WO2016086788A1 - 移动终端上数据加/解密方法及装置 - Google Patents

移动终端上数据加/解密方法及装置 Download PDF

Info

Publication number
WO2016086788A1
WO2016086788A1 PCT/CN2015/095588 CN2015095588W WO2016086788A1 WO 2016086788 A1 WO2016086788 A1 WO 2016086788A1 CN 2015095588 W CN2015095588 W CN 2015095588W WO 2016086788 A1 WO2016086788 A1 WO 2016086788A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
encrypted
identification information
data
mobile terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2015/095588
Other languages
English (en)
French (fr)
Chinese (zh)
Inventor
宋宜涛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alibaba Group Holding Ltd
Original Assignee
Alibaba Group Holding Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alibaba Group Holding Ltd filed Critical Alibaba Group Holding Ltd
Priority to SG11201703941RA priority Critical patent/SG11201703941RA/en
Priority to JP2017529311A priority patent/JP6533291B2/ja
Priority to EP15866319.5A priority patent/EP3229510B1/en
Priority to KR1020177014346A priority patent/KR102051720B1/ko
Publication of WO2016086788A1 publication Critical patent/WO2016086788A1/zh
Priority to US15/601,531 priority patent/US11134377B2/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/033Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/02Terminal devices

Definitions

  • the present application relates to the field of data processing, and in particular, to a data encryption/decryption method and apparatus on a mobile terminal.
  • the data protection of the mobile terminal adopts a method of hardware protection or public and private key protection.
  • Hardware protection generally uses an encryption card or a mobile phone shield as a means of protecting the privacy data of the mobile terminal and directly storing the plaintext.
  • a key seed is integrated in the central processor for data encryption and decryption.
  • the method of using hardware to protect mobile terminal data is costly and is not suitable for promotion and popularization in the public.
  • the public and private keys are used to protect the data of the mobile terminal.
  • the server needs to be decrypted.
  • the network connection is required to be implemented, and the offline terminal cannot be used.
  • the purpose of the application is to provide a data encryption/decryption method and device on a mobile terminal, which can protect the security of the data from being stolen and falsified in the case of offline without hardware protection.
  • the present application provides a data encryption/decryption method on a mobile terminal, the method comprising: generating a service key, and performing encryption/decryption on the service key, including:
  • the data is encrypted/decrypted using the service key.
  • the present application provides a data encryption/decryption apparatus on a mobile terminal, where the apparatus includes:
  • a first generating unit configured to generate a service key
  • a second generating unit configured to generate a first public key and a first private key pair in advance
  • a first acquiring unit configured to acquire identification information of the mobile terminal
  • a first encryption unit configured to encrypt the first public key and the first private key pair by using the identification information, obtain a first encrypted public key and a first encrypted private key, and save the same;
  • a first decryption unit configured to decrypt the first encrypted private key by using the identification information, to obtain the first private key
  • a second encryption unit configured to encrypt the service key by using the first private key to obtain an encrypted service key
  • a second decrypting unit configured to decrypt the first encrypted public key by using the identification information to obtain the first public key
  • a third decryption unit configured to decrypt the encrypted service key by using the first public key, Obtaining the service key
  • a second acquiring unit configured to acquire data that the mobile terminal needs to add/decrypt
  • a third encryption unit configured to encrypt the data by using the service key
  • a fourth decrypting unit configured to decrypt the data by using the service key.
  • the data encryption/decryption method and device on the mobile terminal provided by the embodiment of the present invention realize the protection of the privacy data of the mobile terminal through the process of initialization, encryption and decryption. Moreover, without hardware involvement, data protection costs are low, and data can be protected from being stolen and tampered with offline conditions.
  • FIG. 1 is a flowchart of a data encryption/decryption method on a mobile terminal according to Embodiment 1 of the present application;
  • FIG. 2 is a schematic diagram of a data encryption/decryption apparatus on a mobile terminal according to Embodiment 2 of the present application.
  • the data encryption/decryption method and device on the mobile terminal provided by the embodiment of the present application are applicable to mobile terminals, such as mobile phones, tablet computers, and the like.
