there is a need for providing a method for protecting security information input by a user during the process of inputting the security information by the user, so as to improve the security of the information.
Disclosure of Invention
In order to overcome the problems in the related art, the application provides a safety information protection method, electronic equipment and a storage medium.
The first aspect of the present application provides a method for protecting security information, including:
responding to a safety information input request of a user in an application program, and generating an information protection instruction; intercepting safety information input by a user in response to an information protection instruction; encrypting the safety information to obtain encrypted information and storing the encrypted information; sending a user input notification to the application program so that the application program can acquire the encryption information in response to the user input notification and feed back a stop interception notification; stopping intercepting the security information input by the user in response to the stopping interception notification.
In one embodiment, encrypting the security information includes: receiving a first random number sent by an application program in response to a security information input request; generating a second random number; encrypting the security information based on the first random number and the second random number to obtain first encrypted data; encrypting the second random number based on a preset public key to obtain second encrypted data; encryption information is formed based on the first encryption data and the second encryption data.
In one embodiment, encrypting the security information based on the first random number and the second random number includes: taking the first random number as an initial vector; taking the second random number as a symmetric key; based on the initial vector and the symmetric key, SM4 encryption is performed on the security information with 16 bytes as an encryption unit block length by CBC mode and pkcs#7 mode.
In one embodiment, the preset public key is an SM2 public key, and encrypting the second random number based on the preset public key includes: the second random number is SM2 encrypted with the SM2 public key.
In one embodiment, generating the information protection instruction in response to a user's security information input request in the application program includes: receiving a security information input request sent by an application program through a loading focus interface; an information protection instruction is generated in response to the security information input request.
In one embodiment, intercepting security information entered by a user in response to an information protection instruction comprises: and responding to the information protection instruction, and calling an input interception interface to intercept the safety information input by the user.
In one embodiment, sending a user input notification to an application program, enabling the application program to obtain encrypted information in response to the user input notification, and feeding back a stop interception notification includes: and sending a user input notification to the application program through the JS callback function, so that the application program can call the attribute acquisition interface and the user random number acquisition interface to acquire encryption information in response to the user input notification, and feed back the interception stopping notification by calling the focus discarding interface.
In one embodiment, stopping interception of user-entered security information in response to a stop interception notification includes: and calling the interception discarding interface to stop intercepting the safety information input by the user in response to the interception stopping notification.
A second aspect of the present application provides an electronic device, comprising:
a processor; and a memory having executable code stored thereon that, when executed by the processor, causes the processor to perform the method as described above.
A third aspect of the application provides a non-transitory machine-readable storage medium having stored thereon executable code which, when executed by a processor of an electronic device, causes the processor to perform the method as described above.
The technical scheme provided by the application can comprise the following beneficial effects:
the application provides a safety information protection method, electronic equipment and a storage medium. And further, responding to the information protection instruction, intercepting the safety information input by the user, encrypting the safety information, obtaining the encrypted information and storing the encrypted information. And further transmitting a user input notification to the application program so that the application program can acquire the encrypted information in response to the user input notification and feed back a stop interception notification, and stop intercepting the security information input by the user in response to the stop interception notification. Therefore, the safety information input by the user can be protected in the process of inputting the safety information by the user, other monitoring programs are prevented from acquiring the safety information of the user, plaintext transmission is prevented from being easily broken, and the information safety is improved.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the application as claimed.
Drawings
The above, as well as additional purposes, features, and advantages of exemplary embodiments of the present application will become readily apparent from the following detailed description when read in conjunction with the accompanying drawings. In the drawings, several embodiments of the application are illustrated by way of example and not by way of limitation, and like or corresponding reference numerals refer to like or corresponding parts.
FIG. 1 is a flow chart of a security information protection method according to an embodiment of the present application;
FIG. 2 is a second flow chart of a security information protection method according to an embodiment of the application;
FIG. 3 is a third flow chart of a security information protection method according to an embodiment of the application;
fig. 4 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
Embodiments will now be described with reference to the accompanying drawings. It will be appreciated that for simplicity and clarity of illustration, where considered appropriate, reference numerals have been repeated among the figures to indicate corresponding or analogous elements. Furthermore, the application has been set forth in numerous specific details in order to provide a thorough understanding of the embodiments described herein. However, it will be understood by those of ordinary skill in the art that the embodiments described herein may be practiced without these specific details. In other instances, well-known methods, procedures, and components have not been described in detail so as not to obscure the embodiments described herein. Moreover, this description should not be taken as limiting the scope of the embodiments described herein.
