WO2019227557A1 - Procédé de gestion de clé, dispositif, support de stockage et appareil - Google Patents

Procédé de gestion de clé, dispositif, support de stockage et appareil Download PDF

Info

Publication number
WO2019227557A1
WO2019227557A1 PCT/CN2018/092987 CN2018092987W WO2019227557A1 WO 2019227557 A1 WO2019227557 A1 WO 2019227557A1 CN 2018092987 W CN2018092987 W CN 2018092987W WO 2019227557 A1 WO2019227557 A1 WO 2019227557A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
target
server
identifier
encryption
Prior art date
Application number
PCT/CN2018/092987
Other languages
English (en)
Chinese (zh)
Inventor
易周成
Original Assignee
平安科技(深圳)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 平安科技(深圳)有限公司 filed Critical 平安科技(深圳)有限公司
Publication of WO2019227557A1 publication Critical patent/WO2019227557A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords

Definitions

  • the present application relates to the technical field of key management, and in particular, to a key management method, device, storage medium, and device.
  • the encryption machine purchases hardware and software separately, which is troublesome to upgrade and troublesome to update the algorithm.
  • Key management is bloated and inconvenient to use. It is controlled by external vendors and has no security verification means.
  • the first server and the second server need to perform data interaction.
  • the identity certification agency needs to verify the identities of the first server and the second server, pass the audit, and issue certificates.
  • Communication, issuance and management of documents need to involve a large amount of data management, which is inefficient, and the keys are easily lost or stolen.
  • Key management is a very large system, including key distribution, key storage, key expiration, and key expiration period. There are situations where the key is invalid and the key expiration period expires, such as when updating the algorithm or key expiration period.
  • the first server When the time limit expires, the first server is notified, and the second server is not notified.
  • the second server receives the ciphertext sent by the first server, it cannot be decrypted using the original key because the original key has expired.
  • the first server and the second server must be notified to update the encryption algorithm.
  • the process of updating the algorithm is exposed to a non-secure environment. There is a risk of exposing the algorithm during the update process. Therefore, the cost of the update algorithm is high and the risk is high.
  • the main purpose of this application is to provide a key management method, device, storage medium, and device, which are aimed at solving the technical problems of bloated key management and low security in the prior art.
  • the present application provides a key management method, which includes the following steps:
  • the key management device receives the plain text and the target key identifier sent by the first server;
  • Decrypt the ciphertext according to the target decryption key obtain a plaintext, and send the plaintext to the second server.
  • the present application also proposes a key management device.
  • the key management device includes a memory, a processor, and a key management program stored on the memory and operable on the processor.
  • the key management program is configured to implement the steps of the key management method as described above.
  • the present application also proposes a storage medium on which a key management program is stored.
  • the key management program is executed by a processor, the key management method described above is implemented. step.
  • the present application also proposes a key management device, which includes a receiving module, a searching module, an encryption module, and a decryption module;
  • the receiving module is configured to receive a plain text and a target key identifier sent by the first server;
  • the search module is configured to search for a target encryption key corresponding to the target key identifier
  • the encryption module is configured to encrypt the plaintext according to the target encryption key, obtain a ciphertext, and feed back the ciphertext to the first server, so that the first server will encrypt the plaintext Sending the text and the target key identifier to a second server;
  • the receiving module is further configured to receive the ciphertext and the target key identifier sent by a second server;
  • the search module is further configured to search for a target decryption key corresponding to the target key identifier
  • the decryption module is configured to decrypt the ciphertext according to the target decryption key, obtain a plaintext, and send the plaintext to the second server.
  • FIG. 1 is a schematic structural diagram of a key management device for a hardware operating environment according to a solution of an embodiment of the present application
  • FIG. 2 is a schematic flowchart of a first embodiment of a key management method of this application
  • FIG. 3 is a schematic flowchart of a second embodiment of a key management method of this application.
  • FIG. 4 is a schematic flowchart of a third embodiment of a key management method of this application.
  • FIG. 5 is a schematic flowchart of a fourth embodiment of a key management method of this application.
  • FIG. 6 is a structural block diagram of a first embodiment of a key management apparatus of the present application.
  • FIG. 1 is a schematic structural diagram of a key management device in a hardware operating environment according to a solution of an embodiment of the present application.
  • the key management device may include: a processor 1001, such as a central processing unit (Central Processing Unit (CPU), communication bus 1002, user interface 1003, network interface 1004, and memory 1005.
  • the communication bus 1002 is configured to implement connection and communication between these components.
