CN105025032A - Customer management server with encrypted authentication function - Google Patents
Customer management server with encrypted authentication function Download PDFInfo
- Publication number
- CN105025032A CN105025032A CN201510460306.XA CN201510460306A CN105025032A CN 105025032 A CN105025032 A CN 105025032A CN 201510460306 A CN201510460306 A CN 201510460306A CN 105025032 A CN105025032 A CN 105025032A
- Authority
- CN
- China
- Prior art keywords
- saes
- encryption
- aes
- key
- encrypted
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0478—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying multiple layers of encryption, e.g. nested tunnels or encrypting the content with a first key and then with at least a second key
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a customer management server with an encrypted authentication function. The customer management server with the encrypted authentication function comprises a storage device for storing customer information, and an encryption device for encrypting the customer information. The encryption device comprises a SAES encryption module and an AES encryption module, wherein the SAES encryption module is used for cryptographically generating an AES initial key through a SAES encryption algorithm; and the AES encryption module is used for performing key expansion for the AES initial key and then obtaining an AES encryption key, encrypting the customer information with the AES encryption key through an AES encryption algorithm, and generating encrypted data. According to the invention, the customer information in the storage device is encrypted by the encryption device, by introducing the SAES algorithm to encrypt the AES encryption key, cracking difficulty of the AES encryption key is increased, only by cracking the AES encryption key firstly can attackers further crack AES, thus, cracking difficulty of the AES encrypted data is increased wholly, and security of customer information is improved.
Description
Technical field
The present invention relates to computer management system field, particularly, relate to a kind of client management server with encrypted authentication function.
Background technology
In recent years the develop rapidly of computer science and technology, people all the more notice that in office, transactional business operation and development of computer are separated, the maturation along with network communications technology, computer technology and database technology there has been proposed office automation new ideas.The business of usual office, mainly carry out the process of heap file, draft the file, notify, miscellaneous service text, accept external documents file, inquiry file, the basic services such as hard-copy file also comprise leading body and make a policy, and issue instruction, except the contact on document, the more work of deep layer, be actually the collection of information, storage, retrieval, process, analysis, thus make a policy, and give feedback using decision-making as information.
Along with the development of office automation, the more customer account management of current enterprise is also adopted and is electronically managed, for the server of customer account management once go wrong, light then cause use inconvenience, heavy then customer information is revealed, in addition this electronics mode managing customer data are easily by unlawful means altered data and steal fund etc., therefore also should consider the fail safe of system.
Summary of the invention
Object of the present invention is just the shortcoming and defect overcoming above-mentioned prior art, a kind of client management server with encrypted authentication function is provided, this client management server adopts encrypting module to be encrypted customer information, prevents unlawful means from shooting and steals customer information.
The present invention's adopted technical scheme that solves the problem is:
There is the client management server of encrypted authentication function, comprise the storage device storing customer information, the encryption device that the customer information in storage device is encrypted, described encryption device comprises SAES encrypting module and AES encryption module, wherein: SAES encrypting module, for generating AES initial key by the encryption of SAES cryptographic algorithm; AES encryption module, obtains AES encryption key after carrying out cipher key spreading to described AES initial key, utilizes described AES encryption key to be encrypted customer information by AES encryption algorithm, generates enciphered data.
As a further improvement on the present invention, described SAES encrypting module comprises processing unit and ciphering unit, wherein: processing unit, for configuring SAES initial key and SAES plaintext, SAES key handling is carried out to described SAES initial key, and cipher key spreading is carried out to result, obtain SAES encryption key; Ciphering unit, for utilizing described SAES encryption key to be expressly encrypted described SAES by SAES cryptographic algorithm, generates AES initial key.
Further, described SAES encrypting module is the ASIC being integrated in encryption chip.
Further, described AES encryption module is the ASIC being integrated in encryption chip.
To sum up, the invention has the beneficial effects as follows: the present invention is encrypted the customer information in storage device by encryption device, AES initial key is generated by the encryption of SAES encrypting module, AES initial key is expanded to AES encryption key by AES encryption module, utilizes the AES encryption double secret key of encryption information to be encrypted to be encrypted generation enciphered data.Thus, by introducing SAES algorithm, AES encryption key is encrypted, what improve AES encryption key cracks difficulty, assailant needs first to crack AES encryption key, could go again to crack AES, what improve AES encryption data on the whole cracks difficulty, prevents unlawful means from shooting and steals customer information, thus improves the fail safe of customer information.
Accompanying drawing explanation
Fig. 1 is the structured flowchart of a specific embodiment of the present invention.
Embodiment
Below in conjunction with embodiment and accompanying drawing, to the detailed description further of the present invention's do, but embodiments of the present invention are not limited thereto.
As shown in Figure 1, there is the client management server of encrypted authentication function, comprise the storage device storing customer information, the encryption device be encrypted the customer information in storage device, described encryption device comprises SAES encrypting module and AES encryption module, wherein:
SAES encrypting module, for generating AES initial key by the encryption of SAES cryptographic algorithm;
AES encryption module, obtains AES encryption key after carrying out cipher key spreading to described AES initial key, utilizes described AES encryption key to be encrypted customer information by AES encryption algorithm, generates enciphered data.
Described SAES encrypting module comprises processing unit and ciphering unit, wherein:
Processing unit, for configuring SAES initial key and SAES plaintext, carrying out SAES key handling to described SAES initial key, and carrying out cipher key spreading to result, obtaining SAES encryption key; Processing unit configures a random number usually as SAES initial key and SAES plaintext, and wherein SAES initial key is the data of many group N bits, and N is less than or equal to 256 bits usually.
Ciphering unit, for utilizing described SAES encryption key to be expressly encrypted described SAES by SAES cryptographic algorithm, generates AES initial key.Here, SAES can be expressly 128 bits, 192 bits or 256 bit random i lumber, after being encrypted, exports the ciphertext of 128 bits, 192 bits or 256 bits, i.e. AES initial key by SAES.
Described SAES encrypting module is the ASIC being integrated in encryption chip.
Described AES encryption module is the ASIC being integrated in encryption chip.
Wherein, SAES cryptographic algorithm, can be realized by software mode, also can be realized by the hardware mode of encryption chip.As can be realized by FPGA or ASIC being integrated in encryption chip, namely SAES encrypting module is FPGA or ASIC being integrated in an encryption chip, be preferably ASIC, because ASIC is the circuit customized, do not exist any can by the code intercepted and captured or program, thus risk journey logic bomb can being avoided by intercepting and capturing to be caused SAES be cracked.
The present invention is encrypted the customer information in storage device by encryption device, AES initial key is generated by the encryption of SAES encrypting module, AES initial key is expanded to AES encryption key by AES encryption module, utilizes the AES encryption double secret key of encryption information to be encrypted to be encrypted generation enciphered data.Thus be encrypted AES encryption key by introducing SAES algorithm, what improve AES encryption key cracks difficulty, assailant needs first to crack AES encryption key, could go to crack AES, what improve AES encryption data on the whole cracks difficulty again, thus improves the fail safe of customer information.
SAES cryptographic algorithm, AES encryption algorithm are cryptographic algorithm conventional in prior art, repeat no more its concrete methods of realizing in the present embodiment.
Below be only the preferred embodiment of the present invention, protection scope of the present invention be not only confined to above-described embodiment, all technical schemes belonged under thinking of the present invention all belong to protection scope of the present invention.It should be pointed out that for those skilled in the art, some improvements and modifications without departing from the principles of the present invention, should be considered as protection scope of the present invention.
Claims (4)
1. there is the client management server of encrypted authentication function, comprise the storage device storing customer information, it is characterized in that, also comprise the encryption device that the customer information in storage device is encrypted, described encryption device comprises SAES encrypting module and AES encryption module, wherein:
SAES encrypting module, for generating AES initial key by the encryption of SAES cryptographic algorithm;
AES encryption module, obtains AES encryption key after carrying out cipher key spreading to described AES initial key, utilizes described AES encryption key to be encrypted customer information by AES encryption algorithm, generates enciphered data.
2. the client management server with encrypted authentication function according to claim 1, is characterized in that, described SAES encrypting module comprises processing unit and ciphering unit, wherein:
Processing unit, for configuring SAES initial key and SAES plaintext, carrying out SAES key handling to described SAES initial key, and carrying out cipher key spreading to result, obtaining SAES encryption key;
Ciphering unit, for utilizing described SAES encryption key to be expressly encrypted described SAES by SAES cryptographic algorithm, generates AES initial key.
3. the client management server with encrypted authentication function according to claim 1 and 2, is characterized in that, described SAES encrypting module is the ASIC being integrated in encryption chip.
