TWI706277B - Data backup method, computer device and computer readable recording medium - Google Patents
Data backup method, computer device and computer readable recording medium Download PDFInfo
- Publication number
- TWI706277B TWI706277B TW108104237A TW108104237A TWI706277B TW I706277 B TWI706277 B TW I706277B TW 108104237 A TW108104237 A TW 108104237A TW 108104237 A TW108104237 A TW 108104237A TW I706277 B TWI706277 B TW I706277B
- Authority
- TW
- Taiwan
- Prior art keywords
- data
- key
- computer device
- user
- encrypted
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
- H04L9/0897—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage involving additional devices, e.g. trusted platform module [TPM], smartcard or USB
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0822—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3239—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
- H04L9/3249—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using RSA or related signature schemes, e.g. Rabin scheme
Abstract
一種資料備份方法,由一電腦裝置執行,該電腦裝置的一第一加密模組以一加密金鑰將一使用者的一秘密資料加密成一第一加密後資料以供備份保存,且該電腦裝置的一秘密分享模組以一秘密分享演算法將該加密金鑰拆解成m(m≧2)個金鑰片段,並設定能組合出該加密金鑰的金鑰片段數量的一門檻值n(1<n<=m),該電腦裝置取得m個信任人的公鑰,並且該電腦裝置的一第二加密模組將每一個金鑰片段與該使用者的一身份認證資料組成一待加密資料後,以該m個公鑰一對一地分別對該m個待加密資料加密,而產生m個第二加密後資料以供備份保存。 A data backup method is executed by a computer device. A first encryption module of the computer device uses an encryption key to encrypt a user's secret data into a first encrypted data for backup storage. The computer device A secret sharing module of, uses a secret sharing algorithm to disassemble the encryption key into m(m≧2) key fragments, and sets a threshold value n for the number of key fragments that can combine the encryption key (1<n<=m), the computer device obtains the public keys of m trustees, and a second encryption module of the computer device composes each key fragment and an identity authentication data of the user into a standby After the data is encrypted, the m data to be encrypted are respectively encrypted one to one by the m public keys, and m second encrypted data are generated for backup storage.
Description
本發明是有關於資料安全保存的方法,特別是指一種應用秘密分享(secret sharing)技術的資料備份方法。 The present invention relates to a method for safe preservation of data, in particular to a data backup method using secret sharing technology.
一般人為了保護私密資料,最常採用的做法就是以一密碼對該私密資料加密,並自行保管該密碼。而保管密碼的方式大概有自行記憶密碼內容、將密碼寫在紙上或儲存在一儲存裝置中,或者以自己的生物特徵(例如指紋、虹膜)做為密碼等。然上述保管密碼的方法雖然安全,但自行記憶密碼可能會因為太久未使用密碼或密碼內容過於複雜而遺忘,將密碼寫在紙上或存在儲存裝置中可能會因遭竊或遺失而不見;生物特徵也可能因為年紀增長、發生意外而改變或者被偽造,導致該密碼還需要被另外保護,而造成資料備份上的無限循環及不可靠性。 In order to protect private data, the most common method adopted by ordinary people is to encrypt the private data with a password and keep the password by themselves. The way to keep the password may include memorizing the content of the password by yourself, writing the password on paper or storing it in a storage device, or using your own biological characteristics (such as fingerprints, iris) as the password, etc. Although the above method of keeping the password is safe, memorizing the password may be forgotten because the password has not been used for a long time or the password content is too complicated. If the password is written on paper or stored in a storage device, it may be stolen or lost. It may also be changed or forged due to age, accidents, and the password needs to be additionally protected, which results in infinite loops and unreliability in data backup.
因此,習知另一種做法是將該密碼拆分成多個片段分別交給多個信賴者保管(托管),因此,若要得到該密碼,必須從該些信賴者處收集到全部的片段才能組合出該密碼。此直接將密碼托管給多個信賴者的做法雖可解決上述自行保管密碼的不可靠問題, 但卻無法避免該些信賴者私下互相串通組合出該密碼的可能性,而缺乏足夠的安全性。 Therefore, another conventional method is to split the password into multiple fragments and submit them to multiple relying parties for safekeeping (custodial). Therefore, to obtain the password, all the fragments must be collected from these relying parties. Combine the password. Although this method of directly trusting the password to multiple trusted parties can solve the above-mentioned unreliable problem of self-keeping passwords, However, it is impossible to avoid the possibility that these trustees will collude to form the password in private, and lack sufficient security.
因此,本發明之目的,即在提供一種兼具安全性及可靠性的資料備份方法,以及實現該方法的一種電腦裝置和一種電腦可讀取的記錄媒體。 Therefore, the purpose of the present invention is to provide a data backup method with both safety and reliability, as well as a computer device and a computer-readable recording medium for implementing the method.