  • FIG. 1 is a flowchart of a data encryption/decryption method on a mobile terminal according to Embodiment 1 of the present application. Each step of the method is performed by a mobile terminal. As shown in FIG. 1 , the method specifically includes:
  • the mobile terminal generates the first public key and the first private key pair, and the generation manner is a prior art, which is not described in detail herein.
  • the first public key and the first private key are simultaneously generated, and the information encrypted by the first public key can only be decrypted by the first private key, and the information encrypted by the first private key can only be decrypted by the first public key.
  • the identification information of the mobile terminal is acquired by the code.
  • the identification information includes one or more of the following:
  • IMEI International Mobile Equipment Identity
  • IMSI International Mobile Subscriber Identification Number
  • MAC Media Access Control
  • UUID Universally Unique Identifier
  • the identification information is subjected to a hash algorithm processing to obtain a character string.
  • the hash algorithm maps binary values of arbitrary length to shorter fixed-length binary values. This shorter binary value is called a hash value.
  • a hash value is a unique and extremely compact numerical representation of a piece of data. If a hash of a plain text changes only one letter of the paragraph, subsequent hashes will produce different values. It is computationally impossible to find two different inputs that are hashed to the same value, so the hash of the data can verify the integrity of the data. Generally used for fast lookup and encryption algorithms.
  • the first public key and the first private key are encrypted by using the character string and a symmetric encryption algorithm to obtain a first encrypted public key and a first encrypted private key.
  • the encryption algorithm may be: Advanced Encryption Standard (AES), Data Encryption Standard (DES), triple data encryption algorithm, and the like.
  • AES Advanced Encryption Standard
  • DES Data Encryption Standard
  • Triple data encryption algorithm and the like.
  • the character string is a root key, and is used to encrypt the first public key and the first private key after being generated, and the root key is not saved, and is generated by using identification information of the mobile terminal when needed. .
  • the above process is an initialization process, and each mobile terminal needs to be initialized, and only needs to be initialized once, and initialization is a prerequisite for encryption and decryption.
  • the purpose of the initialization process is to get the first encryption
  • the public key and the first encrypted private key are The public key and the first encrypted private key.
  • the service key is randomly generated by the mobile terminal, and each service uses a service key.
  • the method of generating the service key is the same as the method of generating the first public key and the first private key pair, and will not be described in detail herein.
  • S106 Encrypt data by using the service key to obtain encrypted data.
  • the encrypted data of the mobile terminal is obtained, and the data is encrypted by using the service key and a symmetric encryption algorithm to obtain encrypted data, thereby ensuring data security.
  • the data includes privacy data such as biometrics of the user.
  • steps S102 and S103 need to be repeatedly performed to obtain the character string.
  • the service key is encrypted by using the first private key and an asymmetric algorithm to obtain an encrypted service key.
  • the asymmetric algorithm may be: a public key encryption algorithm (RSA), a digital signature algorithm (DSA), or the like.
  • RSA public key encryption algorithm
  • DSA digital signature algorithm
  • steps S105-S108 are encryption processes, and the privacy data is encrypted to protect the privacy data from being stolen and tampered. And the encrypted service key obtained in step S108 can be used to decrypt the encrypted private data when the private data is used.
  • steps S102 and S103 need to be repeatedly performed to obtain the character string.
  • the encrypted public key is decrypted by using the first public key and the asymmetric decryption algorithm to obtain a service key.
  • the encrypted private data is decrypted by using the service key and a symmetric decryption algorithm to obtain private data.
  • steps S109-S111 are processes for decrypting the encrypted data. Since the character string is generated according to the identity of the device itself, the decryption can be performed according to the mobile phone device to generate a character string for decryption at any time, so that the encrypted private data can be decrypted under offline conditions without accessing the server. At the same time, since the string is generated according to the local device for encryption and decryption, even if the data is leaked, the decryption cannot be completed when other people use other devices, so that the privacy of the user can be effectively protected from being leaked.