4. the client management server with encrypted authentication function according to claim 1 and 2, is characterized in that, described AES encryption module is the ASIC being integrated in encryption chip.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510460306.XA CN105025032A (en) | 2015-07-31 | 2015-07-31 | Customer management server with encrypted authentication function |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510460306.XA CN105025032A (en) | 2015-07-31 | 2015-07-31 | Customer management server with encrypted authentication function |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105025032A true CN105025032A (en) | 2015-11-04 |
Family
ID=54414736
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510460306.XA Pending CN105025032A (en) | 2015-07-31 | 2015-07-31 | Customer management server with encrypted authentication function |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105025032A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107332655A (en) * | 2017-06-29 | 2017-11-07 | 商丘医学高等专科学校 | Computer control system and computer |
| US11949777B1 (en) * | 2023-07-31 | 2024-04-02 | Simur, Inc. | Systems and methods to encrypt centralized information associated with users of a customer due diligence platform based on a modified key expansion schedule |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104135526A (en) * | 2014-08-04 | 2014-11-05 | 江苏中宏信息技术有限公司 | Exclusive cloud platform client with ultra-large-scale storage capacity |
| CN104253684A (en) * | 2014-09-23 | 2014-12-31 | 深圳市汇顶科技股份有限公司 | Encryption method and encryption device |
| CN104796261A (en) * | 2015-04-16 | 2015-07-22 | 长安大学 | Secure access control system and method for network terminal nodes |
-
2015
- 2015-07-31 CN CN201510460306.XA patent/CN105025032A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104135526A (en) * | 2014-08-04 | 2014-11-05 | 江苏中宏信息技术有限公司 | Exclusive cloud platform client with ultra-large-scale storage capacity |
| CN104253684A (en) * | 2014-09-23 | 2014-12-31 | 深圳市汇顶科技股份有限公司 | Encryption method and encryption device |
| CN104796261A (en) * | 2015-04-16 | 2015-07-22 | 长安大学 | Secure access control system and method for network terminal nodes |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107332655A (en) * | 2017-06-29 | 2017-11-07 | 商丘医学高等专科学校 | Computer control system and computer |
| US11949777B1 (en) * | 2023-07-31 | 2024-04-02 | Simur, Inc. | Systems and methods to encrypt centralized information associated with users of a customer due diligence platform based on a modified key expansion schedule |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9704159B2 (en) | Purchase transaction system with encrypted transaction information | |
| CN104158827B (en) | Ciphertext data sharing method, device, inquiry server and upload data client | |
| CN107086915B (en) | Data transmission method, data sending end and data receiving end | |
| CN113067699B (en) | Data sharing method and device based on quantum key and computer equipment | |
| CN101043326B (en) | Dynamic information encrypting system and method | |
| CN104063334A (en) | Encryption method and system based on data attributions | |
| CN103067160A (en) | Method and system of generation of dynamic encrypt key of encryption secure digital memory card (SD) | |
| CN102664898A (en) | Fingerprint identification-based encrypted transmission method, fingerprint identification-based encrypted transmission device and fingerprint identification-based encrypted transmission system | |
| CN105100115A (en) | Data storage method for privacy protection based on encryption password and data fractionation | |
| CN101924739A (en) | Method for encrypting, storing and retrieving software certificate and private key | |
| CN107465665A (en) | A kind of file encryption-decryption method based on fingerprint identification technology | |
| Devi et al. | A review on DES, AES and blowfish for image encryption & decryption | |
| CN106506479B (en) | Method, system and the client of cipher authentication, server and smart machine | |
| CN104967693A (en) | Document similarity calculation method facing cloud storage based on fully homomorphic password technology | |
| CN104243149A (en) | Encrypting and decrypting method, device and server | |
| US11997075B1 (en) | Signcrypted envelope message | |
| CN107070896B (en) | Safe and efficient block chain network customized login method and safe reinforcement system | |
| CN103607278A (en) | Safe data cloud storage method | |
| CN104200154A (en) | Identity based installation package signing method and identity based installation package signing device | |
| CN104038336A (en) | Data encryption method based on 3DES | |
| CN107864040A (en) | A kind of intelligent grid big data information management system based on safe cloud computing | |
| CN103236934A (en) | Method for cloud storage security control | |
| CN101145230B (en) | Enciphered sign board and composite encryption signing method | |
| CN102694650A (en) | Secret key generating method based on identity encryption | |
| CN103051459A (en) | Management method and device of traction secrete key of safety card |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20151104 |