  • the user interface 1003 may include a display screen.
  • the optional user interface 1003 may further include a standard wired interface and a wireless interface.
  • the wired interface of the user interface 1003 may be a USB interface in this application.
  • the network interface 1004 may optionally include a standard wired interface and a wireless interface (such as a WIreless-FIdelity (WI-FI) interface).
  • the memory 1005 may be a high-speed random access memory (Random Access Memory (RAM) memory or non-volatile memory Memory (NVM), such as disk storage.
  • the memory 1005 may optionally be a storage device independent of the foregoing processor 1001.
  • RAM Random Access Memory
  • NVM non-volatile memory Memory
  • FIG. 1 does not constitute a limitation on the key management device, and may include more or fewer components than shown in the figure, or combine certain components, or arrange different components.
  • the memory 1005 as a computer storage medium may include an operating system, a network communication module, a user interface module, and a key management program.
  • the network interface 1004 is mainly configured to connect to a background server and perform data communication with the background server;
  • the user interface 1003 is mainly configured to connect to a user device;
  • 1001 calls a key management program stored in the memory 1005, and executes the key management method provided in the embodiment of the present application.
  • FIG. 2 is a schematic flowchart of a first embodiment of a key management method of the present application, and a first embodiment of a key management method of the present application is proposed.
  • the key management method includes the following steps:
  • Step S10 The key management device receives the plain text and the target key identifier sent by the first server.
  • the execution subject of this embodiment is a key management device, where the key management device may be an electronic device such as a personal computer or a server.
  • the key management device is in a secure environment, and there are security measures such as a firewall to prevent key leakage and improve the security of key management.
  • the key management device stores a key identifier, an encryption key, and The corresponding relationship between the decryption keys can be obtained by using the target key identifier to find the corresponding target encryption key to encrypt the plaintext.
  • the target encryption key corresponds to a unique target key identifier, and the key identifier sent by the first server may be randomly selected from a key identifier table.
  • the key management device stores a plurality of encryption keys, and sets a corresponding key identifier for each encryption key.
  • the key identifier may be a number or a letter, and is set to the The encryption keys are numbered to facilitate the management and differentiation of each encryption key.
  • the key management device may store key identifiers corresponding to all encryption keys stored in the key management device as a key identifier table, and when the first server needs to encrypt the plain text, send the first server to the first server. Sending the key identification table, so that the first server randomly selects a key identification from the key identification table as the target key identification.
  • Step S20 Find a target encryption key corresponding to the target key identifier.
  • the encryption key is stored in the key management device, and each encryption key corresponds to a key identifier, and the corresponding encryption key can be found in the key management device according to the key identifier.
  • Each encryption key in the key management device is randomly generated.
  • the encryption key may be an encryption key generated by a combination of one or more encryption algorithms.
  • the target encryption key may be a combination of one or more encryption algorithms
  • the encryption algorithm includes a data encryption algorithm (Data Encryption Algorithm (DEA) encryption algorithm, Advanced Encryption Standard Standard (AES) encryption algorithm, RSA encryption algorithm, base64 encryption algorithm, Message Digest Algorithm fifth edition MD5), Secure Hash Algorithm Algorithm, SHA1), combinations of mathematical operations, combinations of alphabetical operations, etc.
  • the key management device may obtain multiple encryption keys by randomly combining one or any of the encryption algorithms.
  • Step S30 encrypt the plaintext according to the target encryption key to obtain a ciphertext, and feed the ciphertext back to the first server, so that the first server sends the ciphertext and the ciphertext
  • the target key identifier is sent to the second server.
  • the key management device stores a correspondence between a key identifier, an encryption key, and a decryption key
  • the target encryption key is any combination of one or more algorithms.
  • the target encryption key encrypts the plain text, and the key management device is in a secure environment, making the encryption process more secure. For example, if the plaintext is 5678, the target key identifier is 001, and the corresponding target encryption key is: (plaintext + 1234) * 2, and the target decryption key is: ciphertext / 2-1234, then the ciphertext is obtained.
  • Is 13824, the ciphertext 13824 and the target key identifier 001 are sent to the first server, and the first server sends the ciphertext 13824 and the target key identifier 001 to the second server .
  • the amount of data sent by the first server to the second server is large, but only part of the data is plain text that needs to be encrypted.
  • Step S40 Receive the ciphertext and the target key identifier sent by the second server.
  • the second server when the second server receives the ciphertext and the target key identifier sent by the first server, the ciphertext and the target key identifier are sent to the ciphertext.
  • a key management device so that the key management device searches for a target decryption key corresponding to the target key identifier to decrypt the ciphertext.
  • Step S50 Find a target decryption key corresponding to the target key identifier.
  • the key management device stores a correspondence between an encryption key corresponding to a key identifier and a decryption key, and extracts a target corresponding to the target key identifier from the correspondence. Decryption key.
  • Step S60 Decrypt the ciphertext according to the target decryption key, obtain a plaintext, and send the plaintext to the second server.
  • the ciphertext is decrypted by using the found target decryption key, and the key management device is in a secure environment, making the decryption process more secure.
  • the second server sends the ciphertext 13824 and the target key identifier 001 to the key management device, and the key management device searches for and associates the key identifier with the stored correspondence.
  • the target decryption key: ciphertext / 2-1234 is used to decrypt the ciphertext 13824, so that the plaintext is 5678, and the decrypted
  • the plain text 5678 is sent to the second server, thereby implementing communication between the first server and the second server, and improving the security of data encryption and decryption.
  • the key management device receives the plaintext and the target key identifier sent by the first server, finds a target encryption key corresponding to the target key identifier, and pairs the plaintext according to the target encryption key.
  • the key management device which is usually in a secure environment, which improves the security of encryption; and feeds back the ciphertext to the A first server, so that the first server sends the ciphertext and the target key identifier to a second server without transmitting a key, reducing the risk of key leakage; receiving the secret sent by the second server Text and the target key identifier, find a target decryption key corresponding to the target key identifier, decrypt the ciphertext according to the target decryption key, obtain a plaintext, and send the plaintext to all Mentioned second server.
  • the key management device decrypts the ciphertext to improve the security of decryption.
  • FIG. 3 is a schematic flowchart of a second embodiment of the key management method of the present application. Based on the first embodiment shown in FIG. 2 above, a second embodiment of the key management method of the present application is proposed.
  • the method before step S10, the method includes:
  • Step S01 Receive the encryption request sent by the second server.
  • the encryption requirement may be that the second server requires that the ciphertext must be in a certain format (such as visible characters or numbers), or in order to confuse audiovisual, make the ciphertext appear
  • the plaintext is similar.
  • the plaintext is a string of numbers.
  • Step S02 Find a target encryption key and a corresponding target key identifier according to the encryption requirement.
  • the encryption requirements of each server may be collected in advance, and a corresponding encryption key is set according to the collected encryption requirements of each server, so that the plaintext encryption obtained through the encryption key is used for encryption. Text can meet the encryption requirements.
  • Step S03 Send the target key identifier to the first server.
  • the first server may encrypt the plain text by sending the plain text to be encrypted and the target key identifier to the key management device.
  • the key management device receives an encryption request sent by a second server, finds a target encryption key and a corresponding target key identifier according to the encryption request, and sends the target key identifier to all
  • the first server is described, so that the first server can encrypt the plain text by sending the plain text that needs to be encrypted and the target key identifier to the key management device to obtain encryption requirements that meet the requirements of the second server. Cipher text.
  • FIG. 4 is a schematic flowchart of a third embodiment of the key management method of the present application. Based on the second embodiment shown in FIG. 3 described above, a third embodiment of the key management method of the present application is proposed.
  • the step S02 includes:
  • Step S021 Extract the target ciphertext type from the encryption requirement.
  • the encryption requirement may be to encrypt plain text into a series of numbers, characters, or a combination of numbers and characters, that is, the target cipher text type includes a series of numbers, characters, or a combination of numbers and characters.
  • Step S022 Finding a target encryption key set corresponding to the target ciphertext type from a first preset mapping relationship table, where the first preset mapping relationship table includes information between the ciphertext type and the encryption key set. Correspondence.
  • the encryption requirements of the second server may be collected in advance, and corresponding encryption keys are set according to the collected encryption requirements of the second server, so that all The ciphertext obtained by encrypting the plaintext by using the encryption key can meet the encryption requirements.
  • different encryption keys are set for different cipher text types.
  • the keys are respectively set with corresponding key identifiers, and multiple encryption keys that meet the requirements can be stored as an encryption key set, and a first preset relationship is established between the encryption key set and the corresponding cipher text type. Mapping relationship table. Therefore, a target encryption key set that meets the encryption requirements can be found from the first preset mapping relationship table.