於是,本發明資料備份方法,由一第一電腦裝置執行,該方法包括:該第一電腦裝置的一第一加密模組以一加密金鑰將一使用者的一秘密資料加密成一第一加密後資料以供備份保存;該第一電腦裝置的一秘密分享模組以一秘密分享演算法將該加密金鑰拆解成m(m≧2)個金鑰片段,並設定能組合出該加密金鑰的金鑰片段數量的一門檻值n(1<n<=m);及該第一電腦裝置取得m個信任人的公鑰,且該第一電腦裝置的一第二加密模組將每一個金鑰片段與該使用者的一身份認證資料組成一待加密資料,並以該m個信任人的公鑰一對一地分別對該m個待加密資料加密,而產生m個第二加密後資料以供備份保存。 Therefore, the data backup method of the present invention is executed by a first computer device. The method includes: a first encryption module of the first computer device encrypts a user's secret data into a first encryption with an encryption key The latter data is saved for backup; a secret sharing module of the first computer device uses a secret sharing algorithm to disassemble the encryption key into m(m≧2) key fragments, and set the encryption to be combined A threshold value n (1<n<=m) for the number of key fragments of the key; and the first computer device obtains the public keys of m trustees, and a second encryption module of the first computer device Each key fragment and an identity authentication data of the user form a data to be encrypted, and the m data to be encrypted are encrypted one-to-one with the public keys of the m trustees to generate m second The encrypted data can be saved for backup.
在本發明的一些實施態樣中,在步驟(C)中,各該待加密資料還包含一身份確認指令,該身份確認指令指示各該信任人以其中要求的方式確認該使用者的身份。 In some embodiments of the present invention, in step (C), each of the data to be encrypted further includes an identity confirmation command, which instructs each trustee to confirm the identity of the user in the required manner.
在本發明的一些實施態樣中,當該使用者欲取得該加 密金鑰時,該使用者通知該m個信任人,並透過一第二電腦裝置將該m個第二加密後資料一對一地分別傳送至該m個信任人的一終端電子裝置,各該終端電子裝置以所對應的該信任人的一私鑰對收到的該第二加密後資料解密,以取得該待加密資料,且各該信任人以該待加密資料中的該身份確認指令要求的與該使用者互動的方式,與該使用者連絡以確認該使用者確實是提供該第二加密後資料的人之後,各該信任人再以該待加密資料中的該身份認證資料驗證該使用者確實為該第二加密後資料的擁有者後,各該信任人令所對應的各該終端電子裝置傳送所解密得到的該金鑰片段給該第二電腦裝置,該第二電腦裝置蒐集到至少n個金鑰片段後,該第二電腦裝置利用該秘密分享演算法根據該至少n個金鑰片段組合出該加密金鑰;其中該第二電腦裝置與該第一電腦裝置可以是同一裝置或不同裝置。 In some embodiments of the present invention, when the user wants to obtain the plus When using the secret key, the user notifies the m trustees, and transmits the m second encrypted data to a terminal electronic device of the m trustees one by one through a second computer device, each The terminal electronic device decrypts the received second encrypted data with a private key of the corresponding trustee to obtain the data to be encrypted, and each trustee uses the identity confirmation command in the data to be encrypted The required way of interacting with the user, after contacting the user to confirm that the user is indeed the person who provided the second encrypted data, each of the trustees verifies with the identity authentication data in the data to be encrypted After the user is indeed the owner of the second encrypted data, each of the trusted persons instructs the corresponding terminal electronic device to transmit the decrypted key fragment to the second computer device, and the second computer device After collecting at least n key segments, the second computer device uses the secret sharing algorithm to assemble the encryption key according to the at least n key segments; wherein the second computer device and the first computer device may be The same device or different devices.
在本發明的一些實施態樣中,該身份認證資料是該第二加密模組根據該金鑰片段所產生的一數位簽章;當該使用者欲取得該加密金鑰時,該使用者通知該m個信任人,並透過一第二電腦裝置將該m個第二加密後資料一對一地分別傳送至該m個信任人的一終端電子裝置,各該終端電子裝置以所對應的該信任人的一私鑰對收到的該第二加密後資料解密,以取得該待加密資料,並以該使用者的一公鑰驗證該待加密資料中的數位簽章,而確認該使用者確 實為該第二加密後資料的擁有者後,各該終端電子裝置傳送所解密得到的該金鑰片段給該第二電腦裝置,該第二電腦裝置蒐集到至少n個金鑰片段後,該第二電腦裝置利用該秘密分享演算法根據該至少n個金鑰片段組合出該加密金鑰;其中該第二電腦裝置與該第一電腦裝置可以是同一裝置或不同裝置。 In some embodiments of the present invention, the identity authentication data is a digital signature generated by the second encryption module according to the key fragment; when the user wants to obtain the encryption key, the user notifies The m trusted persons and the m second encrypted data are respectively transmitted one-to-one to a terminal electronic device of the m trusted persons through a second computer device, and each terminal electronic device corresponds to the A private key of the trustee decrypts the received second encrypted data to obtain the data to be encrypted, and verifies the digital signature in the data to be encrypted with a public key of the user to confirm the user Indeed After being the owner of the second encrypted data, each terminal electronic device transmits the decrypted key fragment to the second computer device. After the second computer device collects at least n key fragments, the The second computer device uses the secret sharing algorithm to assemble the encryption key according to the at least n key segments; wherein the second computer device and the first computer device may be the same device or different devices.
