CN107579985B - Large file transmission protection method based on fragment encryption - Google Patents
Large file transmission protection method based on fragment encryption Download PDFInfo
- Publication number
- CN107579985B CN107579985B CN201710844911.6A CN201710844911A CN107579985B CN 107579985 B CN107579985 B CN 107579985B CN 201710844911 A CN201710844911 A CN 201710844911A CN 107579985 B CN107579985 B CN 107579985B
- Authority
- CN
- China
- Prior art keywords
- fragment
- encryption
- file
- result
- large file
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Storage Device Security (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention relates to the internet data transmission protection technology and aims to provide a large file transmission protection method based on fragment encryption. The large file transmission protection method based on fragment encryption comprises the following steps: carrying out fragment encryption operation before transmission, and protecting a large file; and after the transmission is finished, carrying out fragment decryption operation, and decrypting the large file for use. The invention not only carries out encryption protection in the transmission process, but also has the protection effect after receiving the file, and can be normally used only after being normally decrypted; meanwhile, encryption is not needed in the transmission process, and the transmission performance is also obviously improved.
Description
Technical Field
The invention relates to the technical field of internet data transmission protection, in particular to a large file transmission protection method based on fragment encryption.
Background
The large file transmission protection mainly comprises two aspects, one is protection of the transmission process, and the other is that the large file transmission protection cannot be normally used after being downloaded by an unknown person. For the two aspects, the current large file transmission protection technology mainly has channel-based protection, such as https protocol transmission and file-based protection, that is, transmission after complete encryption or shell adding is performed on a file. Both techniques suffer from significant drawbacks.
The encryption mode based on channel protection only protects the file from being stolen in the transmission process, but has no way to ensure whether the file is used by an unauthorized person after the transmission is finished. In addition, this method is equivalent to encrypting all the contents transmitted through the channel, and therefore inevitably affects the file transmission speed.
The file is protected based on a full-text encryption and shell adding mode, so that the safety of the file can be effectively protected, the file is transmitted and transmitted after the file is transmitted and transmitted, and the file does not need to be transmitted through an encryption channel. But as files are now larger and larger, especially some files may reach dozens of hundreds of GB, the full encryption processing is performed on the file. One is that the encryption time is long, and the other is that the file can be used only after being decrypted after being acquired, so that the processing is time-consuming for both the user and the content publisher.
Disclosure of Invention
The invention mainly aims to overcome the defects in the prior art and provide a large file transmission protection technology based on fragment encryption. In order to solve the technical problem, the solution of the invention is as follows:
the large file transmission protection method based on fragment encryption comprises the following steps:
step (1): the method comprises the following steps of carrying out fragment encryption operation before transmission and protecting a large file, and specifically comprises the following substeps:
step A: acquiring the file size of a large file, wherein bytes are taken as a statistical unit;
and B: according to the size of the file obtained in the step A, splitting the large file by a certain splitting unit (50,000,000 bytes are used as the splitting unit), and if the size of the last part of fragments is not enough than the size of the splitting unit, directly and independently forming one part of fragments to obtain the fragments formed by splitting the large file;
and C: according to the splitting result in the step B, calculating the position and the length of the split fragments of the splitting result, namely, obtaining a fragment position (randomly obtaining a position from 0 to 48,000,000 bytes) from the first fragment, and then randomly taking a value as the length of the fragment within the range of 1 to 2 percent of the length of the splitting unit; sequentially acquiring the fragment positions and the fragment lengths of all the fragments in the splitting result in the step B;
step D: c, extracting fragment data with corresponding positions and lengths from the large file according to the calculation result of the step C, and filling random data with the same length as the fragment data in the corresponding positions of the large file;
step E: d, splicing all the fragment data extracted in the step D together, and then carrying out encryption processing (adopting a DES encryption algorithm) to form a fragment encryption result;
step F: combining the fragment encryption result obtained in the step E with the large file which is obtained in the step D and filled with the random data to form a final result file;
step G: transmitting the final result file obtained in the step F;
step (2): after the transmission is finished, the fragment decryption operation is carried out, and the large file is decrypted for use, and the method specifically comprises the following substeps:
step H: acquiring a transmitted encrypted file;
step I: splitting the encrypted file obtained in the step H to obtain a fragment encryption result and a large file filled with random data;
step J: decrypting the fragment encryption result obtained in the step I to obtain the positions of all fragments and related fragment data;
step K: and D, according to the fragment data and the position obtained in the step J, carrying out reduction processing on the large file which is obtained in the step I and filled with the random data, wherein the reduction result is the required original file.
In the present invention, the method for splicing the fragment data in step E specifically includes the following steps:
step a: d, splicing all the fragment positions and corresponding information obtained in the step D in pairs according to the positions and the information, wherein the middle part is that the fragment positions and the corresponding information are used as separators to be separated, and obtaining fragment pairs of fragment positions and corresponding fragment information combinations; each fragment pair is a fragment pair character string of 'fragment position: fragment information';
step b: splicing all the spliced fragment pairs obtained in the step a, and separating the spliced fragment pairs by using the fragment position as a separator to obtain a fragment pair combined character string (namely, a result of 'fragment position: fragment information: fragment position: fragment information' is finally formed, wherein only three fragment pairs are exemplified here, and the real result is related to the number of the specific fragment pairs);
step c: and c, encrypting the combined character string of the fragments obtained in the step b (by adopting a DES encryption algorithm) to form fragment encryption results.
In the present invention, in the step F, the method for merging the fragment encryption result and the large file filled with the random data specifically includes the following steps:
step d: calculating the length of the fragment encryption result formed in the step E;
step e: saving the fragment encryption result length obtained in the step d by 64 bytes;
step f: splicing the 64-byte fragment encryption result length information generated in the step e to the tail part of the fragment encryption result to form a complete information block of the fragment encryption result;
step g: and f, splicing the complete information block of the fragment encryption result generated in the step f to the tail part of the large file filled with the random data to form a final result file.
In the present invention, in the step I, the method for splitting the encrypted file specifically includes: intercepting the last 64 bytes of the encrypted file to obtain the length of a fragment encryption result; and h, intercepting the fragment encryption result from the tail part of the encryption file of which the last 64 bytes are intercepted in the step h, wherein the residual file of which the fragment encryption result is intercepted is the large file which is filled with random data.
In the present invention, the step J is specifically realized by the following steps:
step h: c, decrypting the fragment encryption result by using the key which is the same as the encryption processing in the step c to obtain a decryption result;
step i: separating the decryption result according to the fragment position, the fragment information and the fragment pair;
step j: and (e) separating all the fragment pairs obtained in the step i according to the ":" in the fragment pairs, and splitting the fragment positions and the fragment information.
In the present invention, the step K is specifically realized by the following steps:
step k: according to the fragment positions obtained in the step J, finding corresponding fragment positions in the large file filled with random data;
step l: filling the fragment information corresponding to the fragment position into the fragment position found in the step k;
step m: repeating the step k and the step l until the same processing is carried out on all the fragment positions and the fragment information obtained in the step J;
step n: and (5) after the step m is completed, restoring the original large file.
Compared with the prior art, the invention has the beneficial effects that:
1. compared with a channel-based protection method, the method has the advantages that not only is encryption protection carried out in the transmission process, but also the protection effect is achieved after the file is received, and the method can be normally used only after the file is normally decrypted; meanwhile, encryption is not needed in the transmission process, and the transmission performance is also obviously improved.
2. Compared with the method for encrypting and enclosuring the full file, the method has the advantages that the time for encrypting before transmission and decrypting after receiving the file is obviously reduced, so that the method can be more efficiently used, and the time waste in the two processes is reduced.
Drawings
FIG. 1 is a flow diagram of fragmenting encryption of a large file prior to transmission.
Fig. 2 is a flow chart of fragment decryption of a file after receiving the file.
Detailed Description
The invention relates to a large file transmission protection technology, and is an application of a computer technology in the technical field of internet. In the implementation process of the invention, the application of a plurality of software functional modules is involved. The applicant believes that the skilled person will be fully enabled to implement the invention by applying his own software programming skills in conjunction with the prior art after perusal of the application documents and an accurate understanding of the principles of implementation and the objects of the invention, which are not listed again by the applicant whenever the application documents of the invention are referred to in this category.
The invention is described in further detail below with reference to the following detailed description and accompanying drawings:
a large file transmission protection method based on fragment encryption is characterized in that a fragment encryption operation is carried out before transmission to protect a large file, and a fragment decryption operation is carried out after transmission to decrypt the large file.
First, as shown in fig. 1, a file is fragmented and encrypted before transmission, specifically as follows:
step A: and acquiring the file size of the large file, wherein bytes are taken as a statistical unit.
And B: according to the file size obtained in the step A, the length of the file is equally divided by taking 50,000,000 bytes as a splitting unit, and if the last part is not equally divided, the file is directly and independently divided into one part.
And C: and C, according to the splitting result in the step B, calculating the fragment position and the fragment length of each splitting result. The positions of the fragments are obtained from the first part, a position is randomly obtained from bytes 0 to 48,000,000, and a fragment length is randomly obtained according to the range of 1% to 2% of the unit length. And C, sequentially acquiring all the splitting results of the step B, and performing the above calculation to acquire corresponding fragment positions and fragment lengths.
Step D: and C, extracting fragment data with corresponding positions and lengths from the large file according to the calculation result of C, and filling random data with the same length as the fragment data in the corresponding positions of the large file.
Step E: and D, performing DES encryption processing on the result obtained in the step D after all the fragments are spliced together to form a fragment encryption result.
The splicing method of the fragment information and the position specifically comprises the following steps:
step a: and D, splicing all the fragment positions and corresponding information obtained in the step D in pairs by using the positions and the information, and separating by using the position as a separator. Finally, each fragment pair forms a fragment pair string of "fragment location:: fragment information". The pair of fragments is a combination of fragment position and corresponding fragment information.
Step b: and c, splicing all the spliced fragment pairs obtained in the step a, and separating by taking the obtained result as a separator. The result of "fragment position:: fragment information:: fragment position:: fragment information" is finally formed, here only three are listed, the true result being related to the specific number of pairs of fragments.
Step c: and D, performing DES encryption on the combined character string of the fragments in the step b to form fragment encryption results.
Step F: and D, combining the fragment encryption result obtained by the processing in the step D with the large file filled with the random data to form a final result file. And D, replacing the fragment information of the corresponding fragment position with the random data in the step D.
The method for combining the fragment encryption result and the large file filled with the random data specifically comprises the following steps:
step d: the length of the fragmentation encryption result formed by step E is calculated.
Step e: and d, using 64 bytes to store the fragment encryption result length obtained in the step d.
Step f: and e, splicing the 64-byte fragment encryption result length information generated in the step e to the tail part of the fragment encryption result to form a fragment encryption result complete information block.
Step g: and f, splicing the complete information block of the fragment encryption result generated in the step f to the tail part of the large file filled with the random data to form a final result file.
Step G: and F, transmitting the file processed in the step F.
Then, as shown in fig. 2, fragment decryption is performed after the file is received, specifically as follows:
step H: and acquiring the transmitted encrypted file.
Step I: and D, splitting the encrypted file obtained in the step H, and obtaining a fragment encryption result and a large file filled with random data. The concrete implementation is as follows:
step h: the last 64 bytes are intercepted from the file retrieved in step H.
Step i: and h, acquiring the fragment encryption result length according to the 64 bytes acquired in the step h.
Step j: and according to the fragment encryption result length obtained in the step i, intercepting the fragment encryption result from the tail part of the file of which the last 64 bytes are intercepted in the step h.
Step k: and f, intercepting the fragment encryption result through the step j to obtain a large file filled with random data.
Step J: and D, decrypting the fragment encryption result obtained in the step I, and obtaining the positions of all fragments and related fragment data. The concrete implementation is as follows:
step l: and c, decrypting the fragment encryption result by using the same key as the DES encryption in the step c.
Step m: and (c) separating the decryption result of the step (l) in the formula (I) to form a fragment pair with a fragment position formula (fragment information) structure.
Step n: and c, separating and splitting all the fragment pairs in the step m into fragment positions and fragment information.
Step K: and D, restoring the large file which is filled with the random data and acquired in the step I according to the fragment data and the position acquired in the step J. The concrete implementation is as follows:
step o: and D, finding the corresponding fragment position in the large file filled with the random data according to the fragment position acquired in the step J.
Step p: the fragment location found in step o populates the location with corresponding fragment information.
Step q: and repeating the step o and the step p to perform the same processing on all the fragment positions and the fragment information acquired in the step J.
Step r: and (5) restoring the original large file after the step q is completed.
Step L: and the result of the reduction in the step K is the final original file.
Finally, it should be noted that the above-mentioned list is only a specific embodiment of the present invention. It is obvious that the present invention is not limited to the above embodiments, but many variations are possible. All modifications which can be derived or suggested by a person skilled in the art from the disclosure of the present invention are to be considered within the scope of the invention.
Claims (5)
1. A large file transmission protection method based on fragment encryption is characterized by comprising the following steps:
step (1): the method comprises the following steps of carrying out fragment encryption operation before transmission and protecting a large file, and specifically comprises the following substeps:
step A: acquiring the file size of a large file, wherein bytes are taken as a statistical unit;
and B: b, splitting the large file in a certain splitting unit according to the size of the file obtained in the step A, and if the size of the last part of the remaining fragments is not enough to the splitting unit, directly and independently forming a part of fragments to obtain the fragments formed by splitting the large file;
and C: according to the splitting result in the step B, calculating the position and the length of the split fragments of the splitting result, namely obtaining the position of one fragment from the first fragment, and randomly taking a value as the length of the fragment within the range of 1 to 2 percent of the length of the splitting unit; sequentially acquiring the fragment positions and the fragment lengths of all the fragments in the splitting result in the step B;
step D: c, extracting fragment data with corresponding positions and lengths from the large file according to the calculation result of the step C, and filling random data with the same length as the fragment data in the corresponding positions of the large file;
step E: d, splicing all the fragment data extracted in the step D together, and then carrying out encryption processing to form a fragment encryption result;
step F: combining the fragment encryption result obtained in the step E with the large file which is obtained in the step D and filled with the random data to form a final result file;
step G: transmitting the final result file obtained in the step F;
step (2): after the transmission is finished, the fragment decryption operation is carried out, and the large file is decrypted for use, and the method specifically comprises the following substeps:
step H: acquiring a transmitted encrypted file;
step I: splitting the encrypted file obtained in the step H to obtain a fragment encryption result and a large file filled with random data;
step J: decrypting the fragment encryption result obtained in the step I to obtain the positions of all fragments and related fragment data;
step K: according to the fragment data and the position obtained in the step J, carrying out reduction processing on the large file which is obtained in the step I and filled with the random data, wherein the reduction result is the required original file;
the method for splicing the fragment data in the step E specifically includes the following steps:
step a: d, splicing all the fragment positions and corresponding information obtained in the step D in pairs according to the positions and the information, wherein the middle part is that the fragment positions and the corresponding information are used as separators to be separated, and obtaining fragment pairs of fragment positions and corresponding fragment information combinations; each fragment pair is a fragment pair character string of 'fragment position: fragment information';
step b: splicing all the spliced fragment pairs obtained in the step a, and taking the result as a separator to separate to obtain a fragment pair combined character string;
step c: and c, encrypting the combined character string of the fragments obtained in the step b to form fragment encryption results.
2. The method for protecting transmission of a large file based on fragmented encryption according to claim 1, wherein in step F, the method for merging the fragmented encryption result with the large file filled with random data includes the following steps:
step d: calculating the length of the fragment encryption result formed in the step E;
step e: saving the fragment encryption result length obtained in the step d by 64 bytes;
step f: splicing the 64-byte fragment encryption result length information generated in the step e to the tail part of the fragment encryption result to form a complete information block of the fragment encryption result;
step g: and f, splicing the complete information block of the fragment encryption result generated in the step f to the tail part of the large file filled with the random data to form a final result file.
3. The method for protecting transmission of a large file based on fragmented encryption according to claim 2, wherein in step I, the method for splitting the encrypted file specifically includes: intercepting the last 64 bytes of the encrypted file to obtain the length of a fragment encryption result; and h, intercepting the fragment encryption result from the tail part of the encryption file of which the last 64 bytes are intercepted in the step h, wherein the residual file of which the fragment encryption result is intercepted is the large file which is filled with random data.
4. The method for protecting transmission of a large file based on fragmented encryption according to claim 3, wherein the step J is specifically realized by the following steps:
step h: c, decrypting the fragment encryption result by using the key which is the same as the encryption processing in the step c to obtain a decryption result;
step i: separating the decryption result according to the fragment position, the fragment information and the fragment pair;
step j: and (e) separating all the fragment pairs obtained in the step i according to the ":" in the fragment pairs, and splitting the fragment positions and the fragment information.
5. The method for protecting transmission of a large file based on fragmented encryption according to claim 4, wherein the step K is specifically realized by the following steps:
step k: according to the fragment positions obtained in the step J, finding corresponding fragment positions in the large file filled with random data;
step l: filling the fragment information corresponding to the fragment position into the fragment position found in the step k;
step m: repeating the step k and the step l until the same processing is carried out on all the fragment positions and the fragment information obtained in the step J;
step n: and (5) after the step m is completed, restoring the original large file.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710844911.6A CN107579985B (en) | 2017-09-19 | 2017-09-19 | Large file transmission protection method based on fragment encryption |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710844911.6A CN107579985B (en) | 2017-09-19 | 2017-09-19 | Large file transmission protection method based on fragment encryption |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107579985A CN107579985A (en) | 2018-01-12 |
| CN107579985B true CN107579985B (en) | 2020-04-28 |
Family
ID=61033401
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710844911.6A Active CN107579985B (en) | 2017-09-19 | 2017-09-19 | Large file transmission protection method based on fragment encryption |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107579985B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109858255A (en) * | 2018-12-19 | 2019-06-07 | 杭州安恒信息技术股份有限公司 | Data encryption storage method, device and realization device |
| CN109561323B (en) * | 2019-01-02 | 2021-11-12 | 武汉珈铭汉象教育科技有限公司 | MP4 file encryption and decryption method and device |
| CN113204775B (en) * | 2021-04-29 | 2021-12-14 | 北京连山科技股份有限公司 | Data security protection method and system |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102402670A (en) * | 2011-08-03 | 2012-04-04 | 广东欧珀移动通信有限公司 | File encryption and decryption method |
| CN102780556A (en) * | 2011-05-09 | 2012-11-14 | 北大方正集团有限公司 | Method and device for encrypting and decrypting digital content section by section |
| CN103346998A (en) * | 2013-05-18 | 2013-10-09 | 北京凯锐立德科技有限公司 | File breaking encryption-based file security protection method |
| CN103455764A (en) * | 2013-08-27 | 2013-12-18 | 无锡华御信息技术有限公司 | File segmentation and merging technology-based file encryption and decryption systems |
| CN104283854A (en) * | 2013-07-08 | 2015-01-14 | 北京思普崚技术有限公司 | IPsec based method for transmitting large data volume in VPN |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7894599B2 (en) * | 2006-12-04 | 2011-02-22 | International Business Machines Corporation | Enhanced data security with redundant inclusive data encryption segments |
-
2017
- 2017-09-19 CN CN201710844911.6A patent/CN107579985B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102780556A (en) * | 2011-05-09 | 2012-11-14 | 北大方正集团有限公司 | Method and device for encrypting and decrypting digital content section by section |
| CN102402670A (en) * | 2011-08-03 | 2012-04-04 | 广东欧珀移动通信有限公司 | File encryption and decryption method |
| CN103346998A (en) * | 2013-05-18 | 2013-10-09 | 北京凯锐立德科技有限公司 | File breaking encryption-based file security protection method |
| CN104283854A (en) * | 2013-07-08 | 2015-01-14 | 北京思普崚技术有限公司 | IPsec based method for transmitting large data volume in VPN |
| CN103455764A (en) * | 2013-08-27 | 2013-12-18 | 无锡华御信息技术有限公司 | File segmentation and merging technology-based file encryption and decryption systems |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107579985A (en) | 2018-01-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108664223B (en) | Distributed storage method and device, computer equipment and storage medium | |
| CN105760765B (en) | Data ciphering method, device and data decryption method, device | |
| US11335213B2 (en) | Method and apparatus for encrypting data, method and apparatus for decrypting data | |
| JP5866460B2 (en) | Method and apparatus for packing / unpacking files | |
| CN106203128B (en) | Webpage data encryption and decryption method, device and system | |
| CN107579985B (en) | Large file transmission protection method based on fragment encryption | |
| CN107612683B (en) | Encryption and decryption method, device, system, equipment and storage medium | |
| CN106817358B (en) | Encryption and decryption method and device for user resources | |
| CN109005027B (en) | Random data encryption and decryption method, device and system | |
| CN110266682B (en) | Data encryption method and device, mobile terminal and decryption method | |
| CN108075888B (en) | Dynamic URL generation method and device, storage medium and electronic equipment | |
| CN105187389A (en) | Webpage access method and system based on digital mixed encryption | |
| CN108431819B (en) | Method and system for protecting client access to service of DRM agent of video player | |
| CN109039997B (en) | Secret key obtaining method, device and system | |
| CN114205142A (en) | Data transmission method and device, electronic equipment and storage medium | |
| US8862893B2 (en) | Techniques for performing symmetric cryptography | |
| JPWO2015166701A1 (en) | ENCRYPTION METHOD, PROGRAM, AND SYSTEM | |
| KR20110101317A (en) | Method and device for cipher-deciphering data automatically | |
| CN109656600B (en) | Vehicle-mounted software upgrading method, system, device and medium | |
| CN113378211B (en) | Method and apparatus for protecting data | |
| CN104866740A (en) | Static analysis preventing method and device for files | |
| KR101224956B1 (en) | Method and device for cipher-deciphering data automatically | |
| CN113452508A (en) | Data encryption method, device, equipment and computer readable storage medium | |
| CN113810363B (en) | Message encryption and decryption method and electronic equipment | |
| CN113742759B (en) | Data encryption method and device for financial accounting system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Address after: 310051 No. 188 Lianhui Street, Xixing Street, Binjiang District, Hangzhou City, Zhejiang Province Applicant after: Dbappsecurity Co.,Ltd. Address before: Zhejiang Zhongcai Building No. 68 Binjiang District road Hangzhou City, Zhejiang Province, the 310051 and 15 layer Applicant before: DBAPPSECURITY Co.,Ltd. |
|
| CB02 | Change of applicant information | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20221018 Address after: Room 3201, Floor 32, Building A2, Mingyu Financial Plaza, Jingyue Development Zone, Changchun City, 130000 Jilin Province Patentee after: Jilin Dongshuanheng Technology Co.,Ltd. Address before: No. 188, Lianhui street, Xixing street, Binjiang District, Hangzhou City, Zhejiang Province Patentee before: Dbappsecurity Co.,Ltd. |
|
| TR01 | Transfer of patent right |