In the credit system, when a user logs in various websites, security information such as passwords is required to be input through an input box of a page, the security information is not protected in the input process, the security information can be acquired by other monitoring programs in the system in the user input process, and the security information is easy to crack due to the fact that the password plaintext is used for transmission in storage and transmission. In view of the foregoing, there is a need for providing a method for protecting security information input by a user during the process of inputting the security information by the user, so as to improve the security of the information.
In view of the above problems, an embodiment of the present application provides a method for protecting security information, which can protect security information input by a user in the process of inputting the security information by the user, thereby improving information security.
The following describes the technical scheme of the embodiment of the present application in detail with reference to the accompanying drawings.
Fig. 1 is one of flow diagrams of a security information protection method according to an embodiment of the present application, referring to fig. 1, the security information protection method according to an embodiment of the present application may include:
in step 101, an information protection instruction is generated in response to a user's security information input request in an application. The application program may be a browser, and in practical application, the application program may be other application programs, and the application is not limited in this respect. Generally, in a credit system, when a user logs in various websites or performs password verification, the user can input security information for login or password verification through an input device such as a keyboard, and a driver will convert an input signal of the input device such as the keyboard into recognizable characters and send the recognizable characters to an application input box where the current focus is located in a system message manner. Where the focus may be understood as the object currently in operation.
In the embodiment of the application, the security information input request of the user in the application program can be regarded as a process of acquiring the focus by the application program input box, which indicates that the application program input box is an object currently operated by the user, and the user is about to input the security information in the application program input box, so that the security information input by the user needs to be protected, and an information protection instruction is generated. It will be appreciated that, by way of example, the application input box may be made to acquire focus by clicking the left key in the application input box by the user using the mouse, and in practical applications, the manner in which the application input box acquires focus may be varied, and the application is not limited in this respect, depending on the actual application.
In step 102, security information entered by a user is intercepted in response to an information protection instruction. In the embodiment of the application, the aim of intercepting the safety information input by the user can be achieved by prohibiting other application programs from acquiring the key information corresponding to the input safety information, wherein the key information can be regarded as the data input by the input equipment. It can be understood that, when the user inputs the security information, the user generally inputs the security information through an input device such as a keyboard, and if the user can acquire the data input by the input device, the user can acquire the security information input by the user. Therefore, the purpose of intercepting the security information input by the user can be achieved by prohibiting other application programs from acquiring the data input by the input device and only allowing a module or processor running the security information protection method to acquire the data input by the input device.
In step 103, the security information is encrypted to obtain encrypted information and the encrypted information is stored. After receiving the security information input by the user, encrypting the security information to obtain encrypted information, and storing the encrypted information in an internal memory.
In step 104, a user input notification is sent to the application program so that the application program can acquire the encrypted information in response to the user input notification and feed back the stop interception notification. In the embodiment of the application, the module or the processor running the safety information protection method intercepts the safety information input by the user, so that the application program cannot sense the input operation of the user, and therefore, the application program can only send the user input notification to the application program through the module or the processor running the safety information protection method, so that the application program knows that the user performs the input operation, and the application program is convenient to perform corresponding processing.
The application program knows that the input operation is performed by the user, the input box of the application program can lose focus, and the fact that the input box of the application program can lose focus can be regarded that the input box of the application program is no longer an object in which the user is currently operating, and the fact that the user has input safety information is achieved. Therefore, the interception stopping notification can be fed back to the module or the processor running the safety information protection method, and the module or the processor used for notifying the module or the processor running the safety information protection method to stop intercepting the data input by the input equipment. Meanwhile, the application can acquire the encrypted information from a module or processor running the security information protection method in response to the user input notification. The application program can further decrypt the encrypted information through a preset public key, so that a secure information plaintext is obtained.
In step 105, interception of the security information input by the user is stopped in response to the interception stop notification. And discarding interception of the key information in response to the interception stopping notification, so that interception of the safety information input by the user is stopped, and normal message transmission is resumed.
