CN105207773A - Method, system and device for management, synchronization and backup of data encryption key - Google Patents
Method, system and device for management, synchronization and backup of data encryption key Download PDFInfo
- Publication number
- CN105207773A CN105207773A CN201510449972.3A CN201510449972A CN105207773A CN 105207773 A CN105207773 A CN 105207773A CN 201510449972 A CN201510449972 A CN 201510449972A CN 105207773 A CN105207773 A CN 105207773A
- Authority
- CN
- China
- Prior art keywords
- encryption
- key
- data
- encryption key
- management
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a method for management, synchronization and backup of a data encryption key. The method comprises the steps that an encryption key of data is generated through encryption equipment and presented in the mode of a two-dimensional code, the encryption equipment processes the data by using a stored key, acquired ciphertext data is uploaded to a cloud server so as to realize sharing of the ciphertext data, and reading equipment requiring to carry out decryption on the data acquires a decryption key of the encrypted data through scanning the two-dimensional code of the encryption key in the encryption equipment and carries out decryption on the data. The invention further relates to a system for management, synchronization and backup of the data encryption key. Simple key management is realized through scanning the two-dimensional code. The invention also relates to a device for management, synchronization and backup of the data encryption key, which comprises the encryption equipment, and reading equipment and the cloud server. The method, the system and the device disclosed by the invention have the beneficial effects of simple operation, high safety, and abilities of realizing shared key management among multiple devices and printing backup of key files, and preventing problems such that the files cannot be opened because of loss of the key and the like.
Description
Technical field
The present invention relates to field of information security technology, the data encryption key management represented based on Quick Response Code in particular to a kind of, synchronous and backup method, system and device.
Background technology
At present, the Internet has been dissolved in our daily life completely.People can touch the Internet every day, and the login password of various Internet service and software is concerning all extremely important us, and the stolen consequence of password can be very serious.In order to prevent, the account number cipher in multiple application is identical causes serious password leakage problem, and a lot of people for different web sites and the multiple different password of software design patterns, although solve certain safety problem like this, also can give in memory and bring very large burden.Therefore, more and more higher to the demand of Password Management instrument.
Password Management has a variety of mode, modally exactly password is write in certain notepad file, then can be synchronized on multiple computers and mobile device by the synchronization means that similar Dropbox is such, also can be put on the cloud notebooks such as Evernote, the method using it to carry is synchronous, this cipher management method is the simplest, also abnormally dangerous, because password expressly preserves, once hacker attacks obtains this part of cryptogam, or notebook computer is lost, and user will lose all account number ciphers, very risky.
An other class cipher management method is to provide browser plug-in, and the close and Auto-writing of the account recording each website logs in.But due in this kind of cipher management method, all code datas are all preserved on the server, and its fail safe cannot ensure.
In existing various cipher management method, the method usually by log-on message being encrypted, realizes the management to log-on message and protection.Although and data are encrypted to the fail safe that ensure that data, often cannot realize data between different devices synchronous.If wish to realize synchronously, then need the encrypt data after by encryption and decruption key to be synchronized to cloud server simultaneously, or another equipment, existing this mode of operation brings security risk.
Meanwhile, the application of all kinds of cloud computing technology, for the life of people is provided convenience.The audio, video data of the photo of mobile phone photographs, the document of editor, record, can be synchronized on computer or other electronic equipments by cloud easily, but the encryption of these data, key management and key synchronization problem, also have impact on the convenience of this type of technology.
As can be seen here, how to improve the fail safe of data encryption key management, distribution and the backup functionality of data encryption key can be provided simultaneously, become one of problem demanding prompt solution in prior art.
Summary of the invention
For solving the problem, the object of the present invention is to provide a kind of represent based on Quick Response Code data encryption key management, synchronous and backup method, system and device, in order to improve the fail safe of data encryption key management, key distribution and backup functionality are provided simultaneously, the management to many passwords can be realized easily.
The invention provides a kind of management of data encryption key, synchronous and backup method, comprise the backup method of the management method of data encryption key, the synchronous method of data encryption key and data encryption key;
Wherein,
The management method of described data encryption key comprises the following steps:
Step 110, encryption device generates the encryption key that data encryption uses;
Step 120, is stored in described encryption key in described encryption device, presents when user checks with Quick Response Code form;
Step 130, the data of described encryption device to all storages use described encryption key to be encrypted, and form the ciphertext after encryption;
Step 140, when user reads described data, described encryption device uses the decruption key generated to be decrypted;
Step 150: user reads described data, realizes the management of data encryption key;
The synchronous method of described data encryption key comprises the following steps:
Step 210, described encryption device generates the encryption key that data encryption uses;
Step 220, is stored in described encryption key in described encryption device, presents when user checks with Quick Response Code form;
Step 230, the data of described encryption device to all storages use described encryption key to be encrypted, and form the ciphertext after encryption;
Step 240, is synchronized to cloud server by the ciphertext after encryption;
Step 250, fetch equipment downloads the ciphertext after encryption from described cloud server;
Step 260, described fetch equipment scans the Quick Response Code of the encryption key that described encryption device stores, and obtains decruption key;
Step 270, the described decruption key that described fetch equipment uses scanning to obtain, the ciphertext after the encryption obtain download is decrypted, and realizes the synchronous of data encryption key;
The backup method of described data encryption key comprises the following steps:
Step 310, generates the encryption key of data encryption use at described encryption device;
Step 320, is stored in described encryption key in described encryption device, presents when user checks with Quick Response Code form;
Step 330, the data of described encryption device to all storages use described encryption key to be encrypted, and form the ciphertext after encryption;
Step 340, and the ciphertext after encryption is synchronized to cloud server;
Step 350, is connected described encryption device with printer, and is printed by the Quick Response Code of the described encryption key that described encryption device stores; Or,
The Quick Response Code of the described encryption key that described encryption device stores is sent by Email with graphic form; Or,
The electronic edition of the Quick Response Code of the described encryption key that described encryption device stores is derived with picture or document form, is transferred to computer or memory device;
Step 360, preserves the Quick Response Code of the encryption key printed, realizes the backup of data encryption key.
Further improve as the present invention,
After the step 360 of the backup method of described data encryption key, also comprise:
When described encryption device lose, damage or loss of data time, fetch equipment is used to obtain the ciphertext after encryption from described cloud server, and the Quick Response Code of the encryption key of scanning backup, obtain the encryption key of backup, thus data decryption, realize the recovery of data encryption key.
Further improve as the present invention, described encryption device comprises digital independent interface, key generating device, two dimensional code display device, printing equipment, storage device and uploads device.
Further improve as the present invention, encrypting key used is SHA256 key.
Present invention also offers a kind of management of data encryption key, synchronous and standby system, comprise data encryption key administration module, data encryption key synchronization module and data encryption key backup module;
Wherein,
Described data encryption key administration module comprises:
First key production module, encryption device generates the encryption key that data encryption uses;
First cipher key storage block, is stored in described encryption key in described encryption device, presents when user checks with Quick Response Code form;
First data encryption module, the data of described encryption device to all storages use described encryption key to be encrypted, and form the ciphertext after encryption;
First data decryption module, when user reads described data, described encryption device uses the decruption key generated to be decrypted;
Key management realizes module: user reads described data, realizes the management of data encryption key;
Described data encryption key synchronization module comprises:
Second key production module, described encryption device generates the encryption key that data encryption uses;
Second cipher key storage block, is stored in described encryption key in described encryption device, presents when user checks with Quick Response Code form;
Second cipher key encryption block, the data of described encryption device to all storages use described encryption key to be encrypted, and form the ciphertext after encryption;
First key synchronization module, is synchronized to cloud server by the ciphertext after encryption;
First data download module, fetch equipment downloads the ciphertext after encryption from described cloud server;
Second data decryption module, described fetch equipment scans the Quick Response Code of the encryption key that described encryption device stores, and obtains decruption key;
Key synchronization realizes module, the described decruption key that described fetch equipment uses scanning to obtain, and the ciphertext after the encryption obtain download is decrypted, and realizes the synchronous of data encryption key;
Described data encryption key backup module comprises:
3rd key production module, generates the encryption key of data encryption use at described encryption device;
3rd cipher key storage block, is stored in described encryption key in described encryption device, presents when user checks with Quick Response Code form;
3rd cipher key encryption block, the data of described encryption device to all storages use described encryption key to be encrypted, and form the ciphertext after encryption;
Second key synchronization module, and the ciphertext after encryption is synchronized to cloud server;
Cipher key backup module, is connected described encryption device with printer, and is printed by the Quick Response Code of the described encryption key that described encryption device stores; Or,
The Quick Response Code of the described encryption key that described encryption device stores is sent by Email with graphic form; Or,
The electronic edition of the Quick Response Code of the described encryption key that described encryption device stores is derived with picture or document form, is transferred to computer or memory device;
Cipher key backup realizes module, preserves the Quick Response Code of the encryption key printed, realizes the backup of data encryption key.
Further improve as the present invention, also comprise in the backup module of described data encryption key:
Key recovery module, when described encryption device lose, damage or loss of data time, fetch equipment is used to obtain the ciphertext after encryption from described cloud server, and the Quick Response Code of the encryption key of scanning backup, obtain the encryption key of backup, thus data decryption, realize the recovery of data encryption key.
Further improve as the present invention, encrypting key used is SHA256 key.
Further improve as the present invention, described encryption device comprises digital independent interface, key generating device, two dimensional code display device, printing equipment, storage device and uploads device.
Present invention also offers a kind of management of data encryption key, synchronous and back-up device, comprise encryption device, fetch equipment and cloud server, described encryption device and described cloud server communicate to connect, described fetch equipment and described cloud server communicate to connect, described encryption device and the communication connection of described fetch equipment;
Wherein, described encryption device comprises:
Digital independent interface, key generating device, two dimensional code display device, printing equipment, storage device and upload device.
Further improve as the present invention, described encryption engine encrypts key used is SHA256 key.
Beneficial effect of the present invention is:
1, encryption key is shown by Quick Response Code, and utilize Quick Response Code scan operation can realize the operation of Password Management simply, not only operating procedure is simple, and fail safe is high;
2, the shared Password Management between many equipment can be realized very easily, and the printing backup of key file, facilitate sharing of Password Management, prevent key from losing the file caused and the problem such as cannot to open.
3, without the need to by encryption key synchronization to cloud server, and the encrypt data only after synchronous crypto-operation, improves the fail safe of data;
4, can represent 256 and more complicated password, cannot reuse and forge, thus improve the fail safe of data encryption;
5, being applicable to all needs is encrypted data and synchronous scene, which raises the versatility of data encryption key management, synchronous and backup method.
Accompanying drawing explanation
Fig. 1 is the schematic flow sheet of the management method of a kind of data encryption key described in the embodiment of the present invention;
Fig. 2 is the schematic flow sheet of the synchronous method of a kind of data encryption key described in the embodiment of the present invention;
Fig. 3 is the schematic flow sheet of the backup method of a kind of data encryption key described in the embodiment of the present invention;
Fig. 4 is the schematic flow sheet of the restoration methods of a kind of data encryption key described in the embodiment of the present invention;
The structural representation of the management that Fig. 5 is a kind of data encryption key described in the embodiment of the present invention, synchronous and standby system;
The structured flowchart of the management that Fig. 6 is a kind of data encryption key described in the embodiment of the present invention, synchronous and back-up device;
Fig. 7 is the structured flowchart of encryption device in Fig. 6.
Embodiment
Also by reference to the accompanying drawings the present invention is described in further detail below by specific embodiment.
Embodiment 1
As shown in Figure 1, the management method of a kind of data encryption key of the embodiment of the present invention, comprises the following steps:
Step 110, encryption device generates the encryption key that data encryption uses;
Step 120, is stored in encryption key in encryption device, presents when user checks with Quick Response Code form;
Step 130, encryption device uses encryption key to be encrypted to the data of all storages, forms the ciphertext after encryption;
Step 140, when user reads data, encryption device uses the decruption key generated to be decrypted;
Step 150: user reads data, realizes the management of data encryption key.
Encrypting key used in the present embodiment is SHA256 key.SHA-256 is a kind of one-way Hash algorithm, the plaintext that will transmit converts message digest to by a kind of Hash functional operation, the message digest that different plaintexts is corresponding different, reciever is sent to together with expressly after message digest encryption, the message digest of sending that the plaintext of acceptance is produced new message digest and transmit leg by reciever is deciphered and is compared, comparative result unanimously represents expressly not to be changed, if inconsistent expression is expressly tampered.Expressly and ciphertext be relation one to one, during deciphering, use the decryption method of the key identical with encryption key and above-mentioned correspondence just can be decrypted ciphertext, obtain decruption key.
The encryption key of the present embodiment is stored in encryption device, corresponding decruption key is also stored in encryption device, after the Quick Response Code of scanning encryption key, use the key identical with encryption key and SHA-256 decryption method just can be decrypted ciphertext, the decruption key that encryption key is corresponding can be obtained.
Embodiment 2
As shown in Figure 2, present invention also offers a kind of synchronous method of data encryption key, comprise the following steps:
Step 210, encryption device generates the encryption key that data encryption uses;
Step 220, will state encryption key and be stored in encryption device, present when user checks with Quick Response Code form;
Step 230, states encryption device and uses encryption key to be encrypted to the data of all storages, form the ciphertext after encryption;
Step 240, is synchronized to cloud server by the ciphertext after encryption;
Step 250, fetch equipment downloads the ciphertext after encryption from stating cloud server;
Step 260, the Quick Response Code of the encryption key that fetch equipment scanning encryption device stores, obtains decruption key;
Step 270, the decruption key that fetch equipment uses scanning to obtain, the ciphertext after the encryption obtain download is decrypted, and realizes the synchronous of data encryption key.
Encrypting key used in the present embodiment is SHA256 key.SHA-256 is a kind of one-way Hash algorithm, the plaintext that will transmit converts message digest to by a kind of Hash functional operation, the message digest that different plaintexts is corresponding different, reciever is sent to together with expressly after message digest encryption, the message digest of sending that the plaintext of acceptance is produced new message digest and transmit leg by reciever is deciphered and is compared, comparative result unanimously represents expressly not to be changed, if inconsistent expression is expressly tampered.Expressly and ciphertext be relation one to one, during deciphering, use the decryption method of the key identical with encryption key and above-mentioned correspondence just can be decrypted ciphertext, obtain decruption key.
The encryption key of the present embodiment is stored in encryption device, corresponding decruption key is also stored in encryption device, after the Quick Response Code of scanning encryption key, use the key identical with encryption key and SHA-256 decryption method just can be decrypted ciphertext, the decruption key that encryption key is corresponding can be obtained.
Embodiment 3
As shown in Figure 3, present invention also offers a kind of backup method of data encryption key, comprise the following steps:
Step 310, generates the encryption key of data encryption use at encryption device;
Step 320, is stored in encryption key in encryption device, presents when user checks with Quick Response Code form;
Step 330, encryption device uses encryption key to be encrypted to the data of all storages, forms the ciphertext after encryption;
Step 340, is synchronized to cloud server by the ciphertext after encryption;
Step 350, is connected encryption device with printer, and is printed by the Quick Response Code of the encryption key that encryption device stores; Or,
The Quick Response Code of the encryption key that encryption device stores is sent by Email with graphic form; Or,
The electronic edition of the Quick Response Code of the encryption key that encryption device stores is derived with picture or document form, is transferred to computer or memory device;
Step 360, preserves the Quick Response Code of the encryption key printed, realizes the backup of data encryption key.
Embodiment 4
As shown in Figure 4, present invention also offers a kind of restoration methods of data encryption key, comprise the following steps:
Step 410, generates the encryption key of data encryption use at encryption device;
Step 420, is stored in encryption key in encryption device, presents when user checks with Quick Response Code form;
Step 430, encryption device uses encryption key to be encrypted to the data of all storages, forms the ciphertext after encryption;
Step 440, and the ciphertext after encryption is synchronized to cloud server;
Step 450, is connected encryption device with printer, and is printed by the Quick Response Code of the encryption key that encryption device stores; Or,
The Quick Response Code of the encryption key that encryption device stores is sent by Email with graphic form; Or,
The electronic edition of the Quick Response Code of the encryption key that encryption device stores is derived with picture or document form, is transferred to computer or memory device;
Step 460, preserves the Quick Response Code of the encryption key printed, realizes the backup of data encryption key;
Step 470, when encryption device lose, damage or loss of data time, use fetch equipment obtain the ciphertext after encryption from cloud server, and the Quick Response Code of the encryption key of scanning backup, obtain the encryption key of backup, thus data decryption, realize the recovery of data encryption key.
The management of embodiment of the present invention data encryption key, synchronous and backup method, carried out data encryption with time synchronous at needs, generated the encryption key of data, and present with Quick Response Code form, thus obtain the decruption key needed for data deciphering by encryption device.Wherein, the double secret key data that encryption device utilizes self to store process, encryption device by obtain processed after encrypt data upload to cloud server, sharing of encrypt data is realized by cloud server, need other equipment to decrypt data, by the Quick Response Code of the encryption key in scanning encryption device, obtain the decruption key of enciphered data, and according to decruption key to decrypt data, realize the synchronous of data.Due in said process, on the one hand, without the need to by encryption key synchronization to cloud server, and only need the encrypt data after synchronous crypto-operation, therefore improve the fail safe of data.On the other hand, other equipment can obtain the decruption key of data by the Quick Response Code directly scanning the encryption key on encryption device, realize easily, to the deciphering of enciphered data, realizing data syn-chronization.
In addition, for the backup of encryption key, present with the form of Quick Response Code, can represent 256 and more complicated password, the password that its complexity can be remembered higher than the mankind, and it is unique and unrepeatable, therefore cannot reuse and forge, thus improve the fail safe of data encryption.In addition, the management method of the data encryption key that the embodiment of the present invention provides, being applicable to all needs is encrypted data and synchronous scene, therefore, which raises the versatility of data encryption key management, synchronous and backup method.
Embodiment 5, as shown in Figure 5, present invention also offers a kind of management of data encryption key, synchronous, standby system, comprises data encryption key administration module, data encryption key synchronization module and data encryption key backup module.
Wherein,
Data encryption key administration module, for generation and the management of encryption key, and makes encryption key present with Quick Response Code form, comprising:
First key production module, encryption device generates the encryption key that data encryption uses;
First cipher key storage block, is stored in encryption key in encryption device, presents when user checks with Quick Response Code form;
First data encryption module, encryption device uses encryption key to be encrypted to the data of all storages, forms the ciphertext after encryption;
First data decryption module, when user reads data, encryption device uses the decruption key generated to be decrypted;
Key management realizes module, and user reads described data, realizes the management of data encryption key.
Data encryption key synchronization module, for realizing the synchronous of encryption key between distinct device, comprising:
Second key production module, encryption device generates the encryption key that data encryption uses;
Second cipher key storage block, is stored in encryption key in encryption device, presents when user checks with Quick Response Code form;
Second cipher key encryption block, encryption device uses encryption key to be encrypted to the data of all storages, forms the ciphertext after encryption;
First key synchronization module, is synchronized to cloud server by the ciphertext after encryption;
First data download module, fetch equipment downloads the ciphertext after encryption from cloud server;
Second data decryption module, the Quick Response Code of the encryption key that fetch equipment scanning encryption device stores, obtains decruption key;
Key synchronization realizes module, the decruption key that fetch equipment uses scanning to obtain, and the ciphertext after the encryption obtain download is decrypted, and realizes the synchronous of data encryption key.
Data encryption key backup module, for completing the printing of the Quick Response Code of encryption key or uploading storage, realizes the paper copy to encryption key or electronics backup, comprising:
3rd key production module, generates the encryption key of data encryption use at encryption device;
3rd cipher key storage block, is stored in encryption key in encryption device, presents when user checks with Quick Response Code form;
3rd cipher key encryption block, encryption device uses encryption key to be encrypted to the data of all storages, forms the ciphertext after encryption;
Second key synchronization module, and the ciphertext after encryption is synchronized to cloud server;
Cipher key backup module, is connected encryption device with printer, and is printed by the Quick Response Code of the described encryption key that encryption device stores; Or,
The Quick Response Code of the encryption key that encryption device stores is sent by Email with graphic form; Or,
The electronic edition of the Quick Response Code of the encryption key that encryption device stores is derived with picture or document form, is transferred to computer or memory device;
Cipher key backup realizes module, preserves the Quick Response Code of the encryption key printed, realizes the backup of data encryption key.
Also comprise in the backup module of data encryption key:
Key recovery module, when encryption device lose, damage or loss of data time, use fetch equipment obtain the ciphertext after encryption from cloud server, and the Quick Response Code of the encryption key of scanning backup, obtain the encryption key of backup, thus data decryption, realize the recovery of data encryption key.
The cipher key encryption block of the present embodiment is used for needing the data protected to be encrypted operation.Wherein, encrypting key used is SHA256 key, and for improving versatility, key involved in the present invention is not limited only to SHA256 key, and key presents with Quick Response Code form.
Encrypt data after encryption by cloud service or other simultaneous operation, is uploaded to cloud server, downloads for user or equipment by the key synchronization module of the present embodiment.The synchrodata of indication herein, only refers to the encrypt data after encrypting, all unencrypted information, and key information, does not carry out synchronous herein.
The cipher key decryption block of the present embodiment is used in data view procedure, uses the encrypt data after key pair encryption to be decrypted, and checks the clear data after deciphering.
The management of the data encryption key of the present embodiment, synchronous and standby system, Quick Response Code scan operation is utilized to realize the operation of Password Management simply, not only operating procedure is simple, and fail safe is high, the shared Password Management between many equipment can be realized very easily, and the printing backup of key file, facilitate sharing of Password Management, prevent key from losing the file caused and the problem such as cannot to open.
SHA-256 is a kind of one-way Hash algorithm, the plaintext that will transmit converts message digest to by a kind of Hash functional operation, the message digest that different plaintexts is corresponding different, reciever is sent to together with expressly after message digest encryption, the message digest of sending that the plaintext of acceptance is produced new message digest and transmit leg by reciever is deciphered and is compared, comparative result unanimously represents expressly not to be changed, if inconsistent expression is expressly tampered.Expressly and ciphertext be relation one to one, during deciphering, use the decryption method of the key identical with encryption key and above-mentioned correspondence just can be decrypted ciphertext, obtain decruption key.
The encryption key of the present embodiment is stored in encryption device, corresponding decruption key is also stored in encryption device, after the Quick Response Code of scanning encryption key, use the key identical with encryption key and SHA-256 decryption method just can be decrypted ciphertext, the decruption key that encryption key is corresponding can be obtained.
Embodiment 6
As shown in Figure 6, present invention also offers a kind of management of data encryption key, synchronous, back-up device, comprise encryption device, fetch equipment, cloud server, encryption device and cloud server communicate to connect, fetch equipment and cloud server communicate to connect, encryption device and fetch equipment communication connection.
As shown in Figure 7, encryption device comprises digital independent interface, key generating device, two dimensional code display device, printing equipment, storage device and uploads device.
Wherein,
Digital independent interface is USB interface or IEEE1394 interface etc.
Key generating device is the key generator for generating key.
Two dimensional code display device be computer screen, mobile terminal screen, electronic display screen or any can the equipment of two-dimensional code display information.
Printing equipment is printer, for printing the Quick Response Code of encryption key.
Storage device be hard disk, USB flash disk or storage card etc. can the electronic edition of Quick Response Code of storage encryption key with the equipment of picture or file.
To upload device be the electronic edition that can upload the Quick Response Code of encryption key such as wire transmission equipment or radio transmission apparatus with the equipment of picture or file.
Fetch equipment is the equipment scanned by the Quick Response Code of camera to encryption key.
The foregoing is only the preferred embodiments of the present invention, be not limited to the present invention, for a person skilled in the art, the present invention can have various modifications and variations.Within the spirit and principles in the present invention all, any amendment done, equivalent replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (10)
1. the management of data encryption key, a synchronous and backup method, is characterized in that, comprise the backup method of the management method of data encryption key, the synchronous method of data encryption key and data encryption key;
Wherein,
The management method of described data encryption key comprises the following steps:
Step 110, encryption device generates the encryption key that data encryption uses;
Step 120, is stored in described encryption key in described encryption device, presents when user checks with Quick Response Code form;
Step 130, the data of described encryption device to all storages use described encryption key to be encrypted, and form the ciphertext after encryption;
Step 140, when user reads described data, described encryption device uses the decruption key generated to be decrypted;
Step 150: user reads described data, realizes the management of data encryption key;
The synchronous method of described data encryption key comprises the following steps:
Step 210, described encryption device generates the encryption key that data encryption uses;
Step 220, is stored in described encryption key in described encryption device, presents when user checks with Quick Response Code form;
Step 230, the data of described encryption device to all storages use described encryption key to be encrypted, and form the ciphertext after encryption;
Step 240, is synchronized to cloud server by the ciphertext after encryption;
Step 250, fetch equipment downloads the ciphertext after encryption from described cloud server;
Step 260, described fetch equipment scans the Quick Response Code of the encryption key that described encryption device stores, and obtains decruption key;
Step 270, the described decruption key that described fetch equipment uses scanning to obtain, the ciphertext after the encryption obtain download is decrypted, and realizes the synchronous of data encryption key;
The backup method of described data encryption key comprises the following steps:
Step 310, generates the encryption key of data encryption use at described encryption device;
Step 320, is stored in described encryption key in described encryption device, presents when user checks with Quick Response Code form;
Step 330, the data of described encryption device to all storages use described encryption key to be encrypted, and form the ciphertext after encryption;
Step 340, and the ciphertext after encryption is synchronized to cloud server;
Step 350, is connected described encryption device with printer, and is printed by the Quick Response Code of the described encryption key that described encryption device stores; Or,
The Quick Response Code of the described encryption key that described encryption device stores is sent by Email with graphic form; Or,
The electronic edition of the Quick Response Code of the described encryption key that described encryption device stores is derived with picture or document form, is transferred to computer or memory device;
Step 360, preserves the Quick Response Code of the encryption key printed, realizes the backup of data encryption key.
2. the management of data encryption key according to claim 1, synchronous and backup method, is characterized in that, after the step 360 of the backup method of described data encryption key, also comprise:
When described encryption device lose, damage or loss of data time, fetch equipment is used to obtain the ciphertext after encryption from described cloud server, and the Quick Response Code of the encryption key of scanning backup, obtain the encryption key of backup, thus data decryption, realize the recovery of data encryption key.
3. the management of data encryption key according to claim 1, synchronous and backup method, it is characterized in that, described encryption device comprises digital independent interface, key generating device, two dimensional code display device, printing equipment, storage device and uploads device.
4. the management of data encryption key according to claim 1, synchronous and backup method, it is characterized in that, encrypting key used is SHA256 key.
5. the management of data encryption key, a synchronous and standby system, is characterized in that, comprise data encryption key administration module, data encryption key synchronization module and data encryption key backup module;
Wherein,
Described data encryption key administration module comprises:
First key production module, encryption device generates the encryption key that data encryption uses;
First cipher key storage block, is stored in described encryption key in described encryption device, presents when user checks with Quick Response Code form;
First data encryption module, the data of described encryption device to all storages use described encryption key to be encrypted, and form the ciphertext after encryption;
First data decryption module, when user reads described data, described encryption device uses the decruption key generated to be decrypted;
Key management realizes module, and user reads described data, realizes the management of data encryption key;
Described data encryption key synchronization module comprises:
Second key production module, described encryption device generates the encryption key that data encryption uses;
Second cipher key storage block, is stored in described encryption key in described encryption device, presents when user checks with Quick Response Code form;
Second cipher key encryption block, the data of described encryption device to all storages use described encryption key to be encrypted, and form the ciphertext after encryption;
First key synchronization module, is synchronized to cloud server by the ciphertext after encryption;
First data download module, fetch equipment downloads the ciphertext after encryption from described cloud server;
Second data decryption module, described fetch equipment scans the Quick Response Code of the encryption key that described encryption device stores, and obtains decruption key;
Key synchronization realizes module, the described decruption key that described fetch equipment uses scanning to obtain, and the ciphertext after the encryption obtain download is decrypted, and realizes the synchronous of data encryption key;
Described data encryption key backup module comprises:
3rd key production module, generates the encryption key of data encryption use at described encryption device;
3rd cipher key storage block, is stored in described encryption key in described encryption device, presents when user checks with Quick Response Code form;
3rd cipher key encryption block, the data of described encryption device to all storages use described encryption key to be encrypted, and form the ciphertext after encryption;
Second key synchronization module, and the ciphertext after encryption is synchronized to cloud server;
Cipher key backup module, is connected described encryption device with printer, and is printed by the Quick Response Code of the described encryption key that described encryption device stores; Or,
The Quick Response Code of the described encryption key that described encryption device stores is sent by Email with graphic form; Or,
The electronic edition of the Quick Response Code of the described encryption key that described encryption device stores is derived with picture or document form, is transferred to computer or memory device;
Cipher key backup realizes module, preserves the Quick Response Code of the encryption key printed, realizes the backup of data encryption key.
6. the management of data encryption key according to claim 5, synchronous and standby system, is characterized in that, also comprise in the backup module of described data encryption key:
Key recovery module, when described encryption device lose, damage or loss of data time, fetch equipment is used to obtain the ciphertext after encryption from described cloud server, and the Quick Response Code of the encryption key of scanning backup, obtain the encryption key of backup, thus data decryption, realize the recovery of data encryption key.
7. the management of data encryption key according to claim 5, synchronous and standby system, it is characterized in that, encrypting key used is SHA256 key.
8. the management of data encryption key according to claim 5, synchronous and standby system, it is characterized in that, described encryption device comprises digital independent interface, key generating device, two dimensional code display device, printing equipment, storage device and uploads device.
9. the management of a data encryption key, synchronous and back-up device, it is characterized in that, comprise encryption device, fetch equipment, cloud server, described encryption device and described cloud server communicate to connect, described fetch equipment and described cloud server communicate to connect, described encryption device and the communication connection of described fetch equipment;
Wherein, described encryption device comprises:
Digital independent interface, key generating device, two dimensional code display device, printing equipment, storage device and upload device.
10. the management of data encryption key according to claim 9, synchronous and back-up device, is characterized in that, described encryption engine encrypts key used is SHA256 key.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510449972.3A CN105207773A (en) | 2015-07-29 | 2015-07-29 | Method, system and device for management, synchronization and backup of data encryption key |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510449972.3A CN105207773A (en) | 2015-07-29 | 2015-07-29 | Method, system and device for management, synchronization and backup of data encryption key |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105207773A true CN105207773A (en) | 2015-12-30 |
Family
ID=54955231
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510449972.3A Pending CN105207773A (en) | 2015-07-29 | 2015-07-29 | Method, system and device for management, synchronization and backup of data encryption key |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105207773A (en) |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105760903A (en) * | 2016-04-26 | 2016-07-13 | 上海易能信息技术有限公司 | Two-dimensional code printing and reading methods and apparatuses for legal document of case |
| CN106301777A (en) * | 2016-08-03 | 2017-01-04 | 国家计算机网络应急技术处理协调中心 | Quick Response Code encrypted transmission method and system |
| CN106685645A (en) * | 2016-11-14 | 2017-05-17 | 郑州信大捷安信息技术股份有限公司 | Key backup and recovery method and system for secure chip service key |
| CN108307529A (en) * | 2016-09-26 | 2018-07-20 | 宇龙计算机通信科技(深圳)有限公司 | A kind of hotspot connection method and its mobile terminal |
| CN110008725A (en) * | 2019-04-01 | 2019-07-12 | 王龙 | A kind of user structure data processing system |
| CN110535645A (en) * | 2018-05-24 | 2019-12-03 | 上海赢亥信息科技有限公司 | A kind of standby system and method for digital asset management device |
| CN110708302A (en) * | 2019-09-24 | 2020-01-17 | 李润清 | Dynamic two-dimensional code key manager based on positioning sensing data and method thereof |
| CN111209579A (en) * | 2020-01-03 | 2020-05-29 | 玉溪市电子政务内网信息技术中心 | Electronic analysis equipment and method for encrypting confidential files by utilizing two-dimensional code in multiple ways |
| CN112367341A (en) * | 2020-12-04 | 2021-02-12 | 王志东 | Centralized password management system and management method for large number of scattered intelligent devices |
| CN112668031A (en) * | 2021-03-15 | 2021-04-16 | 尤尼泰克(嘉兴)信息技术有限公司 | Coding and decoding method and device for network file protection |
| CN113037486A (en) * | 2021-05-24 | 2021-06-25 | 国网浙江省电力有限公司杭州供电公司 | Power distribution automation information encryption method based on quantum reinforcement |
| CN113609498A (en) * | 2021-07-15 | 2021-11-05 | 荣耀终端有限公司 | Data protection method and electronic equipment |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103442059A (en) * | 2013-08-27 | 2013-12-11 | 华为终端有限公司 | File sharing method and device |
| CN104038338A (en) * | 2014-05-11 | 2014-09-10 | 合肥市艾塔器网络科技有限公司 | Image recognition-based security authorization method |
| CN104079404A (en) * | 2014-07-07 | 2014-10-01 | 北京深思数盾科技有限公司 | Sensitive data secure exchange method and system |
-
2015
- 2015-07-29 CN CN201510449972.3A patent/CN105207773A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103442059A (en) * | 2013-08-27 | 2013-12-11 | 华为终端有限公司 | File sharing method and device |
| CN104038338A (en) * | 2014-05-11 | 2014-09-10 | 合肥市艾塔器网络科技有限公司 | Image recognition-based security authorization method |
| CN104079404A (en) * | 2014-07-07 | 2014-10-01 | 北京深思数盾科技有限公司 | Sensitive data secure exchange method and system |
Cited By (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105760903A (en) * | 2016-04-26 | 2016-07-13 | 上海易能信息技术有限公司 | Two-dimensional code printing and reading methods and apparatuses for legal document of case |
| CN106301777A (en) * | 2016-08-03 | 2017-01-04 | 国家计算机网络应急技术处理协调中心 | Quick Response Code encrypted transmission method and system |
| CN108307529A (en) * | 2016-09-26 | 2018-07-20 | 宇龙计算机通信科技(深圳)有限公司 | A kind of hotspot connection method and its mobile terminal |
| CN106685645A (en) * | 2016-11-14 | 2017-05-17 | 郑州信大捷安信息技术股份有限公司 | Key backup and recovery method and system for secure chip service key |
| CN106685645B (en) * | 2016-11-14 | 2019-05-28 | 郑州信大捷安信息技术股份有限公司 | A kind of cipher key backup for safety chip business cipher key and restoration methods and system |
| CN110535645A (en) * | 2018-05-24 | 2019-12-03 | 上海赢亥信息科技有限公司 | A kind of standby system and method for digital asset management device |
| CN110008725A (en) * | 2019-04-01 | 2019-07-12 | 王龙 | A kind of user structure data processing system |
| CN110708302B (en) * | 2019-09-24 | 2022-08-09 | 李润清 | Dynamic two-dimensional code key manager based on positioning sensing data and method thereof |
| CN110708302A (en) * | 2019-09-24 | 2020-01-17 | 李润清 | Dynamic two-dimensional code key manager based on positioning sensing data and method thereof |
| CN111209579A (en) * | 2020-01-03 | 2020-05-29 | 玉溪市电子政务内网信息技术中心 | Electronic analysis equipment and method for encrypting confidential files by utilizing two-dimensional code in multiple ways |
| CN112367341A (en) * | 2020-12-04 | 2021-02-12 | 王志东 | Centralized password management system and management method for large number of scattered intelligent devices |
| CN112367341B (en) * | 2020-12-04 | 2022-10-21 | 北京超维电感科技有限公司 | Centralized password management system and management method for large number of scattered intelligent devices |
| CN112668031A (en) * | 2021-03-15 | 2021-04-16 | 尤尼泰克(嘉兴)信息技术有限公司 | Coding and decoding method and device for network file protection |
| WO2022193620A1 (en) * | 2021-03-15 | 2022-09-22 | 尤尼泰克嘉兴信息技术有限公司 | Encoding method and apparatus for network file protection, and decoding method and apparatus for network file protection |
| CN113037486A (en) * | 2021-05-24 | 2021-06-25 | 国网浙江省电力有限公司杭州供电公司 | Power distribution automation information encryption method based on quantum reinforcement |
| CN113609498A (en) * | 2021-07-15 | 2021-11-05 | 荣耀终端有限公司 | Data protection method and electronic equipment |
| CN113609498B (en) * | 2021-07-15 | 2022-09-30 | 荣耀终端有限公司 | Data protection method and electronic equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105207773A (en) | Method, system and device for management, synchronization and backup of data encryption key | |
| US9813247B2 (en) | Authenticator device facilitating file security | |
| US10103888B2 (en) | Method of performing keyed-hash message authentication code (HMAC) using multi-party computation without Boolean gates | |
| WO2021114891A1 (en) | Key encryption method and decryption method, and, data encryption method and decryption method | |
| RU2589861C2 (en) | System and method of user data encryption | |
| CN102223364B (en) | Method and system for accessing e-book data | |
| KR20060003319A (en) | Device authentication system | |
| US9313185B1 (en) | Systems and methods for authenticating devices | |
| CN111181723B (en) | Method and device for offline security authentication between Internet of things devices | |
| CN111970114B (en) | File encryption method, system, server and storage medium | |
| CN107579903B (en) | Picture message secure transmission method and system based on mobile device | |
| TW202031010A (en) | Data storage method and device, and apparatus | |
| Fauziah et al. | Design and implementation of AES and SHA-256 cryptography for securing multimedia file over android chat application | |
| CA2891610C (en) | Agent for providing security cloud service and security token device for security cloud service | |
| CN107533613A (en) | Transplant document format file custom field | |
| CN113347143A (en) | Identity authentication method, device, equipment and storage medium | |
| JP2022542095A (en) | Hardened secure encryption and decryption system | |
| US8751819B1 (en) | Systems and methods for encoding data | |
| CN110968878B (en) | Information transmission method, system, electronic equipment and readable medium | |
| CN103685239A (en) | Real-time encryption and decryption system and real-time encryption and decryption method for mobile products | |
| JP4698261B2 (en) | Cryptographic communication system and method, and program | |
| CN111212068B (en) | Method for encrypting and decrypting characters by input method | |
| US20240107318A1 (en) | A method and a system for securely sharing datasets via glyphs | |
| Nair | Data security using a hybrid cryptographic approach in mobile cloud computing | |
| CN113656835A (en) | File transmission encryption technology |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| AD01 | Patent right deemed abandoned | ||
| AD01 | Patent right deemed abandoned |
Effective date of abandoning: 20190910 |