  • the data encryption/decryption method on the mobile terminal provided in the first embodiment of the present application implements the protection of the privacy data of the mobile terminal through the process of initialization, encryption, and decryption.
  • the root key is not saved, and the information of the mobile terminal is calculated, the public-private key protects the security of the service key, and the service key protects the data. No hardware protection is required, data protection costs are low, and data can be protected from being stolen and tampered with offline conditions.
  • FIG. 2 is a schematic diagram of the data encryption/decryption device on the mobile terminal provided in the second embodiment of the present application. . As shown in FIG.
  • the apparatus specifically includes: a first generating unit 201, a second generating unit 202, a first obtaining unit 203, a first encrypting unit 204, a first decrypting unit 205, a second encrypting unit 206, and a second The decryption unit 207, the third decryption unit 208, the second acquisition unit 209, the third encryption unit 210, and the fourth decryption unit 211.
  • the first generating unit 201 is configured to generate a service key
  • the second generating unit 202 is configured to generate a first public key and a first private key pair in advance;
  • the first obtaining unit 203 is configured to acquire identification information of the mobile terminal
  • the first encryption unit 204 is configured to encrypt the first public key and the first private key pair by using the identification information, obtain a first encrypted public key and a first encrypted private key, and save the same;
  • the first decryption unit 205 is configured to decrypt the first encrypted private key by using the identification information to obtain the first private key;
  • the second encryption unit 206 is configured to encrypt the service key by using the first private key to obtain an encrypted service key.
  • the second decryption unit 207 is configured to decrypt the first encrypted public key by using the identification information to obtain the first public key;
  • the third decryption unit 208 is configured to decrypt the encrypted service key by using the first public key to obtain the service key.
  • the second obtaining unit 209 is configured to acquire data that the mobile terminal needs to add/decrypt
  • the third encryption unit 210 is configured to encrypt the data by using the service key
  • the fourth decryption unit 211 is configured to decrypt the data by using the service key.
  • the first encryption unit 204 is specifically configured to:
  • the first public key and the first private key pair are respectively encrypted by the character string.
  • the first decryption unit 205 is specifically configured to:
  • the second decryption unit 207 is specifically configured to:
  • the first encrypted public key is decrypted using the character string.
  • the generating a string according to the identification information is specifically:
  • the identification information is subjected to a hash algorithm processing to obtain the character string.
  • the identification information includes one or more of the following:
  • IMEI International Mobile Equipment Identity
  • IMSI International Mobile Subscriber Identification Number
  • MAC Media Access Control
  • UUID Universally Unique Identifier
  • the device provided in the second embodiment of the present application is embedded in the method provided in the first embodiment of the present application. Therefore, the specific working process of the device provided in this application is not described herein.
  • the data encryption/decryption device on the mobile terminal provided in the second embodiment of the present application realizes the protection of the privacy data of the mobile terminal through the process of initialization, encryption and decryption.
  • the root key is not saved, and the information of the mobile terminal is calculated, the public-private key protects the security of the service key, and the service key protects the data. No hardware protection is required, data protection costs are low, and data can be protected from being stolen and tampered with offline conditions.
  • the steps of a method or algorithm described in connection with the embodiments disclosed herein can be implemented in hardware, a software module executed by a processor, or a combination of both.
  • the software module can be placed in random access memory (RAM), memory, read only memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, removable disk, CD-ROM, or technical field. Any other form of storage medium known.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephone Function (AREA)
  • Telephonic Communication Services (AREA)
  • Storage Device Security (AREA)
PCT/CN2015/095588 2014-12-02 2015-11-26 移动终端上数据加/解密方法及装置 Ceased WO2016086788A1 (zh)