An information protection instruction is generated by responding to a security information input request of a user in an application program. And further, responding to the information protection instruction, intercepting the safety information input by the user, encrypting the safety information, obtaining the encrypted information and storing the encrypted information. And further transmitting a user input notification to the application program so that the application program can acquire the encrypted information in response to the user input notification and feed back a stop interception notification, and stop intercepting the security information input by the user in response to the stop interception notification. Therefore, the safety information input by the user can be protected in the process of inputting the safety information by the user, other monitoring programs are prevented from acquiring the safety information of the user, plaintext transmission is prevented from being easily broken, and the information safety is improved.
In some embodiments, the security information may be encrypted by a cryptographic algorithm. Fig. 2 is a second flowchart of a security information protection method according to an embodiment of the present application, referring to fig. 2, the security information protection method according to the embodiment of the present application may include:
in step 201, a first random number sent by an application in response to a security information input request is received. In the embodiment of the application, the application program can load the module running the security information protection method or can connect the processors running the security information protection method, and the application is not limited in this respect. After loading or connection is completed, the application program can be initialized, and a random number can be set as a first random number through a server random parameter of the application program, namely a ServerRamdom parameter, during initialization, and the first random number can be a 16-byte random number. The application program transmits the first random number to a module or processor running the security information protection method in response to the security information input request.
In step 202, a second random number is generated. The module or processor running the secure information protection method randomly generates a random number as a second random number, which may be a 16 byte random number.
In step 203, the security information is encrypted based on the first random number and the second random number, resulting in first encrypted data. Specifically, the first random number may be first taken as an initial vector. The initial vector (IV, initialization Vector) is used to combine the key with the key to form a key seed as input to the RC4 algorithm to produce an encrypted byte stream to encrypt the data.
Then, the second random number is used as a symmetric key. Symmetric key generally refers to a key used for symmetric key encryption, which is also known as private key encryption or shared key encryption, i.e., both sides transmitting and receiving data must use the same key to encrypt and decrypt plaintext.
Next, based on the initial vector and the symmetric key, the security information is SM4 encrypted with 16 bytes as an encryption unit block length by CBC mode and pkcs#7 mode.
The CBC (Cipher Block Chaining) mode is a ciphertext block chaining mode adopted by SM4 encryption, in the CBC mode, the current plaintext block and the ciphertext block generated before are subjected to XOR operation, and then encryption can be performed through pseudo-random permutation to form the ciphertext block corresponding to the current plaintext block. The initial vector may be used as an initial ciphertext block, so that the first plaintext block and the initial vector may be subjected to an XOR operation, and then encrypted by pseudo-random permutation to obtain a ciphertext block corresponding to the first plaintext block.
The pkcs#7 mode is a data filling rule, that is, a key filling mode when the key length is insufficient, and redundant filling is performed on data by using ASCII codes represented by values of the required filling length, so as to improve the security of ciphertext.
The SM4 described above is a block cipher algorithm with a packet length of 128 bits (i.e., 16 bytes, 4 words) and a key length of 128 bits (i.e., 16 bytes, 4 words). The encryption and decryption process adopts a 32-round iteration mechanism, and each round needs a round key. The encryption process is divided into two steps, consisting of 32 rounds of iteration and 1 inverse transformation. The decryption process of SM4 is identical to the encryption process and also includes 32 iterations and one reverse order transformation. Only at the time of round iteration, the round keys need to be used in reverse order.
In step 204, the second random number is encrypted based on the preset public key, resulting in second encrypted data. In the embodiment of the present application, the preset public key may be an SM2 public key, and SM2 encryption may be performed on the second random number by using the SM2 public key. SM2 is an elliptic curve public key cryptographic algorithm issued by the national cryptographic administration, which is an asymmetrically encrypted, elliptic encryption algorithm-based algorithm. The SM2 public key is 64 bytes and the SM2 private key is 32 bytes.
In step 205, encryption information is formed based on the first encryption data and the second encryption data. In the embodiment of the present application, the encryption information may be composed of the first encryption data and the second encryption data.
In some embodiments, various information interactions such as requests and notifications in the embodiments of the present application may be implemented through interface requests. Fig. 3 is a third flow chart of a security information protection method according to an embodiment of the present application, referring to fig. 3, the security information protection method according to the embodiment of the present application may include:
in step 301, a security information input request sent by an application program through a load focus interface is received, and an information protection instruction is generated in response to the security information input request. In the embodiment of the application, the loading focus interface may be illustratively a SetOnFocus interface, and the application program notifies a module or a processor running the security information protection method by calling the SetOnFocus interface in the process of acquiring the focus by the application program input box. And receiving the security information input request at a module or a processor running the security information protection method, and generating an information protection instruction in response to the security information input request.