  • Step S023 randomly select an encryption key from the target encryption key set as the target encryption key.
  • Step S024 Find a target key identifier corresponding to the target encryption key.
  • each encryption key is provided with a corresponding key identifier, and then a target key identifier corresponding to the target encryption key can be found, and the target key identifier is sent to the first server. So that the first server can encrypt the plaintext by sending the plaintext that needs to be encrypted and the target key identifier to the key management device to obtain a ciphertext that meets the encryption requirements.
  • the ciphertext needs to be decrypted by the corresponding target decryption key.
  • the target encryption key is a
  • the target decryption key is a series of reverse mathematical operations corresponding to the target encryption key.
  • the key management device stores multiple encryption keys, and generally generates corresponding decryption keys based on the encryption keys. In order to quickly find the corresponding encryption key and decryption key through the key identifier, the encryption key and the decryption key are decrypted.
  • the correspondence between the key and the key identifier is established as a second preset mapping relationship table, and then the target decryption key corresponding to the target key identifier can be quickly found through the second preset mapping relationship table.
  • the step S50 includes: finding a target decryption key corresponding to the target key identifier from the second preset mapping relationship table, and the second preset mapping relationship table includes Correspondence between key identification, encryption key, and decryption key.
  • step S60 the method further includes:
  • Step S70 Receive a key update instruction sent by the first server, and extract a target key identifier from the key update instruction.
  • the key management device does not need to perform key distribution at the time of use, and directly distributes and uses keys in a secure environment, and can even encrypt one key at a time, which is suitable for confidential transmission between most systems.
  • the first server may send a key update instruction to the key management device for key update.
  • the key update instruction usually includes a target key identifier, and the key management device may update the key according to the instruction from the key.
  • the original target encryption key can be found by extracting the target key identifier from it, so as to find an encryption key different from the original target encryption key as the new target encryption key.
  • Step S80 randomly select an encryption key from the encryption keys in the encryption key set other than the target encryption key corresponding to the target key identifier as a new target encryption key.
  • the encryption key set includes multiple encryption keys
  • the target encryption key corresponding to the target key identifier is an encryption key originally used by the first server and the second server. , Exclude it, and randomly obtain an encryption key from the remaining encryption keys as the new target encryption key, that is, update the encryption key.
  • Step S90 Find a new target key identifier corresponding to the new target encryption key, and send the new target key identifier to the first server, so that the first server sends the The plain text and the new target key are identified to the key management device to encrypt the plain text.
  • a new target key identifier corresponding to the new target encryption key can be found from the second preset mapping relationship, and the new target encryption key is Sending the target key identifier to the first server, so that the first server and the second server can be encrypted by using the new target encryption key corresponding to the new key identifier, and using the new The new target decryption key corresponding to the key ID is decrypted.
  • the key management device receives the plain text and the new target key identifier sent by the first server; finds a new target encryption key corresponding to the new target key identifier; and according to the new target encryption key pair Encrypt the plaintext to obtain a ciphertext, and feed the ciphertext to the first server, so that the first server sends the ciphertext and the new target key identifier to a second server Receiving the ciphertext and the new target key identifier sent by the second server; finding a new target decryption key corresponding to the new target key identifier; and according to the new target decryption key pair The ciphertext is decrypted to obtain a plaintext, and the plaintext is sent to the second server.
  • the key management device can update the stored encryption key at any time. Since the key management device is in a secure environment, there are security measures such as a firewall to prevent the leakage of encryption keys and decryption keys, and to improve the update of encryption keys. Key and decryption key security.
  • the security of encryption is improved.
  • the first server and the second server may perform encryption by using a new target encryption key corresponding to the new key identifier, and perform decryption by using a new target decryption key corresponding to the new key identifier, With the key update instruction sent by the first server, it is even possible to update the encryption key every time data is transmitted, thereby improving the security of updating the encryption key and the decryption key.
  • FIG. 5 is a schematic flowchart of a fourth embodiment of the key management method of the present application. Based on the first embodiment, the second embodiment, and the third embodiment, a fourth embodiment of the key management method of the present application is proposed. In this embodiment, the description will be based on the first embodiment.
  • the method before step S20, the method further includes:
  • Step S101 Obtain a first device identifier of the first server, and determine whether the first server belongs to a registered user of the key management device according to the first device identifier.
  • the first device identifier is an identifier set to identify the first server, and the first server corresponds to a unique first device identifier.
  • the key management device is in a secure environment. Before encrypting the plain text sent by the first server, the identity of the first server needs to be checked to determine whether the first server is the key management. A registered user of the device, if the first server is a registered user of the key management device, finds a target encryption key corresponding to the target key identifier.
  • step S20 is performed.
  • the first server if it belongs to a registered user of the key management device, it searches for a target encryption key corresponding to the target key identifier, and then according to the found target encryption key pair The plain text is encrypted; if the first server does not belong to a registered user of the key management device, the step of finding a target encryption key corresponding to the target key identifier is not performed.
  • the key management device is in a secure environment and only encrypts its registered users, which further improves the security of key management.
  • the method before step S50, the method further includes:
  • Step S401 Obtain a second device identifier of the second server, and determine whether the second server belongs to a registered user of the key management device according to the second device identifier.
  • the second device identifier is an identifier set to identify the second server, and the second server corresponds to a unique second device identifier.
  • the key management device is in a secure environment. Before decrypting the ciphertext sent by the second server, the identity of the second server needs to be checked to determine whether the second server is the key. A registered user of the management device, if the second server is a registered user of the key management device, finds a target decryption key corresponding to the target key identifier.
  • step S50 is performed.
  • the second server belongs to a registered user of the key management device, find a target decryption key corresponding to the target key identifier, and then according to the found target decryption key pair, The ciphertext is decrypted; if the second server does not belong to a registered user of the key management device, the step of finding a target decryption key corresponding to the target key identifier is not performed.
  • the key management device is in a secure environment and only decrypts its registered users, which further improves the security of key management.
  • whether the first server belongs to a registered user of the key management device is determined according to the first device identifier, and only the registered user is encrypted, which further improves the security of key management;
  • the second device identifier of the second server is used to determine whether the second server belongs to a registered user of the key management device according to the second device identifier, and only the registered user is decrypted, which further improves the key management. safety.
  • an embodiment of the present application further provides a storage medium, where a key management program is stored, and when the key management program is executed by a processor, implements the steps of the key management method described above.
  • the storage medium may be a non-volatile readable storage medium.
  • an embodiment of the present application further provides a key management apparatus.
  • the key management apparatus includes: a receiving module 10, a searching module 20, an encryption module 30, and a decryption module 40;
  • the receiving module 10 is configured to receive a plain text and a target key identifier sent by the first server;
  • the search module 20 is configured to search for a target encryption key corresponding to the target key identifier
  • the encryption module 30 is configured to encrypt the plaintext according to the target encryption key, obtain a ciphertext, and feed back the ciphertext to the first server, so that the first server sends the Sending the ciphertext and the target key identifier to a second server;
  • the receiving module 10 is further configured to receive the ciphertext and the target key identifier sent by a second server;
  • the search module 20 is further configured to search for a target decryption key corresponding to the target key identifier
  • the decryption module 40 is configured to decrypt the ciphertext according to the target decryption key, obtain a plaintext, and send the plaintext to the second server.
  • the method of the embodiment can be implemented by means of software plus a necessary universal hardware platform. Hardware, but in many cases the former is a better implementation.
  • the technical solution of the present application in essence or a part that contributes to the existing technology may be in the form of a software product.
  • the computer software product is stored in a storage medium (such as a Read Only Memory image (ROM) / Random Access Memory (Random Access Memory (RAM), magnetic disks, and optical disks) include a number of instructions for causing a terminal device (which may be a mobile phone, computer, server, air conditioner, or network device, etc.) to execute the methods described in the embodiments of this application.
  • ROM Read Only Memory image
  • RAM Random Access Memory
  • magnetic disks magnetic disks
  • optical disks include a number of instructions for causing a terminal device (which may be a mobile phone, computer, server, air conditioner, or network device, etc.) to execute the methods described in the embodiments of this application.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

