CN106792666A - The method and device of network sensitive information in protection wireless network connection - Google Patents
The method and device of network sensitive information in protection wireless network connection Download PDFInfo
- Publication number
- CN106792666A CN106792666A CN201611206870.XA CN201611206870A CN106792666A CN 106792666 A CN106792666 A CN 106792666A CN 201611206870 A CN201611206870 A CN 201611206870A CN 106792666 A CN106792666 A CN 106792666A
- Authority
- CN
- China
- Prior art keywords
- network
- sensitive information
- encryption
- wireless network
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a kind of method and device of network sensitive information in protection wireless network connection, it is related to technical field of network security, solves the unsafe problem of network sensitive information of existing connection wireless network.The method of the present invention includes:Receive the network sensitive information that user connects wireless network input for the first time;The network sensitive information is encrypted using preset-key, the network sensitive information after generation encryption;By in the corresponding network profile of network sensitive information write-in wireless network connection after the encryption.During the present invention is applied to wireless network connection.
Description
Technical field
The present invention relates to network sensitive information in technical field of network security, more particularly to a kind of protection wireless network connection
Method and device.
Background technology
The intelligent terminal (mobile phone, PDA and panel computer etc.) of current all Android (Android) systems is using wireless
Network interface card management program WPA Supplicant are used as wireless network middleware.WPA Supplicant can connect wireless by all
The relevant information of AP routers is saved in the configuration file of intelligent terminal " wpa_supplicant.conf ".It is specific to preserve
The title SSID of relevant information including wireless network, the pattern of encryption, network sensitive information etc. user name and password.
However, existing market has the software that can crack Wi-Fi network of many, such as " wifi skeleton keys ", its work
Make principle as shown in figure 1, wherein third party software be " wifi skeleton keys ", it by obtain " wifi " in intelligent terminal use
Family authority, accesses the configuration file (" wpa_supplicant.conf ") of intelligent terminal, and by network sensitive information therein
Pass to a generic server.The server receives all intelligent terminal (terminal device A, terminal device B for installing the software
Deng) on the network sensitive information that transmits, and be saved into cloud database.If (terminal sets next other-end equipment
Standby C etc.) request for wishing to crack the radio AP route apparatus password is sent to it.The server can travel through its cloud database, seek
Whether look for has user that the password matched with the SSID of the radio AP route apparatus was transmitted through on once.Then by the sensitivity phase such as password after finding
The terminal (terminal device C etc.) that feedback of the information sent request to before is closed, the purpose for cracking objective network password is finally reached.Separately
Outward, having a lot " root " instruments (such as " root is smart ") at present can also aid in user to take system highest authority.Obtaining
After " root " authority, the user can access the network profile (" wpa_supplicant.conf ") of intelligent terminal, and according to
This obtains network sensitive information.
To sum up, the network sensitive information of existing connection wireless network is dangerous, there is compromised risk.
The content of the invention
In view of the above problems, the present invention provides the method and dress of network sensitive information in a kind of protection wireless network connection
Put, be used to solve the unsafe problem of network sensitive information of existing connection wireless network.
In order to solve the above technical problems, in a first aspect, quick the invention provides network in one kind protection wireless network connection
The method of sense information, methods described includes:
Receive the network sensitive information that user connects wireless network input for the first time;
The network sensitive information is encrypted using preset-key, the network sensitive information after generation encryption;
By in the corresponding network profile of network sensitive information write-in wireless network connection after the encryption.
Optionally, the network sensitive information is encrypted using preset-key, the sensitive letter of the network after generation encryption
Breath includes:
The preset-key step-by-step and network sensitive information are carried out into xor operation, the sensitive letter of network after generation encryption
Breath.
3rd, method according to claim 2, it is characterised in that when user asks to connect the wireless network again
When, methods described also includes:
The network sensitive information after encryption is obtained from the network profile;
The network sensitive information after encryption is decrypted using the preset-key, obtains the sensitive letter of the network after decryption
Breath;
The connection of wireless network is realized according to the network sensitive information after decryption.
Optionally, the network sensitive information after encryption is decrypted using the preset-key, obtains the net after decryption
Network sensitive information includes:
The preset-key step-by-step is carried out into xor operation with the network sensitive information after encryption, the network after decryption is obtained
Sensitive information.
Optionally, the preset-key is the static keys being stored in advance in the library file of wireless network management component.
Optionally, the static keys are the coding array of fixed size, and the coding array content is generated at random.
Optionally, the network sensitive information includes:
Carry out the username and password or password of wireless network connection.
Second aspect, the invention provides a kind of device of network sensitive information in protection wireless network connection, the dress
Put including:
Receiving unit, the network sensitive information of wireless network input is connected for receiving user for the first time;
Generation unit, for being encrypted to the network sensitive information using preset-key, the network after generation encryption
Sensitive information;
Writing unit, for the network sensitive information write-in wireless network after the encryption to be connected into corresponding network configuration
In file.
Optionally, generation unit is used for:
The preset-key step-by-step and network sensitive information are carried out into xor operation, the sensitive letter of network after generation encryption
Breath.
Optionally, described device also includes:
First acquisition unit, for when user asks to connect the wireless network again, from the network profile
The middle network sensitive information obtained after encryption;
Second acquisition unit, for being decrypted to the network sensitive information after encryption using the preset-key, is obtained
Network sensitive information after decryption;
Connection unit, the connection for realizing wireless network according to the network sensitive information after decryption.
Optionally, second acquisition unit is used for:
The preset-key step-by-step is carried out into xor operation with the network sensitive information after encryption, the network after decryption is obtained
Sensitive information.
Optionally, the preset-key is the static keys being stored in advance in the library file of wireless network management component.
Optionally, the static keys in the generation unit are the coding array of fixed size, the coding array content
Random generation.
Optionally, the network sensitive information in the receiving unit includes:
Carry out the username and password or password of wireless network connection.
By above-mentioned technical proposal, the method and dress of network sensitive information in the protection wireless network connection that the present invention is provided
Put, the network sensitive information of user input is encrypted by key, and the sensitive information after encryption is write configuration file
In, third party software is directly obtained sensitive information by configuration file, therefore ensure that the peace of network sensitive information
Entirely.
Described above is only the general introduction of technical solution of the present invention, in order to better understand technological means of the invention,
And can be practiced according to the content of specification, and in order to allow the above and other objects of the present invention, feature and advantage can
Become apparent, below especially exemplified by specific embodiment of the invention.
Brief description of the drawings
By reading the detailed description of hereafter preferred embodiment, various other advantages and benefit is common for this area
Technical staff will be clear understanding.Accompanying drawing is only used for showing the purpose of preferred embodiment, and is not considered as to the present invention
Limitation.And in whole accompanying drawing, identical part is denoted by the same reference numerals.In the accompanying drawings:
Fig. 1 is the operation principle schematic diagram of existing " wifi skeleton keys ";
Fig. 2 shows the method for network sensitive information in a kind of protection wireless network connection provided in an embodiment of the present invention
Flow chart;
Fig. 3 shows that a kind of principle for protecting network sensitive information in wireless network connection provided in an embodiment of the present invention is shown
It is intended to;
Fig. 4 shows a kind of schematic diagram of the principle of existing network sensitive information write-in network profile;
The method that Fig. 5 shows network sensitive information in another protection wireless network connection provided in an embodiment of the present invention
Flow chart;
Fig. 6 shows a kind of schematic diagram on network sensitive information encryption and decryption provided in an embodiment of the present invention;
Fig. 7 shows the effect of network sensitive information in a kind of protection wireless network connection provided in an embodiment of the present invention
Figure;
Fig. 8 shows the device of network sensitive information in a kind of protection wireless network connection provided in an embodiment of the present invention
Composition frame chart;
Fig. 9 shows the device of network sensitive information in another protection wireless network connection provided in an embodiment of the present invention
Composition frame chart.
Specific embodiment
The exemplary embodiment of the disclosure is more fully described below with reference to accompanying drawings.Although showing the disclosure in accompanying drawing
Exemplary embodiment, it being understood, however, that may be realized in various forms the disclosure without should be by embodiments set forth here
Limited.Conversely, there is provided these embodiments are able to be best understood from the disclosure, and can be by the scope of the present disclosure
Complete conveys to those skilled in the art.
To solve the unsafe problem of network sensitive information of existing connection wireless network, the embodiment of the invention provides
A kind of method for protecting network sensitive information in wireless network connection, as shown in Fig. 2 the method includes:
101st, the network sensitive information that user connects wireless network input for the first time is received.
When user's first connection radio AP route apparatus, it is necessary to pass through after the title SSID of selection radio AP route apparatus
It is input into network sensitive information to connect wireless network, network sensitive information therein includes username and password or password.With
After family input network sensitive information, the wpa supplicant programs of the management Wi-Fi connection in intelligent terminal can obtain this
Network sensitive information.
102nd, network sensitive information is encrypted using preset-key, the network sensitive information after generation encryption.
In order to ensure the security of network sensitive information, then network sensitive information is being write into corresponding network profile
Before " wpa_supplicant.conf ", network sensitive information is encrypted, the network sensitive information after being encrypted.Tool
The mode being encrypted to network sensitive information of body, does not limit in the embodiment of the present invention, can select existing any one
Plant and the AES that network sensitive information is encrypted can be encrypted.
103rd, by the corresponding network profile of network sensitive information write-in wireless network connection after encryption.
" by the corresponding network profile of network sensitive information write-in wireless network connection after encryption " can be " will
Network sensitive information write-in wireless network after encryption is connected in corresponding " wpa_supplicant.conf " file ".Need
It is bright, in order that third-party application cannot get the network sensitive information of unencryption, therefore network sensitive information is carried out
The preset-key of encryption is not preserved in network profile.
Be given on before the method for network sensitive information in application protection wireless network connection provided in an embodiment of the present invention
The example of the difference of the content in corresponding network profile " wpa_supplicant.conf ", as follows afterwards:
Assuming that in being connected using protection wireless network before the method for network sensitive information, network profile " wpa_
Content in supplicant.conf " is:
In being connected using protection wireless network after the method for network sensitive information, corresponding network profile " wpa_
Content in supplicant.conf " is:
In being connected using protection wireless network from above-mentioned example before the method for network sensitive information, in network profile
Corresponding content is all the real information of unencryption, third party in network the sensitive information identity and password of record
Software (wifi skeleton keys etc.) can get connection wireless network by configuration file " wpa_supplicant.conf "
Network sensitive information, causes the leakage of network sensitive information;And apply the side of network sensitive information in protection wireless network connection
After method, network sensitive information identity and password in corresponding network profile " wpa_supplicant.conf "
In corresponding content be encryption after network sensitive information, therefore third party software (wifi skeleton keys etc.) pass through configuration file
" wpa_supplicant.conf " cannot get the real network sensitive information of the unencryption of connection wireless network, can
Protect network sensitive information not compromised.
For the method flow of above-mentioned steps 101-103, the embodiment of the invention provides corresponding protection wireless network and connect
The principle schematic of middle network sensitive information is connect, as shown in figure 3, wherein network sensitive information is specially password, temporary password pair
Answer the network sensitive information after above-mentioned encryption.Password can be given birth to after user is input into for the first time by encrypting as can see from Figure 3
Into temporary password, then temporary password is written in network profile.
And the existing network sensitive information to user input writes the principle of network profile for directly by unencryption
Network sensitive information be written in network profile, as shown in Figure 4.Wherein network sensitive information is specially password, from Fig. 4
In it can be seen that password after user is input into for the first time, directly password is written in network profile, be not encrypted.
The method of network sensitive information in protection wireless network connection provided in an embodiment of the present invention, by the net of user input
Network sensitive information is encrypted by key, and after encryption sensitive information write-in configuration file in, make third party software without
Method is directly obtained sensitive information by configuration file, therefore ensure that the safety of network sensitive information.
Refinement and extension to method shown in Fig. 2, the embodiment of the present invention are additionally provided in a kind of protection wireless network connection
The method of network sensitive information, as shown in figure 5, methods described includes:
201st, the network sensitive information that user connects wireless network input for the first time is received.
The implementation of this step is identical with the implementation of Fig. 2 steps 101, and here is omitted.
202nd, preset-key step-by-step and network sensitive information are carried out into xor operation, the sensitive letter of network after generation encryption
Breath.
Wherein, preset-key be stored in advance in it is quiet in the library file of wireless network management component wpa supplicant
State key, writes dead in configuration processor, if the library file for wpa supplicant does not provide exposure and wherein includes
Information method, other application programs are cannot therefrom to obtain information.Therefore preset-key is stored in wpa
Cannot be stolen by third-party application in the library file of supplicant.In addition, static keys are in the embodiment of the present invention
The coding array of fixed size, specific coding array can be the coding array of 16 systems.In order to increase the complexity of key,
Prevent from being attempted and crack, generally in the content of generation coding array, be randomly generated.Wherein random generation refers to random
The content (such as, various spcial character random combines etc.) that selection character combination is obtained, has been different from certain rule etc. easily broken
The content (such as, 123456,11111 etc.) of solution.
Preset-key step-by-step carries out xor operation particular by XOR AES (XOR) to net with network sensitive information
Network sensitive information is encrypted, the network sensitive information after being encrypted.Wherein, the length of the network sensitive information after encryption with
The length of the network sensitive information before encryption is equal.Be given with network sensitive information as password, password is encrypted
Schematic diagram, as shown in a figures in Fig. 6, XOR is carried out by password and key, obtains temporary password, wherein, key correspondence is above-mentioned
Static keys, the temporary password for obtaining be encryption after password.
203rd, by the corresponding network profile of network sensitive information write-in wireless network connection after encryption.
The implementation of this step is identical with the implementation of Fig. 2 steps 103, and here is omitted.
204th, when user asks connection wireless network again, the network after encryption is obtained from network profile sensitive
Information.
Connection wireless network is obtained when user asks to connect above-mentioned wireless network again, it is necessary to from network profile
The relevant information of needs.From step 203, what is recorded in network profile is the network sensitive information after encryption, therefore
What is directly got from network profile is the network sensitive information after encryption.
205th, the network sensitive information after encryption is decrypted using preset-key, obtains the sensitive letter of the network after decryption
Breath.
Because connection network is it is desirable that the network sensitive information of unencryption, therefore when being got from network profile
Need to be decrypted it after the network sensitive information of encryption, to obtain network sensitive information.The specific network to encryption is quick
The process that sense information is decrypted is:It is decrypted according to the mode to the encryption of network sensitive information, corresponding to adding for step 202
Close mode, needs for preset-key step-by-step to carry out xor operation with the network sensitive information after encryption in this step, obtains decryption
Network sensitive information afterwards, that is, the network sensitive information before being encrypted.It should be noted that being added to a certain sensitive information
The preset-key used during close and decryption is same static keys.
With sensitive information as password, the schematic diagram being decrypted to the password after encryption is provided, as shown in b figures in Fig. 6, its
The above-mentioned preset-key of middle key correspondence, temporary password is the password after encryption, and the password after encryption and key are carried out into XOR
Computing, can reduce password.
It is password corresponding to network sensitive information in above-mentioned steps 202, the network sensitive information after encryption is temporary password
Example, the operating process when user asks to connect the wireless network for having connected again is illustrated, specifically such as
Shown in Fig. 3, temporary password is read from network profile first, temporary password is decrypted using static keys then
Password is obtained, then makes terminal device that the connection of wireless network is realized by password.
206th, the connection of wireless network is realized according to the network sensitive information after decryption.
Intelligent terminal shown in application drawing 2 and Fig. 5 protection wireless network connection in network sensitive information method after,
Just the safety of network sensitive information can be protected.Specifically, by taking " wifi skeleton keys " as an example, illustrating protection wireless network connection
The effect of middle network sensitive information, specific effect diagram is as shown in Figure 7.Terminal A is to be successfully connected to radio AP route apparatus
Equipment, it can be seen that after terminal device C gets password corresponding with the SSID of radio AP route apparatus, it is impossible to realize network
It is successfully connected, is that, because the password corresponding with SSID for getting is the password after encryption, therefore the success of network cannot be realized
Connection.
Further, as the realization to the various embodiments described above, another embodiment of the embodiment of the present invention additionally provides one
The device of network sensitive information in protection wireless network connection is planted, for realizing the method described in above-mentioned Fig. 2 and Fig. 5.Such as Fig. 8
Shown, the device includes:Receiving unit 31, generation unit 32 and writing unit 33.
Receiving unit 31, the network sensitive information of wireless network input is connected for receiving user for the first time;
When user's first connection radio AP route apparatus, it is necessary to pass through after the title SSID of selection radio AP route apparatus
It is input into network sensitive information to connect wireless network, network sensitive information therein includes username and password or password.With
After family input network sensitive information, the wpa supplicant programs of the management Wi-Fi connection in intelligent terminal can obtain this
Network sensitive information.
Generation unit 32, for being encrypted to network sensitive information using preset-key, the network after generation encryption is quick
Sense information;
In order to ensure the security of network sensitive information, then network sensitive information is being write into corresponding network profile
Before " wpa_supplicant.conf ", network sensitive information is encrypted, the network sensitive information after being encrypted.Tool
The mode being encrypted to network sensitive information of body, does not limit in the embodiment of the present invention, can select existing any one
Plant and the AES that network sensitive information is encrypted can be encrypted.
Writing unit 33, for the network sensitive information write-in wireless network after encryption to be connected into corresponding network configuration text
In part.
" by the corresponding network profile of network sensitive information write-in wireless network connection after encryption " can be " will
Network sensitive information write-in wireless network after encryption is connected in corresponding " wpa_supplicant.conf " file ".
It should be noted that in order that third-party application cannot get the network sensitive information of unencryption, therefore to net
The preset-key that network sensitive information is encrypted is not preserved in network profile.
Be given on before the device of network sensitive information in application protection wireless network connection provided in an embodiment of the present invention
The example of the difference of the content in corresponding network profile " wpa_supplicant.conf ", specifically walks referring to Fig. 2 afterwards
Example in rapid 103, it can be seen that in application protection wireless network connection before the device of network sensitive information, network configuration text
Corresponding content is all in network the sensitive information identity and password of record in part " wpa_supplicant.conf "
The real information of unencryption, third party software (wifi skeleton keys etc.) can be by configuration file " wpa_
Supplicant.conf " gets the network sensitive information of connection wireless network, causes the leakage of network sensitive information;And answer
In being connected with protection wireless network after the device of network sensitive information, in network profile " wpa_supplicant.conf "
Corresponding content is the network sensitive information after encryption in network sensitive information identity and password, therefore third party is soft
Part (wifi skeleton keys etc.) cannot get connection wireless network not by configuration file " wpa_supplicant.conf "
The real network sensitive information of encryption, can protect network sensitive information not compromised.
Generation unit 32 is used for:
Preset-key step-by-step and network sensitive information are carried out into xor operation, the network sensitive information after generation encryption.
Preset-key step-by-step carries out xor operation particular by XOR AES (XOR) to net with network sensitive information
Network sensitive information is encrypted, the network sensitive information after being encrypted.Wherein, the length of the network sensitive information after encryption with
The length of the network sensitive information before encryption is equal.Be given with network sensitive information as password, password is encrypted
Schematic diagram, as shown in a figures in Fig. 6, XOR is carried out by password and key, obtains temporary password, wherein, key correspondence is above-mentioned
Static keys, the temporary password for obtaining be encryption after password.
As shown in figure 9, device also includes:
First acquisition unit 34, for when user asks connection wireless network again, being obtained from network profile
Network sensitive information after encryption;
Second acquisition unit 35, for being decrypted to the network sensitive information after encryption using preset-key, obtains solution
Network sensitive information after close;
Because connection network is it is desirable that the network sensitive information of unencryption, therefore when being got from network profile
Need to be decrypted it after the network sensitive information of encryption, to obtain network sensitive information.
Connection unit 36, the connection for realizing wireless network according to the network sensitive information after decryption.
Second acquisition unit 35 is used for:
Preset-key step-by-step is carried out into xor operation with the network sensitive information after encryption, the network after decryption is obtained sensitive
Information.
It is specific to be to the process that the network sensitive information encrypted is decrypted:According to the side to the encryption of network sensitive information
Formula is decrypted, and the cipher mode corresponding to generation unit 32 is, it is necessary to preset-key step-by-step is believed with the network sensitivity after encryption
Breath carries out xor operation, obtains the network sensitive information after decryption, that is, the network sensitive information before being encrypted.Need explanation
It is that the preset-key used when being encrypted and decrypted to a certain sensitive information is same static keys.
With sensitive information as password, the schematic diagram being decrypted to the password after encryption is provided, as shown in b figures in Fig. 6, its
The above-mentioned preset-key of middle key correspondence, temporary password is the password after encryption, and the password after encryption and key are carried out into XOR
Computing, can reduce password.
Preset-key in generation unit 32 be stored in advance in it is static close in the library file of wireless network management component
Key.
Static keys in generation unit 32 are the coding array of fixed size, and coding array content is generated at random.
Preset-key be stored in advance in it is static close in the library file of wireless network management component wpa supplicant
Key, writes dead in configuration processor, if the library file for wpa supplicant does not provide the letter that exposure is wherein included
The method of breath, other application programs are cannot therefrom to obtain information.Therefore preset-key is stored in wpa supplicant's
Cannot be stolen by third-party application in library file.In addition, static keys are the volume of fixed size in the embodiment of the present invention
Yardage group, specific coding array can be the coding array of 16 systems.In order to increase the complexity of key, prevent from being attempted brokenly
Solution, generally in the content of generation coding array, is randomly generated.Wherein random generation refers to random selection character combination
The content (such as, various spcial character random combines etc.) for obtaining, is different from the content (ratio that certain rule etc. is easily cracked
Such as, 123456,11111 etc.).
Network sensitive information in receiving unit 31 includes:
Carry out the username and password or password of wireless network connection.
Intelligent terminal shown in application drawing 8 and Fig. 9 protection wireless network connection in network sensitive information device after,
Just the safety of network sensitive information can be protected.Specifically, by taking " wifi skeleton keys " as an example, illustrating protection wireless network connection
The effect of middle network sensitive information, specific effect diagram is as shown in Figure 7.Terminal A is to be successfully connected to radio AP route apparatus
Equipment, it can be seen that after terminal device C gets password corresponding with the SSID of radio AP route apparatus, it is impossible to realize network
It is successfully connected, is that, because the password corresponding with SSID for getting is the password after encryption, therefore the success of network cannot be realized
Connection.
The device of network sensitive information in protection wireless network connection provided in an embodiment of the present invention, by the net of user input
Network sensitive information is encrypted by key, and after encryption sensitive information write-in configuration file in, make third party software without
Method is directly obtained sensitive information by configuration file, therefore ensure that the safety of network sensitive information.
In the above-described embodiments, the description to each embodiment all emphasizes particularly on different fields, and does not have the portion described in detail in certain embodiment
Point, may refer to the associated description of other embodiment.
It is understood that the correlated characteristic in the above method and device can be referred to mutually.In addition, in above-described embodiment
" first ", " second " etc. be, for distinguishing each embodiment, and not represent the quality of each embodiment.
It is apparent to those skilled in the art that, for convenience and simplicity of description, the system of foregoing description,
The specific work process of device and unit, may be referred to the corresponding process in preceding method embodiment, will not be repeated here.
Algorithm and display be not inherently related to any certain computer, virtual system or miscellaneous equipment provided herein.
Various general-purpose systems can also be used together with based on teaching in this.As described above, construct required by this kind of system
Structure be obvious.Additionally, the present invention is not also directed to any certain programmed language.It is understood that, it is possible to use it is various
Programming language realizes the content of invention described herein, and the description done to language-specific above is to disclose this hair
Bright preferred forms.
In specification mentioned herein, numerous specific details are set forth.It is to be appreciated, however, that implementation of the invention
Example can be put into practice in the case of without these details.In some instances, known method, structure is not been shown in detail
And technology, so as not to obscure the understanding of this description.
Similarly, it will be appreciated that in order to simplify one or more that the disclosure and helping understands in each inventive aspect, exist
Above to the description of exemplary embodiment of the invention in, each feature of the invention is grouped together into single implementation sometimes
In example, figure or descriptions thereof.However, the method for the disclosure should be construed to reflect following intention:I.e. required guarantor
The application claims of shield features more more than the feature being expressly recited in each claim.More precisely, such as following
Claims reflect as, inventive aspect is all features less than single embodiment disclosed above.Therefore,
Thus the claims for following specific embodiment are expressly incorporated in the specific embodiment, and wherein each claim is in itself
All as separate embodiments of the invention.
Those skilled in the art are appreciated that can be carried out adaptively to the module in the equipment in embodiment
Change and they are arranged in one or more equipment different from the embodiment.Can be the module or list in embodiment
Unit or component be combined into a module or unit or component, and can be divided into addition multiple submodule or subelement or
Sub-component.In addition at least some in such feature and/or process or unit exclude each other, can use any
Combine to all features disclosed in this specification (including adjoint claim, summary and accompanying drawing) and so disclosed appoint
Where all processes or unit of method or equipment are combined.Unless expressly stated otherwise, this specification (including adjoint power
Profit is required, summary and accompanying drawing) disclosed in each feature can the alternative features of or similar purpose identical, equivalent by offer carry out generation
Replace.
Although additionally, it will be appreciated by those of skill in the art that some embodiments described herein include other embodiments
In included some features rather than further feature, but the combination of the feature of different embodiments means in of the invention
Within the scope of and form different embodiments.For example, in the following claims, embodiment required for protection is appointed
One of meaning mode can be used in any combination.
All parts embodiment of the invention can be realized with hardware, or be run with one or more processor
Software module realize, or with combinations thereof realize.It will be understood by those of skill in the art that can use in practice
Microprocessor or digital signal processor (DSP) realize denomination of invention according to embodiments of the present invention (such as protection wireless network
Network connection in network sensitive information device) in some or all parts some or all functions.The present invention may be used also
To be embodied as some or all equipment or program of device for performing method as described herein (for example, calculating
Machine program and computer program product).It is such to realize that program of the invention be stored on a computer-readable medium, or
There can be the form of one or more signal.Such signal can be downloaded from internet website and obtained, or carried
There is provided on body signal, or provided in any other form.
It should be noted that above-described embodiment the present invention will be described rather than limiting the invention, and ability
Field technique personnel can design alternative embodiment without departing from the scope of the appended claims.In the claims,
Any reference symbol being located between bracket should not be configured to limitations on claims.Word "comprising" is not excluded the presence of not
Element listed in the claims or step.Word "a" or "an" before element is not excluded the presence of as multiple
Element.The present invention can come real by means of the hardware for including some different elements and by means of properly programmed computer
It is existing.If in the unit claim for listing equipment for drying, several in these devices can be by same hardware branch
To embody.The use of word first, second, and third does not indicate that any order.These words can be explained and run after fame
Claim.
Claims (10)
1. a kind of method of network sensitive information during protection wireless network is connected, it is characterised in that including:
Receive the network sensitive information that user connects wireless network input for the first time;
The network sensitive information is encrypted using preset-key, the network sensitive information after generation encryption;
By in the corresponding network profile of network sensitive information write-in wireless network connection after the encryption.
2. method according to claim 1, it is characterised in that added to the network sensitive information using preset-key
Close, the network sensitive information after generation encryption includes:
The preset-key step-by-step and network sensitive information are carried out into xor operation, the network sensitive information after generation encryption.
3. method according to claim 2, it is characterised in that when user asks to connect the wireless network again, institute
Stating method also includes:
The network sensitive information after encryption is obtained from the network profile;
The network sensitive information after encryption is decrypted using the preset-key, obtains the network sensitive information after decryption;
The connection of wireless network is realized according to the network sensitive information after decryption.
4. method according to claim 3, it is characterised in that using the preset-key to the sensitive letter of network after encryption
Breath is decrypted, and obtaining the network sensitive information after decryption includes:
The preset-key step-by-step is carried out into xor operation with the network sensitive information after encryption, the network after decryption is obtained sensitive
Information.
5. the method according to any one of claim 1-4, it is characterised in that the preset-key is to be stored in advance in nothing
Static keys in the library file of line network management component.
6. the method according to any one of claim 1-4, it is characterised in that the static keys are the volume of fixed size
Yardage group, the coding array content is generated at random.
7. method according to claim 5, it is characterised in that the network sensitive information includes:
Carry out the username and password or password of wireless network connection.
8. the device of network sensitive information during a kind of protection wireless network is connected, it is characterised in that including:
Receiving unit, the network sensitive information of wireless network input is connected for receiving user for the first time;
Generation unit, for being encrypted to the network sensitive information using preset-key, the network after generation encryption is sensitive
Information;
Writing unit, for the network sensitive information write-in wireless network after the encryption to be connected into corresponding network profile
In.
9. device according to claim 8, it is characterised in that generation unit is used for:
The preset-key step-by-step and network sensitive information are carried out into xor operation, the network sensitive information after generation encryption.
10. device according to claim 9, it is characterised in that described device also includes:
First acquisition unit, for when user asks to connect the wireless network again, being obtained from the network profile
Take the network sensitive information after encryption;
Second acquisition unit, for being decrypted to the network sensitive information after encryption using the preset-key, obtains decryption
Network sensitive information afterwards;
Connection unit, the connection for realizing wireless network according to the network sensitive information after decryption.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611206870.XA CN106792666A (en) | 2016-12-23 | 2016-12-23 | The method and device of network sensitive information in protection wireless network connection |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611206870.XA CN106792666A (en) | 2016-12-23 | 2016-12-23 | The method and device of network sensitive information in protection wireless network connection |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106792666A true CN106792666A (en) | 2017-05-31 |
Family
ID=58919911
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201611206870.XA Pending CN106792666A (en) | 2016-12-23 | 2016-12-23 | The method and device of network sensitive information in protection wireless network connection |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106792666A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109255245A (en) * | 2018-08-13 | 2019-01-22 | 海南新软软件有限公司 | A kind of local cryptographic key protection method, apparatus and system |
CN110708697A (en) * | 2019-09-26 | 2020-01-17 | 维沃移动通信有限公司 | Encryption method, terminal equipment and server |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104639503A (en) * | 2013-11-11 | 2015-05-20 | 国际商业机器公司 | Method, devices and system for protecting sensitive information |
CN105721144A (en) * | 2016-02-02 | 2016-06-29 | 广东欧珀移动通信有限公司 | Password storage method of wireless network access point and terminal |
-
2016
- 2016-12-23 CN CN201611206870.XA patent/CN106792666A/en active Pending
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104639503A (en) * | 2013-11-11 | 2015-05-20 | 国际商业机器公司 | Method, devices and system for protecting sensitive information |
CN105721144A (en) * | 2016-02-02 | 2016-06-29 | 广东欧珀移动通信有限公司 | Password storage method of wireless network access point and terminal |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109255245A (en) * | 2018-08-13 | 2019-01-22 | 海南新软软件有限公司 | A kind of local cryptographic key protection method, apparatus and system |
CN110708697A (en) * | 2019-09-26 | 2020-01-17 | 维沃移动通信有限公司 | Encryption method, terminal equipment and server |
CN110708697B (en) * | 2019-09-26 | 2022-11-18 | 维沃移动通信有限公司 | Encryption method, terminal equipment and server |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20240106809A1 (en) | Cryptographic systems and methods | |
A. Harris et al. | Mobile device security considerations for small-and medium-sized enterprise business mobility | |
Mujahid et al. | RCIA: A new ultralightweight RFID authentication protocol using recursive hash | |
CN105357191B (en) | The encryption method and device of user data | |
CN111033502A (en) | Authentication via blockchain using biometric data and irreversible functions | |
CN105812332A (en) | Data protection method | |
US9372987B1 (en) | Apparatus and method for masking a real user controlling synthetic identities | |
CN105101183B (en) | The method and system that privacy content on mobile terminal is protected | |
CN104468937A (en) | Data encryption and decryption methods and devices for mobile terminal and protection system | |
CN109587103A (en) | For executing the method, apparatus and cloud system of the application in cloud system | |
CN105975867A (en) | Data processing method | |
Arias-Cabarcos et al. | Comparing password management software: toward usable and secure enterprise authentication | |
CN103929312A (en) | Mobile terminal and method and system for protecting individual information of mobile terminal | |
US20140281549A1 (en) | Methods and apparatus for securing user input in a mobile device | |
CN107612915A (en) | The method and apparatus of the anti-password cracking of double secure forms based on checking code conversion | |
CN108449322A (en) | Identity registration, authentication method, system and relevant device | |
CN107835075A (en) | The processing method and processing device of local password | |
CN106792666A (en) | The method and device of network sensitive information in protection wireless network connection | |
Khalid et al. | Cryptanalysis of ultralightweight mutual authentication protocol for radio frequency identification enabled Internet of Things networks | |
Safkhani et al. | On the designing of a tamper resistant prescription rfid access control system | |
Thamilarasu et al. | A security framework for mobile health applications | |
Rajput et al. | Patient’s data privacy and security in mHealth applications: a Charles proxy-based recommendation | |
CN107135074A (en) | A kind of advanced security method and apparatus | |
CN105721144A (en) | Password storage method of wireless network access point and terminal | |
CN114036546A (en) | Identity verification method and device based on mobile phone number, computer equipment and medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170531 |