In step 302, an input interception interface is invoked to intercept security information entered by a user in response to an information protection instruction. In the embodiment of the application, the input device can be a keyboard, and the input interception interface can be an XGrabKeyboard interface, through which data input by the keyboard can be positioned at a module or a processor running a security information protection method, so that the purpose of intercepting security information input by a user is achieved.
In step 303, the security information is encrypted, and the encrypted information is obtained and stored. In the embodiment of the present application, the content of step 303 is consistent with the content of step 103 or with the encryption process of steps 201 to 205, and will not be described in detail herein.
In step 303, a user input notification is sent to the application program through the JS callback function, so that the application program can call the attribute acquisition interface and the user random number acquisition interface to acquire the encrypted information in response to the user input notification, and feed back the interception stopping notification by calling the focus discarding interface.
In the embodiment of the application, the user input notification can be sent to the application program through the JS callback function for notifying the application program that the user performs the input operation, wherein the JS callback function refers to a callback function in Javascript. In Javascript, the function is an object of the first type, which means that the function can be used as if it were managed in the first type. Since a function is actually an object, the function can be "stored" in a variable, passed as a function parameter, created in the function, and returned from the function. Further, a callback function, also called a higher-order function, is a function that is passed as a function parameter to another function in which the callback function is called. The callback function is essentially a programming mode, and thus, the use of a callback function is also called callback mode.
In addition, in the embodiment of the present application, the attribute obtaining interface may be illustratively a GetValue interface, the user random number obtaining interface may be illustratively a getclientintdivision interface, and the application may obtain the encrypted information by calling the GetValue interface and the getclientintdivision interface of the module or the processor running the security information protection method.
In the embodiment of the application, the call focus discarding interface may be a SetKillFocus interface, and the module or the processor running the security information protection method is notified to stop intercepting the data input by the input device by calling the SetKillFocus interface.
After the application program obtains the encrypted information, the encrypted information can be decrypted through the SM2 public key, so that a secure information plaintext is obtained.
In step 304, the intercept discard interface is invoked in response to the intercept notification to stop intercepting the user-entered security information. In the embodiment of the application, the interception discarding interface may be an XUngrabKeyboard interface, and interception of key information is discarded by calling the XUngrabKeyboard interface, so that interception of safety information input by a user is stopped, and normal message transmission is restored.
Corresponding to the embodiment of the application function implementation method, the application also provides electronic equipment for executing the safety information protection method and corresponding embodiments.
Fig. 4 shows a block diagram of a hardware configuration of an electronic device 400 in which the security information protection method of an embodiment of the present application can be implemented. As shown in fig. 4, electronic device 400 may include a processor 410 and a memory 420. In the electronic apparatus 400 of fig. 4, only constituent elements related to the present embodiment are shown. Thus, it will be apparent to those of ordinary skill in the art that: electronic device 400 may also include common constituent elements that are different from those shown in fig. 4. Such as: a fixed point arithmetic unit.
Electronic device 400 may correspond to a computing device having various processing functions, such as functions for generating a neural network, training or learning a neural network, quantifying a floating point type neural network as a fixed point type neural network, or retraining a neural network. For example, the electronic device 400 may be implemented as various types of devices, such as a Personal Computer (PC), a server device, a mobile device, and so forth.
The processor 410 controls all functions of the electronic device 400. For example, the processor 410 controls all functions of the electronic device 400 by executing programs stored in the memory 420 on the electronic device 400. The processor 410 may be implemented by a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), an Application Processor (AP), an artificial intelligence processor chip (IPU), etc. provided in the electronic device 400. However, the present application is not limited thereto.
In some embodiments, processor 410 may include an input/output (I/O) unit 411 and a computing unit 412. The I/O unit 411 may be used to receive various data such as a user's security information input request in an application. For example, the computing unit 412 may be configured to generate an information protection instruction in response to a security information input request of a user in an application program received via the I/O unit 411, and further intercept security information input by the user in response to the information protection instruction; encrypting the safety information to obtain encrypted information and storing the encrypted information; and then sending a user input notification to the application program, so that the application program can acquire the encrypted information in response to the user input notification, feed back a stop interception notification, and stop intercepting the security information input by the user in response to the stop interception notification. This encrypted information may be output by the I/O unit 411, for example. The output data may be provided to memory 420 for reading by other devices (not shown) or may be provided directly to an application program.
The memory 420 is hardware for storing various data processed in the electronic device 400. For example, the memory 420 may store processed data and data to be processed in the electronic device 400. Memory 420 may store data that is involved in the security information protection method process that has been or is to be processed by processor 410. Further, the memory 420 may store applications, drivers, etc. to be driven by the electronic device 400. For example: the memory 420 may store various programs related to the security information protection method to be performed by the processor 410. The memory 420 may be a DRAM, but the present application is not limited thereto. The memory 420 may include at least one of volatile memory or nonvolatile memory. The nonvolatile memory may include Read Only Memory (ROM), programmable ROM (PROM), electrically Programmable ROM (EPROM), electrically Erasable Programmable ROM (EEPROM), flash memory, phase change RAM (PRAM), magnetic RAM (MRAM), resistive RAM (RRAM), ferroelectric RAM (FRAM), and the like. Volatile memory can include Dynamic RAM (DRAM), static RAM (SRAM), synchronous DRAM (SDRAM), PRAM, MRAM, RRAM, ferroelectric RAM (FeRAM), and the like. In an embodiment, the memory 420 may include at least one of a Hard Disk Drive (HDD), a Solid State Drive (SSD), a high density flash memory (CF), a Secure Digital (SD) card, a Micro-secure digital (Micro-SD) card, a Mini-secure digital (Mini-SD) card, an extreme digital (xD) card, a cache (caches), or a memory stick.
In summary, specific functions implemented by the memory 420 and the processor 410 of the electronic device 400 provided in the embodiments of the present disclosure may be explained in comparison with the foregoing embodiments in the present disclosure, and may achieve the technical effects of the foregoing embodiments, which will not be repeated herein.
In this embodiment, the processor 410 may be implemented in any suitable manner. For example, the processor 410 may take the form of, for example, a microprocessor or processor, and a computer-readable medium storing computer-readable program code (e.g., software or firmware) executable by the (micro) processor, logic gates, switches, an application specific integrated circuit (Application Specific Integrated Circuit, ASIC), a programmable logic controller, and an embedded microcontroller, among others.
It should be understood that the possible terms "first" or "second" and the like in the claims, specification and drawings of the present disclosure are used for distinguishing between different objects and not for describing a particular sequential order. The terms "comprises" and "comprising" when used in the specification and claims of the present disclosure are taken to specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
It is also to be understood that the terminology used in the description of the application herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in the specification and claims of the present disclosure, the singular forms "a", "an" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should be further understood that the term "and/or" as used in the present disclosure and claims refers to any and all possible combinations of one or more of the associated listed items, and includes such combinations.
It should also be appreciated that any of the modules, units, components, servers, computers, terminals, or devices illustrated herein that execute instructions may include or otherwise access a computer readable medium, such as a storage medium, computer storage medium, or data storage device (removable) and/or non-removable) such as a magnetic disk, optical disk, or magnetic tape. Computer storage media may include volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data.
Although the embodiments of the present application are described above, the descriptions are merely examples for facilitating understanding of the present application, and are not intended to limit the scope and application of the present application. Any person skilled in the art can make any modification and variation in form and detail without departing from the spirit and scope of the present disclosure, but the scope of the present disclosure is defined by the appended claims.
Claims (10)
1. A method for protecting security information, comprising:
responding to a safety information input request of a user in an application program, and generating an information protection instruction;
intercepting the safety information input by the user in response to the information protection instruction;
encrypting the safety information to obtain encrypted information and storing the encrypted information;
sending a user input notification to the application program, so that the application program can respond to the user input notification to acquire the encrypted information and feed back a stop interception notification;
stopping intercepting the security information input by the user in response to the stopping interception notification.
2. The method of claim 1, wherein encrypting the security information comprises:
receiving a first random number sent by the application program in response to the security information input request;
generating a second random number;
encrypting the security information based on the first random number and the second random number to obtain first encrypted data;
encrypting the second random number based on a preset public key to obtain second encrypted data;
the encryption information is formed based on the first encryption data and the second encryption data.
3. The secure information protection method of claim 2, wherein the encrypting the secure information based on the first random number and the second random number comprises:
taking the first random number as an initial vector;
taking the second random number as a symmetric key;
based on the initial vector and the symmetric key, SM4 encryption is performed on the security information with 16 bytes as an encryption unit block length by CBC mode and pkcs#7 mode.
4. The method according to claim 2, wherein the preset public key is an SM2 public key, and the encrypting the second random number based on the preset public key includes:
and carrying out SM2 encryption on the second random number through the SM2 public key.
5. The method according to claim 1, wherein generating the information protection instruction in response to the security information input request of the user in the application program comprises:
receiving a security information input request sent by the application program through a loading focus interface;
and generating the information protection instruction in response to the security information input request.
6. The method according to claim 1, wherein intercepting the security information input by the user in response to the information protection instruction comprises:
and responding to the information protection instruction, and calling an input interception interface to intercept the safety information input by the user.
7. The secure information protection method of claim 1, wherein the sending a user input notification to the application program, enabling the application program to obtain the encrypted information in response to the user input notification, and feeding back a stop interception notification comprises:
and sending a user input notification to the application program through a JS callback function, so that the application program can call an attribute acquisition interface and a user random number acquisition interface to acquire the encryption information in response to the user input notification, and feed back a stop interception notification through a call focus discarding interface.
8. The security information protection method according to claim 1, wherein stopping interception of the user-input security information in response to the stop interception notification includes:
and calling an interception discarding interface to stop intercepting the safety information input by the user in response to the interception stopping notification.
9. An electronic device, comprising:
a processor; and
a memory having executable code stored thereon, which when executed by the processor, causes the processor to perform the method of any of claims 1-8.
10. A non-transitory machine-readable storage medium having stored thereon executable code, which when executed by a processor of an electronic device, causes the processor to perform the method of any of claims 1-8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310362633.6A CN116579000A (en) | 2023-04-06 | 2023-04-06 | Security information protection method, electronic device and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310362633.6A CN116579000A (en) | 2023-04-06 | 2023-04-06 | Security information protection method, electronic device and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116579000A true CN116579000A (en) | 2023-08-11 |
Family
ID=87533015
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310362633.6A Pending CN116579000A (en) | 2023-04-06 | 2023-04-06 | Security information protection method, electronic device and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116579000A (en) |
-
2023
- 2023-04-06 CN CN202310362633.6A patent/CN116579000A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Bhardwaj et al. | Security algorithms for cloud computing | |
| US10979221B2 (en) | Generation of keys of variable length from cryptographic tables | |
| CN109347627B (en) | Data encryption and decryption method and device, computer equipment and storage medium | |
| US10341094B2 (en) | Multiple encrypting method and system for encrypting a file and/or a protocol | |
| CN112202754B (en) | Data encryption method and device, electronic equipment and storage medium | |
| CN104303453B (en) | Encryption device, decryption device, encryption method, decryption method | |
| CN111448779A (en) | System, device and method for hybrid secret sharing | |
| CN105760764A (en) | Encryption and decryption methods and devices for embedded storage device file and terminal | |
| CN101582109A (en) | Data encryption method and device, data decryption method and device and solid state disk | |
| US20150256343A1 (en) | Securely Generating and Storing Passwords in a Computer System | |
| Abdul Hussien et al. | [Retracted] A Secure Environment Using a New Lightweight AES Encryption Algorithm for E‐Commerce Websites | |
| CN112865957A (en) | Data encryption transmission method and device, computer target equipment and storage medium | |
| CN111966328A (en) | Random number generator using multiple entropy sources and method for generating random numbers | |
| US10432596B2 (en) | Systems and methods for cryptography having asymmetric to symmetric key agreement | |
| CN116866029B (en) | Random number encryption data transmission method, device, computer equipment and storage medium | |
| Mohanraj et al. | Hybrid encryption algorithm for big data security in the Hadoop distributed file system | |
| CN115828290A (en) | Encryption and decryption method and device based on distributed object storage | |
| CN116579000A (en) | Security information protection method, electronic device and storage medium | |
| Xie et al. | Assured Deletion: A Scheme Based on Strong Nonseparability | |
| CN115277078A (en) | Method, apparatus, device and medium for processing gene data | |
| CN115022057A (en) | Security authentication method, device and equipment and storage medium | |
| CN113922944A (en) | Quantum homomorphism encryption and decryption method based on multi-value single quantum state | |
| Rao et al. | A novel approach for identification of hadoop cloud temporal patterns using map reduce | |
| CN114430549A (en) | White box encryption and decryption method and device suitable for wireless communication | |
| CN118018204B (en) | Elliptic curve-based message processing system and message processing method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |