WO2013020446A1 - File encryption and decryption method, device and system - Google Patents

File encryption and decryption method, device and system Download PDF

Info

Publication number
WO2013020446A1
WO2013020446A1 PCT/CN2012/079005 CN2012079005W WO2013020446A1 WO 2013020446 A1 WO2013020446 A1 WO 2013020446A1 CN 2012079005 W CN2012079005 W CN 2012079005W WO 2013020446 A1 WO2013020446 A1 WO 2013020446A1
Authority
WO
WIPO (PCT)
Prior art keywords
file
length
encrypted
content
plaintext
Prior art date
Application number
PCT/CN2012/079005
Other languages
French (fr)
Chinese (zh)
Inventor
张健
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Publication of WO2013020446A1 publication Critical patent/WO2013020446A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]

Definitions

  • the present invention relates to the field of digital rights management, and in particular, to a method, device and system for encrypting and decrypting files. Background technique
  • DRM Digital Rights Management
  • AES Advanced Encryption Standard
  • the commonly used DRM technology is: On the DRM server, the contents of the digital file are read into the memory as a whole, and then AES is encrypted and saved.
  • the terminal reads the encrypted digital file is obtained from the server, and then the contents of the encrypted digital file are read into the memory as a whole, and AES decryption is performed.
  • Embodiments of the present invention provide a method, an apparatus, and a system for encrypting and decrypting a file, which can improve the efficiency of encryption and decryption of a digital file, and do not require an encryption device or a decryption device to have a large memory, and can decrypt the digital file. Licensing presents the decrypted content to enhance the user experience.
  • a file encryption method including:
  • the contents of the file of the starting length are read from the beginning of the original file and written into the encrypted file, wherein the starting length is the length from the beginning of the original file to the start position where the ciphertext and the plaintext are alternately encrypted;
  • the content of the file after the start length of the original file is encrypted in the form of alternating ciphertext and plaintext, and the encrypted file content is written into the encrypted file.
  • a method for decrypting a file including:
  • the contents of the file of the start length are read from the beginning of the encrypted file and written into the decrypted file, wherein the initial length is the length from the beginning of the encrypted file to the start position where the ciphertext and the plaintext are alternately decrypted;
  • the content of the file after the start length of the encrypted file is decrypted in the form of alternating ciphertext and plaintext, and the decrypted file content is written into the decrypted file.
  • a file encryption device comprising:
  • a starting encryption unit configured to read a file content of a starting length from the beginning of the original file, and write the file to the encrypted file, where the starting length is a starting position from the beginning of the original file to the encryption of the ciphertext and the plaintext alternately Length between
  • the alternate encryption unit is configured to encrypt the content of the file after the start length of the original file in an alternating manner between the ciphertext and the plaintext, and write the encrypted file content into the encrypted file.
  • a file decryption device comprising:
  • the initial decryption unit is configured to read the content of the starting length from the beginning of the encrypted file and write the decrypted file, wherein the initial length is from the beginning of the encrypted file to the ciphertext and the plaintext.
  • the alternate decryption unit is configured to decrypt the content of the file after the start length of the encrypted file in an alternating manner between the ciphertext and the plaintext, and write the decrypted file content into the decrypted file.
  • a file encryption and decryption system comprising: an encryption device and a decryption device.
  • the method, device and system for encrypting and decrypting a file when encrypting, segmenting an original file into a memory according to a predetermined plaintext length and a ciphertext length for encryption processing, which is original in the prior art.
  • the memory requirement of the encryption device is low.
  • the encryption and decryption are performed in a form in which the ciphertext and the plaintext are spaced apart from each other, and the amount of data that needs to be encrypted and decrypted is reduced as compared with the prior art method of encrypting and decrypting each byte in the original file. , can improve the efficiency of encryption and decryption.
  • the decrypted content can be presented in the process of decryption, and the decryption is performed while reading. Thereby reducing the time for the user to wait for a response, and improving the user experience.
  • Embodiment 1 is a flowchart of a method for encrypting a file in Embodiment 1 of the present invention
  • Embodiment 1 of the present invention is a flowchart of a method for decrypting a file in Embodiment 1 of the present invention
  • Embodiment 3 is a flowchart of a method for encrypting a file in Embodiment 2 of the present invention
  • FIG. 5 is a schematic diagram of a composition of an encryption device for a file according to Embodiment 3 of the present invention
  • FIG. 6 is a schematic diagram of a composition of an encryption device for another file according to Embodiment 3 of the present invention
  • Schematic diagram of the composition of the encryption device of the file 8 is a schematic diagram of a composition of an encryption device for another file according to Embodiment 3 of the present invention
  • FIG. 9 is a schematic diagram of a composition of an encryption device for another file according to Embodiment 3 of the present invention
  • FIG. 11 is a schematic diagram of the composition of another file decryption apparatus according to Embodiment 3 of the present invention
  • FIG. 12 is a schematic diagram of the composition of another file decryption apparatus according to Embodiment 3 of the present invention
  • 13 is a schematic diagram of a composition of a decryption apparatus for another file in Embodiment 3 of the present invention
  • FIG. 14 is a schematic diagram showing the composition of a file encryption and decryption system according to Embodiment 3 of the present invention.
  • An embodiment of the present invention provides a file encryption method, as shown in FIG. 1 , including:
  • the encryption device reads the content of the starting length from the beginning of the original file and writes the file into the encrypted file, where the starting length is between the beginning of the original file and the starting position of the encryption between the ciphertext and the plaintext. length.
  • the content of the file of the starting length is read from the beginning of the original file, and the encrypted file is written in the form of plaintext, so as to identify the starting position where the ciphertext and the plaintext are alternately encrypted.
  • the starting length is the length from the beginning of the original file to the starting position where the ciphertext and the plaintext are alternately encrypted.
  • the content of the file after the start length of the original file that is, the content after the start position, is encrypted in the form of alternating ciphertext and plaintext.
  • the encryption device encrypts the content of the file after the start length of the original file in an alternating manner between the ciphertext and the plaintext, and writes the encrypted file content into the encrypted file.
  • the content of the file after the start length of the original file is encrypted according to the ciphertext and the plaintext, and the method of writing the encrypted file content into the encrypted file may be first
  • the form of the ciphertext after the ciphertext may also be in the form of the ciphertext after the ciphertext. The specific embodiment of the present invention does not limit this.
  • the method is specifically: reading the encrypted file content, encrypting the encrypted file content, and writing the encrypted file content into the encrypted file; After the length of the file content, the file content of the read plain length is written into the encrypted file; the content of the file after the start length of the original file is repeatedly read as described above until the original file is encrypted.
  • the method is specifically: writing the file content of the plaintext length into the encrypted file; after reading the file content of the plaintext length, reading the encrypted length of the file content, and encrypting
  • the length of the file content is encrypted, and the encrypted file content is written into the encrypted file; according to the above steps, the content of the file after the start length of the original file is repeatedly read until the original file is encrypted.
  • An embodiment of the present invention provides a method for decrypting a file, as shown in FIG. 2, including:
  • the decryption device reads the file content of the start length from the beginning of the encrypted file, and writes the file content into the decrypted file, where the initial length is the length from the beginning of the encrypted file to the start position where the ciphertext and the plaintext are alternately decrypted. .
  • the beginning of the encrypted file is a file content that does not include other parameter information such as a file header. If a file header is added to the encryption of the original file, it is necessary to remove the file header before the decryption starts, according to a predetermined starting length value. The contents of the file whose initial length is read from the official content of the encrypted file are written into the decrypted file to identify the starting position where the ciphertext and the plaintext are alternately decrypted. The content before the start position, that is, the file content of the read start length, is in plain text and can be written into the decrypted file without performing a decryption operation. It should be noted that the decrypted file is only accessed in the memory, and the corresponding decrypted file is not generated on the disk of the decryption device, so that the original file content obtained by the decryption can be effectively copyright protected.
  • the decryption device decrypts the file content after the start length of the encrypted file in an alternating manner between the ciphertext and the plaintext, and writes the decrypted file content into the decrypted file.
  • the method of reading the encrypted file used during decryption is not Similarly, the content of the file after the start length of the encrypted file is decrypted in the form of alternating ciphertext and plaintext, and the method of writing the decrypted file content into the decrypted file is specifically as follows:
  • the file content of the encrypted length is first read in the decryption, and the content of the encrypted length is decrypted, and the decrypted file content is written.
  • Decrypt the file after reading the encrypted file content, read the file content of the plain text length and write it to the decrypted file; repeatedly read the file content after the start length of the encrypted file according to the above steps until the current decrypted file is decrypted
  • the zone decryption is complete.
  • the file content of the plaintext length first read in the decryption file is written into the decrypted file; after reading the file content of the plaintext length, the encryption is read.
  • the length of the file content, and decrypt the encrypted file content, and write the decrypted file content into the decrypted file follow the above steps to repeatedly read the file content after the start length of the encrypted file until the current decrypted area of the encrypted file The decryption is complete.
  • the encryption and decryption method of the file reads the original file segment into the memory according to the predetermined plaintext length and the ciphertext length for encryption processing during encryption, and reads the original file as a whole in the prior art. Compared to the method of encrypting memory, the memory requirements of the encryption device are lower. Moreover, the encryption and decryption are performed in a form in which the ciphertext and the plaintext are spaced apart from each other, and the amount of data that needs to be encrypted and decrypted is reduced as compared with the prior art method of encrypting and decrypting each byte in the original file. , can improve the efficiency of encryption and decryption.
  • the decrypted content can be presented in the process of decryption, and the decryption is performed while reading. Thereby reducing the time for the user to wait for a response, and improving the user experience.
  • the embodiment of the invention provides a method for encrypting and decrypting a file, and the digital file is interval-encrypted on the encryption device to obtain an encrypted file capable of effectively protecting the copyright of the digital file; when the decryption device issues a request for obtaining the encrypted file to the encryption device
  • the encryption device transmits the encrypted file to the decryption device; the decryption device performs corresponding interval decryption, and displays the decrypted digital file.
  • the encryption method of the file is as shown in FIG. 3, including:
  • the encryption device determines a start length, an encryption length, and a plaintext length according to the size of the original file.
  • the start length, encryption length, and plaintext length are predefined attribute values, which can be set as needed. According to the size of the original file, the starting length, the encryption length, and the plaintext length are determined, so as to adjust the relative proportion of the ciphertext and the plaintext in the encrypted file, and the efficiency of the encryption is controlled. For example, when the original file is less than 512 Kbytes, the plaintext length is determined to be 0 bytes, so that the ciphertext ratio is 100%; when the original file size is between 512 Kbytes and 1024 Kbytes, the plaintext length is determined to be 16 bytes, The ciphertext ratio is about 50%. When the original file is larger than 1024Kbytes, the plaintext length is determined to be 16x9 bytes, so that the ciphertext ratio is about 10%.
  • predetermined rules may also be used for the start length, the encryption length, and the plaintext length.
  • the ciphertext length is set to be sequentially incremented, and the plaintext length is set to a descending form, and a dynamically varying length value is obtained in the encryption process. If the plaintext length and the ciphertext length are calculated according to a predetermined rule, the calculation rule of each length value needs to be described in the encryption rule, so that the decryption device obtains the corresponding plaintext length and ciphertext length when decrypting.
  • the length of the content to be encrypted is fixed, so the encryption length must be a multiple of the encryption base value in the encryption algorithm.
  • the length of the encrypted block is fixed to 128b its each time, that is, 16 bytes, so when defining the encryption length, the encryption length must be a multiple of 16 bytes in order to satisfy AES128- CBC encryption algorithm.
  • the encryption algorithm used in the embodiment of the present invention includes but is not limited to the above algorithm, and may also be other symmetric encryption algorithms such as AES192-CBC, AES256-CBC.
  • the encryption device sends the start length, the encryption length, the plaintext length, and the encryption rule to the decryption device of the file.
  • the method for the encryption device to send the start length, the encryption length, the plaintext length, and the encryption rule to the decryption device of the file may be:
  • the encryption device adds a file header at the beginning of the encrypted file, and sets the start length, the encryption length, and the plaintext length.
  • the encryption rule is written in the file header of the encrypted file in the form of name-va lue, so that the encrypted information is sent to the file along with the encrypted file.
  • Decryption device The encryption device adds a file header at the beginning of the encrypted file, and sets the start length, the encryption length, and the plaintext length.
  • the encryption rule is written in the file header of the encrypted file in the form of name-va lue, so that the encrypted information is sent to the file along with the encrypted file. Decryption device.
  • the method for the encryption device to send the start length, the encryption length, the plaintext length, and the encryption rule to the decryption device of the file may also be:
  • the encryption device encapsulates the start length, the encryption length, the plaintext length, and the encryption rule into the cell and sends the file to the file. Decryption device.
  • the encryption length and the plaintext length in an encrypted file are not fixed, so the start length needs to be described in the encryption rule.
  • the encryption device may not need to transmit the encrypted information to the decryption device again.
  • the encryption device reads the content of the file of the start length from the beginning of the original file, and writes the file content into the encrypted file.
  • the starting length is the length from the beginning of the original file to the start position where the ciphertext and the plaintext are alternately encrypted
  • the file content of the starting length is read from the beginning of the original file according to the predetermined starting length value.
  • the encrypted file is written in plaintext so that the encryption device and the decryption device recognize the start position where the ciphertext and the plaintext are alternately encrypted.
  • the content of the file after the start length of the original file that is, the content after the start position, is encrypted in the form of alternating ciphertext and plaintext.
  • the encryption device reads the encrypted file content, encrypts the encrypted file content, and writes the encrypted file content into the encrypted file.
  • step 303 the encryption device obtains a starting position where the ciphertext and the plaintext are alternately encrypted, and the file content of the encrypted length is sequentially read from the starting position for encryption, and the encrypted file content is written into the encrypted file.
  • the first plaintext or the first ciphertext may be used, which is not limited in this embodiment.
  • the steps 304 and 305 are reversed, and the encryption rule is written to the file header or transparently transmitted to the decryption device by the cell. 305.
  • the encryption device reads the file content of the plaintext length and writes the file content into the encrypted file.
  • the file content of the plaintext length read by the encryption device is not required to be encrypted, and is written in the encrypted file in the form of plaintext, and the encrypted content is separated by the plaintext content.
  • the encryption device determines whether the original file has been read. If the original file has not been read, step 304 is performed. If the original file has been read, step 307 is performed.
  • steps 305 and 306 are repeatedly performed alternately, and the original file is sequentially read until the original file is encrypted.
  • the encryption device determines whether the last file content in the original file should be written in the form of cipher text; if the last file content in the original file should not be written in the form of cipher text, step 308; The last file content in the original file should be written to the encrypted file in the form of cipher text, and then step 309 is performed.
  • the original file size may be in cipher text or in plain text because the size of the original file is different, and the starting length, encryption length, plaintext length, and encryption rules are different.
  • the specific method for determining whether the last file content in the original file should be written into the encrypted file in cipher text may be: When the last file content in the original file is read, whether the content of the previous file according to the current content is plain text or confidential The text determines the form in which the current file content is written to the encrypted file. If the content of the previous paragraph is written to the encrypted file in clear text, the current content should be written to the encrypted file in cipher text; if the content of the previous paragraph is written in encrypted form, the current content should be in clear text. The form is written to an encrypted file.
  • the encryption device directly writes the last file content in the original file to the encrypted file in clear text.
  • the plaintext content does not need to be encrypted, and there is no requirement for the content length, and the encrypted text is directly written in the form of plaintext.
  • the encryption device determines whether the length of the last file content in the original file reaches a base value; if the length of the last file content in the original file does not reach the base value, step 310 is performed; if the length of the last file content in the original file reaches The base value is then executed in step 311.
  • the length of the content to be encrypted is fixed, so The length of the content to be encrypted, that is, the length of the last content in the original file must reach the encryption base value in the encryption algorithm, or a multiple of the base value.
  • the length of the encrypted block is fixed to 128b itself, that is, 16 bytes, each time the encryption is performed, so the length of the content to be encrypted must be a multiple of 16 bytes, if the last file content is less than 16 words. If the section is not a multiple of 16 bytes, it needs to be complemented to a multiple of 16 bytes or 16 bytes in order to satisfy the AES 128-CBC encryption algorithm.
  • the encryption device supplements the last file content so that the length of the last file content reaches the base value.
  • the final file content is supplemented so that the length of the last file content reaches the base value of the encryption in the encryption algorithm, or a multiple of the base value. If the file content is complemented during encryption, the corresponding content will also be deleted when decrypting.
  • the encryption device encrypts the last file content or the supplemented file content and writes it to the encrypted file.
  • the embodiment of the present invention provides a file decryption method as shown in FIG. 4, which includes:
  • the decryption device acquires a start length, an encryption length, a plaintext length, and an encryption rule.
  • the method for obtaining the start length, the encryption length, the plaintext length, and the encryption rule by the decryption device may be: the decryption device reads the start length, the encryption length, the plaintext length, and the encryption rule from the file header; or receives the carried by the encryption device.
  • the starting length, the encryption length, the plaintext length, and the cells of the encryption rule, and decrypting therefrom to obtain the starting length, the encryption length, the plaintext length, and the encryption rule; or the start length, the encryption length, and the plaintext length are pre-agreed by both the encryption and the decryption parties. And encryption rules.
  • the decryption device reads the file content of the start length from the beginning of the encrypted file, and writes the file content into the decrypted file.
  • the file content of the start length is read from the beginning of the encrypted file and written into the decrypted file, so as to identify the starting position of the ciphertext and the plaintext alternately decrypted.
  • the decrypted file is only accessed in the memory, and is not generated on the disk of the decryption device. Corresponding decryption files, so that the original file content obtained by decryption can be effectively copyright protected.
  • the decryption device reads the encrypted file content, decrypts the encrypted file content, and writes the decrypted file content into the decrypted file.
  • step 402 the starting position of the ciphertext and the plaintext are decrypted alternately, and the file content of the encrypted length is sequentially read from the starting position for decryption, and the decrypted file content is written into the decrypted file.
  • the ciphertext and the plaintext are different in sequence, and the manner of reading the encrypted file used in the decryption is different, and the content of the file after the start length of the encrypted file is in accordance with the ciphertext.
  • the method of decrypting in the form of alternating with the plaintext, and writing the decrypted file content into the decrypted file may be: when the encryption rule adopts the form of alternating the plaintext after the first ciphertext, and correspondingly when decrypting Step 403 is performed first, and then step 404 is performed.
  • the step 404 is performed first in the decryption, and then the step 403 is performed.
  • the decryption device reads the file content of the plaintext length and writes the file content into the decrypted file.
  • the file content of the read plain text length is not encrypted, and the corresponding file content in the original file can be directly obtained, and directly written into the decrypted file.
  • the decryption device determines whether the current decrypted area of the encrypted file has been read. If the current decrypted area of the encrypted file is not read, step 403 is performed. If the current decrypted area of the encrypted file has been read, step 406 is performed. .
  • steps 403 and 404 are repeatedly performed alternately, and the encrypted file is sequentially read until the decrypted area of the encrypted file is decrypted.
  • the decryption area is a predetermined value on the decryption device, and the decryption area size can be adjusted according to the memory condition of the decryption device and actual needs. Therefore, only the file content corresponding to the current decrypted area is decrypted in the memory, instead of decrypting the entire encrypted file, which can effectively reduce the memory consumption.
  • the decryption area can be set as the entire file content, and part of the contents of the e-book can be displayed simultaneously, and the remaining file contents are all Decryption. If the decryption device has limited memory, the decryption area can be set to the first three pages of the current page to the last three pages of the current page, and only the file content in the current decryption area is decrypted in the memory.
  • the decryption device displays the content of the decrypted file.
  • the decryption device deletes the content of the file in the decrypted file that does not belong to the current decrypted area.
  • the content of the file that does not belong to the current decryption area may be deleted. For example, when decrypting an e-book, 4 sets the encrypted area to 7 pages and the current page to the 4th page. If the currently displayed page moves to the next page (page 5), the file content of the first page in the file is decrypted. Already does not belong to the current decryption area, ⁇ delete the contents of the first page of the file.
  • the method for encrypting and decrypting a file provided by the embodiment of the present invention, the method, device and system for encrypting and decrypting a file according to an embodiment of the present invention, when the encryption is performed, the original file is segmentally read according to a predetermined plaintext length and a ciphertext length.
  • the encryption process is performed in the memory, and the memory requirement of the encryption device is lower than that of the prior art method of reading the original file into the memory for encryption.
  • the encryption and decryption are performed in a form in which the ciphertext and the plaintext are spaced apart from each other, and the amount of data that needs to be encrypted and decrypted is reduced as compared with the prior art method of encrypting and decrypting each byte in the original file. , can improve the efficiency of encryption and decryption.
  • the decrypted content can be presented in the process of decryption, and the decryption is performed while reading. Thereby reducing the time for the user to wait for a response, and improving the user experience.
  • the size of the decrypted area can be set according to requirements, and the file content that does not belong to the current decrypted area is deleted in time.
  • the encrypted file is read into the memory as a whole and decrypted, and the whole decryption is obtained in the memory. Compared with files, it can effectively save memory resources and reduce the memory requirements of the decryption device.
  • the embodiment of the present invention provides a file encryption device. As shown in FIG. 5, the device includes: an initial encryption unit 51 and an alternate encryption unit 52.
  • the initial encryption unit 51 is configured to read the file content of the start length from the beginning of the original file and write the file into the encrypted file, where the starting length is from the beginning of the original file to the ciphertext and the plaintext. The length between the starting positions for encryption.
  • the alternate encryption unit 52 is configured to encrypt the content of the file after the start length of the original file in an alternating manner between the ciphertext and the plaintext, and write the encrypted file content into the encrypted file.
  • the alternate encryption unit 52 includes: a ciphertext writing module 521, a plaintext writing module 522, and a first repeating module 523.
  • the ciphertext writing module 521 is configured to read the encrypted file content, encrypt the encrypted file content, and write the encrypted file content into the encrypted file.
  • the plaintext writing module 522 is configured to read the file content of the encrypted length after the ciphertext writing module 521 reads the file content of the encrypted length, and write the file content of the plaintext length into the encrypted file.
  • the first repeating module 523 is configured to repeatedly start the ciphertext writing module 521 and the plaintext writing module 522 alternately until the original file is encrypted.
  • the plaintext writing module 522 is further configured to: write the file content of the plaintext length into the encrypted file.
  • the ciphertext writing module 521 is further configured to: after the plaintext writing module 522 reads the file content of the plaintext length and write the file content into the encrypted file, read the file content of the encrypted length, and encrypt the encrypted file content, and encrypt the file content. The contents of the file are written to the encrypted file.
  • the first repeating module 523 is further configured to repeatedly alternately start the plaintext writing module 522 and the ciphertext writing module 521 until the original file is encrypted.
  • the alternate encryption unit 52 further includes: a determination module 524 and a supplementary module 525.
  • the determining module 524 is configured to determine whether the last file content in the original file should be written into the encrypted file in the form of cipher text.
  • the plaintext writing module 522 is further configured to directly write the last file content in the original file to the encrypted file in plaintext when the last file content in the original file is not written in the cipher text.
  • the supplementing module 525 is configured to determine whether the length of the last file content in the original file reaches a base value when the last file content in the original file is written in the cipher text, if the last file content in the original file If the length does not reach the base value, the final file content will be entered. Line complement, so that the length of the final file content reaches the base value.
  • the ciphertext writing module 521 is also used to encrypt the encrypted file content and write the encrypted file.
  • the encryption device of the file further includes: a determining unit 53 and a sending unit 54.
  • the determining unit 53 is configured to read the file content of the start length from the beginning of the original file at the initial encryption unit 51, and determine the start length, the encryption length, and the plaintext length according to the size of the original file before writing to the encrypted file.
  • the transmitting unit 54 is configured to decrypt the start length, the encryption length, the plaintext length, and the encryption rule to the file.
  • the sending unit 54 is further configured to add a file header at the beginning of the encrypted file, and write the attributes of the start length, the encryption length, and the plaintext length into the file header of the encrypted file.
  • the sending unit 54 is further configured to encapsulate the start length, the encryption length, the plaintext length, and the encryption rule into a decryption device that is sent to the file in the cell.
  • the alternate encryption unit 52 further includes: a first calculation module 526.
  • the first calculating module 526 is configured to calculate the encryption length and the plaintext length according to a predetermined encryption rule in the process of encrypting according to the ciphertext and the plaintext, to obtain a dynamically changing encryption length and a plaintext length.
  • An embodiment of the present invention provides a file decryption apparatus. As shown in FIG. 10, the apparatus includes: an initial decryption unit 61 and an alternate decryption unit 62.
  • the initial decryption unit 61 is configured to read the file content of the start length from the beginning of the encrypted file, and write the file content into the decrypted file, wherein the initial length is a starting position from the beginning of the encrypted file to the ciphertext and the plaintext alternately decrypted. The length between.
  • the alternate decryption unit 62 is configured to decrypt the file content after the start length of the encrypted file in an alternating manner between the ciphertext and the plaintext, and write the decrypted file content into the decrypted file. Further, as shown in FIG. 11, the alternate decryption unit 62 includes: a ciphertext reading module 621, a plaintext reading module 622, and a second repeating module 623.
  • the ciphertext reading module 621 is configured to: when the encryption rule adopts the form of alternating ciphertext and the plaintext, read the file content of the encrypted length, and decrypt the encrypted file content, and decrypt the decrypted file content. Write to the decrypted file.
  • the plaintext reading module 622 is configured to read the file content of the plaintext length after the ciphertext reading module 621 reads the file content of the encrypted length, and write the file content into the decrypted file.
  • the second repeating module 623 is configured to repeatedly start the ciphertext reading module 621 and the plaintext reading module 622 until the current decrypted area of the encrypted file is decrypted.
  • the plaintext reading module 622 is further configured to: when the encryption rule adopts a form in which the ciphertext is alternated after the plaintext, the file content of the plaintext length is read and written into the decrypted file.
  • the ciphertext reading module 621 is further configured to: after the plaintext reading module 622 reads the file content of the plaintext length, read the file content of the encrypted length, decrypt the encrypted file content, and write the decrypted file content. Into the decrypted file.
  • the second repeating module 623 is further configured to repeatedly start the plaintext reading module 622 and the ciphertext reading module 621 until the current decrypted area of the encrypted file is decrypted.
  • the decryption apparatus of the file further includes: an obtaining unit 63, a display unit 64, and a deleting unit 65.
  • the obtaining unit 63 is configured to read the file content of the start length from the beginning of the encrypted file at the start decryption unit 61, and obtain the start length, the encryption length, the plaintext length, and the encryption rule before writing the decrypted file.
  • the display unit 64 is configured to display the content of the decrypted file.
  • the deleting unit 65 is configured to delete the content of the file in the decrypted file that does not belong to the current decrypted area.
  • the alternate decryption unit 62 further includes: a second calculation module 624.
  • the second calculating module 624 is configured to calculate the encryption length and the plaintext length according to the encryption rule in the process of decrypting according to the ciphertext and the plaintext, to obtain the dynamically changing encryption length and the plaintext length.
  • the embodiment of the present invention provides a file encryption and decryption system, as shown in FIG. 14, comprising: an encryption device 71 and a decryption device 72.
  • the encryption device 71 is configured to read the file content of the start length from the beginning of the original file, and write the file content into the encrypted file; and encrypt the file content after the start length of the original file according to the ciphertext and the plaintext. Write the encrypted file contents to an encrypted file.
  • the decryption device 72 is configured to read the file content of the start length from the beginning of the encrypted file, and write the file content into the decrypted file; and decrypt the file content after the start length of the encrypted file in an alternating manner between the ciphertext and the plaintext. Write the decrypted file content to the decrypted file.
  • the digital file is interval-encrypted on the encryption device 71 to obtain an encrypted file capable of effectively protecting the copyright of the digital file.
  • the decryption device 72 issues a request for obtaining the encrypted file to the encryption device 71
  • the encryption device 71 transmits the encrypted file to the decryption device 72
  • the decryption device 72 performs the corresponding interval decryption, and displays the decrypted digital file.
  • the method and system for encrypting and decrypting a file according to an embodiment of the present invention the method, device and system for encrypting and decrypting a file according to an embodiment of the present invention, segmenting an original file according to a predetermined plaintext length and a ciphertext length during encryption
  • the encryption process is taken in the memory, and the memory requirement of the encryption device is lower than that of the prior art method of reading the original file into the memory for encryption.
  • the encryption and decryption are performed in a form in which the ciphertext and the plaintext are spaced apart from each other, and the amount of data that needs to be encrypted and decrypted is reduced as compared with the prior art method of encrypting and decrypting each byte in the original file.
  • the decrypted content can be presented in the process of decryption, and the decryption is performed while reading. Thereby reducing the time for the user to wait for a response, and improving the user experience.
  • decrypting The size of the decryption area is set as needed, and the file content that does not belong to the current decryption area is deleted in time, and the encrypted file is read into the memory as a whole and decrypted in the prior art, and the entire decrypted file is obtained in the memory. Effectively save memory resources and reduce memory requirements for the decryption device.
  • the present invention can be implemented by means of software plus necessary general hardware, and of course, by hardware, but in many cases, the former is a better implementation. .
  • the technical solution of the present invention which is essential or contributes to the prior art, may be embodied in the form of a software product stored in a readable storage medium, such as a floppy disk of a computer.
  • a hard disk or optical disk, etc. includes instructions for causing a computer device (which may be a personal computer, server, or network device, etc.) to perform the methods provided by various embodiments of the present invention.

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

Disclosed are a method, device and system for file encryption and decryption, related to the field of digital rights management and able to improve the efficiency of digital file encryption and decryption without requiring that the encryption device or decryption device has a large memory, able to present decrypted content during the process of digital file decryption, and to improve user experience. The method comprises: reading a starting length of file content from the beginning of an original file, and writing same into an encryption file; said starting length is the length from the beginning of the original file to the starting place where encrypted text and plain text is alternatingly encrypted; encrypting the file content after the starting length of the original file in a manner in which encrypted text and plain text alternate, and writing the encrypted file content into the encryption file. This solution is mainly used in processes of digital file encryption and decryption.

Description

文件的加密和解密方法、 装置及系统 本申请要求于 2011 年 8 月 11 日提交中国专利局、 申请号为 201110230148. 0 , 发明名称为 "文件的加密和解密方法、 装置及系统" 的 中国专利申请的优先权, 其全部内容通过引用结合在本申请中。 技术领域  Method, device and system for encrypting and decrypting files This application claims to be filed on August 11, 2011 with the Chinese Patent Office, application number 201110230148. 0, the Chinese patent entitled "File Encryption and Decryption Method, Device and System" Priority of the application, the entire contents of which are incorporated herein by reference. Technical field
本发明涉及数字版权管理领域, 尤其涉及一种文件的加密和解密方法、 装置及系统。 背景技术  The present invention relates to the field of digital rights management, and in particular, to a method, device and system for encrypting and decrypting files. Background technique
随着网络和移动通讯技术的发展, 数字文件的传播速度得到了大大的 提高, 用户获得数字文件的途径也变得简单而多样。 但是, 如果缺乏有效 的版权保护, 数字文件将很容易遭到盗版, 数字文件的版权所有者也会失 去应得的利益。因此,数字文件的网络传播需要通过数字版权管理(Dig i ta l Right s Management , DRM )进行有效的保护。 DRM的基本工作原理为: 在数 字文件的授权中心, 即在 DRM 服务器上, 对数字文件进行高级加密标准 (Advanced Encrypt ion Standard, AES)力口密并压缩; 当用户在终端上阅读 数字文件时, 需要连接到相应的授权中心, 并通过授权中心的验证授权后, 再对数字文件进行 AES解密和阅读。  With the development of network and mobile communication technologies, the speed of digital file transmission has been greatly improved, and the way for users to obtain digital files has become simple and diverse. However, in the absence of effective copyright protection, digital files will be vulnerable to piracy, and copyright holders of digital files will lose the benefits they deserve. Therefore, the network communication of digital files needs to be effectively protected by Digital Rights Management (DRM). The basic working principle of DRM is: In the authorization center of digital files, that is, on the DRM server, Advanced Encryption Standard (AES) is applied to digital files and compressed; when users read digital files on the terminal , need to connect to the corresponding authorization center, and through the authorization and authorization of the authorization center, then AES decryption and reading of the digital file.
目前, 通常采用的 DRM技术为: 在 DRM服务器上, 将数字文件的内容 整体读入到内存中, 然后进行 AES加密并保存。 在终端进行阅读时, 从服 务器上获取加密的数字文件, 然后将加密的数字文件的内容整体读入到内 存中, 进行 AES解密。  Currently, the commonly used DRM technology is: On the DRM server, the contents of the digital file are read into the memory as a whole, and then AES is encrypted and saved. When the terminal reads, the encrypted digital file is obtained from the server, and then the contents of the encrypted digital file are read into the memory as a whole, and AES decryption is performed.
在实现上述文件的加密和解密的过程中, 发明人发现现有技术中至少 存在如下问题: 由于需要将数字文件的内容整体读入到内存中进行加密和 解密, 对 DRM服务器和终端设备的内存要求较高。 并且, 需要对整个数字 文件中的每个字节都进行加密和解密, 消耗的时间较长, 而且数字文件的 体积越大, 加密和解密所消耗的时间就越长。 发明内容 In the process of implementing the encryption and decryption of the above file, the inventors found that at least the following problems exist in the prior art: Since the content of the digital file needs to be read into the memory as a whole for encryption and decryption, the memory of the DRM server and the terminal device The requirements are higher. Moreover, each byte in the entire digital file needs to be encrypted and decrypted, which takes a long time, and the larger the volume of the digital file, the longer the encryption and decryption takes. Summary of the invention
本发明的实施例提供一种文件的加密和解密方法、 装置及系统, 能够 提高数字文件加密和解密的效率, 并且不需要加密装置或解密装置具备较 大的内存, 能在数字文件解密的过程中将已解密的内容呈现, 提高用户体 验感。  Embodiments of the present invention provide a method, an apparatus, and a system for encrypting and decrypting a file, which can improve the efficiency of encryption and decryption of a digital file, and do not require an encryption device or a decryption device to have a large memory, and can decrypt the digital file. Licensing presents the decrypted content to enhance the user experience.
为达到上述目的, 本发明的实施例采用如下技术方案:  In order to achieve the above object, the embodiment of the present invention adopts the following technical solutions:
一种文件的加密方法, 包括:  A file encryption method, including:
从原始文件的开头读取起始长度的文件内容, 写入加密文件中, 其中 起始长度为从原始文件的开头到密文和明文相交替进行加密的起始位置之 间的长度;  The contents of the file of the starting length are read from the beginning of the original file and written into the encrypted file, wherein the starting length is the length from the beginning of the original file to the start position where the ciphertext and the plaintext are alternately encrypted;
将原始文件起始长度之后的文件内容, 按照密文和明文相交替的形式 进行加密, 并将加密后的文件内容写入加密文件中。  The content of the file after the start length of the original file is encrypted in the form of alternating ciphertext and plaintext, and the encrypted file content is written into the encrypted file.
一种文件的解密方法, 包括:  A method for decrypting a file, including:
从加密文件的开头读取起始长度的文件内容, 写入解密文件中, 其中 初始长度为从加密文件的开头到密文和明文相交替进行解密的起始位置之 间的长度;  The contents of the file of the start length are read from the beginning of the encrypted file and written into the decrypted file, wherein the initial length is the length from the beginning of the encrypted file to the start position where the ciphertext and the plaintext are alternately decrypted;
将加密文件起始长度之后的文件内容, 按照密文和明文相交替的形式 进行解密, 并将解密后的文件内容写入解密文件中。  The content of the file after the start length of the encrypted file is decrypted in the form of alternating ciphertext and plaintext, and the decrypted file content is written into the decrypted file.
一种文件的加密装置, 包括:  A file encryption device, comprising:
起始加密单元, 用于从原始文件的开头读取起始长度的文件内容, 写 入加密文件中, 其中起始长度为从原始文件的开头到密文和明文相交替进 行加密的起始位置之间的长度;  a starting encryption unit, configured to read a file content of a starting length from the beginning of the original file, and write the file to the encrypted file, where the starting length is a starting position from the beginning of the original file to the encryption of the ciphertext and the plaintext alternately Length between
交替加密单元, 用于将原始文件起始长度之后的文件内容, 按照密文 和明文相交替的形式进行加密, 并将加密后的文件内容写入加密文件中。  The alternate encryption unit is configured to encrypt the content of the file after the start length of the original file in an alternating manner between the ciphertext and the plaintext, and write the encrypted file content into the encrypted file.
一种文件的解密装置, 包括:  A file decryption device, comprising:
起始解密单元, 用于从加密文件的开头读取起始长度的文件内容, 写 入解密文件中, 其中初始长度为从加密文件的开头到密文和明文相交替进 行解密的起始位置之间的长度; The initial decryption unit is configured to read the content of the starting length from the beginning of the encrypted file and write the decrypted file, wherein the initial length is from the beginning of the encrypted file to the ciphertext and the plaintext. The length between the starting positions of the line decryption;
交替解密单元, 用于将加密文件起始长度之后的文件内容, 按照密文 和明文相交替的形式进行解密, 并将解密后的文件内容写入解密文件中。  The alternate decryption unit is configured to decrypt the content of the file after the start length of the encrypted file in an alternating manner between the ciphertext and the plaintext, and write the decrypted file content into the decrypted file.
一种文件的加密和解密系统, 包括: 加密装置和解密装置。  A file encryption and decryption system comprising: an encryption device and a decryption device.
本发明实施例提供的文件的加密和解密方法、 装置及系统, 在加密时 按照预定的明文长度和密文长度将原始文件分段读取到内存中进行加密处 理, 与现有技术中将原始文件整体读入内存进行加密的方法相比, 对加密 装置的内存要求较低。 并且, 通过密文与明文相互间隔的形式进行加密和 解密, 与现有技术中将原始文件中的每一个字节都进行加密和解密的方法 相比, 减少了需要进行加密和解密的数据量, 能够提高加密和解密的效率。 并且, 采用不连续的加密和解密形式, 与现有技术中将原始文件作为一个 整体加密和解密的方法相比, 可以在解密的过程中将已解密的内容呈现, 实现了边解密边阅读, 从而减少了用户等待响应的时间, 提高了用户体验 感。 附图说明  The method, device and system for encrypting and decrypting a file according to an embodiment of the present invention, when encrypting, segmenting an original file into a memory according to a predetermined plaintext length and a ciphertext length for encryption processing, which is original in the prior art. Compared with the method in which the file is read into the memory for encryption, the memory requirement of the encryption device is low. Moreover, the encryption and decryption are performed in a form in which the ciphertext and the plaintext are spaced apart from each other, and the amount of data that needs to be encrypted and decrypted is reduced as compared with the prior art method of encrypting and decrypting each byte in the original file. , can improve the efficiency of encryption and decryption. Moreover, in the form of discontinuous encryption and decryption, compared with the prior art method of encrypting and decrypting the original file as a whole, the decrypted content can be presented in the process of decryption, and the decryption is performed while reading. Thereby reducing the time for the user to wait for a response, and improving the user experience. DRAWINGS
为了更清楚地说明本发明实施例或现有技术中的技术方案, 下面将对 实施例或现有技术描述中所需要使用的附图作简单地介绍, 显而易见地, 下面描述中的附图仅仅是本发明的一些实施例, 对于本领域普通技术人员 来讲, 在不付出创造性劳动的前提下, 还可以根据这些附图获得其他的附 图。  In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the embodiments or the description of the prior art will be briefly described below. Obviously, the drawings in the following description are only It is a certain embodiment of the present invention, and other drawings can be obtained from those skilled in the art without any creative work.
图 1为本发明实施例 1中文件的加密方法流程图;  1 is a flowchart of a method for encrypting a file in Embodiment 1 of the present invention;
图 2为本发明实施例 1中文件的解密方法流程图;  2 is a flowchart of a method for decrypting a file in Embodiment 1 of the present invention;
图 3为本发明实施例 2中文件的加密方法流程图;  3 is a flowchart of a method for encrypting a file in Embodiment 2 of the present invention;
图 4为本发明实施例 2中文件的解密方法流程图;  4 is a flowchart of a method for decrypting a file in Embodiment 2 of the present invention;
图 5为本发明实施例 3中一种文件的加密装置的组成示意图; 图 6为本发明实施例 3中另一种文件的加密装置的组成示意图; 图 7为本发明实施例 3中另一种文件的加密装置的组成示意图; 图 8为本发明实施例 3中另一种文件的加密装置的组成示意图; 图 9为本发明实施例 3中另一种文件的加密装置的组成示意图; 图 10为本发明实施例 3中一种文件的解密装置的组成示意图; 图 11为本发明实施例 3中另一种文件的解密装置的组成示意图; 图 12为本发明实施例 3中另一种文件的解密装置的组成示意图; 图 1 3为本发明实施例 3中另一种文件的解密装置的组成示意图; 图 14为本发明实施例 3中一种文件的加密和解密系统的组成示意图。 具体实施方式 5 is a schematic diagram of a composition of an encryption device for a file according to Embodiment 3 of the present invention; FIG. 6 is a schematic diagram of a composition of an encryption device for another file according to Embodiment 3 of the present invention; Schematic diagram of the composition of the encryption device of the file; 8 is a schematic diagram of a composition of an encryption device for another file according to Embodiment 3 of the present invention; FIG. 9 is a schematic diagram of a composition of an encryption device for another file according to Embodiment 3 of the present invention; FIG. 11 is a schematic diagram of the composition of another file decryption apparatus according to Embodiment 3 of the present invention; FIG. 12 is a schematic diagram of the composition of another file decryption apparatus according to Embodiment 3 of the present invention; 13 is a schematic diagram of a composition of a decryption apparatus for another file in Embodiment 3 of the present invention; FIG. 14 is a schematic diagram showing the composition of a file encryption and decryption system according to Embodiment 3 of the present invention. detailed description
下面将结合本发明实施例中的附图, 对本发明实施例中的技术方案进 行清楚、 完整地描述, 显然, 所描述的实施例仅仅是本发明一部分实施例, 而不是全部的实施例。 基于本发明中的实施例, 本领域普通技术人员在没 有作出创造性劳动前提下所获得的所有其他实施例, 都属于本发明保护的 范围。  The technical solutions in the embodiments of the present invention are clearly and completely described in the following with reference to the accompanying drawings in the embodiments of the present invention. It is obvious that the described embodiments are only a part of the embodiments of the present invention, but not all of the embodiments. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments of the present invention without creative efforts are within the scope of the present invention.
实施例 1  Example 1
本发明实施例提供一种文件的加密方法, 如图 1所示, 包括:  An embodiment of the present invention provides a file encryption method, as shown in FIG. 1 , including:
101、 加密装置从原始文件的开头读取起始长度的文件内容, 写入加密 文件中, 其中起始长度为从原始文件的开头到密文和明文相交替进行加密 的起始位置之间的长度。  101. The encryption device reads the content of the starting length from the beginning of the original file and writes the file into the encrypted file, where the starting length is between the beginning of the original file and the starting position of the encryption between the ciphertext and the plaintext. length.
其中, 根据预定的起始长度值, 从原始文件的开头读取起始长度的文 件内容, 以明文的形式写入加密文件, 以便识别密文和明文相交替进行加 密的起始位置。 其中起始长度为从原始文件的开头到密文和明文相交替进 行加密的起始位置之间的长度。 原始文件起始长度之后的文件内容, 即起 始位置之后的内容, 是按照密文和明文相交替的形式进行加密的。  Wherein, according to the predetermined starting length value, the content of the file of the starting length is read from the beginning of the original file, and the encrypted file is written in the form of plaintext, so as to identify the starting position where the ciphertext and the plaintext are alternately encrypted. The starting length is the length from the beginning of the original file to the starting position where the ciphertext and the plaintext are alternately encrypted. The content of the file after the start length of the original file, that is, the content after the start position, is encrypted in the form of alternating ciphertext and plaintext.
102、 加密装置将原始文件起始长度之后的文件内容, 按照密文和明文 相交替的形式进行加密, 并将加密后的文件内容写入加密文件中。  102. The encryption device encrypts the content of the file after the start length of the original file in an alternating manner between the ciphertext and the plaintext, and writes the encrypted file content into the encrypted file.
其中, 将原始文件起始长度之后的文件内容, 按照密文和明文相交替 的形式进行加密, 并将加密后的文件内容写入加密文件中的方法可以为先 密文后明文的形式, 还可以为先明文后密文的形式, 具体的本发明实施例 对此不进行限制。 Wherein, the content of the file after the start length of the original file is encrypted according to the ciphertext and the plaintext, and the method of writing the encrypted file content into the encrypted file may be first The form of the ciphertext after the ciphertext may also be in the form of the ciphertext after the ciphertext. The specific embodiment of the present invention does not limit this.
当采用先密文后明文的形式时, 该方法具体为: 读取加密长度的文件 内容, 并对加密长度的文件内容进行加密, 将加密后的文件内容写入加密 文件中; 在读取加密长度的文件内容之后, 读取明文长度的文件内容写入 加密文件中; 按照上述步骤重复读取原始文件起始长度之后的文件内容直 到将原始文件加密完成。  When the form of the first ciphertext is used, the method is specifically: reading the encrypted file content, encrypting the encrypted file content, and writing the encrypted file content into the encrypted file; After the length of the file content, the file content of the read plain length is written into the encrypted file; the content of the file after the start length of the original file is repeatedly read as described above until the original file is encrypted.
当采用先明文后密文的形式时, 该方法具体为: 读取明文长度的文件 内容写入加密文件中; 在读取明文长度的文件内容之后, 读取加密长度的 文件内容, 并对加密长度的文件内容进行加密, 将加密后的文件内容写入 加密文件中; 按照上述步骤重复读取原始文件起始长度之后的文件内容直 到将原始文件加密完成。  When the ciphertext of the first plaintext is used, the method is specifically: writing the file content of the plaintext length into the encrypted file; after reading the file content of the plaintext length, reading the encrypted length of the file content, and encrypting The length of the file content is encrypted, and the encrypted file content is written into the encrypted file; according to the above steps, the content of the file after the start length of the original file is repeatedly read until the original file is encrypted.
本发明实施例提供一种文件的解密方法, 如图 2所示, 包括:  An embodiment of the present invention provides a method for decrypting a file, as shown in FIG. 2, including:
201、 解密装置从加密文件的开头读取起始长度的文件内容, 写入解密 文件中, 其中初始长度为从加密文件的开头到密文和明文相交替进行解密 的起始位置之间的长度。  201. The decryption device reads the file content of the start length from the beginning of the encrypted file, and writes the file content into the decrypted file, where the initial length is the length from the beginning of the encrypted file to the start position where the ciphertext and the plaintext are alternately decrypted. .
其中, 加密文件的开头为不包括文件头等其他参数信息的文件内容, 若在原始文件的加密中添加了文件头, 则在解密开始前需要在去掉文件头 后, 根据预定的起始长度值, 从加密文件的正式内容起读取起始长度的文 件内容写入解密文件中, 以便识别密文和明文相交替进行解密的起始位置。 起始位置之前的内容, 即读取到的起始长度的文件内容, 是明文形式的, 不需要进行解密操作即可写入解密文件中。 需要说明的是, 解密文件只在 内存中存取, 而不会在解密装置的磁盘上生成对应的解密文件, 使得解密 得到的原始文件内容能够得到有效的版权保护。  Wherein, the beginning of the encrypted file is a file content that does not include other parameter information such as a file header. If a file header is added to the encryption of the original file, it is necessary to remove the file header before the decryption starts, according to a predetermined starting length value. The contents of the file whose initial length is read from the official content of the encrypted file are written into the decrypted file to identify the starting position where the ciphertext and the plaintext are alternately decrypted. The content before the start position, that is, the file content of the read start length, is in plain text and can be written into the decrypted file without performing a decryption operation. It should be noted that the decrypted file is only accessed in the memory, and the corresponding decrypted file is not generated on the disk of the decryption device, so that the original file content obtained by the decryption can be effectively copyright protected.
202、 解密装置将加密文件起始长度之后的文件内容, 按照密文和明文 相交替的形式进行解密, 并将解密后的文件内容写入解密文件中。  202. The decryption device decrypts the file content after the start length of the encrypted file in an alternating manner between the ciphertext and the plaintext, and writes the decrypted file content into the decrypted file.
其中, 根据加密规则的不同, 解密时采用的读取加密文件的方式也不 同, 将加密文件起始长度之后的文件内容, 按照密文和明文相交替的形式 进行解密, 并将解密后的文件内容写入解密文件中的方法具体为: Wherein, depending on the encryption rules, the method of reading the encrypted file used during decryption is not Similarly, the content of the file after the start length of the encrypted file is decrypted in the form of alternating ciphertext and plaintext, and the method of writing the decrypted file content into the decrypted file is specifically as follows:
当加密规则采用的是先密文后明文相交替的形式时, 在解密时也对应 的先读取加密长度的文件内容, 并对加密长度的文件内容进行解密, 将解 密后的文件内容写入解密文件中; 在读取加密长度的文件内容之后, 读取 明文长度的文件内容, 写入解密文件中; 按照上述步骤重复读取加密文件 起始长度之后的文件内容直到将加密文件的当前解密区域解密完成。  When the encryption rule adopts the form of alternating the plaintext and the plaintext, the file content of the encrypted length is first read in the decryption, and the content of the encrypted length is decrypted, and the decrypted file content is written. Decrypt the file; after reading the encrypted file content, read the file content of the plain text length and write it to the decrypted file; repeatedly read the file content after the start length of the encrypted file according to the above steps until the current decrypted file is decrypted The zone decryption is complete.
当加密规则采用的是先明文后密文相交替的形式时, 在解密时也对应 的先读取明文长度的文件内容写入解密文件中; 在读取明文长度的文件内 容之后, 读取加密长度的文件内容, 并对加密长度的文件内容进行解密, 将解密后的文件内容写入解密文件中; 按照上述步骤重复读取加密文件起 始长度之后的文件内容直到将加密文件的当前解密区域解密完成。  When the encryption rule adopts the form in which the ciphertext is alternated after the plaintext, the file content of the plaintext length first read in the decryption file is written into the decrypted file; after reading the file content of the plaintext length, the encryption is read. The length of the file content, and decrypt the encrypted file content, and write the decrypted file content into the decrypted file; follow the above steps to repeatedly read the file content after the start length of the encrypted file until the current decrypted area of the encrypted file The decryption is complete.
本发明实施例提供的文件的加密和解密方法, 在加密时按照预定的明 文长度和密文长度将原始文件分段读取到内存中进行加密处理, 与现有技 术中将原始文件整体读入内存进行加密的方法相比, 对加密装置的内存要 求较低。 并且, 通过密文与明文相互间隔的形式进行加密和解密, 与现有 技术中将原始文件中的每一个字节都进行加密和解密的方法相比, 减少了 需要进行加密和解密的数据量, 能够提高加密和解密的效率。 并且, 采用 不连续的加密和解密形式, 与现有技术中将原始文件作为一个整体加密和 解密的方法相比, 可以在解密的过程中将已解密的内容呈现, 实现了边解 密边阅读, 从而减少了用户等待响应的时间, 提高了用户体验感。  The encryption and decryption method of the file provided by the embodiment of the present invention reads the original file segment into the memory according to the predetermined plaintext length and the ciphertext length for encryption processing during encryption, and reads the original file as a whole in the prior art. Compared to the method of encrypting memory, the memory requirements of the encryption device are lower. Moreover, the encryption and decryption are performed in a form in which the ciphertext and the plaintext are spaced apart from each other, and the amount of data that needs to be encrypted and decrypted is reduced as compared with the prior art method of encrypting and decrypting each byte in the original file. , can improve the efficiency of encryption and decryption. Moreover, in the form of discontinuous encryption and decryption, compared with the prior art method of encrypting and decrypting the original file as a whole, the decrypted content can be presented in the process of decryption, and the decryption is performed while reading. Thereby reducing the time for the user to wait for a response, and improving the user experience.
实施例 2  Example 2
本发明实施例提供一种文件的加密和解密方法, 在加密装置上将数字 文件进行间隔加密, 得到能够有效保护数字文件版权的加密文件; 当在解 密装置向加密装置发出获取加密文件的请求时, 加密装置将加密文件发送 给解密装置; 再由解密装置进行对应的间隔解密, 并将解密后的数字文件 显示。 具体的, 文件的加密方法如图 3所示, 包括: The embodiment of the invention provides a method for encrypting and decrypting a file, and the digital file is interval-encrypted on the encryption device to obtain an encrypted file capable of effectively protecting the copyright of the digital file; when the decryption device issues a request for obtaining the encrypted file to the encryption device The encryption device transmits the encrypted file to the decryption device; the decryption device performs corresponding interval decryption, and displays the decrypted digital file. Specifically, the encryption method of the file is as shown in FIG. 3, including:
301、 根据原始文件的大小, 加密装置确定起始长度、 加密长度以及明 文长度。  301. The encryption device determines a start length, an encryption length, and a plaintext length according to the size of the original file.
其中, 起始长度、 加密长度以及明文长度是预先定义的属性值, 可以 根据需要设定大小。 根据原始文件的大小, 确定起始长度、 加密长度以及 明文长度, 以便调整加密文件中密文和明文的相对比例, 控制加密的效率。 例如, 当原始文件小于 512Kbytes时, 将明文长度确定为 0字节, 使密文 比例为 100%; 当原始文件大小介于 512Kbytes和 1024Kbytes之间时, 将明 文长度确定为 16 个字节, 使密文比例在 50%左右; 当原始文件大于 1024Kbytes时, 将明文长度确定为 16x9个字节, 使密文比例在 1 0%左右。  The start length, encryption length, and plaintext length are predefined attribute values, which can be set as needed. According to the size of the original file, the starting length, the encryption length, and the plaintext length are determined, so as to adjust the relative proportion of the ciphertext and the plaintext in the encrypted file, and the efficiency of the encryption is controlled. For example, when the original file is less than 512 Kbytes, the plaintext length is determined to be 0 bytes, so that the ciphertext ratio is 100%; when the original file size is between 512 Kbytes and 1024 Kbytes, the plaintext length is determined to be 16 bytes, The ciphertext ratio is about 50%. When the original file is larger than 1024Kbytes, the plaintext length is determined to be 16x9 bytes, so that the ciphertext ratio is about 10%.
需要说明的是, 起始长度、 加密长度以及明文长度也可以采用其他预 定规则。 例如, 将密文长度设定为依次递增的形式, 将明文长度设定为依 次递减的形式, 在加密过程中得到动态变化的长度值。 若明文长度和密文 长度为根据预定规则计算得出时, 需要在加密规则中描述各长度值的计算 规则, 以便解密装置在解密时得到相应的明文长度和密文长度。  It should be noted that other predetermined rules may also be used for the start length, the encryption length, and the plaintext length. For example, the ciphertext length is set to be sequentially incremented, and the plaintext length is set to a descending form, and a dynamically varying length value is obtained in the encryption process. If the plaintext length and the ciphertext length are calculated according to a predetermined rule, the calculation rule of each length value needs to be described in the encryption rule, so that the decryption device obtains the corresponding plaintext length and ciphertext length when decrypting.
其中, 在一些加密算法中对待加密内容的长度是有固定要求的, 因此 加密长度必须是加密算法中加密基数值的倍数。 例如, 在 AES 128-CBC算法 中, 每次加密时加密块的长度固定为 128b i t s , 即 16个字节, 因此在定义 加密长度时, 加密长度必须是 16字节的倍数, 以便满足 AES128-CBC加密 算法。 本发明实施例采用的加密算法包括但不局限于上述算法, 还可以为 AES192-CBC、 AES256-CBC等其他对称加密算法。  Among them, in some encryption algorithms, the length of the content to be encrypted is fixed, so the encryption length must be a multiple of the encryption base value in the encryption algorithm. For example, in the AES 128-CBC algorithm, the length of the encrypted block is fixed to 128b its each time, that is, 16 bytes, so when defining the encryption length, the encryption length must be a multiple of 16 bytes in order to satisfy AES128- CBC encryption algorithm. The encryption algorithm used in the embodiment of the present invention includes but is not limited to the above algorithm, and may also be other symmetric encryption algorithms such as AES192-CBC, AES256-CBC.
302、 加密装置将起始长度、 加密长度、 明文长度以及加密规则发送给 文件的解密装置。  302. The encryption device sends the start length, the encryption length, the plaintext length, and the encryption rule to the decryption device of the file.
其中, 加密装置将起始长度、 加密长度、 明文长度以及加密规则发送 给文件的解密装置的方法可以为: 加密装置在加密文件的开头添加文件头, 并将起始长度、 加密长度、 明文长度以及加密规则以 name-va lue的形式写 入到加密文件的文件头中, 以便上述加密信息随加密文件一起发送给文件 的解密装置。 加密装置将起始长度、 加密长度、 明文长度以及加密规则发 送给文件的解密装置的方法也可以为: 加密装置将起始长度、 加密长度、 明文长度以及加密规则封装到信元中发送给文件的解密装置。 The method for the encryption device to send the start length, the encryption length, the plaintext length, and the encryption rule to the decryption device of the file may be: The encryption device adds a file header at the beginning of the encrypted file, and sets the start length, the encryption length, and the plaintext length. And the encryption rule is written in the file header of the encrypted file in the form of name-va lue, so that the encrypted information is sent to the file along with the encrypted file. Decryption device. The method for the encryption device to send the start length, the encryption length, the plaintext length, and the encryption rule to the decryption device of the file may also be: The encryption device encapsulates the start length, the encryption length, the plaintext length, and the encryption rule into the cell and sends the file to the file. Decryption device.
需要说明的是, 当起始长度、 加密长度以及明文长度按照预定规则计 算得出时, 一个加密文件中的加密长度和明文长度并不是固定不变的, 因 此需要在加密规则中描述起始长度、 加密长度以及明文长度的计算规则, 以便解密装置在解密时得到对应的长度值。  It should be noted that when the start length, the encryption length, and the plaintext length are calculated according to a predetermined rule, the encryption length and the plaintext length in an encrypted file are not fixed, so the start length needs to be described in the encryption rule. The encryption length and the calculation rule of the plaintext length, so that the decryption device obtains the corresponding length value when decrypting.
另外, 若加密装置和解密装置已经预先约定了起始长度、 加密长度、 明文长度以及加密规则, 则加密装置可以不需要将这些加密信息再次发送 给解密装置。  Further, if the encryption device and the decryption device have previously agreed on the start length, the encryption length, the plaintext length, and the encryption rule, the encryption device may not need to transmit the encrypted information to the decryption device again.
303、 加密装置从原始文件的开头读取起始长度的文件内容, 写入加密 文件中。  303. The encryption device reads the content of the file of the start length from the beginning of the original file, and writes the file content into the encrypted file.
其中, 起始长度为从原始文件的开头到密文和明文相交替进行加密的 起始位置之间的长度, 根据预定的起始长度值, 从原始文件的开头读取起 始长度的文件内容, 以明文的形式写入加密文件, 以便加密装置和解密装 置识别密文和明文相交替进行加密的起始位置。 原始文件起始长度之后的 文件内容, 即起始位置之后的内容, 是按照密文和明文相交替的形式进行 加密的。  Wherein, the starting length is the length from the beginning of the original file to the start position where the ciphertext and the plaintext are alternately encrypted, and the file content of the starting length is read from the beginning of the original file according to the predetermined starting length value. The encrypted file is written in plaintext so that the encryption device and the decryption device recognize the start position where the ciphertext and the plaintext are alternately encrypted. The content of the file after the start length of the original file, that is, the content after the start position, is encrypted in the form of alternating ciphertext and plaintext.
304、 加密装置读取加密长度的文件内容, 并对加密长度的文件内容进 行加密, 将加密后的文件内容写入加密文件中。  304. The encryption device reads the encrypted file content, encrypts the encrypted file content, and writes the encrypted file content into the encrypted file.
其中, 在步骤 303 中加密装置得到密文和明文相交替进行加密的起始 位置, 遂从起始位置顺序读取加密长度的文件内容进行加密, 并将加密后 的文件内容写入加密文件中。  Wherein, in step 303, the encryption device obtains a starting position where the ciphertext and the plaintext are alternately encrypted, and the file content of the encrypted length is sequentially read from the starting position for encryption, and the encrypted file content is written into the encrypted file. .
另外, 在密文和明文相交替进行加密的过程中, 采用先明文或是先密 文的形式均可, 在本实施例中不作限定。 当采用先明文后密文的形式进行 交替加密时, 将步骤 304和步骤 305调换顺序, 并将加密规则写入文件头, 或以信元透传给解密装置。 305、 加密装置读取明文长度的文件内容写入加密文件中。 In addition, in the process of performing encryption in the ciphertext and the plaintext, the first plaintext or the first ciphertext may be used, which is not limited in this embodiment. When the alternate encryption is performed in the form of the first plaintext ciphertext, the steps 304 and 305 are reversed, and the encryption rule is written to the file header or transparently transmitted to the decryption device by the cell. 305. The encryption device reads the file content of the plaintext length and writes the file content into the encrypted file.
其中, 加密装置读取到的明文长度的文件内容无需进行加密处理, 以 明文的形式写入加密文件中, 通过明文内容将加密内容间隔开。  The file content of the plaintext length read by the encryption device is not required to be encrypted, and is written in the encrypted file in the form of plaintext, and the encrypted content is separated by the plaintext content.
306、加密装置判断原始文件是否已被读取完;若原始文件未被读取完, 则执行步骤 304; 若原始文件已被读取完, 则执行步骤 307。  306. The encryption device determines whether the original file has been read. If the original file has not been read, step 304 is performed. If the original file has been read, step 307 is performed.
其中, 在原始文件加密完成之前, 重复交替执行步骤 305和步骤 306 , 顺序读取原始文件直到将原始文件加密完成。  Wherein, before the original file encryption is completed, steps 305 and 306 are repeatedly performed alternately, and the original file is sequentially read until the original file is encrypted.
307、 加密装置判断原始文件中最后的文件内容是否应以密文的形式写 入加密文件; 若原始文件中最后的文件内容不应以密文的形式写入加密文 件, 则执行步骤 308; 若原始文件中最后的文件内容应以密文的形式写入加 密文件, 则执行步骤 309。  307, the encryption device determines whether the last file content in the original file should be written in the form of cipher text; if the last file content in the original file should not be written in the form of cipher text, step 308; The last file content in the original file should be written to the encrypted file in the form of cipher text, and then step 309 is performed.
其中, 因为原始文件的大小不同, 以及起始长度、 加密长度、 明文长 度以及加密规则不同, 导致原始文件中最后的文件内容可能是密文形式, 也可能是明文形式。 具体的判断原始文件中最后的文件内容是否应以密文 形式写入加密文件的方法可以为: 当读取到原始文件中最后的文件内容时, 根据当前内容的前一段文件内容是明文还是密文判断当前文件内容写入加 密文件的形式。 若前一段文件内容是以明文形式写入加密文件的, 则当前 内容应以密文形式写入加密文件; 若前一段文件内容是以密文形式写入加 密文件的, 则当前内容应以明文形式写入加密文件。  The original file size may be in cipher text or in plain text because the size of the original file is different, and the starting length, encryption length, plaintext length, and encryption rules are different. The specific method for determining whether the last file content in the original file should be written into the encrypted file in cipher text may be: When the last file content in the original file is read, whether the content of the previous file according to the current content is plain text or confidential The text determines the form in which the current file content is written to the encrypted file. If the content of the previous paragraph is written to the encrypted file in clear text, the current content should be written to the encrypted file in cipher text; if the content of the previous paragraph is written in encrypted form, the current content should be in clear text. The form is written to an encrypted file.
308、 加密装置直接将原始文件中最后的文件内容以明文的形式写入加 密文件。  308. The encryption device directly writes the last file content in the original file to the encrypted file in clear text.
其中, 明文内容不需要进行加密处理, 对内容长度没有要求, 直接明 文的形式写入加密文件  Among them, the plaintext content does not need to be encrypted, and there is no requirement for the content length, and the encrypted text is directly written in the form of plaintext.
309、 加密装置确定原始文件中最后的文件内容的长度是否达到基数 值; 若原始文件中最后的文件内容的长度未达到基数值, 则执行步骤 310; 若原始文件中最后的文件内容的长度达到基数值则执行步骤 311。  309, the encryption device determines whether the length of the last file content in the original file reaches a base value; if the length of the last file content in the original file does not reach the base value, step 310 is performed; if the length of the last file content in the original file reaches The base value is then executed in step 311.
其中, 在一些加密算法中对待加密内容的长度是有固定要求的, 因此 待加密内容的长度, 即原始文件中最后的内容的长度必须达到加密算法中 加密基数值, 或者是基数值的倍数。 例如, 在 AES128-CBC算法中, 每次加 密时加密块的长度固定为 128b i t s , 即 16个字节, 因此待加密内容的长度 必须是 16字节的倍数, 若最后的文件内容不足 16字节或不为 16字节的倍 数, 则需要将其补全到 16字节或 16字节的倍数, 以便满足 AES 128-CBC加 密算法。 Among them, in some encryption algorithms, the length of the content to be encrypted is fixed, so The length of the content to be encrypted, that is, the length of the last content in the original file must reach the encryption base value in the encryption algorithm, or a multiple of the base value. For example, in the AES128-CBC algorithm, the length of the encrypted block is fixed to 128b itself, that is, 16 bytes, each time the encryption is performed, so the length of the content to be encrypted must be a multiple of 16 bytes, if the last file content is less than 16 words. If the section is not a multiple of 16 bytes, it needs to be complemented to a multiple of 16 bytes or 16 bytes in order to satisfy the AES 128-CBC encryption algorithm.
31 0、 加密装置将最后的文件内容进行补充, 使得最后的文件内容的长 度达到基数值。  31 0. The encryption device supplements the last file content so that the length of the last file content reaches the base value.
其中, 为了满足加密算法对待加密内容长度的要求, 将最后的文件内 容进行补充, 使得最后的文件内容的长度达到加密算法中加密的基数值, 或基数值的倍数。 若在加密时对文件内容进行了补全, 则在解密时相应的 也要将补全的内容删除。  In order to meet the requirements of the encryption algorithm for the length of the encrypted content, the final file content is supplemented so that the length of the last file content reaches the base value of the encryption in the encryption algorithm, or a multiple of the base value. If the file content is complemented during encryption, the corresponding content will also be deleted when decrypting.
31 1、 加密装置将最后的文件内容或补充后的文件内容进行加密并写入 加密文件。  31 1. The encryption device encrypts the last file content or the supplemented file content and writes it to the encrypted file.
本发明实施例提供一种文件的解密方法如图 4所示, 包括:  The embodiment of the present invention provides a file decryption method as shown in FIG. 4, which includes:
401、 解密装置获取起始长度、 加密长度、 明文长度以及加密规则。 其中, 解密装置获取起始长度、 加密长度、 明文长度以及加密规则方 法可以为: 解密装置从文件头中读取起始长度、 加密长度、 明文长度以及 加密规则; 或者接收加密装置发送过来的携带起始长度、 加密长度、 明文 长度以及加密规则的信元, 并从中解密获取起始长度、 加密长度、 明文长 度以及加密规则; 或者由加密和解密双方预先约定起始长度、 加密长度、 明文长度以及加密规则。  401. The decryption device acquires a start length, an encryption length, a plaintext length, and an encryption rule. The method for obtaining the start length, the encryption length, the plaintext length, and the encryption rule by the decryption device may be: the decryption device reads the start length, the encryption length, the plaintext length, and the encryption rule from the file header; or receives the carried by the encryption device. The starting length, the encryption length, the plaintext length, and the cells of the encryption rule, and decrypting therefrom to obtain the starting length, the encryption length, the plaintext length, and the encryption rule; or the start length, the encryption length, and the plaintext length are pre-agreed by both the encryption and the decryption parties. And encryption rules.
402、 解密装置从加密文件的开头读取起始长度的文件内容, 写入解密 文件中。  402. The decryption device reads the file content of the start length from the beginning of the encrypted file, and writes the file content into the decrypted file.
其中, 根据预定的起始长度值, 从加密文件的开头读取起始长度的文 件内容写入解密文件, 以便识别密文和明文相交替进行解密的起始位置。 需要说明的是, 解密文件只在内存中存取, 而不会在解密装置的磁盘上生 成对应的解密文件, 使得解密得到的原始文件内容能够得到有效的版权保 护。 And, according to the predetermined starting length value, the file content of the start length is read from the beginning of the encrypted file and written into the decrypted file, so as to identify the starting position of the ciphertext and the plaintext alternately decrypted. It should be noted that the decrypted file is only accessed in the memory, and is not generated on the disk of the decryption device. Corresponding decryption files, so that the original file content obtained by decryption can be effectively copyright protected.
403、 解密装置读取加密长度的文件内容, 并对加密长度的文件内容进 行解密, 将解密后的文件内容写入解密文件中。  403. The decryption device reads the encrypted file content, decrypts the encrypted file content, and writes the decrypted file content into the decrypted file.
其中, 在步骤 402 中得到密文和明文相交替进行解密的起始位置, 遂 从起始位置顺序读取加密长度的文件内容进行解密, 并将解密后的文件内 容写入解密文件中。  Wherein, in step 402, the starting position of the ciphertext and the plaintext are decrypted alternately, and the file content of the encrypted length is sequentially read from the starting position for decryption, and the decrypted file content is written into the decrypted file.
其中, 根据步骤 304和步骤 305 中交替加密时, 密文和明文的先后顺 序的不同, 解密时采用的读取加密文件的方式也不同, 将加密文件起始长 度之后的文件内容, 按照密文和明文相交替的形式进行解密, 并将解密后 的文件内容写入解密文件中的方法具体可以为: 当加密规则采用的是先密 文后明文相交替的形式时, 在解密时也对应的先执行步骤 403 ,后执行步骤 404。 当加密规则采用的是先明文后密文相交替的形式时, 在解密时也对应 的先执行步骤 404 , 后执行步骤 403。  Wherein, according to the sequential encryption in the step 304 and the step 305, the ciphertext and the plaintext are different in sequence, and the manner of reading the encrypted file used in the decryption is different, and the content of the file after the start length of the encrypted file is in accordance with the ciphertext. The method of decrypting in the form of alternating with the plaintext, and writing the decrypted file content into the decrypted file may be: when the encryption rule adopts the form of alternating the plaintext after the first ciphertext, and correspondingly when decrypting Step 403 is performed first, and then step 404 is performed. When the encryption rule is in the form of alternating the ciphertext after the plaintext, the step 404 is performed first in the decryption, and then the step 403 is performed.
404、 解密装置读取明文长度的文件内容, 写入解密文件中。  404. The decryption device reads the file content of the plaintext length and writes the file content into the decrypted file.
其中, 读取到的明文长度的文件内容并未进行加密处理, 可直接得到 原始文件中对应的文件内容, 遂直接写入解密文件中。  The file content of the read plain text length is not encrypted, and the corresponding file content in the original file can be directly obtained, and directly written into the decrypted file.
405、 解密装置判断加密文件的当前解密区域是否已读取完成; 若加密 文件的当前解密区域未读取完成, 则执行步骤 403; 若加密文件的当前解密 区域已读取完成, 则执行步骤 406。  405. The decryption device determines whether the current decrypted area of the encrypted file has been read. If the current decrypted area of the encrypted file is not read, step 403 is performed. If the current decrypted area of the encrypted file has been read, step 406 is performed. .
其中, 在加密文件解密完成之前, 重复交替执行步骤 403和步骤 404 , 顺序读取加密文件直到将加密文件的解密区域解密完成。 需要说明的是, 解密区域是在解密装置上的预定值, 可以根据解密装置的内存情况和实际 需要调整解密区域大小。 因此在内存中只解密得到当前解密区域对应的文 件内容, 而不是将整个加密文件都进行解密, 可以有效降低对内存的消耗。 例如, 在解密电子图书时, 若解密装置内存充足, 则可以将解密区域设置 为整个文件内容, 将电子图书的部分内容显示同时, 将剩余的文件内容全 部解密。 若解密装置内存有限, 则可以将解密区域设置为当前页面的前三 页到当前页面的后三页, 在内存中就只解密得到当前解密区域中的文件内 容。 Wherein, before the decryption of the encrypted file is completed, steps 403 and 404 are repeatedly performed alternately, and the encrypted file is sequentially read until the decrypted area of the encrypted file is decrypted. It should be noted that the decryption area is a predetermined value on the decryption device, and the decryption area size can be adjusted according to the memory condition of the decryption device and actual needs. Therefore, only the file content corresponding to the current decrypted area is decrypted in the memory, instead of decrypting the entire encrypted file, which can effectively reduce the memory consumption. For example, when decrypting an e-book, if the decryption device has sufficient memory, the decryption area can be set as the entire file content, and part of the contents of the e-book can be displayed simultaneously, and the remaining file contents are all Decryption. If the decryption device has limited memory, the decryption area can be set to the first three pages of the current page to the last three pages of the current page, and only the file content in the current decryption area is decrypted in the memory.
406、 解密装置将解密文件的内容进行显示。  406. The decryption device displays the content of the decrypted file.
407、 解密装置将解密文件中不属于当前解密区域的文件内容删除。 其中, 为了减少占用解密装置的内存, 可以将不属于当前解密区域的 文件内容删除。 例如, 在解密电子图书时, 4叚设加密区域为 7 页而当前页 面为第 4页, 若当前显示的页面移动到下一页 (第 5页), 则解密文件中第 1页的文件内容已经不属于当前解密区域, 遂将第 1页的文件内容删除。  407. The decryption device deletes the content of the file in the decrypted file that does not belong to the current decrypted area. In order to reduce the memory occupied by the decryption device, the content of the file that does not belong to the current decryption area may be deleted. For example, when decrypting an e-book, 4 sets the encrypted area to 7 pages and the current page to the 4th page. If the currently displayed page moves to the next page (page 5), the file content of the first page in the file is decrypted. Already does not belong to the current decryption area, 删除 delete the contents of the first page of the file.
本发明实施例提供的文件的加密和解密方法, 本发明实施例提供的文 件的加密和解密方法、 装置及系统, 在加密时按照预定的明文长度和密文 长度将原始文件分段读取到内存中进行加密处理, 与现有技术中将原始文 件整体读入内存进行加密的方法相比, 对加密装置的内存要求较低。 并且, 通过密文与明文相互间隔的形式进行加密和解密, 与现有技术中将原始文 件中的每一个字节都进行加密和解密的方法相比, 减少了需要进行加密和 解密的数据量, 能够提高加密和解密的效率。 并且, 采用不连续的加密和 解密形式, 与现有技术中将原始文件作为一个整体加密和解密的方法相比, 可以在解密的过程中将已解密的内容呈现, 实现了边解密边阅读, 从而减 少了用户等待响应的时间, 提高了用户体验感。 并且, 在解密时可以根据 需要设定解密区域的大小, 并及时删除不属于当前解密区域的文件内容, 与现有技术中将加密文件整体读入内存中并解密, 在内存中得到整体的解 密文件相比, 能够有效的节省内存资源, 降低了对解密装置的内存要求。  The method for encrypting and decrypting a file provided by the embodiment of the present invention, the method, device and system for encrypting and decrypting a file according to an embodiment of the present invention, when the encryption is performed, the original file is segmentally read according to a predetermined plaintext length and a ciphertext length. The encryption process is performed in the memory, and the memory requirement of the encryption device is lower than that of the prior art method of reading the original file into the memory for encryption. Moreover, the encryption and decryption are performed in a form in which the ciphertext and the plaintext are spaced apart from each other, and the amount of data that needs to be encrypted and decrypted is reduced as compared with the prior art method of encrypting and decrypting each byte in the original file. , can improve the efficiency of encryption and decryption. Moreover, in the form of discontinuous encryption and decryption, compared with the prior art method of encrypting and decrypting the original file as a whole, the decrypted content can be presented in the process of decryption, and the decryption is performed while reading. Thereby reducing the time for the user to wait for a response, and improving the user experience. Moreover, when decrypting, the size of the decrypted area can be set according to requirements, and the file content that does not belong to the current decrypted area is deleted in time. In the prior art, the encrypted file is read into the memory as a whole and decrypted, and the whole decryption is obtained in the memory. Compared with files, it can effectively save memory resources and reduce the memory requirements of the decryption device.
实施例 3  Example 3
本发明实施例提供一种文件的加密装置, 如图 5 所示, 包括: 起始加 密单元 51、 交替加密单元 52。  The embodiment of the present invention provides a file encryption device. As shown in FIG. 5, the device includes: an initial encryption unit 51 and an alternate encryption unit 52.
起始加密单元 51 , 用于从原始文件的开头读取起始长度的文件内容, 写入加密文件中, 其中起始长度为从原始文件的开头到密文和明文相交替 进行加密的起始位置之间的长度。 The initial encryption unit 51 is configured to read the file content of the start length from the beginning of the original file and write the file into the encrypted file, where the starting length is from the beginning of the original file to the ciphertext and the plaintext. The length between the starting positions for encryption.
交替加密单元 52 , 用于将原始文件起始长度之后的文件内容, 按照密 文和明文相交替的形式进行加密, 并将加密后的文件内容写入加密文件中。  The alternate encryption unit 52 is configured to encrypt the content of the file after the start length of the original file in an alternating manner between the ciphertext and the plaintext, and write the encrypted file content into the encrypted file.
进一步的, 如图 6所示, 交替加密单元 52包括: 密文写入模块 521、 明文写入模块 522、 第一重复模块 523。  Further, as shown in FIG. 6, the alternate encryption unit 52 includes: a ciphertext writing module 521, a plaintext writing module 522, and a first repeating module 523.
密文写入模块 521 , 用于读取加密长度的文件内容, 并对加密长度的文 件内容进行加密, 将加密后的文件内容写入加密文件中。  The ciphertext writing module 521 is configured to read the encrypted file content, encrypt the encrypted file content, and write the encrypted file content into the encrypted file.
明文写入模块 522 ,用于在密文写入模块 521读取加密长度的文件内容 之后, 读取明文长度的文件内容写入加密文件中。  The plaintext writing module 522 is configured to read the file content of the encrypted length after the ciphertext writing module 521 reads the file content of the encrypted length, and write the file content of the plaintext length into the encrypted file.
第一重复模块 523 ,用于重复交替启动密文写入模块 521和明文写入模 块 522 , 直到将原始文件加密完成。  The first repeating module 523 is configured to repeatedly start the ciphertext writing module 521 and the plaintext writing module 522 alternately until the original file is encrypted.
明文写入模块 522还用于, 读取明文长度的文件内容写入加密文件中。 密文写入模块 521还用于, 在明文写入模块 522读取明文长度的文件 内容写入加密文件中之后, 读取加密长度的文件内容, 并对加密长度的文 件内容进行加密, 将加密后的文件内容写入加密文件中。  The plaintext writing module 522 is further configured to: write the file content of the plaintext length into the encrypted file. The ciphertext writing module 521 is further configured to: after the plaintext writing module 522 reads the file content of the plaintext length and write the file content into the encrypted file, read the file content of the encrypted length, and encrypt the encrypted file content, and encrypt the file content. The contents of the file are written to the encrypted file.
第一重复模块 523还用于, 重复交替启动明文写入模块 522和密文写 入模块 521 , 直到将原始文件加密完成。  The first repeating module 523 is further configured to repeatedly alternately start the plaintext writing module 522 and the ciphertext writing module 521 until the original file is encrypted.
进一步的, 如图 7所示, 交替加密单元 52还包括: 判断模块 524、 补 充模块 525。  Further, as shown in FIG. 7, the alternate encryption unit 52 further includes: a determination module 524 and a supplementary module 525.
判断模块 524 ,用于判断原始文件中最后的文件内容是否应以密文的形 式写入加密文件。  The determining module 524 is configured to determine whether the last file content in the original file should be written into the encrypted file in the form of cipher text.
明文写入模块 522还用于, 在原始文件中最后的文件内容不应以密文 的形式写入加密文件时, 直接将原始文件中最后的文件内容以明文的形式 写入加密文件。  The plaintext writing module 522 is further configured to directly write the last file content in the original file to the encrypted file in plaintext when the last file content in the original file is not written in the cipher text.
补充模块 525 ,用于在原始文件中最后的文件内容应以密文的形式写入 加密文件时, 确定原始文件中最后的文件内容的长度是否达到基数值, 若 原始文件中最后的文件内容的长度未达到基数值, 则将最后的文件内容进 行补充, 使得最后的文件内容的长度达到基数值。 The supplementing module 525 is configured to determine whether the length of the last file content in the original file reaches a base value when the last file content in the original file is written in the cipher text, if the last file content in the original file If the length does not reach the base value, the final file content will be entered. Line complement, so that the length of the final file content reaches the base value.
密文写入模块 521 还用于, 对补充后的文件内容进行加密并写入加密 文件。  The ciphertext writing module 521 is also used to encrypt the encrypted file content and write the encrypted file.
进一步的, 如图 8所示, 该文件的加密装置还包括: 确定单元 53、 发 送单元 54。  Further, as shown in FIG. 8, the encryption device of the file further includes: a determining unit 53 and a sending unit 54.
确定单元 53 ,用于在起始加密单元 51从原始文件的开头读取起始长度 的文件内容, 写入加密文件中之前, 根据原始文件的大小, 确定起始长度、 加密长度以及明文长度。  The determining unit 53 is configured to read the file content of the start length from the beginning of the original file at the initial encryption unit 51, and determine the start length, the encryption length, and the plaintext length according to the size of the original file before writing to the encrypted file.
发送单元 54 , 用于将起始长度、 加密长度、 明文长度以及加密规则发 送给文件的解密装置。  The transmitting unit 54 is configured to decrypt the start length, the encryption length, the plaintext length, and the encryption rule to the file.
发送单元 54还用于, 在加密文件的开头添加文件头, 并将起始长度、 加密长度以及明文长度的属性写入加密文件的文件头中。  The sending unit 54 is further configured to add a file header at the beginning of the encrypted file, and write the attributes of the start length, the encryption length, and the plaintext length into the file header of the encrypted file.
发送单元 54还用于, 将起始长度、 加密长度、 明文长度以及加密规则 封装到信元中发送给文件的解密装置。  The sending unit 54 is further configured to encapsulate the start length, the encryption length, the plaintext length, and the encryption rule into a decryption device that is sent to the file in the cell.
进一步的, 如图 9所示, 交替加密单元 52还包括: 第一计算模块 526。 第一计算模块 526 ,用于在按照密文和明文相交替的形式进行加密的过 程中, 按照预定加密规则计算加密长度和明文长度, 得到动态变化的加密 长度和明文长度。  Further, as shown in FIG. 9, the alternate encryption unit 52 further includes: a first calculation module 526. The first calculating module 526 is configured to calculate the encryption length and the plaintext length according to a predetermined encryption rule in the process of encrypting according to the ciphertext and the plaintext, to obtain a dynamically changing encryption length and a plaintext length.
需要说明的是, 本发明实施例中的部分功能模块的其他描述可以参考 实施例 1和实施例 2中的对应内容, 本发明实施例这里将不再贅述。  It should be noted that other descriptions of the partial functional modules in the embodiments of the present invention may refer to the corresponding content in the first embodiment and the second embodiment, and the embodiments of the present invention are not described herein again.
本发明实施例提供一种文件的解密装置, 如图 10所示, 包括: 起始解 密单元 61、 交替解密单元 62。  An embodiment of the present invention provides a file decryption apparatus. As shown in FIG. 10, the apparatus includes: an initial decryption unit 61 and an alternate decryption unit 62.
起始解密单元 61 , 用于从加密文件的开头读取起始长度的文件内容, 写入解密文件中, 其中初始长度为从加密文件的开头到密文和明文相交替 进行解密的起始位置之间的长度。  The initial decryption unit 61 is configured to read the file content of the start length from the beginning of the encrypted file, and write the file content into the decrypted file, wherein the initial length is a starting position from the beginning of the encrypted file to the ciphertext and the plaintext alternately decrypted. The length between.
交替解密单元 62 , 用于将加密文件起始长度之后的文件内容, 按照密 文和明文相交替的形式进行解密, 并将解密后的文件内容写入解密文件中。 进一步的, 如图 11所示, 交替解密单元 62包括: 密文读取模块 621、 明文读取模块 622、 第二重复模块 623。 The alternate decryption unit 62 is configured to decrypt the file content after the start length of the encrypted file in an alternating manner between the ciphertext and the plaintext, and write the decrypted file content into the decrypted file. Further, as shown in FIG. 11, the alternate decryption unit 62 includes: a ciphertext reading module 621, a plaintext reading module 622, and a second repeating module 623.
密文读取模块 621 ,用于在加密规则采用的是先密文后明文相交替的形 式时, 读取加密长度的文件内容, 并对加密长度的文件内容进行解密, 将 解密后的文件内容写入解密文件中。  The ciphertext reading module 621 is configured to: when the encryption rule adopts the form of alternating ciphertext and the plaintext, read the file content of the encrypted length, and decrypt the encrypted file content, and decrypt the decrypted file content. Write to the decrypted file.
明文读取模块 622 ,用于在密文读取模块 621读取加密长度的文件内容 之后, 读取明文长度的文件内容, 写入解密文件中。  The plaintext reading module 622 is configured to read the file content of the plaintext length after the ciphertext reading module 621 reads the file content of the encrypted length, and write the file content into the decrypted file.
第二重复模块 623 , 用于重复启动密文读取模块 621 和明文读取模块 622 , 直到将加密文件的当前解密区域解密完成。  The second repeating module 623 is configured to repeatedly start the ciphertext reading module 621 and the plaintext reading module 622 until the current decrypted area of the encrypted file is decrypted.
明文读取模块 622还用于, 在加密规则采用的是先明文后密文相交替 的形式时, 读取明文长度的文件内容, 写入解密文件中。  The plaintext reading module 622 is further configured to: when the encryption rule adopts a form in which the ciphertext is alternated after the plaintext, the file content of the plaintext length is read and written into the decrypted file.
密文读取模块 621还用于, 在明文读取模块 622读取明文长度的文件 内容之后, 读取加密长度的文件内容, 并对加密长度的文件内容进行解密, 将解密后的文件内容写入解密文件中。  The ciphertext reading module 621 is further configured to: after the plaintext reading module 622 reads the file content of the plaintext length, read the file content of the encrypted length, decrypt the encrypted file content, and write the decrypted file content. Into the decrypted file.
第二重复模块 623还用于, 重复启动明文读取模块 622和密文读取模 块 621 , 直到将加密文件的当前解密区域解密完成。  The second repeating module 623 is further configured to repeatedly start the plaintext reading module 622 and the ciphertext reading module 621 until the current decrypted area of the encrypted file is decrypted.
进一步的, 如图 12所示, 该文件的解密装置还包括: 获取单元 63、 显 示单元 64、 删除单元 65。  Further, as shown in FIG. 12, the decryption apparatus of the file further includes: an obtaining unit 63, a display unit 64, and a deleting unit 65.
获取单元 63 ,用于在起始解密单元 61从加密文件的开头读取起始长度 的文件内容, 写入解密文件中之前, 获取起始长度、 加密长度、 明文长度 以及加密规则。  The obtaining unit 63 is configured to read the file content of the start length from the beginning of the encrypted file at the start decryption unit 61, and obtain the start length, the encryption length, the plaintext length, and the encryption rule before writing the decrypted file.
显示单元 64 , 用于将解密文件的内容进行显示。  The display unit 64 is configured to display the content of the decrypted file.
删除单元 65 ,用于将解密文件中不属于当前解密区域的文件内容删除。 进一步的,如图 13所示,交替解密单元 62还包括:第二计算模块 624。 第二计算模块 624 ,用于在按照密文和明文相交替的形式进行解密的过 程中, 按照加密规则计算加密长度和明文长度, 得到动态变化的加密长度 和明文长度。 需要说明的是, 本发明实施例中的部分功能模块的其他描述可以参考 实施例 1和实施例 2中的对应内容, 本发明实施例这里将不再贅述。 The deleting unit 65 is configured to delete the content of the file in the decrypted file that does not belong to the current decrypted area. Further, as shown in FIG. 13, the alternate decryption unit 62 further includes: a second calculation module 624. The second calculating module 624 is configured to calculate the encryption length and the plaintext length according to the encryption rule in the process of decrypting according to the ciphertext and the plaintext, to obtain the dynamically changing encryption length and the plaintext length. It should be noted that other descriptions of the partial functional modules in the embodiments of the present invention may be referred to the corresponding content in the first embodiment and the second embodiment, and details are not described herein again.
本发明实施例提供一种文件的加密和解密系统, 如图 14所示, 包括: 加密装置 71和解密装置 72。  The embodiment of the present invention provides a file encryption and decryption system, as shown in FIG. 14, comprising: an encryption device 71 and a decryption device 72.
加密装置 71 , 用于从原始文件的开头读取起始长度的文件内容, 写入 加密文件中; 并将原始文件起始长度之后的文件内容, 按照密文和明文相 交替的形式进行加密, 将加密后的文件内容写入加密文件中。  The encryption device 71 is configured to read the file content of the start length from the beginning of the original file, and write the file content into the encrypted file; and encrypt the file content after the start length of the original file according to the ciphertext and the plaintext. Write the encrypted file contents to an encrypted file.
解密装置 72 , 用于从加密文件的开头读取起始长度的文件内容, 写入 解密文件中; 并将加密文件起始长度之后的文件内容, 按照密文和明文相 交替的形式进行解密, 将解密后的文件内容写入解密文件中。  The decryption device 72 is configured to read the file content of the start length from the beginning of the encrypted file, and write the file content into the decrypted file; and decrypt the file content after the start length of the encrypted file in an alternating manner between the ciphertext and the plaintext. Write the decrypted file content to the decrypted file.
其中, 在加密装置 71上将数字文件进行间隔加密, 得到能够有效保护 数字文件版权的加密文件。 当在解密装置 72向加密装置 71发出获取加密 文件的请求时,加密装置 71将加密文件发送给解密装置 72 , 再由解密装置 72进行对应的间隔解密, 并将解密后的数字文件显示。  The digital file is interval-encrypted on the encryption device 71 to obtain an encrypted file capable of effectively protecting the copyright of the digital file. When the decryption device 72 issues a request for obtaining the encrypted file to the encryption device 71, the encryption device 71 transmits the encrypted file to the decryption device 72, and the decryption device 72 performs the corresponding interval decryption, and displays the decrypted digital file.
需要说明的是, 本发明实施例提供的文件的加密和解密系统所包含功 能模块的其他描述, 可以参考实施例 1和实施例 2 以及实施例 3中对应装 置部分的描述, 本发明实施例此处将不再贅述。  It should be noted that, for other descriptions of the function modules included in the encryption and decryption system of the file provided by the embodiment of the present invention, reference may be made to the descriptions of the corresponding device parts in Embodiment 1 and Embodiment 2 and Embodiment 3. It will not be repeated here.
本发明实施例提供的文件的加密和解密装置及系统, 本发明实施例提 供的文件的加密和解密方法、 装置及系统, 在加密时按照预定的明文长度 和密文长度将原始文件分段读取到内存中进行加密处理, 与现有技术中将 原始文件整体读入内存进行加密的方法相比, 对加密装置的内存要求较低。 并且, 通过密文与明文相互间隔的形式进行加密和解密, 与现有技术中将 原始文件中的每一个字节都进行加密和解密的方法相比, 减少了需要进行 加密和解密的数据量, 能够提高加密和解密的效率。 并且, 采用不连续的 加密和解密形式, 与现有技术中将原始文件作为一个整体加密和解密的方 法相比, 可以在解密的过程中将已解密的内容呈现, 实现了边解密边阅读, 从而减少了用户等待响应的时间, 提高了用户体验感。 并且, 在解密时可 以根据需要设定解密区域的大小, 并及时删除不属于当前解密区域的文件 内容, 与现有技术中将加密文件整体读入内存中并解密, 在内存中得到整 体的解密文件相比, 能够有效的节省内存资源, 降低了对解密装置的内存 要求。 The method and system for encrypting and decrypting a file according to an embodiment of the present invention, the method, device and system for encrypting and decrypting a file according to an embodiment of the present invention, segmenting an original file according to a predetermined plaintext length and a ciphertext length during encryption The encryption process is taken in the memory, and the memory requirement of the encryption device is lower than that of the prior art method of reading the original file into the memory for encryption. Moreover, the encryption and decryption are performed in a form in which the ciphertext and the plaintext are spaced apart from each other, and the amount of data that needs to be encrypted and decrypted is reduced as compared with the prior art method of encrypting and decrypting each byte in the original file. , can improve the efficiency of encryption and decryption. Moreover, in the form of discontinuous encryption and decryption, compared with the prior art method of encrypting and decrypting the original file as a whole, the decrypted content can be presented in the process of decryption, and the decryption is performed while reading. Thereby reducing the time for the user to wait for a response, and improving the user experience. And, when decrypting The size of the decryption area is set as needed, and the file content that does not belong to the current decryption area is deleted in time, and the encrypted file is read into the memory as a whole and decrypted in the prior art, and the entire decrypted file is obtained in the memory. Effectively save memory resources and reduce memory requirements for the decryption device.
通过以上的实施方式的描述, 所属领域的技术人员可以清楚地了解到 本发明可借助软件加必需的通用硬件的方式来实现, 当然也可以通过硬件, 但很多情况下前者是更佳的实施方式。 基于这样的理解, 本发明的技术方 案本质上或者说对现有技术做出贡献的部分可以以软件产品的形式体现出 来, 该计算机软件产品存储在可读取的存储介质中, 如计算机的软盘, 硬 盘或光盘等, 包括若干指令用以使得一台计算机设备(可以是个人计算机, 服务器, 或者网络设备等)执行本发明各个实施例提供的方法。  Through the description of the above embodiments, those skilled in the art can clearly understand that the present invention can be implemented by means of software plus necessary general hardware, and of course, by hardware, but in many cases, the former is a better implementation. . Based on such understanding, the technical solution of the present invention, which is essential or contributes to the prior art, may be embodied in the form of a software product stored in a readable storage medium, such as a floppy disk of a computer. A hard disk or optical disk, etc., includes instructions for causing a computer device (which may be a personal computer, server, or network device, etc.) to perform the methods provided by various embodiments of the present invention.
以上内容, 仅为本发明的具体实施方式, 但本发明的保护范围并不局 限于此, 任何熟悉本技术领域的技术人员在本发明揭露的技术范围内, 可 轻易想到变化或替换, 都应涵盖在本发明的保护范围之内。 因此, 本发明 的保护范围应以权利要求的保护范围为准。  The above is only a specific embodiment of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily think of changes or substitutions within the technical scope disclosed by the present invention. It is intended to be covered by the scope of the invention. Therefore, the scope of the invention should be determined by the scope of the claims.

Claims

权利要求 Rights request
1、 一种文件的加密方法, 其特征在于, 包括:  A method for encrypting a file, comprising:
从原始文件的开头读取起始长度的文件内容, 写入加密文件中, 其中 所述起始长度为从所述原始文件的开头到密文和明文相交替进行加密的起 始位置之间的长度;  Reading the file content of the start length from the beginning of the original file, and writing the file to the encrypted file, wherein the start length is between the beginning of the original file and the start position where the ciphertext and the plaintext are alternately encrypted. Length
将所述原始文件起始长度之后的文件内容, 按照密文和明文相交替的 形式进行加密, 并将加密后的文件内容写入所述加密文件中。  The content of the file after the start length of the original file is encrypted in the form of alternating ciphertext and plaintext, and the encrypted file content is written into the encrypted file.
2、 根据权利要求 1所述的文件的加密方法, 其特征在于, 所述将所述 原始文件起始长度之后的文件内容, 按照密文和明文相交替的形式进行加 密, 并将加密后的文件内容写入所述加密文件中包括:  The method for encrypting a file according to claim 1, wherein the content of the file after the start length of the original file is encrypted according to an alternating form of ciphertext and plaintext, and the encrypted file is encrypted. Writing the contents of the file to the encrypted file includes:
读取加密长度的文件内容, 并对所述加密长度的文件内容进行加密, 将加密后的文件内容写入所述加密文件中; 在所述读取加密长度的文件内 容之后, 读取明文长度的文件内容写入所述加密文件中; 按照上述步骤重 复读取所述原始文件起始长度之后的文件内容直到将所述原始文件加密完 成; 或者  Reading the encrypted length of the file content, encrypting the encrypted length of the file content, and writing the encrypted file content into the encrypted file; after reading the encrypted length of the file content, reading the plaintext length Writing the file content into the encrypted file; repeatedly reading the file content after the start length of the original file according to the above steps until the original file is encrypted; or
读取明文长度的文件内容写入所述加密文件中; 在所述读取明文长度 的文件内容之后, 读取加密长度的文件内容, 并对所述加密长度的文件内 容进行加密, 将加密后的文件内容写入所述加密文件中; 按照上述步骤重 复读取所述原始文件起始长度之后的文件内容直到将所述原始文件加密完 成。  Reading the file content of the plain text length into the encrypted file; after reading the file content of the plain text length, reading the file content of the encrypted length, and encrypting the file content of the encrypted length, after encrypting The file content is written into the encrypted file; the file content after the start length of the original file is repeatedly read according to the above steps until the original file is encrypted.
3、 根据权利要求 2所述的文件的加密方法, 其特征在于, 所述按照上 述步骤重复读取所述原始文件起始长度之后的文件内容直到将所述原始文 件加密完成, 还包括:  The method for encrypting a file according to claim 2, wherein the repeatedly reading the file content after the start length of the original file according to the above-mentioned steps until the original file is encrypted is completed, and further comprising:
判断所述原始文件中最后的文件内容是否应以密文的形式写入所述加 密文件;  Determining whether the last file content in the original file should be written into the encrypted file in the form of cipher text;
若所述原始文件中最后的文件内容不应以密文的形式写入所述加密文 件, 则直接将所述原始文件中最后的文件内容以明文的形式写入所述加密 文件; If the last file content in the original file should not be written in the cipher text, the last file content in the original file is directly written into the encryption in the form of plaintext. Document
若所述原始文件中最后的文件内容应以密文的形式写入所述加密文 件, 则确定所述原始文件中最后的文件内容的长度是否达到基数值, 若所 述原始文件中最后的文件内容的长度未达到所述基数值, 则将所述最后的 文件内容进行补充, 使得最后的文件内容的长度达到所述基数值, 并对补 充后的文件内容进行加密并写入所述加密文件。  If the last file content in the original file should be written into the encrypted file in the form of cipher text, it is determined whether the length of the last file content in the original file reaches a base value, if the last file in the original file If the length of the content does not reach the base value, the last file content is supplemented so that the length of the last file content reaches the base value, and the supplemented file content is encrypted and written into the encrypted file. .
4、 根据权利要求 1-3任一项所述的文件的加密方法, 其特征在于, 在 所述从原始文件的开头读取起始长度的文件内容, 写入所述加密文件中之 前, 还包括:  The method for encrypting a file according to any one of claims 1 to 3, wherein the file content of the start length is read from the beginning of the original file, and before being written into the encrypted file, Includes:
根据所述原始文件的大小, 确定所述起始长度、 所述加密长度以及所 述明文长度;  Determining, according to the size of the original file, the start length, the encryption length, and the plaintext length;
将所述起始长度、 所述加密长度、 所述明文长度以及加密规则发送给 文件的解密装置。  The start length, the encryption length, the plaintext length, and the encryption rule are transmitted to the decryption device of the file.
5、 根据权利要求 1-3任一项所述的文件的加密方法, 其特征在于, 所 述将所述原始文件起始长度之后的文件内容, 按照密文和明文相交替的形 式进行加密还包括: 在按照密文和明文相交替的形式进行加密的过程中, 按照预定加密规则计算所述加密长度和所述明文长度, 得到动态变化的加 密长度和明文长度。  The method for encrypting a file according to any one of claims 1 to 3, wherein the file content after the initial length of the original file is encrypted according to an alternating form of ciphertext and plaintext. The method includes: calculating, according to a predetermined encryption rule, the encryption length and the plaintext length in a process of performing encryption according to an alternating ciphertext and a plaintext, to obtain a dynamically changing encryption length and a plaintext length.
6、 根据权利要求 4所述的文件的加密方法, 其特征在于, 所述将所述 起始长度、 所述加密长度、 所述明文长度以及加密规则发送给文件的解密 装置包括:  The method for encrypting a file according to claim 4, wherein the decrypting means for transmitting the start length, the encryption length, the plaintext length, and the encryption rule to the file includes:
在所述加密文件的开头添加文件头, 并将所述起始长度、 所述加密长 度、 所述明文长度以及加密规则写入到所述加密文件的文件头中发送给所 述文件的解密装置; 或者  Adding a file header at the beginning of the encrypted file, and writing the start length, the encryption length, the plaintext length, and an encryption rule to a decryption device sent to the file in a file header of the encrypted file ; or
将所述起始长度、 所述加密长度、 所述明文长度以及加密规则封装到 信元中发送给所述文件的解密装置。  The start length, the encryption length, the plaintext length, and the encryption rule are encapsulated into a decryption device that is sent to the file in the cell.
7、 一种文件的解密方法, 其特征在于, 包括: 从加密文件的开头读取起始长度的文件内容, 写入解密文件中, 其中 所述初始长度为从所述加密文件的开头到密文和明文相交替进行解密的起 始位置之间的长度; 7. A method for decrypting a file, comprising: Reading the file content of the start length from the beginning of the encrypted file, and writing the decrypted file, wherein the initial length is the length from the beginning of the encrypted file to the start position where the ciphertext and the plaintext are alternately decrypted. ;
将所述加密文件起始长度之后的文件内容, 按照密文和明文相交替的 形式进行解密, 并将解密后的文件内容写入所述解密文件中。  The content of the file after the start length of the encrypted file is decrypted in the form of alternating ciphertext and plaintext, and the decrypted file content is written into the decrypted file.
8、 根据权利要求 7所述的文件的解密方法, 其特征在于, 所述将所述 加密文件起始长度之后的文件内容, 按照密文和明文相交替的形式进行解 密, 并将解密后的文件内容写入所述解密文件中包括:  The method for decrypting a file according to claim 7, wherein the file content after the start length of the encrypted file is decrypted according to an alternating form of ciphertext and plaintext, and the decrypted Writing the contents of the file to the decrypted file includes:
当加密规则采用的是先密文后明文相交替的形式时, 读取加密长度的 文件内容, 并对所述加密长度的文件内容进行解密, 将解密后的文件内容 写入所述解密文件中; 在所述读取加密长度的文件内容之后, 读取明文长 度的文件内容, 写入所述解密文件中; 按照上述步骤重复读取所述加密文 件起始长度之后的文件内容直到将所述加密文件的当前解密区域解密完 成;  When the encryption rule adopts the form of alternating the plaintext and the plaintext, the file content of the encrypted length is read, and the file content of the encrypted length is decrypted, and the decrypted file content is written into the decrypted file. After reading the encrypted file content, reading the file content of the plain text length and writing the file to the decrypted file; repeatedly reading the file content after the start length of the encrypted file according to the above steps until the The decryption of the current decryption area of the encrypted file is completed;
当加密规则采用的是先明文后密文相交替的形式时, 读取明文长度的 文件内容写入所述解密文件中; 在所述读取明文长度的文件内容之后, 读 取加密长度的文件内容, 并对所述加密长度的文件内容进行解密, 将解密 后的文件内容写入所述解密文件中; 按照上述步骤重复读取所述加密文件 起始长度之后的文件内容直到将所述加密文件的当前解密区域解密完成。  When the encryption rule adopts a form in which the ciphertext is alternated after the plaintext, the file content of the plaintext length is written into the decrypted file; after the file content of the plaintext length is read, the file of the encrypted length is read. Content, decrypting the encrypted length of the file content, and writing the decrypted file content into the decrypted file; repeatedly reading the file content after the start length of the encrypted file according to the above steps until the encryption is performed The current decryption area of the file is decrypted.
9、 根据权利要求 8所述的文件的解密方法, 其特征在于, 在所述从加 密文件的开头读取起始长度的文件内容, 写入解密文件中之前, 还包括: 获取所述起始长度、 所述加密长度、 所述明文长度以及加密规则。 The method for decrypting a file according to claim 8, wherein before the reading of the file content of the start length from the beginning of the encrypted file, before writing to the decrypted file, the method further comprises: acquiring the start Length, the length of the encryption, the length of the plaintext, and the encryption rules.
10、 根据权利要求 8 所述的文件的解密方法, 其特征在于, 所述将所 述加密文件起始长度之后的文件内容, 按照密文和明文相交替的形式进行 解密还包括: 在按照密文和明文相交替的形式进行解密的过程中, 按照所 述加密规则计算所述加密长度和所述明文长度, 得到动态变化的加密长度 和明文长度。 The method for decrypting a file according to claim 8, wherein the decrypting the file content after the start length of the encrypted file according to the ciphertext and the plaintext alternately includes: In the process of decrypting the text and the plaintext, the encryption length and the plaintext length are calculated according to the encryption rule, and the dynamically changed encryption length and the plaintext length are obtained.
11、 根据权利要求 7-10任一项所述的文件的解密方法, 其特征在于, 还包括: 将所述解密文件的内容进行显示。 The method for decrypting a file according to any one of claims 7 to 10, further comprising: displaying the content of the decrypted file.
12、 根据权利要求 11所述的文件的解密方法, 其特征在于, 还包括: 将所述解密文件中不属于当前解密区域的文件内容删除。  The method for decrypting a file according to claim 11, further comprising: deleting a file content of the decrypted file that does not belong to the current decrypted area.
1 3、 一种文件的加密装置, 其特征在于, 包括:  1 3, a file encryption device, comprising:
起始加密单元, 用于从原始文件的开头读取起始长度的文件内容, 写 入加密文件中, 其中所述起始长度为从所述原始文件的开头到密文和明文 相交替进行加密的起始位置之间的长度; 密文和明文相交替的形式进行加密, 并将加密后的文件内容写入所述加密 文件中。  a starting encryption unit, configured to read a file content of a starting length from a beginning of the original file, and write the file to the encrypted file, wherein the starting length is alternately encrypted from the beginning of the original file to the ciphertext and the plaintext. The length between the starting positions; the ciphertext and the plaintext are alternately encrypted, and the encrypted file contents are written into the encrypted file.
14、 根据权利要求 1 3所述的文件的加密装置, 其特征在于, 所述交替 加密单元包括:  The encryption device for a file according to claim 13, wherein the alternate encryption unit comprises:
密文写入模块, 用于读取加密长度的文件内容, 并对所述加密长度的 文件内容进行加密, 将加密后的文件内容写入所述加密文件中;  a cipher text writing module, configured to read the file content of the encrypted length, encrypt the file content of the encrypted length, and write the encrypted file content into the encrypted file;
明文写入模块, 用于在所述密文写入模块读取加密长度的文件内容之 后, 读取明文长度的文件内容写入所述加密文件中;  a plaintext writing module, configured to: after the ciphertext writing module reads the encrypted length of the file content, write the file content of the plaintext length into the encrypted file;
第一重复模块, 用于重复交替启动所述密文写入模块和所述明文写入 模块, 直到将所述原始文件加密完成。  And a first repeating module, configured to repeatedly start the ciphertext writing module and the plaintext writing module alternately until the original file is encrypted.
15、 根据权利要求 14所述的文件的加密装置, 其特征在于, 所述明文 写入模块还用于, 读取明文长度的文件内容写入所述加密文件中;  The file encryption device according to claim 14, wherein the plaintext writing module is further configured to: write a file content of a plaintext length into the encrypted file;
所述密文写入模块还用于, 在所述明文写入模块读取明文长度的文件 内容写入所述加密文件中之后, 读取加密长度的文件内容, 并对所述加密 长度的文件内容进行加密, 将加密后的文件内容写入所述加密文件中; 所述第一重复模块还用于, 重复交替启动所述明文写入模块和所述密 文写入模块, 直到将所述原始文件加密完成。  The ciphertext writing module is further configured to: after the plaintext writing module reads the file content of the plaintext length and write the file content into the encrypted file, read the file content of the encrypted length, and the file of the encrypted length The content is encrypted, and the encrypted file content is written into the encrypted file; the first repeating module is further configured to repeatedly start the plaintext writing module and the ciphertext writing module alternately until the The original file is encrypted.
16、 根据权利要求 14所述的文件的加密装置, 其特征在于, 所述交替 加密单元还包括: The encryption device for a file according to claim 14, wherein said alternation The encryption unit also includes:
判断模块, 用于判断所述原始文件中最后的文件内容是否应以密文的 形式写入所述加密文件;  a determining module, configured to determine whether the last file content in the original file should be written into the encrypted file in the form of cipher text;
所述明文写入模块还用于, 在所述原始文件中最后的文件内容不应以 密文的形式写入所述加密文件时, 直接将所述原始文件中最后的文件内容 以明文的形式写入所述加密文件;  The plaintext writing module is further configured to directly write the last file content in the original file in the form of a plaintext when the last file content in the original file is not written in the cipher text. Writing the encrypted file;
补充模块, 用于在所述原始文件中最后的文件内容应以密文的形式写 入所述加密文件时, 确定所述原始文件中最后的文件内容的长度是否达到 基数值, 若所述原始文件中最后的文件内容的长度未达到所述基数值, 则 将所述最后的文件内容进行补充 , 使得最后的文件内容的长度达到所述基 数值;  a supplementary module, configured to determine, when the last file content in the original file is written in the cipher text, whether the length of the last file content in the original file reaches a base value, if the original If the length of the last file content in the file does not reach the base value, the last file content is supplemented so that the length of the last file content reaches the base value;
所述密文写入模块还用于, 对补充后的文件内容进行加密并写入所述 加密文件。  The ciphertext writing module is further configured to encrypt the encrypted file content and write the encrypted file.
17、 根据权利要求 1 3-16任一项所述的文件的加密装置, 其特征在于, 还包括:  The encryption device for a file according to any one of claims 1 to 3, further comprising:
确定单元, 用于在所述起始加密单元从原始文件的开头读取起始长度 的文件内容, 写入所述加密文件中之前, 根据所述原始文件的大小, 确定 所述起始长度、 所述加密长度以及所述明文长度;  a determining unit, configured to: read, at the beginning of the original file, the file content of the start length from the beginning of the original file, before writing the encrypted file, determining the start length according to the size of the original file, The encryption length and the length of the plaintext;
发送单元, 用于将所述起始长度、 所述加密长度、 所述明文长度以及 加密规则发送给文件的解密装置。  And a sending unit, configured to send the start length, the encryption length, the plaintext length, and an encryption rule to a decryption device of the file.
18、 根据权利要求 1 3-16任一项所述的文件的加密装置, 其特征在于, 所述交替加密单元还包括:  The encryption device for a file according to any one of claims 1 to 3, wherein the alternate encryption unit further comprises:
第一计算模块, 用于在按照密文和明文相交替的形式进行加密的过程 中, 按照预定加密规则计算所述加密长度和所述明文长度, 得到动态变化 的加密长度和明文长度。  The first calculating module is configured to calculate the encryption length and the plaintext length according to a predetermined encryption rule in the process of performing encryption according to the ciphertext and the plaintext, to obtain a dynamically changing encryption length and a plaintext length.
19、 根据权利要求 17所述的文件的加密装置, 其特征在于, 所述发送 单元还用于, 在所述加密文件的开头添加文件头, 并将所述起始长度、 所 述加密长度以及所述明文长度的属性写入所述加密文件的文件头中; 所述发送单元还用于, 将所述起始长度、 所述加密长度、 所述明文长 度以及加密规则封装到信元中发送给所述文件的解密装置。 The encryption device of the file according to claim 17, wherein the sending unit is further configured to: add a file header at the beginning of the encrypted file, and add the starting length and the The encryption length and the attribute of the plaintext length are written in a file header of the encrypted file; the sending unit is further configured to encapsulate the start length, the encryption length, the plaintext length, and an encryption rule into A decryption device that is sent to the file in the cell.
20、 一种文件的解密装置, 其特征在于, 包括:  20. A file decryption apparatus, comprising:
起始解密单元, 用于从加密文件的开头读取起始长度的文件内容, 写 入解密文件中, 其中所述初始长度为从所述加密文件的开头到密文和明文 相交替进行解密的起始位置之间的长度;  And an initial decryption unit, configured to read the file content of the start length from the beginning of the encrypted file, and write the file content into the decrypted file, wherein the initial length is alternately decrypted from the beginning of the encrypted file to the ciphertext and the plaintext. The length between the starting positions;
交替解密单元, 用于将所述加密文件起始长度之后的文件内容, 按照 密文和明文相交替的形式进行解密, 并将解密后的文件内容写入所述解密 文件中。  The alternate decryption unit is configured to decrypt the file content after the start length of the encrypted file in an alternating form of ciphertext and plaintext, and write the decrypted file content into the decrypted file.
21、 根据权利要求 20所述的文件的解密装置, 其特征在于, 所述交替 解密单元包括:  21. The file decryption apparatus according to claim 20, wherein the alternate decryption unit comprises:
密文读取模块, 用于在加密规则采用的是先密文后明文相交替的形式 时, 读取加密长度的文件内容, 并对所述加密长度的文件内容进行解密, 将解密后的文件内容写入所述解密文件中;  The ciphertext reading module is configured to: when the encryption rule adopts a form in which the ciphertext is alternated, the encrypted length of the file content is read, and the encrypted length file content is decrypted, and the decrypted file is decrypted. Content is written into the decrypted file;
明文读取模块, 用于在所述密文读取模块读取加密长度的文件内容之 后, 读取明文长度的文件内容, 写入所述解密文件中;  a plaintext reading module, configured to: after the ciphertext reading module reads the encrypted length of the file content, read the file content of the plaintext length, and write the file content into the decrypted file;
第二重复模块, 用于重复启动所述密文读取模块和所述明文读取模块, 直到将所述加密文件的当前解密区域解密完成。  And a second repeating module, configured to repeatedly start the ciphertext reading module and the plaintext reading module until the current decrypted area of the encrypted file is decrypted.
22、 根据权利要求 21所述的文件的解密装置, 其特征在于, 所述明文 读取模块还用于, 在加密规则采用的是先明文后密文相交替的形式时, 读 取明文长度的文件内容, 写入所述解密文件中;  The file decryption apparatus according to claim 21, wherein the plaintext reading module is further configured to: when the encryption rule adopts a form in which the ciphertext is alternated after the plaintext, the length of the plaintext is read. The content of the file is written into the decrypted file;
所述密文读取模块还用于, 在所述明文读取模块读取明文长度的文件 内容之后, 读取加密长度的文件内容, 并对所述加密长度的文件内容进行 解密, 将解密后的文件内容写入所述解密文件中;  The ciphertext reading module is further configured to: after the plaintext reading module reads the file content of the plaintext length, read the file content of the encrypted length, and decrypt the file content of the encrypted length, and decrypt the file content after the decryption The contents of the file are written into the decrypted file;
所述第二重复模块还用于, 重复启动所述明文读取模块和所述密文读 取模块, 直到将所述加密文件的当前解密区域解密完成。 The second repeating module is further configured to repeatedly start the plaintext reading module and the ciphertext reading module until the current decrypted area of the encrypted file is decrypted.
23、 根据权利要求 21所述的文件的解密装置, 其特征在于, 还包括: 获取单元, 用于在所述起始解密单元从加密文件的开头读取起始长度 的文件内容, 写入解密文件中之前, 获取所述起始长度、 所述加密长度、 所述明文长度以及加密规则。 The file decryption apparatus according to claim 21, further comprising: an obtaining unit, configured to: at the start decryption unit, read the file content of the start length from the beginning of the encrypted file, and write and decrypt the file Before the file, the starting length, the encryption length, the plaintext length, and the encryption rule are obtained.
24、 根据权利要求 20-23任一项所述的文件的解密装置, 其特征在于, 所述交替解密单元还包括:  The apparatus for decrypting a file according to any one of claims 20 to 23, wherein the alternate decryption unit further comprises:
第二计算模块, 用于在按照密文和明文相交替的形式进行解密的过程 中, 按照所述加密规则计算所述加密长度和所述明文长度, 得到动态变化 的加密长度和明文长度。  And a second calculating module, configured to calculate the encryption length and the plaintext length according to the encryption rule in the process of decrypting according to the ciphertext and the plaintext, to obtain a dynamically changing encryption length and a plaintext length.
25、 根据权利要求 20-23任一项所述的文件的解密装置, 其特征在于, 还包括:  The device for decrypting a file according to any one of claims 20 to 23, further comprising:
显示单元, 用于将所述解密文件的内容进行显示。  a display unit, configured to display content of the decrypted file.
26、 根据权利要求 25所述的文件的解密装置, 其特征在于, 还包括: 删除单元, 用于将所述解密文件中不属于当前解密区域的文件内容删 除。  The file decryption apparatus according to claim 25, further comprising: a deleting unit, configured to delete the file content of the decrypted file that does not belong to the current decrypted area.
27、一种文件的加密和解密系统,其特征在于, 包括:如权利要求 13-19 中任一项所述的加密装置和如权利要求 20-26中任一项所述的解密装置。  A system for encrypting and decrypting a file, comprising: the encryption device according to any one of claims 13 to 19, and the decryption device according to any one of claims 20-26.
PCT/CN2012/079005 2011-08-11 2012-07-23 File encryption and decryption method, device and system WO2013020446A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN2011102301480A CN102254127A (en) 2011-08-11 2011-08-11 Method, device and system for encrypting and decrypting files
CN201110230148.0 2011-08-11

Publications (1)

Publication Number Publication Date
WO2013020446A1 true WO2013020446A1 (en) 2013-02-14

Family

ID=44981387

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2012/079005 WO2013020446A1 (en) 2011-08-11 2012-07-23 File encryption and decryption method, device and system

Country Status (2)

Country Link
CN (1) CN102254127A (en)
WO (1) WO2013020446A1 (en)

Families Citing this family (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102254127A (en) * 2011-08-11 2011-11-23 华为技术有限公司 Method, device and system for encrypting and decrypting files
CN103281299B (en) * 2013-04-26 2016-12-28 天地融科技股份有限公司 A kind of ciphering and deciphering device and information processing method and system
CN103294961A (en) * 2013-06-07 2013-09-11 北京奇虎科技有限公司 Method and device for file encrypting/decrypting
CN105426701B (en) * 2014-09-23 2018-05-18 北大方正集团有限公司 E-book is encrypted and offline reading method and device, e-book copyright protecting system
CN104753925A (en) * 2015-03-11 2015-07-01 华中科技大学 Gateway system and method for encrypting and decoding files
CN106407127B (en) * 2015-07-31 2019-12-10 腾讯科技(深圳)有限公司 Data encryption method and device
CN106372517A (en) * 2016-08-30 2017-02-01 北京小米移动软件有限公司 File encryption method, file decryption method, file encryption device and equipment
CN106789070A (en) * 2016-12-20 2017-05-31 北京小米移动软件有限公司 The decryption method of data, device and terminal
CN108259165A (en) * 2016-12-29 2018-07-06 航天信息股份有限公司 Inventory's grain cognizance code encryption and decryption approaches and device
CN109033867A (en) * 2018-06-29 2018-12-18 上海爱优威软件开发有限公司 A kind of file encrypting method and system
CN109344641A (en) * 2018-08-20 2019-02-15 广州飞硕信息科技股份有限公司 A kind of processing method of local data, device and storage medium
CN111414635A (en) * 2020-03-20 2020-07-14 广州市百果园信息技术有限公司 File encryption and decryption method, device, equipment and storage medium
CN112364358A (en) * 2020-10-30 2021-02-12 北京天润融通科技股份有限公司 Voice encryption method and device and voice decryption method and device
CN112597228A (en) * 2020-12-26 2021-04-02 中国农业银行股份有限公司 File processing method and system
CN113486191B (en) * 2021-06-25 2024-04-05 北京计算机技术及应用研究所 Secret-related electronic file fixed decryption method
CN117149721A (en) * 2022-10-24 2023-12-01 深圳Tcl新技术有限公司 File processing method, device, storage medium and computer equipment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1717894A (en) * 2002-10-28 2006-01-04 诺基亚公司 System and method for partially-encrypted data transmission and reception
CN1774755A (en) * 2003-04-11 2006-05-17 索尼株式会社 Digital data storage/reproduction method and device
CN101222624A (en) * 2007-12-07 2008-07-16 四川长虹电器股份有限公司 Multimedia data encryption method based on AVI format
CN102254127A (en) * 2011-08-11 2011-11-23 华为技术有限公司 Method, device and system for encrypting and decrypting files

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7702104B2 (en) * 2004-04-01 2010-04-20 International Business Machines Corporation System and method for securing genomic information
US7428306B2 (en) * 2006-04-18 2008-09-23 International Business Machines Corporation Encryption apparatus and method for providing an encrypted file system
CN101188750A (en) * 2007-12-12 2008-05-28 四川长虹电器股份有限公司 An encryption method for transfer stream file

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1717894A (en) * 2002-10-28 2006-01-04 诺基亚公司 System and method for partially-encrypted data transmission and reception
CN1774755A (en) * 2003-04-11 2006-05-17 索尼株式会社 Digital data storage/reproduction method and device
CN101222624A (en) * 2007-12-07 2008-07-16 四川长虹电器股份有限公司 Multimedia data encryption method based on AVI format
CN102254127A (en) * 2011-08-11 2011-11-23 华为技术有限公司 Method, device and system for encrypting and decrypting files

Also Published As

Publication number Publication date
CN102254127A (en) 2011-11-23

Similar Documents

Publication Publication Date Title
WO2013020446A1 (en) File encryption and decryption method, device and system
WO2022252632A1 (en) Data encryption processing method and apparatus, computer device, and storage medium
US10187361B2 (en) Method for secure communication using asymmetric and symmetric encryption over insecure communications
JP6389895B2 (en) Data security using keys supplied by request
US9712319B2 (en) Method and apparatus to encrypt plaintext data
EP2835933B1 (en) Method, device and system for implementing media data processing
WO2021057073A1 (en) Private key generation and use method, apparatus and device in asymmetric key
CN103294961A (en) Method and device for file encrypting/decrypting
CN103345453B (en) Based on supporting the method that the fixed disk data enciphering card of SATA interface is encrypted
KR20080050932A (en) Method for encrypting datas and appatus therefor
WO2012130028A1 (en) Content reading system and method
CN110912920A (en) Data processing method, apparatus and medium
KR20190010251A (en) A method and apparatus of lpes for security enhancement in cloud storage transport phase
CN104967693A (en) Document similarity calculation method facing cloud storage based on fully homomorphic password technology
US8639941B2 (en) Data security in mobile devices
CN105959281A (en) File encrypted transmission method and device
US20230208615A1 (en) Online-Streamer Image Model File Transmission in Co-Hosting During Livestreaming
CN102685592A (en) Streaming media player method supporting digital rights management
CN107425959A (en) A kind of method for realizing encryption, system, client and service end
CN102761559A (en) Private data-based network security sharing method and communication terminal
WO2018113756A1 (en) Sending method, control method, sending end and receiving end in instant messaging
CN108985109A (en) A kind of date storage method and device
CN104268489A (en) Method for optimizing performance of encryption card based on DEVICE MAPPER
CN103491384A (en) Encrypting method and device of video and decrypting method and device of video
CN111130788B (en) Data processing method and system, data reading method and iSCSI server

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12821807

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12821807

Country of ref document: EP

Kind code of ref document: A1