在本發明的一些實施態樣中,該身份認證資料是該第二加密模組根據該金鑰片段及該身份確認指令所產生的一數位簽章;當該使用者欲取得該加密金鑰時,該使用者通知該m個信任人,並透過一第二電腦裝置將該m個第二加密後資料一對一地分別傳送至該m個信任人的一終端電子裝置,各該終端電子裝置以所對應的該信任人的一私鑰對收到的該第二加密後資料解密,以取得該待加密資料,且各該信任人以該待加密資料中的該身份確認指令要求的與該使用者互動的方式,與該使用者連絡以確認該使用者確實是提供該第二加密後資料的人之後,各該信任人令所對應的各該終端電子裝置以該使用者的一公鑰驗證該待加密資料中的數位簽章,而確認該使用者確實為該第二加密後資料的擁有者後,各該終端電子裝置傳送所解密得到的該金鑰片段給該第二電腦裝置,該第二電腦裝置蒐集到至少n個金鑰片段後,該第二電腦裝置利用該秘密分享演算法根據該至少n個金鑰片段組合出該加密金鑰;其中該第二電腦裝置與該第一電腦裝置可以是同一裝置或不同裝置。 In some embodiments of the present invention, the identity authentication data is a digital signature generated by the second encryption module according to the key fragment and the identity confirmation command; when the user wants to obtain the encryption key , The user notifies the m trustees, and transmits the m second encrypted data to a terminal electronic device of the m trustees through a second computer device, and each terminal electronic device Use a private key of the corresponding trustee to decrypt the received second encrypted data to obtain the to-be-encrypted data, and each trustee uses the identity confirmation instruction in the to-be-encrypted data to request the In the way of user interaction, after contacting the user to confirm that the user is indeed the person who provided the second encrypted data, each of the trusted persons orders the corresponding terminal electronic devices to use a public key of the user After verifying the digital signature in the data to be encrypted, and confirming that the user is indeed the owner of the second encrypted data, each terminal electronic device transmits the decrypted key fragment to the second computer device, After the second computer device collects at least n key segments, the second computer device uses the secret sharing algorithm to assemble the encryption key according to the at least n key segments; wherein the second computer device and the first A computer device can be the same device or different devices.
此外,本發明實現上述資料備份方法的一種電腦裝置,用以備份一使用者的一秘密資料,並包括:一儲存該秘密資料的儲存單元;及一處理單元,其與該儲存單元電連接,並包含:一第一加密模組,其以一加密金鑰將該資料加密成一第一加密後資料以供備份保存;一秘密分享模組,其以一秘密分享演算法將該加密金鑰拆解成m(m≧2)個金鑰片段,並設定能組合出該加密金鑰的金鑰片段數量的一門檻值n(1<n<=m);以及一第二加密模組,其將每一個金鑰片段與該使用者的一身份認證資料組成一待加密資料,並利用該處理單元取得的m個信任人的公鑰一對一地分別對該m個待加密資料加密,而產生m個第二加密後資料以供備份保存。 In addition, the present invention implements the above-mentioned data backup method, a computer device for backing up a user's secret data, and includes: a storage unit storing the secret data; and a processing unit electrically connected to the storage unit, It also includes: a first encryption module that uses an encryption key to encrypt the data into a first encrypted data for backup storage; a secret sharing module that uses a secret sharing algorithm to split the encryption key Solve into m (m≧2) key fragments, and set a threshold value n (1<n<=m) that can combine the number of key fragments of the encryption key; and a second encryption module, which Each key fragment and an identity authentication data of the user form a data to be encrypted, and the public keys of m trustees obtained by the processing unit are used to respectively encrypt the m data to be encrypted, and Generate m second encrypted data for backup preservation.
再者,本發明實現上述資料備份方法的一種電腦可讀取的記錄媒體,其中儲存一包含一第一加密模組、一秘密分享模組及一第二加密模組的資料備份程式,該資料備份程式被一電腦裝置載人並執行後,該電腦裝置能對一秘密資料執行如上所述的資料備份方法。 Furthermore, the present invention implements the above-mentioned data backup method in a computer-readable recording medium, in which a data backup program including a first encryption module, a secret sharing module and a second encryption module is stored, and the data After the backup program is carried and executed by a computer device, the computer device can perform the data backup method described above on a secret data.
本發明之功效在於:藉由將加密金鑰拆解成m個金鑰片段,並將該m個金鑰片段各別與使用者的該身份認證資料組成m個待加密資料後,將該m個待加密資料各別以使用者所信任的m個信任人的公鑰加密成m個第二加密後資料,並將由該加密金鑰加密的該第一加密後資料及該等第二加密後資料備份保存,如此一來,即 使該第一加密後資料及/或該等第二加密後資料被竊取了,竊取者將因為無法獲得該m個信任人的私鑰,無法對該等第二加密後資料解密,而得不到該加密金鑰,確保了該加密金鑰備份的安全性;再者,由於該等第二加密後資料是由使用者自己保管,而非托管給該m個信任人,因此能避免該m個信任人相互串通重組出該加密金鑰,而確保了該加密金鑰備份的可靠性。 The effect of the present invention is: by disassembling the encryption key into m key fragments, and forming m data to be encrypted with the m key fragments and the user's identity authentication data, the m Each of the data to be encrypted is encrypted with the public keys of m trustees trusted by the user into m second encrypted data, and the first encrypted data and the second encrypted data encrypted by the encryption key The data is backed up and stored, so that If the first encrypted data and/or the second encrypted data are stolen, the stealer will not be able to decrypt the second encrypted data because he cannot obtain the private keys of the m trustees. To the encryption key, the security of the encryption key backup is ensured; furthermore, since the second encrypted data is kept by the user, rather than being escrowed to the m trustees, the m The trustees collude with each other to reconstruct the encryption key to ensure the reliability of the encryption key backup.
100:電腦裝置 100: computer device
1:處理單元 1: processing unit
11:第一加密模組 11: The first encryption module
12:祕密分享模組 12: Secret Sharing Module
13:第二加密模組 13: The second encryption module
2:儲存單元 2: storage unit
S1~S3:步驟 S1~S3: steps
本發明之其他的特徵及功效,將於參照圖式的實施方式中清楚地顯示,其中:圖1是本發明資料備份方法的一實施例的主要流程圖;圖2是本發明電腦裝置的一實施例包含的主要硬體元件及模組方塊圖;圖3說明本實施例的該第一加密模組以一加密金鑰對一祕密資料加密的示意圖;圖4說明本實施例的該祕密分享模組將該加密金鑰拆解成多個金鑰片段的示意圖;及圖5說明本實施例的該第二加密模組以m個信任人的公鑰各別對m個待加密資料加密的示意圖。 Other features and effects of the present invention will be clearly shown in the embodiments with reference to the drawings, in which: FIG. 1 is a main flow chart of an embodiment of the data backup method of the present invention; FIG. 2 is a computer device of the present invention A block diagram of the main hardware components and modules included in the embodiment; Figure 3 illustrates a schematic diagram of the first encryption module of this embodiment encrypting a secret data with an encryption key; Figure 4 illustrates the secret sharing of this embodiment A schematic diagram of the module disassembling the encryption key into multiple key fragments; and FIG. 5 illustrates that the second encryption module of this embodiment encrypts m data to be encrypted with the public keys of m trustees. Schematic.
在本發明被詳細描述之前,應當注意在以下的說明內 容中,類似的元件是以相同的編號來表示。 Before the present invention is described in detail, it should be noted in the following description In the content, similar components are represented by the same numbers.
參閱圖1,是本發明資料備份方法的一實施例的主要流程,其由圖2所示的一電腦裝置100執行,該電腦裝置100主要包括一處理單元1及一儲存單元2,該處理單元1例如是該電腦裝置100的中央處理器,該儲存單元2是包含記憶體及暫存器等供資料或程式軟體儲存或暫存之電腦(的中央處理器)可讀取的記錄媒體。該處理單元1與該儲存單元2電耦接以從該儲存單元2存取一使用者想要加密保存的一秘密資料D,該秘密資料D可以是任何型式的電子資料,例如密碼、私鑰、個資、檔案、影像或影片...等使用者想要保護的資料。
Referring to FIG. 1, it is the main flow of an embodiment of the data backup method of the present invention, which is executed by a
在本實施例中,該處理單元1包括一第一加密模組11、一祕密分享模組12及一第二加密模組23,且在本實施例中,這三個模組是以程式軟體的方式實現,但不以此為限,這三個模組也可以韌體、硬體或軟體與硬體結合的方式實現。且在本實施例中,該包含第一加密模組11、祕密分享模組12及第二加密模組23的程式軟體被載入該處理單元1並被該處理單元1執行後,將完成圖1所示的方法流程。
In this embodiment, the processing unit 1 includes a
因此,如圖1的步驟S1及圖3所示,首先,該第一加密模組11會以一即時或預先產生的加密金鑰RK,將上述要加密保存的該秘密資料D以例如一對稱性加密演算法加密成一第一加密後資
料RK⊙D,其中⊙代表加密之意。然後將該第一加密後資料RK⊙D備份保存於該使用者端,例如該電腦裝置100將該第一加密後資料RK⊙D輸出至另一外部裝置,而將該第一加密後資料RK⊙D以任何可能的形式保存,該外部裝置可以是但不限於一儲存裝置、另一電腦裝置、一印表機或者一雲端硬碟等。
Therefore, as shown in step S1 of FIG. 1 and FIG. 3, first, the
接著,如圖1的步驟S2及圖4所示,該秘密分享模組12根據該使用者的指令,以一秘密分享(Secret Sharing)演算法,將該加密金鑰RK拆解成m個金鑰片段rk1~rkm,並根據該使用者的指令,設定能重組出該加密金鑰RK的金鑰片段數量的一門檻值n;其中m為大於等於2的正整數,n為大於1且小於等於m的正整數。例如若m為4,n被設定為3時,該加密金鑰RK將被該秘密分享演算法拆解成4個金鑰片段rk1~rk4,且該秘密分享演算法可以根據該4個金鑰片段rk1~rk4中的任意3個金鑰片段重組出該加密金鑰RK。本實施例使用的該秘密分享演算法是Shamir's Secret Sharing演算法,該演算法是一習知技術,且其拆解及重組金鑰的技術原理並非本發明之重點,故在此不予詳述。
Then, as shown in step S2 and FIG. 4 in FIG. 1, the
然後,如圖1的步驟S3,該處理單元1會預先根據該使用者輸入的指令,取得該使用者所信任的m個信任人在網路上流通的m個公鑰(public key)PK1~PKm(m≧2),或者該處理單元1直接接受該使用者透過一輸入裝置(例如實體鍵盤或觸控式螢幕等)
或其它儲存裝置輸入而取得的該m個信任人的m公鑰(public key)PK1~PKm(亦即每一信任人擁有相對應的一個公鑰);且如圖5所示,該第二加密模組13會先將每一個金鑰片段rk1~rkm(m≧2)與該使用者的一身份認證資料組成一待加密資料S1~Sm(m≧2),因此例如m為4時,則會組成4個待加密資料S1~S4;其中該身份認證資料可以是該等信任人能直接確認該使用者並非假冒的任何使用者的個人資料,例如該使用者的一名片、名字或照片等,或者該身份認證資料也可以是該第二加密模組13預先根據各該金鑰片段rk1~rkm所對應產生的一數位簽章。
Then, as shown in step S3 of Figure 1, the processing unit 1 will obtain m public keys PK1~PKm circulated on the network by m trustees trusted by the user in advance according to the instructions input by the user (m≧2), or the processing unit 1 directly accepts the user through an input device (such as a physical keyboard or touch screen, etc.)
The m public keys PK1~PKm of the m trustees obtained by inputting from other storage devices (that is, each trustee has a corresponding public key); and as shown in Figure 5, the second The
該數位簽章的產生方式是該第二加密模組13將各該金鑰片段rk1~rkm各別以不可逆的一雜湊摘要演算法(Digest Hash)(或稱雜湊函數),例如SHA1或MD5進行演算,產生對應的m個雜湊摘要(Digest)(或稱數位指紋)。該第二加密模組13再以該使用者所擁有的一金鑰對(包含一公鑰與一私鑰)中的該私鑰對該m個雜湊摘要內容進行非對稱式的加密演算,例如使用RSA演算法,而產生該m個數位簽章(該身份認證資料)。
The digital signature is generated by the
此外,各該待加密資料S1~Sm中還可包含一身份確認指令,該身份確認指令是由該使用者提供給該電腦裝置100,並用以指示各該信任人以其中所列的與該使用者互動的方式,例如打電話或要求見面(面對面)等方式來確認該使用者的身份,但不以此為
限。因此,若該身份認證資料是數位簽章時,該第二加密模組13是根據各該金鑰片段rk1~rkm及該身份確認指令進行上述的雜湊摘要演算(Digest Hash),而產生相對應的該m個雜湊摘要,再以該使用者的該私鑰對該m個雜湊摘要分別進行非對稱式加密演算,而對應產生該m個數位簽章。
In addition, each of the to-be-encrypted data S1~Sm may also include an identity confirmation command, which is provided by the user to the
然後,該第二加密模組13以該m個公鑰PK1~PKm一對一地分別以一非對稱性加密演算法,例如前述的RSA演算法對該m個待加密資料S1~Sm加密,而對應產生m個第二加密後資料PK1⊙S1~PKm⊙Sm,且將該m個第二加密後資料PK1⊙S1~PKm⊙Sm備份保存,例如該電腦裝置100將該m個第二加密後資料PK1⊙S1~PKm⊙Sm輸出至另一外部裝置,而將該m個第二加密後資料PK1⊙S1~PKm⊙Sm以任何可能的形式保存,該外部裝置可以是但不限於一儲存裝置、另一電腦裝置、一印表機或者一雲端硬碟等。且在備份完成後,該電腦裝置100會將執行加密過程中的相關資訊,例如該m個信任人的m公鑰(public key)PK1~PKm、該使用者的該身份認證資料、該身份確認指令等刪除。至此,即完成該加密金鑰RK的備份。
Then, the
藉此,當使用者欲取得該加密金鑰RK,以對該第一加密後資料RK⊙D解密而取得該秘密資料D時,該使用者通知該m個信任人要請他們協助解密,然後(或同時)該使用者透過一電腦裝 置,例如上述的該電腦裝置100(又稱第一電腦裝置)或者另一電腦裝置(又稱第二電腦裝置),將該m個第二加密後資料PK1⊙S1~PKm⊙Sm一對一地分別傳送至該m個信任人的一終端電子裝置,例如桌型上電腦、筆記型電腦或智慧型手機等,然後,各該信任人的該終端電子裝置根據各該信任人的指令,以各該信任人的一私鑰對所收到的該第二加密後資料PK1⊙S1~PKm⊙Sm進行解密,以取得各該待加密資料S1~Sm。 Thus, when the user wants to obtain the encryption key RK to decrypt the first encrypted data RK⊙D to obtain the secret data D, the user informs the m trustees to ask them to assist in the decryption, and then ( Or at the same time) the user installs Setting, for example, the aforementioned computer device 100 (also called the first computer device) or another computer device (also called the second computer device), the m second encrypted data PK1⊙S1~PKm⊙Sm one to one Respectively to a terminal electronic device of the m trustees, such as desktop computers, notebook computers, or smart phones, etc., and then the terminal electronic devices of each trustee follow the instructions of each trustee to A private key of each trustee decrypts the received second encrypted data PK1⊙S1~PKm⊙Sm to obtain each of the to-be-encrypted data S1~Sm.
然後,若各該待加密資料D1~Dm中有包含該身份確認指令,各該信任人將根據該身份確認指令要求的與該使用者互動的方式,與該使用者連絡,例如打電話或約見面等,以確認該使用者是否確實是傳送(提供)該第二加密後資料PK1⊙S1~PKm⊙Sm的人。而且,各該信任人還根據各該待加密資料S1~Sm中包含的該身份認證資料,例如名片、名字或照片等,確認傳送(提供)該第二加密後資料PK1⊙S1~PKm⊙Sm的人與該身份認證資料的內容是否一致(對應)。 Then, if each of the to-be-encrypted data D1~Dm contains the identity confirmation command, each trusted person will contact the user according to the way of interacting with the user required by the identity confirmation command, such as making a call or making an appointment. Meet and wait to confirm whether the user is indeed the person who sent (provided) the second encrypted data PK1⊙S1~PKm⊙Sm. Moreover, each of the trustees also confirms to send (provide) the second encrypted data PK1⊙S1~PKm⊙Sm based on the identity authentication data contained in each of the data to be encrypted S1~Sm, such as business cards, names or photos, etc. Whether the person at and the content of the identity authentication data are consistent (corresponding).
