WO2012151785A1 - Procédé de cryptage de fichier incorporé pour un terminal mobile, et terminal mobile - Google Patents

Procédé de cryptage de fichier incorporé pour un terminal mobile, et terminal mobile Download PDF

Info

Publication number
WO2012151785A1
WO2012151785A1 PCT/CN2011/077376 CN2011077376W WO2012151785A1 WO 2012151785 A1 WO2012151785 A1 WO 2012151785A1 CN 2011077376 W CN2011077376 W CN 2011077376W WO 2012151785 A1 WO2012151785 A1 WO 2012151785A1
Authority
WO
WIPO (PCT)
Prior art keywords
file
encryption
mobile terminal
built
encrypted
Prior art date
Application number
PCT/CN2011/077376
Other languages
English (en)
Chinese (zh)
Inventor
任龙
赵阳
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2012151785A1 publication Critical patent/WO2012151785A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless

Definitions

  • Mobile terminal built-in file encryption method and mobile terminal
  • the present invention relates to the field of mobile communication technologies, and in particular, to a mobile terminal built-in file encryption method and a mobile terminal that encrypts a built-in file. Background technique
  • the main object of the present invention is to provide a built-in file encryption method and a mobile terminal for a mobile terminal, which aim to improve the security of the built-in files of the mobile terminal.
  • the present invention provides a built-in file encryption method for a mobile terminal, including:
  • the mobile terminal reads the built-in file of the mobile terminal
  • the header information in the ciphertext file is second encrypted by a predetermined encryption algorithm.
  • the step of reading the built-in file of the mobile terminal further includes:
  • the encryption configuration option comprises: an encryption algorithm, an encryption method, an encrypted file type, and/or an encryption level selection.
  • the identifier comprises an IMEI and/or an ICCID.
  • the method further includes:
  • the encrypted built-in file is decrypted.
  • the step of decrypting the encrypted built-in file includes:
  • the mobile terminal selects a corresponding ciphertext file according to the user selection
  • the present invention also provides a mobile terminal for encrypting a built-in file, including:
  • a reading module configured to read a built-in file of the mobile terminal
  • An encryption module configured to determine, according to a preset encryption configuration option, whether the built-in file needs to be encrypted, and if yes, using the identifier of the mobile terminal as a key, and according to the encryption configuration option, the built-in file Performing the first encryption to generate a ciphertext file;
  • a secondary encryption module configured to use the predetermined encryption algorithm to the header information in the ciphertext file Perform a second encryption.
  • the mobile terminal further includes: a configuration module, configured to set the encryption configuration option.
  • the encryption configuration option comprises: an encryption algorithm, an encryption method, an encrypted file type, and/or an encryption level selection.
  • the mobile terminal further includes: a decryption module, configured to decrypt the encrypted built-in file.
  • a decryption module configured to decrypt the encrypted built-in file.
  • the decryption module comprises:
  • a ciphertext selection unit configured to select a corresponding ciphertext file by the user
  • a decryption instruction receiving unit configured to receive a decryption instruction input by the user
  • a decrypting unit configured to: when the decryption instruction matches the header information in the corresponding ciphertext file, read the identification information of the mobile terminal; and generate the corresponding ciphertext file When the keys are identical, the corresponding ciphertext file is decrypted.
  • the built-in file encryption method and the mobile terminal of the mobile terminal provided by the present invention are configured by setting an encryption configuration option for the built-in file of the mobile terminal, and simultaneously performing the identification of the built-in file to be encrypted with the mobile terminal identification as a key according to the encryption configuration option.
  • One encryption and the second encryption based on the first encryption that is, double encryption of the built-in file of the mobile terminal, and the encrypted built-in file can only be decrypted and browsed on the original encrypted mobile phone and/or the mobile phone inserted into the original encrypted SIM card. And related operations, so as to achieve a more secure and effective encryption of the built-in files of the mobile phone, to ensure the privacy of the user data.
  • FIG. 1 is a schematic flowchart of another embodiment of a method for encrypting a built-in file of a mobile terminal according to the present invention
  • FIG. 2 is a schematic flowchart of another embodiment of a method for encrypting a built-in file of a mobile terminal according to the present invention
  • 4 is a schematic structural diagram of an embodiment of a mobile terminal for encrypting a built-in file according to the present invention
  • FIG. 5 is a schematic structural diagram of another embodiment of a mobile terminal for encrypting a built-in file according to the present invention
  • the solution of the embodiment of the present invention is mainly: setting the encryption configuration option of the built-in file of the mobile terminal, and performing the first encryption with the mobile terminal identification as the key and the first based on the built-in file to be encrypted according to the encryption configuration option.
  • the second encryption of the second encryption to improve the security of the built-in files of the mobile terminal, and to ensure the privacy of the user data.
  • the mobile terminal includes a mobile phone and the like in the embodiment of the present invention.
  • the technical solution of the embodiment of the present invention is described in detail below by taking a mobile phone as an example.
  • the protection methods of the existing mobile phone built-in files are mostly protected by inputting a password.
  • the scope of protection is not clearly defined, and the decryption can be decrypted by inputting the correct password.
  • confidentiality is very limited.
  • the embodiment of the invention can encrypt the built-in file of the mobile phone more safely and effectively, and impose stricter restrictions on the operation authority of the built-in file to ensure stricter privacy, so as to prevent the file from being maliciously copied and transmitted.
  • an embodiment of the present invention provides a method for encrypting a built-in file of a mobile terminal, including the following steps:
  • Step S101 The mobile terminal reads the built-in file of the mobile terminal.
  • Step S102 Determine, according to the preset encryption configuration option, whether the built-in file needs to be encrypted, and if yes, proceed to step S103. Otherwise, the process proceeds to step S105.
  • Encryption configuration options include: encryption algorithm, encryption method, encrypted file type, and/or encryption level selection. among them:
  • the encryption algorithm selection refers to the encryption algorithm used in encryption.
  • the encryption algorithm includes the commonly used DES encryption algorithm, and can also use encryption algorithms such as RSA and DSA.
  • the above DES encryption calculation The method, the RSA encryption algorithm and the DSA encryption algorithm are existing mature technologies, and are not described herein.
  • the encryption mode selection refers to which identifier of the mobile phone is used as the key for encryption, for example, the international mobile device identity code (IMEI, International Mobile Equipment Identity) encryption of the mobile phone, or the integrated circuit card identification of the SIM card in the mobile phone.
  • IMEI international mobile device identity code
  • the code (ICCID, Integrate circuit card identity) is densely secreted, wherein the ICCID is solidified in the SIM card of the mobile phone, and is a unique identification number of the SIM card, which is composed of 20 digits, and the coding format is: XXXXXX OMFSS YYGXX XXXXX.
  • IMEI number encryption can only be the mobile phone to browse the encrypted file; SIM card ICCID encryption can only be decrypted by the SIM card of this mobile phone.
  • the encryption method can be cross-checked, that is, the IMEI number of the mobile phone and the ICCID of the SIM card in the mobile phone are cross-checked and encrypted for use to complete more stringent encryption and decryption rights.
  • the mobile phone IMEI number and SIM card are used.
  • the ICCIDs are collectively illustrated as an encryption key. It should be noted that the method of using the mobile phone IMEI number alone or the ICCID of the mobile phone SIM card as the encryption key is also within the protection scope of the present invention.
  • Encrypted file type selection means selecting to encrypt all files in a particular folder; or encrypting files in one or several specific file formats. For example, encrypt files in the format of "jpg”, “txt”, “mp3”, etc., but not for files of this type.
  • the encryption level selection refers to encryption of different secret levels according to the secret level of the file stored by the user.
  • the level can be divided into three types: the first is ordinary encryption, the file with ordinary encryption can be opened, the operation permission is browse, modify, delete and copy; the second is medium encryption, and the medium encrypted file can be used. Open permissions are browse, modify, and delete, but copy transfer is not allowed. The third is advanced encryption. The file open permission for advanced encryption is limited to browsing and deletion, and no modification or copy transfer is allowed. Of course, the specific operation authority can be adjusted appropriately.
  • the three encryption levels are here for example only.
  • the identifier of the mobile terminal is used as a key, and the built-in file is first encrypted according to the encryption configuration option to generate a ciphertext file.
  • the identifier of the mobile phone includes the IMEI number of the mobile phone and the ICCID of the SIM card.
  • the IMEI number of the mobile phone and the ICCID of the SIM card are collectively used as an encryption key, and are read according to a preset encryption configuration option.
  • the corresponding mobile phone IMEI number and the ICCID information of the SIM card perform the first encryption of the built-in file of the mobile phone according to the preset encryption configuration option (that is, the first encryption in this embodiment), for example, if the read mobile phone built-in file To encrypt a file in a folder that needs to be encrypted as specified in the configuration option, use the IMEI number of the mobile phone and the ICCID of the SIM card as the key, and use the encryption algorithm selected in the encryption configuration option to read the built-in file. Encrypt and generate a ciphertext file.
  • the ciphertext file includes a ciphertext header information, and the ciphertext header information can be generated by randomly generating a four-digit number or letter.
  • the ciphertext header information is automatically generated by the system for different encrypted files and remains unchanged.
  • Step S104 Perform second encryption on the header information in the ciphertext file by using a predetermined encryption algorithm.
  • the predetermined encryption algorithm can also use the above-mentioned DES algorithm, RSA and DSA algorithms, and the like.
  • the second encryption of the header information in the ciphertext file by the predetermined encryption algorithm is a secondary encryption of the built-in file encrypted once by the mobile phone, and the secondary encryption may be a password manually set by the received user.
  • one encryption is automatically performed for the terminal system, and the user does not need any operation, and the corresponding decryption process is also automatically completed, that is, as long as the IMEI number of the mobile phone and the ICCID of the SIM card are satisfied, the built-in file can be decrypted for browsing; and the secondary encryption is Encrypt the header information of the ciphertext file.
  • the user After inputting the corresponding password, the user can browse the encrypted ciphertext file.
  • the secondary encryption can use the common common encryption algorithm. The user can set the password by himself or even set a constant. Built-in file to protect encryption.
  • the purpose of secondary encryption of the built-in files is: Since the first encryption uses automatic encryption The method can directly browse and operate the encrypted file when the decryption condition is met. In order to prevent the user from being browsed by others due to the loss of the mobile phone, the embodiment performs secondary encryption on the file header information to avoid such a situation.
  • step S105 the built-in file is not encrypted.
  • the file is not encrypted, directly End the encryption process, which can be stored as a normal file.
  • the built-in file of the mobile phone can be double-encrypted.
  • the IMEI number of the mobile phone or the ICCID of the corresponding SIM card is used as an encryption key to automatically obtain the user's request.
  • the encrypted file is encrypted, the ciphertext file is generated, and then the header information of the ciphertext file is encrypted by a common encryption algorithm (such as DES encryption algorithm), and the encrypted built-in file can only be encrypted in the original encrypted mobile phone or inserted into the original encryption. Decrypt browsing and related operations on the SIM card's mobile phone.
  • another embodiment of the present invention provides a method for encrypting a built-in file of a mobile terminal.
  • the method further includes:
  • Step S100 setting an encryption configuration option.
  • the mobile terminal such as a mobile phone
  • encrypts the built-in file it needs to set the encryption permission and the encrypted file type, that is, complete which internal file is encrypted, which encryption method and encryption algorithm are used for encryption. Wait.
  • the corresponding encryption algorithm and encryption level are enabled.
  • the encryption configuration options include: encryption algorithm, encryption method, encrypted file type, and/or encryption level selection. among them:
  • the encryption algorithm selection refers to which encryption algorithm is used when encrypting, and the encryption algorithm includes common
  • the DES encryption algorithm can also use encryption algorithms such as RSA and DSA.
  • the encryption mode selection refers to which identifier of the mobile phone is used as the key for encryption.
  • the IMEI number of the mobile phone or the ICCID of the SIM card in the mobile phone can be used for encryption, wherein the ICCID is solidified in the SIM card of the mobile phone, which is the only SIM card.
  • the identification number consists of 20 digits and its encoding format is: XXXXXX OMFSS YYGXX XXXX.
  • IMEI encryption can only browse the encrypted file on the mobile phone; the ICCID encryption of the SIM card can only be decrypted by the SIM card of the mobile phone.
  • the encryption method can be cross-checked, that is, the IMEI number of the mobile phone and the ICCID of the SIM card in the mobile phone are cross-checked and encrypted for use to complete more stringent encryption and decryption rights.
  • the IMEI number and the SIM card of the mobile phone are used.
  • the ICCIDs are collectively illustrated as an encryption key. It should be noted that the method of using the mobile phone IMEI number alone or the ICCID of the mobile phone SIM card as the encryption key is also within the protection scope of the present invention.
  • Encrypted file type selection means selecting to encrypt all files in a particular folder; or encrypting files in one or several specific file formats. For example, encrypt files in the format of "jpg”, “txt”, “mp3”, etc., but not for files of this type.
  • Encryption level selection refers to encryption at different levels according to the secret level of files stored by the user.
  • the level can be divided into three types: the first is ordinary encryption, the file with ordinary encryption can be opened, the operation permission is browse, modify, delete and copy; the second is medium encryption, and the medium encrypted file can be used. Open permissions are browse, modify, and delete, but copy transfer is not allowed. The third is advanced encryption. The file open permission for advanced encryption is limited to browsing and deletion, and no modification or copy transfer is allowed. Of course, the specific operation authority can be adjusted appropriately.
  • the three encryption levels are here for example only.
  • step S104 the method further includes:
  • Step S106 decrypting the encrypted built-in file.
  • the process of decrypting the built-in file is a process reversed from the encryption process.
  • the mobile phone When the user needs to browse the encrypted built-in file, the mobile phone first asks the user to input a password to parse the header information of the ciphertext file. After inputting correctly, the IMEI number of the current mobile phone and the ICCID information of the SIM card used by the mobile phone are read and encrypted. The key in the file is checked for verification. If the verification results are consistent, the user has permission to browse and manipulate the application.
  • the system prompts the user to manually input the password of the ciphertext header information, and invokes the header information decryption algorithm to decrypt the header information to obtain the original header information. If the original header information matches the header information of the opened ciphertext file, the decryption of the ciphertext file is successful, otherwise the decryption fails, prompting the user to re-enter the header information password.
  • the ciphertext file is successfully decrypted, the IMEI number of the mobile phone and the ICCID information of the SIM card are read, the IMEI number of the mobile phone and the ICCID information of the SIM card used by the mobile phone are read, and the read information is encrypted with the previously generated one. If the encryption key is the same as the encryption key, the ciphertext file is read, and the ciphertext file is decrypted by using the same encryption algorithm in the encryption process to complete the decryption of the built-in file and generate the decrypted file. The plain document is displayed. If they are inconsistent, the user's selection is re-received and the corresponding ciphertext file is selected.
  • step S106 specifically includes:
  • Step S1061 The mobile terminal selects a corresponding ciphertext file according to the user selection.
  • Step S1062 Receive a decryption instruction input by the user.
  • Step S1063 determining whether the decryption instruction matches the header information in the corresponding ciphertext file, and if yes, proceeding to step S1064, otherwise, returning to step S1062.
  • Step S1064 Read the identification information of the mobile terminal; and proceed to step S1065.
  • Step S1065 determining whether the identification information is consistent with the key for generating the corresponding ciphertext file; if yes, proceeding to step S1066; otherwise, returning to step S1061.
  • Step S1066 Decrypt the corresponding ciphertext file.
  • the process of using the IMEI number of the mobile phone and the ICCID of the SIM card as the encryption and decryption key is that the mobile phone system automatically performs the encryption and decryption operation of the built-in file, and in the case that the encrypted built-in file is maliciously copied, the decryption process must conform to Certain hardware requirements are required to enter the decryption process. This protects the built-in files of the mobile phone (including the T-cards installed on the mobile phone and the files on the SD card) from being read, modified, deleted, copied, and transmitted.
  • an embodiment of the present invention provides a mobile terminal that encrypts an internal file, including: a reading module 401, a primary encryption module 402, and a secondary encryption module 403, where: a reading module 401 is configured to Read the built-in files of the mobile terminal.
  • the first encryption module 402 is configured to determine, according to a preset encryption configuration option, whether the built-in file needs to be encrypted, and if yes, use the identifier of the mobile terminal as a key, and perform first encryption on the built-in file according to the encryption configuration option. Generate a ciphertext file.
  • the secondary encryption module 403 is configured to perform second encryption on the header information in the ciphertext file by using a predetermined encryption algorithm.
  • Encryption configuration options include: encryption algorithm, encryption method, encrypted file type, and/or encryption level selection. among them:
  • the encryption algorithm selection refers to the encryption algorithm used in encryption.
  • the encryption algorithm includes the commonly used DES encryption algorithm, and can also use encryption algorithms such as RSA and DSA.
  • the encryption mode selection refers to which identifier of the mobile phone is used as the key for encryption.
  • the IMEI number of the mobile phone or the ICCID of the SIM card in the mobile phone can be used for encryption, wherein the ICCID is solidified in the SIM card of the mobile phone, which is the only SIM card.
  • the identification number consists of 20 digits and its encoding format is: XXXXXX OMFSS YYGXX XXXX.
  • IMEI encryption can only be browsed by the mobile phone; the ICCID encryption of the SIM card can only be decrypted by the SIM card of the mobile phone.
  • the encryption method can be cross-checked, that is, using the mobile phone IMEI number and the SIM card in the mobile phone.
  • the ICCID cross-check is used for encryption to complete more stringent encryption and decryption rights.
  • the IMEI number of the mobile phone and the ICCID of the SIM card are collectively used as an encryption key. It should be noted that the method of using the mobile phone IMEI number alone or the ICCID of the mobile phone SIM card as the encryption key is also within the protection scope of the present invention.
  • Encrypted file type selection means selecting to encrypt all files in a particular folder; or encrypting files in one or several specific file formats. For example, encrypt files in the format of "jpg”, “txt”, “mp3”, etc., but not for files of this type.
  • Encryption level selection refers to encryption at different levels according to the secret level of files stored by the user.
  • the level can be divided into three types: the first is ordinary encryption, the file with ordinary encryption can be opened, the operation permission is browse, modify, delete and copy; the second is medium encryption, and the medium encrypted file can be used. Open permissions are browse, modify, and delete, but copy transfer is not allowed. The third is advanced encryption. The file open permission for advanced encryption is limited to browsing and deletion, and no modification or copy transfer is allowed. Of course, the specific operation authority can be adjusted appropriately.
  • the three encryption levels are here for example only.
  • the IMEI number of the mobile phone and the ICCID of the SIM card are used together as an encryption key, and according to the preset encryption configuration option, the corresponding mobile phone IMEI number and the ICCID information of the SIM card are read, and the built-in file of the mobile phone is configured according to a preset encryption configuration.
  • the option performs the first encryption (that is, the first encryption in this embodiment). For example, if the read internal file of the mobile phone is a file in a folder that needs to be encrypted specified in the encryption configuration option, the IMEI of the mobile phone is used.
  • the ICCID of the number and the SIM card is a key, and the embedded built-in file is encrypted by the encryption algorithm selected in the encryption configuration option, and a ciphertext file is generated.
  • the ciphertext file includes a ciphertext header information, and the ciphertext header information is generated by randomly generating a four-digit number or letter. The ciphertext header information is automatically generated by the system for different encrypted files and remains unchanged.
  • the encrypted built-in file is subjected to secondary encryption, which may be a password manually set by the receiving user.
  • one encryption is automatically performed for the terminal system, and the user does not need any operation, and the corresponding decryption process is also automatically completed, that is, as long as the IMEI number of the mobile phone and the ICCID of the SIM card are satisfied, the built-in file can be decrypted for browsing; and the secondary encryption is Encrypt the header information of the ciphertext file.
  • the user After inputting the corresponding password, the user can browse the encrypted ciphertext file.
  • the secondary encryption can use the common common encryption algorithm. The user can set the password by himself or even set a constant. Built-in file to protect encryption.
  • the purpose of secondary encryption of the built-in file is: Since the first encryption uses the automatic encryption method, the encrypted file can be directly browsed and operated under the condition that the decryption condition is satisfied, in order to prevent the user from being browsed by others because the mobile phone is lost. Operation, this embodiment performs secondary encryption on the header information to avoid such a situation.
  • the type of the built-in file of the captured mobile phone does not meet the configuration information in the encryption configuration option, for example, the captured built-in file does not belong to the file in the encrypted folder directory, the file is not encrypted, and the encryption process is directly ended.
  • Store this type of built-in file as a normal file.
  • another embodiment of the present invention further provides a mobile terminal for encrypting a built-in file. Based on the foregoing embodiment, the method further includes:
  • the configuration module 400 is connected to the reading module 401 and is used to set an encryption configuration option.
  • the decryption module 404 is coupled to the secondary encryption module 403 for decrypting the encrypted built-in file.
  • the reading module 401 is further configured to monitor the change of the file under the encrypted folder, and determine whether the type of the changed file belongs to the file type configured in the configuration module 400.
  • the process of decrypting the built-in file is a process reversed from the encryption process.
  • the phone When the user needs to browse the encrypted built-in file, the phone first lets the user enter a password. To parse the header information of the ciphertext file, and input the correct, read the IMEI number of the current mobile phone and the ICCID information of the SIM card used and check the key in the ciphertext file. If the verification results are consistent, the user has the right to browse and operate the application.
  • the system prompts the user to manually input the password of the ciphertext header information, and invokes the header information decryption algorithm to decrypt the header information to obtain the original header information. If the original header information matches the header information of the opened ciphertext file, the decryption of the ciphertext file is successful, otherwise the decryption fails, prompting the user to re-enter the header information password.
  • the ciphertext file is successfully decrypted, the IMEI number of the mobile phone and the ICCID information of the SIM card are read, the IMEI number of the mobile phone and the ICCID information of the SIM card used by the mobile phone are read, and the read information is encrypted with the previously generated one. If the encryption key is the same as the encryption key, the ciphertext file is read, and the ciphertext file is decrypted by using the same encryption algorithm in the encryption process to complete the decryption of the built-in file and generate the decrypted file. The plain document is displayed. If they are inconsistent, the user's selection is re-received and the corresponding ciphertext file is selected.
  • the decryption module 404 includes: a ciphertext selection unit 4041, a decryption instruction receiving unit 4042, and a decryption unit 4043, where
  • the ciphertext selection unit 4041 is configured to select a corresponding ciphertext file according to a user selection.
  • the decryption instruction receiving unit 4042 is configured to receive a decryption instruction input by the user.
  • the decrypting unit 4043 is configured to: when the decryption instruction matches the header information in the corresponding ciphertext file, read the identification information of the mobile terminal; and when the identification information is consistent with the key for generating the corresponding ciphertext file, The ciphertext file is decrypted.
  • the built-in file encryption method and the mobile terminal of the mobile terminal perform the encryption configuration option setting on the built-in file of the mobile terminal, and perform the first time that the mobile terminal identifier is used as the key for the built-in file to be encrypted according to the encryption configuration option.
  • Encryption and second encryption based on the first encryption that is, double encryption of the built-in files of the mobile terminal, encrypted built-in files
  • the decryption browsing and related operations can only be performed on the original encrypted mobile phone and/or the mobile phone inserted into the original encrypted SIM card, thereby realizing more secure and effective encryption of the built-in file of the mobile phone, thereby ensuring the privacy of the user data.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Telephone Function (AREA)
  • Storage Device Security (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

La présente invention se rapporte à un procédé de cryptage de fichier incorporé pour un terminal mobile et à un terminal mobile. Le procédé consiste à : lire un fichier incorporé d'un terminal mobile ; déterminer si le fichier incorporé doit, ou non, être crypté selon un élément de configuration de cryptage prédéterminé et, si c'est le cas, prendre ensuite l'identifiant du terminal mobile comme clé et effectuer un premier cryptage du fichier incorporé afin de générer un fichier chiffré selon l'élément de configuration de cryptage ; et effectuer un second cryptage des informations de tête dans le fichier chiffré au moyen d'un algorithme de cryptage prédéterminé. Selon la présente invention, un premier cryptage consistant à prendre l'identifiant du terminal mobile comme clé et un second cryptage basé sur le premier cryptage sont effectués sur le fichier incorporé qui doit être crypté selon un élément de configuration de cryptage prédéterminé, à savoir qu'un double cryptage est effectué sur le fichier incorporé du terminal mobile, et le fichier incorporé crypté peut uniquement être décrypté pour permettre de naviguer et des opérations appropriées dans un téléphone mobile initialement crypté et/ou un téléphone mobile dans lequel on a inséré une carte SIM initialement cryptée, ce qui permet de réaliser un cryptage plus sûr et plus efficace du fichier incorporé du téléphone mobile et de garantir le respect de la vie privée des données utilisateur.
PCT/CN2011/077376 2011-05-10 2011-07-20 Procédé de cryptage de fichier incorporé pour un terminal mobile, et terminal mobile WO2012151785A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201110119620.3 2011-05-10
CN2011101196203A CN102781001A (zh) 2011-05-10 2011-05-10 移动终端内置文件加密方法及移动终端

Publications (1)

Publication Number Publication Date
WO2012151785A1 true WO2012151785A1 (fr) 2012-11-15

Family

ID=47125730

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2011/077376 WO2012151785A1 (fr) 2011-05-10 2011-07-20 Procédé de cryptage de fichier incorporé pour un terminal mobile, et terminal mobile

Country Status (2)

Country Link
CN (1) CN102781001A (fr)
WO (1) WO2012151785A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108875403A (zh) * 2018-05-04 2018-11-23 北京明朝万达科技股份有限公司 一种文件管理方法及装置

Families Citing this family (28)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103856938B (zh) * 2012-12-04 2017-07-28 中兴通讯股份有限公司 一种加密解密的方法、系统及设备
CN103856539A (zh) * 2012-12-06 2014-06-11 海尔集团公司 私有云系统、智能家庭系统及家庭数据保护方法
CN103840942B (zh) * 2014-02-19 2017-10-17 宇龙计算机通信科技(深圳)有限公司 数据保护系统及方法
CN105337722B (zh) * 2014-06-19 2019-06-28 阿里巴巴集团控股有限公司 数据加密方法及装置
CN104023143A (zh) * 2014-06-23 2014-09-03 上海斐讯数据通信技术有限公司 一种基于码分多址密码管理功能的智能手机
CN106462719A (zh) * 2014-07-31 2017-02-22 宇龙计算机通信科技(深圳)有限公司 存储卡的加密方法和加密装置
CN105577379B (zh) * 2014-10-16 2020-04-28 阿里巴巴集团控股有限公司 一种信息处理方法及装置
CN104392183B (zh) * 2014-11-10 2017-07-25 深圳市元征科技股份有限公司 汽车诊断设备自动检索校验车型文件的方法
CN105763523A (zh) * 2014-12-19 2016-07-13 中国电信股份有限公司 防范应用信息泄露的方法、装置和移动终端
CN106203141A (zh) * 2016-07-15 2016-12-07 宇龙计算机通信科技(深圳)有限公司 一种应用的数据处理方法和装置
CN106170006A (zh) * 2016-09-29 2016-11-30 广州鹤互联网科技有限公司 一种电子签批安全管理方法及系统
CN106411885A (zh) * 2016-09-29 2017-02-15 广州鹤互联网科技有限公司 一种电子签批安全管理方法及系统
CN106529651B (zh) * 2016-11-15 2019-03-08 安徽汉威电子有限公司 一种采用双重加密算法的射频卡片
CN106775849A (zh) * 2016-12-02 2017-05-31 广东欧珀移动通信有限公司 应用信息处理、应用安装的方法、装置和计算机设备
CN106612376A (zh) * 2016-12-27 2017-05-03 努比亚技术有限公司 一种移动终端及其文件处理方法
CN106846233A (zh) * 2017-01-20 2017-06-13 宇龙计算机通信科技(深圳)有限公司 一种照片加密方法及加密装置
CN106789086B (zh) * 2017-01-25 2019-11-29 中钞信用卡产业发展有限公司杭州区块链技术研究院 一种用于移动终端的数字签名方法及其装置
CN106911719A (zh) * 2017-04-20 2017-06-30 努比亚技术有限公司 一种移动终端及基于该移动终端的实名管理系统
CN107133524A (zh) * 2017-04-27 2017-09-05 北京洋浦伟业科技发展有限公司 一种数据存储方法及装置
CN107748847A (zh) * 2017-10-11 2018-03-02 惠州Tcl移动通信有限公司 一种用户私密文件的浏览方法、存储介质及移动终端
CN107800716B (zh) * 2017-11-14 2020-05-01 中国银行股份有限公司 一种数据处理方法及装置
CN109948347B (zh) * 2017-12-21 2021-03-05 中移(杭州)信息技术有限公司 一种数据存储方法及装置、服务器及可读存储介质
CN108200181B (zh) * 2018-01-11 2021-03-19 中国人民解放军战略支援部队信息工程大学 一种面向云存储的可撤销属性基加密系统及方法
CN109117652B (zh) * 2018-08-03 2022-02-18 合肥联宝信息技术有限公司 一种文件加密及解密方法
CN109831775B (zh) * 2019-02-02 2021-12-03 华为数字技术(苏州)有限公司 一种处理器、基带芯片以及sim卡信息传输方法
CN112566124B (zh) * 2019-09-25 2024-06-18 紫光同芯微电子有限公司 密钥生成及加解密方法、装置以及sim卡芯片
CN110750800A (zh) * 2019-10-09 2020-02-04 厦门理工学院 数据安全处理方法、装置、设备及存储介质
CN112073372B (zh) * 2020-08-04 2023-06-27 南京国电南自维美德自动化有限公司 一种电力系统通信报文双重加密方法、解密方法和报文交互系统

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1022638A2 (fr) * 1999-01-12 2000-07-26 International Business Machines Corporation Procédé et moyens de gestion securisée d'informations entre deux dispositifs de traitement de données
CN1522517A (zh) * 2002-02-08 2004-08-18 ��ʽ����Ntt����Ħ 移动通信终端、信息处理方法、数据处理程序以及记录介质
CN101212633A (zh) * 2006-12-30 2008-07-02 英华达股份有限公司 数字影音数据加密解密方法
CN101282326A (zh) * 2007-04-04 2008-10-08 朱明程 绑定终端的数字版权管理方法、系统及其手持式终端

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1022638A2 (fr) * 1999-01-12 2000-07-26 International Business Machines Corporation Procédé et moyens de gestion securisée d'informations entre deux dispositifs de traitement de données
CN1522517A (zh) * 2002-02-08 2004-08-18 ��ʽ����Ntt����Ħ 移动通信终端、信息处理方法、数据处理程序以及记录介质
CN101212633A (zh) * 2006-12-30 2008-07-02 英华达股份有限公司 数字影音数据加密解密方法
CN101282326A (zh) * 2007-04-04 2008-10-08 朱明程 绑定终端的数字版权管理方法、系统及其手持式终端

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108875403A (zh) * 2018-05-04 2018-11-23 北京明朝万达科技股份有限公司 一种文件管理方法及装置
CN108875403B (zh) * 2018-05-04 2020-09-25 北京明朝万达科技股份有限公司 一种文件管理方法及装置

Also Published As

Publication number Publication date
CN102781001A (zh) 2012-11-14

Similar Documents

Publication Publication Date Title
WO2012151785A1 (fr) Procédé de cryptage de fichier incorporé pour un terminal mobile, et terminal mobile
US7921305B2 (en) Portable information terminal and data protecting method
JP4398145B2 (ja) 自動データベース暗号化の方法および装置
US8719956B2 (en) Method and apparatus for sharing licenses between secure removable media
CN102196422B (zh) 一种手持通信终端丢失后文件防泄密方法
CN113545006A (zh) 远程授权访问锁定的数据存储设备
CN101674575B (zh) 一种保护移动通信终端数据安全的方法和装置
CN104662870A (zh) 数据安全管理系统
JP2004180310A (ja) チップカードと無線端末の間の信頼モデルの設定と管理の方法
JP2008533882A (ja) 暗号化キーをバックアップ及び復元する方法
WO2005091149A1 (fr) Dispositif de sauvegarde, dispositif secouru, dispositif intermediaire de sauvegarde, systeme de sauvegarde, procede de sauvegarde, procede de recuperation de donnees, programme, et support d’enregistrement
CA2826837C (fr) Systeme et methode de reinitialisation a distance de mot de passe et de cle de chiffrement
US7913096B2 (en) Method and system for the cipher key controlled exploitation of data resources, related network and computer program products
CN101621794A (zh) 一种无线应用服务系统的安全认证实现方法
CN112673600A (zh) 基于区块链的手机终端以及IoT设备之间的多重安全认证系统以及方法
WO2010060242A1 (fr) Procédé d'authentification pour terminal mobile et système correspondant
CN101815292B (zh) 一种移动终端的数据保护装置及方法
JPH08272742A (ja) データ漏洩防止システム
WO2014169610A1 (fr) Procédé et dispositif de chiffrement et de déchiffrement de données, et système de protection de terminal mobile
TW201329776A (zh) 保護檔案內容安全的方法和系統
CN113260992A (zh) 数据存储设备的多设备解锁
JP2007506329A (ja) Wlanセキュリティを向上させる方法
CN114186249A (zh) 一种计算机文件安全加密方法、解密方法和可读存储介质
CN108173926A (zh) 一键启动汽车方法、系统及用户终端和T-box终端
WO2013185701A1 (fr) Procédé et système de chiffrement de terminal à l'aide d'une carte de module d'identité d'abonné

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 11865219

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 11865219

Country of ref document: EP

Kind code of ref document: A1