La présente invention concerne un procédé de gestion de clé, un dispositif, un support de stockage et un appareil, le procédé comprenant les étapes suivantes : un dispositif de gestion de clé reçoit un texte en clair et un identifiant de clé cible qui sont envoyés par un premier serveur ; recherche une clé de chiffrement cible correspondant à l'identifiant de clé cible ; chiffre le texte en clair selon la clé de chiffrement cible afin d'obtenir un texte chiffré, et renvoie le texte chiffré au premier serveur de sorte que le premier serveur envoie le texte chiffré et l'identifiant de clé cible à un second serveur ; reçoit le texte chiffré et l'identifiant de clé cible qui sont envoyés par le second serveur ; recherche une clé de déchiffrement cible correspondant à l'identifiant de clé cible ; déchiffre le texte chiffré selon la clé de déchiffrement cible afin d'obtenir un texte en clair, et envoie le texte en clair au second serveur.
PCT/CN2018/092987 2018-06-01 2018-06-27 Procédé de gestion de clé, dispositif, support de stockage et appareil WO2019227557A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201810561050.5A CN109728902A (zh) 2018-06-01 2018-06-01 密钥管理方法、设备、存储介质及装置
CN201810561050.5 2018-06-01

Publications (1)

Publication Number Publication Date
WO2019227557A1 true WO2019227557A1 (fr) 2019-12-05

Family

ID=66293889

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2018/092987 WO2019227557A1 (fr) 2018-06-01 2018-06-27 Procédé de gestion de clé, dispositif, support de stockage et appareil

Country Status (2)

Country Link
CN (1) CN109728902A (fr)
WO (1) WO2019227557A1 (fr)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111680326A (zh) * 2020-06-09 2020-09-18 联想(北京)有限公司 一种数据处理方法及装置
CN112564901A (zh) * 2020-12-08 2021-03-26 浙江三维万易联科技有限公司 密钥的生成方法和系统、存储介质及电子装置
CN114417073A (zh) * 2022-03-28 2022-04-29 之江实验室 一种加密图的邻居节点查询方法及装置、电子设备
CN114424494A (zh) * 2019-12-24 2022-04-29 深圳市欢太科技有限公司 一种密钥管理方法及装置、终端、存储介质
CN114629644A (zh) * 2022-03-29 2022-06-14 贝壳找房网(北京)信息技术有限公司 数据加密方法、存储介质、计算机程序产品和电子设备
CN115348011A (zh) * 2022-07-21 2022-11-15 中国电信股份有限公司 一种密钥处理方法、装置、电子设备和可读存储介质