而若該身份認證資料是數位簽章時,各該信任人的該終端電子裝置將以該使用者直接提供或流通於網路中的一公鑰(即該使用者的公鑰)驗證所解密得到的該待加密資料S1~Sm中的數位簽章,以確認該使用者是否確實為該待加密資料中的該金鑰片段的擁有者;亦即,各該信任人的該終端電子裝置會以該使用者的該公 鑰對該數位簽章解密,以還原得到該雜湊摘要,另外再分別對該待加密資料S1~Sm中的該金鑰片段rk1~rkm(或該金鑰片段rk1~rkm及該身份確認指令)以相同的該雜湊摘要演算法(Digest Hash)進行演算,得到另一個雜湊摘要,並比對兩個雜湊摘要內容是否一致,若是,即代表該使用者確實是該金鑰片段rk1~rkm的擁有者。然後,各該信任人在確認被各該第二加密後資料PK1⊙S1~PKm⊙Sm加密的各該金鑰片段rk1~rkm的擁有人確實是該使用者後,該各該終端電子裝置即可傳送所解密得到的各該金鑰片段rk1~rkm給該使用者的該電腦裝置,因此,當使用者的該電腦裝置蒐集到至少n個金鑰片段後,該電腦裝置即可利用上述的該秘密分享演算法根據該至少n個金鑰片段組合還原出該加密金鑰RK。藉此,該使用者即可利用還原的該加密金鑰RK對該第一加密後資料RK⊙D解密而取得該秘密資料D。 And if the identity authentication data is a digital signature, the terminal electronic device of each trustee will be decrypted by a public key directly provided by the user or circulated in the network (ie the user’s public key) The digital signature in the data to be encrypted S1~Sm is obtained to confirm whether the user is indeed the owner of the key segment in the data to be encrypted; that is, the terminal electronic device of each trustee will Based on the user’s The key decrypts the digital signature to restore the hash digest. In addition, the key fragment rk1~rkm in the data to be encrypted S1~Sm (or the key fragment rk1~rkm and the identity confirmation command) Calculate with the same digest hash algorithm (Digest Hash) to get another hash digest, and compare whether the contents of the two hash digests are the same. If so, it means that the user is indeed the owner of the key fragment rk1~rkm By. Then, after each trustee confirms that the owner of each key segment rk1~rkm encrypted by each of the second encrypted data PK1⊙S1~PKm⊙Sm is indeed the user, the terminal electronic device is The decrypted key fragments rk1~rkm can be sent to the computer device of the user. Therefore, when the computer device of the user collects at least n key fragments, the computer device can use the aforementioned The secret sharing algorithm restores the encryption key RK according to the combination of the at least n key fragments. Thereby, the user can decrypt the first encrypted data RK⊙D by using the restored encryption key RK to obtain the secret data D.
綜上所述,上述實施例藉由將加密金鑰RK拆解成m個金鑰片段rk1~rkm,並將該m個金鑰片段rk1~rkm各別與使用者的該身份認證資料組成m個待加密資料S1~Sm後,將該m個待加密資料S1~Sm各別以使用者所信任的m個信任人的公鑰PK1~PKm加密成m個第二加密後資料PK1⊙S1~PKm⊙Sm,並將由該加密金鑰RK加密的該第一加密後資料RK⊙D及該等第二加密後資料PK1⊙S1~PKm⊙Sm備份保存,如此一來,即使該第一加密後資料 RK⊙D及/或該等第二加密後資料PK1⊙S1~PKm⊙Sm被竊取了,竊取者將因為無法獲得該m個信任人的私鑰,無法對該等第二加密後資料PK1⊙S1~PKm⊙Sm解密,而得不到該加密金鑰RK,確保了該加密金鑰RK備份的安全性;再者,由於該等第二加密後資料PK1⊙S1~PKm⊙Sm是由使用者自己備份保管,而非托管給該m個信任人,因此能避免該m個信任人相互串通重組出該加密金鑰RK,而確保了該加密金鑰RK備份的可靠性,確實達到本發明兼具安全性及可靠性的資料備份之功效與目的。 In summary, the above embodiment disassembles the encryption key RK into m key fragments rk1~rkm, and composes the m key fragments rk1~rkm with the user’s identity authentication data. After the data to be encrypted S1~Sm, the m data to be encrypted S1~Sm are respectively encrypted with the public keys PK1~PKm of m trustees trusted by the user into m second encrypted data PK1⊙S1~ PKm⊙Sm, and back up the first encrypted data RK⊙D and the second encrypted data PK1⊙S1~PKm⊙Sm encrypted by the encryption key RK. In this way, even after the first encryption data RK⊙D and/or the second encrypted data PK1⊙S1~PKm⊙Sm have been stolen. The stealer will not be able to obtain the private keys of the m trustees and cannot perform the second encrypted data PK1⊙ S1~PKm⊙Sm is decrypted without obtaining the encryption key RK, which ensures the security of the backup of the encryption key RK; furthermore, because the second encrypted data PK1⊙S1~PKm⊙Sm is used The user backs up and keeps it by himself instead of entrusting it to the m trustees, so it can prevent the m trustees from colluding with each other to reorganize the encryption key RK, and ensuring the reliability of the encryption key RK backup, indeed achieving the present invention The function and purpose of data backup with both safety and reliability.
惟以上所述者,僅為本發明之實施例而已,當不能以此限定本發明實施之範圍,凡是依本發明申請專利範圍及專利說明書內容所作之簡單的等效變化與修飾,皆仍屬本發明專利涵蓋之範圍內。 However, the above are only examples of the present invention. When the scope of implementation of the present invention cannot be limited by this, all simple equivalent changes and modifications made in accordance with the scope of the patent application of the present invention and the content of the patent specification still belong to This invention patent covers the scope.
S1~S3:步驟 S1~S3: steps
Claims (13)
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
TW108104237A TWI706277B (en) | 2019-02-01 | 2019-02-01 | Data backup method, computer device and computer readable recording medium |
CN201910220021.7A CN111526005A (en) | 2019-02-01 | 2019-03-22 | Data backup method, computer device and computer program product |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
TW108104237A TWI706277B (en) | 2019-02-01 | 2019-02-01 | Data backup method, computer device and computer readable recording medium |
Publications (2)
Publication Number | Publication Date |
---|---|
TW202030633A TW202030633A (en) | 2020-08-16 |
TWI706277B true TWI706277B (en) | 2020-10-01 |
Family
ID=71900248
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
TW108104237A TWI706277B (en) | 2019-02-01 | 2019-02-01 | Data backup method, computer device and computer readable recording medium |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN111526005A (en) |
TW (1) | TWI706277B (en) |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
TW200623880A (en) * | 2004-07-26 | 2006-07-01 | Irdeto Access Bv | Method of partially scrambling a data stream |
CN103023635A (en) * | 2012-12-03 | 2013-04-03 | 广东欧珀移动通信有限公司 | Method and device for message backup |
CN105869091A (en) * | 2016-05-12 | 2016-08-17 | 深圳市时尚德源文化传播有限公司 | Internet teaching method and system |
CN106548345A (en) * | 2016-12-07 | 2017-03-29 | 北京信任度科技有限公司 | The method and system of block chain private key protection are realized based on Secret splitting |
US20170193026A1 (en) * | 2016-01-06 | 2017-07-06 | General Motors Llc | Customer vehicle data security method |
TWM581231U (en) * | 2019-02-01 | 2019-07-21 | 倍加科技股份有限公司 | Computer device for backing up data |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6959394B1 (en) * | 2000-09-29 | 2005-10-25 | Intel Corporation | Splitting knowledge of a password |
WO2014167525A1 (en) * | 2013-04-10 | 2014-10-16 | Lynxguard Ltd. | Secure backup and recovery system for private sensitive data |
CN106357401B (en) * | 2016-11-11 | 2019-09-10 | 武汉理工大学 | A kind of storage of private key and application method |
-
2019
- 2019-02-01 TW TW108104237A patent/TWI706277B/en active
- 2019-03-22 CN CN201910220021.7A patent/CN111526005A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
TW200623880A (en) * | 2004-07-26 | 2006-07-01 | Irdeto Access Bv | Method of partially scrambling a data stream |
CN103023635A (en) * | 2012-12-03 | 2013-04-03 | 广东欧珀移动通信有限公司 | Method and device for message backup |
US20170193026A1 (en) * | 2016-01-06 | 2017-07-06 | General Motors Llc | Customer vehicle data security method |
CN105869091A (en) * | 2016-05-12 | 2016-08-17 | 深圳市时尚德源文化传播有限公司 | Internet teaching method and system |
CN106548345A (en) * | 2016-12-07 | 2017-03-29 | 北京信任度科技有限公司 | The method and system of block chain private key protection are realized based on Secret splitting |
TWM581231U (en) * | 2019-02-01 | 2019-07-21 | 倍加科技股份有限公司 | Computer device for backing up data |
Also Published As
Publication number | Publication date |
---|---|
CN111526005A (en) | 2020-08-11 |
TW202030633A (en) | 2020-08-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10756906B2 (en) | Architecture and methods for self-sovereign digital identity | |
US20190311148A1 (en) | System and method for secure storage of electronic material | |
JP5663083B2 (en) | System and method for securing data in motion | |
JP6120895B2 (en) | System and method for securing data in the cloud | |
EP1913509B1 (en) | System, method and apparatus to obtain a key for encryption/decryption/data recovery from an enterprise cryptography key management system | |
TWI267280B (en) | Method for encryption backup and method for decryption restoration | |
WO2019199288A1 (en) | System and method for secure storage of electronic material | |
KR20210066867A (en) | An encrypted asset encryption key portion that allows assembly of an asset encryption key using a subset of the encrypted asset encryption key portion. | |
US20130159699A1 (en) | Password Recovery Service | |
US7970142B2 (en) | System, method and apparatus for decrypting data stored on removable media | |
CN103609059A (en) | Systems and methods for secure data sharing | |
US11449589B2 (en) | Updating biometric data templates | |
US11252161B2 (en) | Peer identity verification | |
CA3156555C (en) | Cryptographic key management | |
US20210392003A1 (en) | Decentralized computing systems and methods for performing actions using stored private data | |
WO2018113537A1 (en) | Method and system for encrypting photograph on the basis fingerprint identification | |
TWI476629B (en) | Data security and security systems and methods | |
AU2018100503A4 (en) | Split data/split storage | |
TWI706277B (en) | Data backup method, computer device and computer readable recording medium | |
TWM581231U (en) | Computer device for backing up data | |
CN114710271A (en) | Method and device for sharing encrypted data, storage medium and electronic equipment | |
JP6616868B1 (en) | Information processing system and information processing method | |
JP2020022150A (en) | Information processing system and information processing method |