Priority Applications (5)

Application Number Priority Date Filing Date Title
SG11201703941RA SG11201703941RA (en) 2014-12-02 2015-11-26 Method and apparatus for encrypting/decrypting data on mobile terminal
JP2017529311A JP6533291B2 (ja) 2014-12-02 2015-11-26 モバイル端末上のデータを暗号化/復号化するための方法及び装置
EP15866319.5A EP3229510B1 (en) 2014-12-02 2015-11-26 Method and apparatus for encrypting/decrypting data on mobile terminal
KR1020177014346A KR102051720B1 (ko) 2014-12-02 2015-11-26 모바일 단말 상의 데이터를 암호화/복호화하는 방법 및 장치
US15/601,531 US11134377B2 (en) 2014-12-02 2017-05-22 Encrypting/decrypting data on mobile terminal

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201410721298.5A CN105722067B (zh) 2014-12-02 2014-12-02 移动终端上数据加/解密方法及装置
CN201410721298.5 2014-12-02

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US15/601,531 Continuation US11134377B2 (en) 2014-12-02 2017-05-22 Encrypting/decrypting data on mobile terminal

Publications (1)

Publication Number Publication Date
WO2016086788A1 true WO2016086788A1 (zh) 2016-06-09

Family

ID=56090997

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/095588 Ceased WO2016086788A1 (zh) 2014-12-02 2015-11-26 移动终端上数据加/解密方法及装置

Country Status (7)

Country Link
US (1) US11134377B2 (enExample)
EP (1) EP3229510B1 (enExample)
JP (1) JP6533291B2 (enExample)
KR (1) KR102051720B1 (enExample)
CN (1) CN105722067B (enExample)
SG (1) SG11201703941RA (enExample)
WO (1) WO2016086788A1 (enExample)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111901099A (zh) * 2020-06-16 2020-11-06 上海眼控科技股份有限公司 一种用于加密车辆信息的方法、系统及设备
CN114143026A (zh) * 2021-10-26 2022-03-04 福建福诺移动通信技术有限公司 基于非对称与对称加密的数据安全接口及其工作方法

Families Citing this family (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018109850A1 (ja) * 2016-12-14 2018-06-21 三菱電機株式会社 通信機器、電気機器、端末、通信方法およびプログラム
CN108235798A (zh) * 2017-12-27 2018-06-29 福建联迪商用设备有限公司 一种公私钥对获取方法、系统和pos终端
KR102525429B1 (ko) * 2018-04-27 2023-04-26 에릭슨엘지엔터프라이즈 주식회사 시스템 식별자를 생성 및 저장하는 사설 교환기 장치 및 방법
CN109286921B (zh) * 2018-09-25 2021-07-02 锐达互动科技股份有限公司 一种便携式多场景教学身份认证方法
JP6894469B2 (ja) * 2019-06-11 2021-06-30 株式会社ユビキタスAiコーポレーション 情報処理装置およびその制御プログラム
CN110661814A (zh) * 2019-10-14 2020-01-07 江苏国泰新点软件有限公司 一种投标文件加解密方法、装置、设备和介质
CN114637998A (zh) * 2020-12-16 2022-06-17 Tcl商用信息科技(惠州)有限责任公司 一种数据的处理方法、系统、智能终端及存储介质
CN112906034B (zh) * 2021-03-16 2022-04-05 北京深思数盾科技股份有限公司 一种密钥保存方法、装置、存储介质及电子设备
CN113114457A (zh) * 2021-04-06 2021-07-13 支付宝(杭州)信息技术有限公司 数据处理方法及装置
CN115374448A (zh) * 2021-05-17 2022-11-22 京东科技控股股份有限公司 信息处理方法、处理装置、第一终端、系统和存储介质
CN114399007B (zh) * 2021-11-30 2024-04-30 中国建设银行股份有限公司 信息反馈的方法、装置、计算机设备和存储介质
CN114091088B (zh) * 2022-01-18 2022-09-06 云丁网络技术(北京)有限公司 用于提高通信安全的方法和装置
CN117892265B (zh) * 2024-03-15 2024-05-31 沈阳市蔚然科技有限公司 一种用于智能终端的数字媒体版权保护方法及系统

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1780413A (zh) * 2004-11-25 2006-05-31 华为技术有限公司 一种组播广播业务密钥控制方法
CN101335579A (zh) * 2008-08-01 2008-12-31 北京创毅视讯科技有限公司 一种实现条件接收的方法及条件接收装置
CN101977299A (zh) * 2010-09-19 2011-02-16 中兴通讯股份有限公司 一种手机电视内容保护的方法及系统
CN102170357A (zh) * 2011-05-31 2011-08-31 北京虎符科技有限公司 组合密钥动态安全管理系统

Family Cites Families (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3788056B2 (ja) * 1998-08-07 2006-06-21 カシオ計算機株式会社 電子スチルカメラ
JP2002016592A (ja) * 2000-04-25 2002-01-18 Open Loop:Kk 暗号鍵管理システム及び暗号鍵管理方法
JP2003085321A (ja) * 2001-09-11 2003-03-20 Sony Corp コンテンツ利用権限管理システム、コンテンツ利用権限管理方法、および情報処理装置、並びにコンピュータ・プログラム
US7373515B2 (en) * 2001-10-09 2008-05-13 Wireless Key Identification Systems, Inc. Multi-factor authentication system
JP4060271B2 (ja) * 2001-10-12 2008-03-12 松下電器産業株式会社 コンテンツ処理装置およびコンテンツ保護プログラム
US20030217037A1 (en) * 2002-01-22 2003-11-20 Uwe Bicker Method and system for anonymous test administration and user-enabled personal health risk assessment
US20040209651A1 (en) * 2003-04-16 2004-10-21 Nec Corporation Mobile terminal, management method of information in the same, and a computer program for the information management
JP3800198B2 (ja) * 2003-05-16 2006-07-26 ソニー株式会社 情報処理装置、およびアクセス制御処理方法、並びにコンピュータ・プログラム
CN1607511B (zh) * 2003-10-14 2010-09-08 联想(北京)有限公司 数据保护方法及保护系统
JP2006301887A (ja) * 2005-04-19 2006-11-02 Toshiba Corp 情報記憶再生システムとその情報端末及び情報バックアップ装置
US8719954B2 (en) * 2006-10-11 2014-05-06 Bassilic Technologies Llc Method and system for secure distribution of selected content to be protected on an appliance-specific basis with definable permitted associated usage rights for the selected content
JP5053032B2 (ja) * 2007-10-16 2012-10-17 株式会社バッファロー データ管理装置、データ管理方法およびデータ管理プログラム
KR100958108B1 (ko) * 2007-11-12 2010-05-17 한국전자통신연구원 이동통신 단말기의 프로그램 불법복제 방지 방법 및 장치
US8824684B2 (en) * 2007-12-08 2014-09-02 International Business Machines Corporation Dynamic, selective obfuscation of information for multi-party transmission
US8307410B2 (en) * 2008-08-12 2012-11-06 Mastercard International Incorporated Systems, methods, and computer readable media for providing for secure offline data transfer between wireless smart devices
CN101478595A (zh) * 2008-09-08 2009-07-08 广东南方信息安全产业基地有限公司 移动通信终端数据保护方法
CN101711028B (zh) * 2009-11-26 2011-12-14 南京烽火星空通信发展有限公司 一种移动终端设备上用户数据的自动保护方法
CN101778381B (zh) * 2009-12-31 2012-07-04 卓望数码技术(深圳)有限公司 数字证书生成方法、用户密钥获取方法、移动终端及设备
US8589680B2 (en) 2010-04-07 2013-11-19 Apple Inc. System and method for synchronizing encrypted data on a device having file-level content protection
US8433901B2 (en) * 2010-04-07 2013-04-30 Apple Inc. System and method for wiping encrypted data on a device having file-level content protection
CN103067401B (zh) * 2013-01-10 2015-07-01 天地融科技股份有限公司 密钥保护方法和系统
US9143492B2 (en) * 2013-03-15 2015-09-22 Fortinet, Inc. Soft token system
KR102124413B1 (ko) * 2013-12-30 2020-06-19 삼성에스디에스 주식회사 아이디 기반 키 관리 시스템 및 방법
US9641344B1 (en) * 2013-09-20 2017-05-02 Mobile Iron, Inc. Multiple factor authentication in an identity certificate service
JP2015065495A (ja) * 2013-09-24 2015-04-09 ルネサスエレクトロニクス株式会社 暗号鍵供給方法、半導体集積回路および暗号鍵管理装置
US10445233B2 (en) * 2014-06-23 2019-10-15 Canon Kabushiki Kaisha Information processing apparatus, information processing method, and storage medium

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1780413A (zh) * 2004-11-25 2006-05-31 华为技术有限公司 一种组播广播业务密钥控制方法
CN101335579A (zh) * 2008-08-01 2008-12-31 北京创毅视讯科技有限公司 一种实现条件接收的方法及条件接收装置
CN101977299A (zh) * 2010-09-19 2011-02-16 中兴通讯股份有限公司 一种手机电视内容保护的方法及系统
CN102170357A (zh) * 2011-05-31 2011-08-31 北京虎符科技有限公司 组合密钥动态安全管理系统

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP3229510A4 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111901099A (zh) * 2020-06-16 2020-11-06 上海眼控科技股份有限公司 一种用于加密车辆信息的方法、系统及设备
CN114143026A (zh) * 2021-10-26 2022-03-04 福建福诺移动通信技术有限公司 基于非对称与对称加密的数据安全接口及其工作方法
CN114143026B (zh) * 2021-10-26 2024-01-23 福建福诺移动通信技术有限公司 基于非对称与对称加密的数据安全接口及其工作方法

Also Published As

Publication number Publication date
EP3229510B1 (en) 2021-07-21
JP6533291B2 (ja) 2019-06-19
KR102051720B1 (ko) 2019-12-03
CN105722067A (zh) 2016-06-29
US11134377B2 (en) 2021-09-28
KR20170091609A (ko) 2017-08-09
EP3229510A1 (en) 2017-10-11
EP3229510A4 (en) 2018-06-20
JP2017538353A (ja) 2017-12-21
US20170264435A1 (en) 2017-09-14
CN105722067B (zh) 2019-08-13
SG11201703941RA (en) 2017-06-29

Similar Documents

Publication Publication Date Title
EP3229510B1 (en) Method and apparatus for encrypting/decrypting data on mobile terminal
US8462955B2 (en) Key protectors based on online keys
US9413754B2 (en) Authenticator device facilitating file security
CN105760764B (zh) 一种嵌入式存储设备文件的加解密方法、装置及终端
WO2021114891A1 (zh) 密钥加密方法、解密方法及数据加密方法、解密方法
CN106452770B (zh) 一种数据加密方法、解密方法、装置和系统
CN105915332A (zh) 一种云存储加密及去重复方法及其系统
CN105577379A (zh) 一种信息处理方法及装置
WO2017202025A1 (zh) 终端文件加密方法、终端文件解密方法和终端
CN107078904A (zh) 混合密码密钥导出
WO2019127265A1 (zh) 基于区块链智能合约的数据写入方法、装置及存储介质
CN110771190A (zh) 对数据的控制访问
CN118400098B (zh) 一种基于随机数加密密钥的私钥安全管理方法及系统
CN111295654A (zh) 安全地传递数据的方法和系统
WO2022022009A1 (zh) 消息处理方法、装置、设备及存储介质
CN107453880A (zh) 一种云数据安全存储方法和系统
CN115982761A (zh) 敏感信息处理方法、装置、电子设备和存储介质
KR101358375B1 (ko) 스미싱 방지를 위한 문자메시지 보안 시스템 및 방법
CN109891823B (zh) 用于凭证加密的方法、系统以及非暂态计算机可读介质
CN113475038A (zh) 使用半信任中介的安全消息传递
EP3556046A1 (en) Method for secure management of secrets in a hierarchical multi-tenant environment
JP6349712B2 (ja) 携帯端末設定方法
CN111949996A (zh) 安全私钥的生成方法、加密方法、系统、设备及介质
CN105357665A (zh) 手机的敏感数据的加密方法和基于其的离线解密方法
US10050943B2 (en) Widely distributed parameterization

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15866319

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 11201703941R

Country of ref document: SG

ENP Entry into the national phase

Ref document number: 20177014346

Country of ref document: KR

Kind code of ref document: A

REEP Request for entry into the european phase

Ref document number: 2015866319

Country of ref document: EP

ENP Entry into the national phase

Ref document number: 2017529311

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE