KR20170027442A - Portable system for extracting hash of digital file - Google Patents

Portable system for extracting hash of digital file Download PDF

Info

Publication number
KR20170027442A
KR20170027442A KR1020150124039A KR20150124039A KR20170027442A KR 20170027442 A KR20170027442 A KR 20170027442A KR 1020150124039 A KR1020150124039 A KR 1020150124039A KR 20150124039 A KR20150124039 A KR 20150124039A KR 20170027442 A KR20170027442 A KR 20170027442A
Authority
KR
South Korea
Prior art keywords
digital file
hash value
encrypted
file
identification information
Prior art date
Application number
KR1020150124039A
Other languages
Korean (ko)
Inventor
김승용
Original Assignee
주식회사 시큐웨어
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 주식회사 시큐웨어 filed Critical 주식회사 시큐웨어
Priority to KR1020150124039A priority Critical patent/KR20170027442A/en
Publication of KR20170027442A publication Critical patent/KR20170027442A/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database

Abstract

The present invention relates to a portable hash detection system for a digital file, which improves integrity of a scene evidence by ensuring identity when a digital file is collected as an evidence during investigation of a scene. The system includes: a file input unit configured to receive a digital file; a first storage unit configured to store the digital file input through the file input unit; a first identification information input unit configured to receive identification information for encryption; a first controller configured to extract a hash value of the digital file and create an encrypted digital file as the digital file is encrypted by using the identification information; and an encryption file output unit configured to receive input of the encrypted digital file and the hash value from the first controller and output the encrypted digital file and the hash value.

Description

[0001] Portable Hash Detection System for Digital File [0002]

The present invention relates to a portable hash detection system for a digital file, and more particularly, to a portable hash detection system for a digital file that improves the integrity of on-site evidence by ensuring consistency in collecting image files as evidence during on-the-spot investigation.

A scene photograph is a case in which a photograph taken at the time of a crime and after and after a crime is used as independent evidence, and a representative example of a scene photograph is a video file recorded on a bank CCTV (Closed Circuit TeleVision) There is a digital file such as.

On the other hand, the evidence refers to the data on which the facts are based, in order to guarantee the objectivity and rationality of the trial, and the evidence ability refers to the qualification that evidence can be used as evidence of guilt. Means the substantive value of the evidence for the evidence, including the strength of the evidence itself, indicating the likelihood that it is true, and the impromptu force, capable of confirming the fact that the evidence is true.

In the case of digital files such as video files, there is no provision on the testimony of the evidence in the Criminal Procedure Law. If evidence is submitted to the court, So that the user can view the accurate situation of the site.

However, if a digital file is collected in the form of arbitrary submission and submitted to the court as in the past, and there is a possibility of an artificial manipulation, and a copy other than the original of the digital file is submitted, It is difficult to prove the identity of such a copy.

SUMMARY OF THE INVENTION In order to solve the above problems, the present invention has been made to solve the above-mentioned problems, and it is an object of the present invention to provide a hash value generation apparatus, And to provide a portable hash detection system of a digital file which can guarantee the identity between the original and the copy and enhance the integrity of the on-site evidence.

According to an aspect of the present invention, there is provided an information processing apparatus comprising: a file input unit receiving a digital file; A first storage unit for storing the digital file inputted through the file input unit; A first identification information input unit for receiving identification information for encryption; A first controller for extracting a hash value of the digital file and generating an encrypted digital file by encrypting the digital file using the identification information; And an encrypted file output unit for receiving and outputting the encrypted digital file and the hash value from the first control unit.

Here, the first control unit generates an encrypted hash value by encrypting the hash value using the identification information, and the encrypted file output unit receives the encrypted hash value from the first control unit and outputs the encrypted hash value .

Further, the identification information may be a password.

Meanwhile, the identification information may be biometric information of the user.

According to another aspect of the present invention, there is provided an encryption apparatus comprising: an encrypted file input unit receiving an encrypted digital file and a hash value of the encrypted digital file; A second storage unit for storing the encrypted digital file and the hash value input through the encryption file input unit; A second identification information input unit for receiving identification information for decryption; Decrypts the encrypted digital file using the identification information, extracts a hash value of the decrypted digital file, determines whether the extracted hash value matches the hash value stored in the second storage unit, A second controller for generating integrity guarantee information according to the hash value and the stored hash value being identical; And a file output unit for receiving and outputting the decrypted digital file and the integrity guarantee information from the second control unit.

Here, the encrypted file input unit receives the encrypted hash value, and the second control unit decrypts the encrypted hash value using the identification information, and stores the decrypted hash value in the second storage unit have.

The identification information may be a password.

Meanwhile, the identification information may be biometric information of the user.

According to the present invention described above, when a digital file is collected as evidence during an on-the-spot investigation, a hash value is directly generated in the field, and the generated hash value is added to the encrypted digital file. And the integrity of the on-site evidence can be improved.

Further, by using various identification information for encrypting the digital file or the hash value, it is possible to simplify the evidence collection procedure because the evidence collector does not need to provide a device for generating the identification information while enhancing security.

FIG. 1 is a diagram showing a proof-of-charge part of a portable hash detection system of a digital file according to an embodiment of the present invention.
FIG. 2 is a diagram illustrating a proof analysis part of a portable hash detection system of a digital file according to an embodiment of the present invention.
3 is a diagram illustrating a portable hash detection system for a digital file according to an embodiment of the present invention.

Hereinafter, preferred embodiments of the present invention will be described with reference to the accompanying drawings. However, the embodiments of the present invention can be modified into various other forms, and the scope of the present invention is not limited to the embodiments described below. The shape and the size of the elements in the drawings may be exaggerated for clarity and the same elements are denoted by the same reference numerals in the drawings.

Meanwhile, the meaning of the terms described in the present application should be understood as follows.

The terms "first "," second ", and the like are used to distinguish one element from another and should not be limited by these terms. For example, the first component may be referred to as a second component, and similarly, the second component may also be referred to as a first component.

And throughout the specification, when a part is referred to as being "connected" to another part, it includes not only "directly connected" but also "electrically connected" with another part in between. Also, when a component is referred to as " comprising "or" comprising ", it does not exclude other components unless specifically stated to the contrary .

FIG. 1 is a block diagram illustrating a portable hash detection system of a digital file according to an exemplary embodiment of the present invention. Referring to FIG. 1, a portable hash detection system for a digital file according to the present invention includes: A file input unit 100, a first storage unit 200, a first identification information input unit 300, a first control unit 400, and an encrypted file output unit 500.

The file input unit 100 receives a digital file from the outside and outputs the input digital file to the first storage unit 400. In this case, the file input unit 100 includes interface means for connecting to a CCTV, a PC (Personal Computer), etc. Such an interface means may include a serial port, a parallel port, a USB (Universal Serial Bus) Although the portable hash detection system and the interface means capable of connecting the external device can be used, the USB port is preferable.

The first storage unit 200 receives a digital file from the file input unit 100 and stores the input digital file and stores the stored digital file under the control of the first control unit 400 to the first control unit 400 . Here, the first storage unit 200 may include all the memories that can be mounted on a portable device. For example, the first storage unit 200 may be a USB memory, a hard disk drive (HDD), a flash memory, .

On the other hand, the first identification information input unit 300 receives identification information for encryption from an evidence collector or the like, and outputs the input identification information to the first control unit 400. At this time, the first identification information input unit 300 can receive the identification information of the password type in the form of a keypad. In the case of a biometric information input device such as a camera for facial recognition, a fingerprint recognizer, Information may be received, but is not limited thereto.

The first control unit 400 reads a digital file stored in the first storage unit 200 and extracts a hash value of the read digital file and receives identification information from the first identification information input unit 300, The digital file may be encrypted using the input identification information, and the encrypted digital file may be output together with the hash value through the encrypted file output unit 500 or may be stored in the first storage unit 200. Meanwhile, the first control unit 400 can also encrypt the hash value using the identification information input from the first identification information input unit 300, and transmits the encrypted hash value along with the encrypted digital file to the encrypted file output unit ( 500 or may be stored in the first storage unit 200.

Here, the first control unit 400 has a hash function for generating a hash value. The hash function may be any function as long as it satisfies unidirectionality and collision avoidance, and the 128-bit cryptographic hash function Message-Digest algorithm 5 (MD5), Secure Hash Algorithm (SHA), or the like may be used. At this time, the first controller 400 has a function of generating a code for integrity verification by combining the size of the digital file with the hash value, in order to eliminate some possibility that the same hash value is generated for different digital files . Meanwhile, the first control unit 400 may add the extracted hash value to the header part or the information part of the digital file, but the present invention is not limited thereto.

The encryption method of the first control unit 400 may be any encryption method as long as the digital file can be encrypted using the identification information. In the encryption key using method, a key used for encryption It is preferable to use a symmetric encryption scheme having the same key used for decryption. On the other hand, the streaming encryption method can be classified into a streaming encryption method and a block encryption method in terms of the encryption rule among the encryption methods. The streaming encryption method uses a key stream having the same length as a plain text, . Here, a typical example of the streaming encryption method is to encrypt data with a pseudo-noise (PN) code. Meanwhile, the block cipher system can be divided into a permutation scheme and a substitution scheme. The substitution scheme is a method in which a bit position change method for changing the positions of bits in one data unit, There is a method of repositioning which is changed. In addition, the bit position changing method can be classified into a linear bit position changing method and a non-linear bit position changing method, which are methods of sequentially changing bit positions and encrypting them.

The encrypted file output unit 500 receives the encrypted digital file and the hash value from the first control unit 400 and outputs the digital file and the hash value to an external storage medium or the like through the first control unit 400, The hash value can be received and output to an external storage medium such as a micro SD (Secure Digital) card. At this time, when the hash value is included in the header portion of the digital file or the like, the encrypted file output unit 500 may output the encrypted digital file including the hash value to an external storage medium or the like.

FIG. 2 is a diagram illustrating an apparatus used in a proof analysis part of a portable hash detection system of a digital file according to an exemplary embodiment of the present invention, that is, an apparatus used in an analysis room for analyzing evidence. The system includes an encryption file input unit 600, a second storage unit 700, a second identification information input unit 800, a second control unit 900, and a file output unit 1000.

The encryption file input unit 600 receives the hash values of the encrypted digital file and the encrypted digital file and outputs the hashed values of the input encrypted digital file and the digital file to the second storage unit 700. At this time, the encryption file input unit 600 includes interface means for connecting to an external storage medium such as a memory card. Examples of such interface means include a portable hash detection system for digital files such as a USB port and a micro SD card slot, Any interface means for connecting the storage medium may be used, but it is preferably a micro SD card slot. Here, the encrypted file input unit 600 may receive the encrypted hash value instead of the hash value of the digital file. In this case, the encrypted file input unit 600 outputs the encrypted hash value to the second storage unit 700.

The second storage unit 700 receives a hash value of the encrypted digital file and the digital file from the encrypted file input unit 600 and stores a hash value of the input encrypted digital file and the digital file, And outputs a hash value of the encrypted digital file and the digital file being stored to the second controller 900 under the control of the controller 900. [

On the other hand, the second identification information input unit 800 receives identification information for decryption from the evidence collector requested by the evidence analysis room, and outputs the input identification information to the second control unit 900. At this time, the second identification information input unit 800 can receive the identification information of the password type when it is in the form of a keyboard of the PC. When the second identification information input unit 800 is a biometric information input device such as a facial recognition camera, But the form of the password is preferable considering that it is difficult to visit the evidence gathering room of the evidence collector.

Also, the second control unit 900 decrypts the encrypted digital file using the identification information received from the second identification information input unit 800, extracts the hash value of the decrypted digital file, Determines integrity of the hash value stored in the second storage unit (700), generates integrity guarantee information according to the coincidence between the extracted hash value and the stored hash value, and outputs the decrypted digital file and the integrity guarantee information to the file output unit (1000). At this time, when the second storage unit 700 stores the encrypted hash value, the second control unit 900 uses the identification information received from the second identification information input unit 800 to obtain the encrypted hash value And store the decrypted hash value in the second control unit 900. [

Here, the second control unit 900 has a hash function for generating a hash value corresponding to the first control unit 400, and the hash function is a function that uses a certain function as long as it satisfies unidirectionality and collision avoidability And 128-bit cryptographic hash functions MD5 and SHA can be used.

The decryption method corresponding to the first control unit 400 of the second control unit 900 may be any decryption method as long as it can decrypt the digital file using the identification information. However, in the encryption key using method, It is preferable to use the key for decrypting the same key as that used for encryption.

On the other hand, the file output unit 1000 receives and outputs the digital file decrypted from the second control unit 900 and the integrity guarantee information. When the second control unit 900 is mounted on the PC of the evidence analysis room, The digital file may be output in a format for reproducing a digital file through a display, thereby providing a recording record submitted to a court, or outputting a digital file and integrity guarantee information decoded on a storage medium submitted to a court.

FIG. 3 is a diagram illustrating a portable hash detection system for a digital file according to an embodiment of the present invention. Referring to FIGS. 1 to 3, an operation of a portable hash detection system for a digital file according to an embodiment of the present invention As follows.

First, a file input unit 100 is connected to a CCTV storing a digital file, which is proof of the non-statement of the event at the time of the field investigation.

Thereafter, the digital file is backed up to the first storage unit 100 through the file input unit 100, and the first control unit 400 calculates a hash value of the digital file backed up using a hash function such as MD5 .

Next, the first control unit 400 encrypts the digital file backed up by using the identification information and the encryption algorithm input through the first identification information input unit 300. [ At this time, the first control unit 400 can encrypt the hash value in addition to the digital file encryption.

Thereafter, the first control unit 400 outputs the encrypted digital file and the hash value, the encrypted digital file, and the encrypted hash value to the external micro SD card through the encrypted file output unit 500.

On the other hand, an encrypted digital file and the hash value, the encrypted digital file, and the encrypted hash value transferred to the evidence analysis room are connected to the encryption file input unit 600 by an external micro SD card or the like.

Thereafter, the encrypted digital file and the hash value or the encrypted digital file and the encrypted hash value are stored in the second storage unit 700, and the identification information and encryption algorithm input through the second identification information input unit 800 To decrypt the encrypted digital file. At this time, the second storage unit 700 can decode the digital file and also decode the hash value.

Next, the second control unit 700 calculates a hash value of the digital file decrypted using a hash function such as MD5.

Thereafter, the second control unit 700 checks whether the hash value of the decrypted digital file matches the decrypted hash value, and generates integrity guarantee information if the hash value of the decrypted digital file matches.

Next, the second control unit 700 outputs the decrypted digital file and the integrity guarantee information through the file output unit 1000. At this time, the file output unit 1000 generates a transcription Or may be a means for outputting a digital file or the like to an external storage medium such as a micro SD card slot.

While the present invention has been described in connection with what is presently considered to be practical exemplary embodiments, it is to be understood that the invention is not limited to the disclosed embodiments, but, on the contrary, It will be clear to those who have.

100: File input section
200: First storage unit
300: first identification information input section
400: first control section
500: Encrypted file output unit
600: encrypted file storage unit
700: second storage unit
800: Second identification information input part
900: second control section
1000: File output section

Claims (8)

A file input unit for receiving a digital file;
A first storage unit for storing the digital file inputted through the file input unit;
A first identification information input unit for receiving identification information for encryption;
A first controller for extracting a hash value of the digital file and generating an encrypted digital file by encrypting the digital file using the identification information; And
And an encrypted file output unit for receiving and outputting the encrypted digital file and the hash value from the first control unit. The method according to claim 1,
Wherein the first control unit generates an encrypted hash value by encrypting the hash value using the identification information,
Wherein the encrypted file output unit receives the encrypted hash value from the first control unit and outputs the encrypted hash value. The method according to claim 1,
Wherein the identification information is a password. The method according to claim 1,
Wherein the identification information is biometric information of a user. An encrypted file input unit receiving an encrypted digital file and a hash value of the encrypted digital file;
A second storage unit for storing the encrypted digital file and the hash value input through the encryption file input unit;
A second identification information input unit for receiving identification information for decryption;
Decrypts the encrypted digital file using the identification information, extracts a hash value of the decrypted digital file, determines whether the extracted hash value matches the hash value stored in the second storage unit, A second controller for generating integrity guarantee information according to the hash value and the stored hash value being identical; And
And a file output unit for receiving and outputting the decrypted digital file and the integrity guarantee information from the second control unit. The method of claim 5,
The encrypted file input unit receives the encrypted hash value,
Wherein the second control unit decrypts the encrypted hash value using the identification information and stores the decrypted hash value in the second storage unit. The method of claim 5,
Wherein the identification information is a password. The method of claim 5,
Wherein the identification information is biometric information of a user.
KR1020150124039A 2015-09-02 2015-09-02 Portable system for extracting hash of digital file KR20170027442A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020150124039A KR20170027442A (en) 2015-09-02 2015-09-02 Portable system for extracting hash of digital file

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020150124039A KR20170027442A (en) 2015-09-02 2015-09-02 Portable system for extracting hash of digital file

Publications (1)

Publication Number Publication Date
KR20170027442A true KR20170027442A (en) 2017-03-10

Family

ID=58411004

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020150124039A KR20170027442A (en) 2015-09-02 2015-09-02 Portable system for extracting hash of digital file

Country Status (1)

Country Link
KR (1) KR20170027442A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114884672A (en) * 2022-04-29 2022-08-09 华控清交信息科技(北京)有限公司 Data flow network system, data flow message transmission method and device

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114884672A (en) * 2022-04-29 2022-08-09 华控清交信息科技(北京)有限公司 Data flow network system, data flow message transmission method and device

Similar Documents

Publication Publication Date Title
JP4097773B2 (en) Digital image editing system
JP4602931B2 (en) How to ensure image set integrity
CN201181472Y (en) Hardware key device and movable memory system
CN110798315B (en) Data processing method and device based on block chain and terminal
US20160269178A1 (en) Privacy-Enhanced Biometrics-Secret Binding Scheme
KR101105205B1 (en) An apparatus and a method of processing data for guaranteeing data integrity and confidentiality in real time, and black box system using thereof
WO2018165811A1 (en) Method for saving and verifying biometric template, and biometric recognition apparatus and terminal
US9734346B2 (en) Device and method for providing security in remote digital forensic environment
CN104239820A (en) Secure storage device
US7840817B2 (en) Data processing apparatus and method
CN105337742B (en) LFSR file encryption and decryption method based on facial image feature and GPS information
WO2015196642A1 (en) Data encryption method, decryption method and device
US10783278B2 (en) Signature generation device, signature verification device, signature generation method, and signature verification method
KR101967855B1 (en) Method and system for verifying electronic document security using 2D barcode block division
CN101226507A (en) Security method and system as well as correlative pairing enciphering system thereof
KR101485968B1 (en) Method for accessing to encoded files
KR20170027442A (en) Portable system for extracting hash of digital file
Subhasri et al. Enhancing the security of dicom content using modified vigenere cipher
KR102236897B1 (en) Video data protection system and method
KR102083415B1 (en) Apparatus and method for decrypting encrypted files
GB2540138A (en) Method of exchanging digital content
JP5718757B2 (en) Image management apparatus, image management program, and image management method
CN104615944A (en) Method and device for encrypting and decrypting files
KR102101557B1 (en) Image authentication method and apparatus based on object detection
KR102311996B1 (en) Device and method for anti-forensic unlocking for media files

Legal Events

Date Code Title Description
A201 Request for examination
N231 Notification of change of applicant
E902 Notification of reason for refusal
AMND Amendment
E601 Decision to refuse application
AMND Amendment