Families Citing this family (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111988260B (zh) * 2019-05-21 2023-01-31 科大国盾量子技术股份有限公司 一种对称密钥管理系统、传输方法及装置
CN110266582B (zh) * 2019-05-29 2022-08-26 深圳市梦网科技发展有限公司 一种消息推送方法、系统、服务器及通信终端
CN110443078B (zh) * 2019-07-19 2021-05-28 南京芯驰半导体科技有限公司 一种基于特权分级的安全存储系统
CN110830243B (zh) * 2019-10-18 2023-06-09 中国第一汽车股份有限公司 对称密钥分发方法、装置、车辆及存储介质
CN111177739B (zh) * 2019-10-28 2023-11-03 腾讯云计算(北京)有限责任公司 一种数据处理方法、信息交互系统及计算机存储介质
CN111104691A (zh) * 2019-11-28 2020-05-05 贝壳技术有限公司 敏感信息的处理方法、装置、存储介质及设备
CN111092872A (zh) * 2019-12-11 2020-05-01 支付宝(杭州)信息技术有限公司 一种隐私保护方法、装置及设备
CN111327637B (zh) * 2020-03-10 2022-12-02 时时同云科技(成都)有限责任公司 业务密钥的管理方法及系统
CN111698229A (zh) * 2020-05-29 2020-09-22 上海万位数字技术有限公司 一种gps数据传输加密方法
CN113300833B (zh) * 2020-06-09 2023-04-18 阿里巴巴集团控股有限公司 密钥管理方法及装置
CN112329026A (zh) * 2020-06-29 2021-02-05 北京京东尚科信息技术有限公司 数据处理方法、装置、系统、计算设备及介质
CN114095152A (zh) * 2020-08-03 2022-02-25 天翼电子商务有限公司 密钥更新及数据加解密方法、系统、介质及装置
CN113922976A (zh) * 2020-09-15 2022-01-11 京东科技控股股份有限公司 设备日志传输方法、装置、电子设备及存储介质
CN112398832B (zh) * 2020-11-04 2022-02-01 四川长虹电器股份有限公司 一种业务端用户数据加密方法和解密方法
CN112671705A (zh) * 2020-11-23 2021-04-16 中信银行股份有限公司 报文的处理方法、装置、电子设备及计算机可读存储介质
WO2022133945A1 (fr) * 2020-12-24 2022-06-30 华为技术有限公司 Procédé et appareil d'écriture de clé
CN112953889A (zh) * 2020-12-31 2021-06-11 上海移为通信技术股份有限公司 报文加解密方法、系统、服务器和可读存储介质
CN112887087B (zh) * 2021-01-20 2023-04-18 成都质数斯达克科技有限公司 数据管理方法、装置、电子设备及可读存储介质
CN112910891B (zh) * 2021-01-29 2021-12-14 南京十方网络科技有限公司 一种基于fpga高速加解密的网络安全互联系统
CN113225336A (zh) * 2021-05-06 2021-08-06 安谋科技(中国)有限公司 信息加密传输方法、加解密装置、可读介质以及电子设备
CN114679324B (zh) * 2021-12-15 2024-03-12 国机工业互联网研究院(河南)有限公司 一种数据交换方法、工具、系统、设备及介质

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101784045A (zh) * 2009-01-20 2010-07-21 英华达(上海)电子有限公司 密钥产生方法及装置和密钥加载方法及装置
US8495392B1 (en) * 2010-09-02 2013-07-23 Symantec Corporation Systems and methods for securely deduplicating data owned by multiple entities
CN104243149A (zh) * 2013-06-19 2014-12-24 北京搜狗科技发展有限公司 加、解密方法,装置和服务器
CN107483383A (zh) * 2016-06-07 2017-12-15 腾讯科技(深圳)有限公司 一种数据处理方法、终端及后台服务器

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106650482A (zh) * 2015-11-04 2017-05-10 阿里巴巴集团控股有限公司 电子文件加密解密方法、装置和系统
CN106888183A (zh) * 2015-12-15 2017-06-23 阿里巴巴集团控股有限公司 数据加密、解密、密钥请求处理的方法和装置及系统

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101784045A (zh) * 2009-01-20 2010-07-21 英华达(上海)电子有限公司 密钥产生方法及装置和密钥加载方法及装置
US8495392B1 (en) * 2010-09-02 2013-07-23 Symantec Corporation Systems and methods for securely deduplicating data owned by multiple entities
CN104243149A (zh) * 2013-06-19 2014-12-24 北京搜狗科技发展有限公司 加、解密方法,装置和服务器
CN107483383A (zh) * 2016-06-07 2017-12-15 腾讯科技(深圳)有限公司 一种数据处理方法、终端及后台服务器

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114424494A (zh) * 2019-12-24 2022-04-29 深圳市欢太科技有限公司 一种密钥管理方法及装置、终端、存储介质
CN111680326A (zh) * 2020-06-09 2020-09-18 联想(北京)有限公司 一种数据处理方法及装置
CN112564901A (zh) * 2020-12-08 2021-03-26 浙江三维万易联科技有限公司 密钥的生成方法和系统、存储介质及电子装置
CN112564901B (zh) * 2020-12-08 2023-08-25 三维通信股份有限公司 密钥的生成方法和系统、存储介质及电子装置
CN114417073A (zh) * 2022-03-28 2022-04-29 之江实验室 一种加密图的邻居节点查询方法及装置、电子设备
CN114417073B (zh) * 2022-03-28 2022-08-05 之江实验室 一种加密图的邻居节点查询方法及装置、电子设备
CN114629644A (zh) * 2022-03-29 2022-06-14 贝壳找房网(北京)信息技术有限公司 数据加密方法、存储介质、计算机程序产品和电子设备
CN115348011A (zh) * 2022-07-21 2022-11-15 中国电信股份有限公司 一种密钥处理方法、装置、电子设备和可读存储介质
CN115348011B (zh) * 2022-07-21 2024-04-30 中国电信股份有限公司 一种密钥处理方法、装置、电子设备和可读存储介质

Also Published As

Publication number Publication date
CN109728902A (zh) 2019-05-07

Similar Documents

Publication Publication Date Title
WO2019227557A1 (fr) Procédé de gestion de clé, dispositif, support de stockage et appareil
WO2014139344A1 (fr) Procédé de téléchargement de clé, procédé de gestion, procédé de gestion de téléchargement, dispositif et système
WO2014187168A1 (fr) Procédé et appareil de stockage et de gestion d'informations basés sur un navigateur webkit
WO2019128007A1 (fr) Procédé de connexion à un conteneur, serveur d'application, système et support de stockage
WO2016108468A1 (fr) Terminal utilisateur, appareil de fourniture de services, procédé de commande de terminal utilisateur, procédé de commande d'appareil de fourniture de services, et système de recherche à base d'indexation de chiffrement
WO2020147383A1 (fr) Procédé, dispositif et système d'examen et d'approbation de processus utilisant un système de chaîne de blocs, et support de stockage non volatil
WO2019192085A1 (fr) Procédé, appareil et dispositif pour une communication à connexion directe entre une banque et une entreprise, et support de stockage lisible par ordinateur
WO2014139408A1 (fr) Procédé et système pour télécharger en aval de manière sécurisée une clé maître de terminal (tmk)
WO2016101745A1 (fr) Procédé d'activation de jeton de terminal mobile
WO2015157942A1 (fr) Dispositif et procédé d'accès à un réseau sans fil
WO2020224247A1 (fr) Procédé, appareil et dispositif de provenance de données basés sur la chaine de blocs, et support d'informations lisible
CN107113171A (zh) 安全通信系统、方法及装置
WO2010087567A1 (fr) Procédé d'installation d'un objet de droits destiné à du contenu dans une carte de mémoire
WO2020189927A1 (fr) Procédé et serveur de gestion de l'identité d'un utilisateur à l'aide d'un réseau de chaîne de blocs, et procédé et terminal d'authentification d'utilisateur à l'aide d'une identité d'utilisateur sur la base d'un réseau de chaîne de blocs
WO2020050424A1 (fr) SYSTÈME ET PROCÉDÉ BASÉS SUR UNE CHAÎNE DE BLOCS POUR UNE AUTHENTIFICATION DE SÉCURITÉ MULTIPLE ENTRE UN TERMINAL MOBILE ET UN DISPOSITIF D'IdO
WO2011126280A2 (fr) Procédé permettant de mettre à jour un contenu publicitaire à l'aide d'une gestion de droits numériques (drm)
WO2013075613A1 (fr) Procédé et dispositif de fourniture d'un service de réseau
WO2019100604A1 (fr) Procédé et appareil d'interrogation de compte, dispositif, et support de stockage lisible par ordinateur
WO2018098881A1 (fr) Procédé et dispositif de traitement d'accès pour application
WO2022060149A1 (fr) Dispositif électronique de gestion de droit à l'aide d'un réseau décentralisé et son procédé de fonctionnement
WO2017071352A1 (fr) Procédé de poussée de mot de passe, système de poussée, et dispositif terminal
WO2020166879A1 (fr) Appareil permettant de réaliser une conception de seuil sur une clé secrète et son procédé
WO2021071116A1 (fr) Procédé et système d'authentification simple au moyen d'un stockage web d'un navigateur
WO2019218441A1 (fr) Procédé et appareil de traitement des requêtes, dispositif et support d'enregistrement
WO2019205272A1 (fr) Procédé, dispositif et équipement de fourniture de service de machine virtuelle, et support d'informations lisible par ordinateur

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18921155

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 11/03/2021)

122 Ep: pct application non-entry in european phase

Ref document number: 18921155

Country of ref document: EP

Kind code of ref document: A1