CN112966284A - File encryption and decryption method and system and computer readable storage medium - Google Patents
File encryption and decryption method and system and computer readable storage medium Download PDFInfo
- Publication number
- CN112966284A CN112966284A CN202110323101.2A CN202110323101A CN112966284A CN 112966284 A CN112966284 A CN 112966284A CN 202110323101 A CN202110323101 A CN 202110323101A CN 112966284 A CN112966284 A CN 112966284A
- Authority
- CN
- China
- Prior art keywords
- file
- encrypted
- encryption
- decryption
- environmental characteristics
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 29
- 230000007613 environmental effect Effects 0.000 claims abstract description 89
- 230000009471 action Effects 0.000 abstract description 3
- 238000010586 diagram Methods 0.000 description 8
- 238000001914 filtration Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 4
- 230000008569 process Effects 0.000 description 4
- 238000012216 screening Methods 0.000 description 4
- 238000004364 calculation method Methods 0.000 description 2
- 101100217298 Mus musculus Aspm gene Proteins 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000001939 inductive effect Effects 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a file encryption and decryption method, a file encryption and decryption system and a computer readable storage medium. The method comprises the following steps: the encryption method comprises the steps that an encryption party collects environmental characteristics of a decryption party and encrypts a file based on the environmental characteristics of the decryption party; the encryptor sends the encrypted file to the decryptor; and the decrypter acquires the own environmental characteristics and decrypts the encrypted file based on the acquired environmental characteristics. After the embodiment of the invention is adopted, when the user operates, no additional key is input to execute the action of decryption and encryption, and the user experience is the same as that of operating a non-encryption system.
Description
Technical Field
The invention belongs to the technical field of information security, and particularly relates to a file encryption and decryption method, a file encryption and decryption system and a computer readable storage medium.
Background
The basic process of data encryption is to process the original plain text file or data according to a certain algorithm to make it become an unreadable segment of code as "ciphertext", so that it can only display the original content after inputting the corresponding key, and the purpose of protecting the data from being stolen and read by the illegal person is achieved through such a way. The reverse of this process is decryption, i.e., the process of converting the encoded information into its original data.
Encryption techniques generally fall into two broad categories: "symmetrical" and "asymmetrical". Symmetric encryption uses the same Key, commonly referred to as a "Session Key," for encryption and decryption. This encryption technique is widely used today. Asymmetric encryption is that encryption and decryption use different keys, and usually there are two keys, called "public key" and "private key", which must be used in pair, otherwise the encrypted file cannot be opened. The public key is published to the outside, and the private key cannot be known only by the holder.
However, in the prior art, after the decryptor acquires the encrypted file from the encryptor, the decryptor needs to actively provide the key to perform decryption, which results in complicated decryption operation of the decryptor.
Disclosure of Invention
In view of the shortcomings of the prior art, the present invention provides a file encryption and decryption method, system and computer readable storage medium.
The technical scheme of the embodiment of the invention is as follows:
a file encryption and decryption method comprises the following steps:
the encryption method comprises the steps that an encryption party collects environmental characteristics of a decryption party and encrypts a file based on the environmental characteristics of the decryption party;
the encryptor sends the encrypted file to the decryptor;
and the decrypter acquires the own environmental characteristics and decrypts the encrypted file based on the acquired environmental characteristics.
In one embodiment, the encrypting the file based on the environmental characteristic of the decrypter comprises:
replacing the file header of the file with an encrypted file header containing an encrypted file identifier;
encrypting the data content of the file by taking the environmental characteristics of the decryptor as a key;
combining the encrypted file header and the encrypted data content to form an encrypted file.
In one embodiment, the environmental characteristic includes at least one of: a motherboard serial number; displaying the serial number of the card; a disk serial number; an operating system version; MD5 value of the application that is permitted to perform the decryption operation.
In one embodiment, the encrypting the data content of the file by using the environmental characteristic of the decrypter as a key comprises at least one of the following:
encrypting the data content of the file by taking the hash value in the environmental characteristic as a key;
and encrypting the data content of the file by taking the respective hash values in the plurality of items of the environment characteristics as keys.
In one embodiment, further comprising:
setting a permission time interval in the encrypted file header;
the decrypting party decrypts the encrypted file based on the collected environmental characteristics, including:
and when the decryptor analyzes that the encrypted file header of the encrypted file contains an encrypted file identifier, extracting the permission time length, and when the current time is determined to be in the permission time interval, decrypting the encrypted file by taking the acquired environmental characteristics as a key.
A file encryption and decryption system comprising:
the encryption party is used for collecting the environmental characteristics of the decryption party and encrypting the file based on the environmental characteristics of the decryption party; sending the encrypted file to the decrypter;
and the decryption party is used for acquiring the own environmental characteristics and decrypting the encrypted file based on the acquired environmental characteristics.
In one embodiment, the encryption party is configured to replace a header of the file with an encrypted header containing an encrypted file identifier; encrypting the data content of the file by taking the environmental characteristics of the decryptor as a key; combining the encrypted file header and the encrypted data content to form an encrypted file.
In one embodiment, the environmental characteristic includes at least one of: a motherboard serial number; displaying the serial number of the card; a disk serial number; an operating system version; MD5 value of the application that is permitted to perform the decryption operation;
the encryption party is used for encrypting the data content of the file by taking the hash value in the environmental characteristic as a key; or the data content of the file is encrypted by taking the respective hash values in the plurality of items of the environment characteristics as keys.
In one embodiment, the encryptor is further configured to set a permitted time interval in the encrypted file header; and the decryptor is further configured to extract the permission time length when the decryptor analyzes that the encrypted file header of the encrypted file contains the encrypted file identifier, and decrypt the encrypted file by using the acquired environmental characteristics as a key when the current time is determined to be in the permission time interval.
A computer readable storage medium having stored therein computer readable instructions for executing the file encryption and decryption method according to any one of the above.
As can be seen from the above technical solutions, in the embodiment of the present invention, an encrypting party collects the environmental characteristics of a decrypting party, and encrypts a file based on the environmental characteristics of the decrypting party; the encryptor sends the encrypted file to the decryptor; and the decrypter acquires the own environmental characteristics and decrypts the encrypted file based on the acquired environmental characteristics. After the embodiment of the invention is adopted, when the user operates, no additional key is input to execute the action of decryption and encryption, and the user experience is the same as that of operating a non-encryption system.
Drawings
Fig. 1 is an exemplary flowchart of a file encryption and decryption method according to an embodiment of the present invention.
Fig. 2 is an exemplary diagram of a file structure according to an embodiment of the present invention.
Fig. 3 is an exemplary diagram of an encrypted file structure according to an embodiment of the present invention.
Fig. 4 is an exemplary diagram of an encrypted file header according to an embodiment of the present invention.
Fig. 5 is a block diagram of a file encryption/decryption system according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail with reference to the accompanying drawings.
For simplicity and clarity of description, the invention will be described below by describing several representative embodiments. Numerous details of the embodiments are set forth to provide an understanding of the principles of the invention. It will be apparent, however, that the invention may be practiced without these specific details. Some embodiments are not described in detail, but rather are merely provided as frameworks, in order to avoid unnecessarily obscuring aspects of the invention. Hereinafter, "including" means "including but not limited to", "according to … …" means "at least according to … …, but not limited to … … only". In view of the language convention of chinese, the following description, when it does not specifically state the number of a component, means that the component may be one or more, or may be understood as at least one.
The embodiment of the invention provides a technical scheme for encrypting and decrypting files. Embodiments of the present invention relate to an encryptor (e.g., implemented at a server side) and a decryptor (e.g., implemented at a client side).
Specifically, the encryptor generally includes:
(1) the first storage module is used for storing unencrypted files (such as multimedia files, text files, database files, address book files and the like);
(2) and the characteristic recording module: the system comprises a client, a feature collection module and a database, wherein the client is used for recording the environmental features of the client from the feature collection module of the client;
(3) and an encryption module: aiming at each unencrypted file which needs to be sent to each client, respectively adopting the environmental characteristics of the client as a secret key to encrypt;
(4) and the second storage module is used for storing the encrypted files aiming at different clients, so that the encrypted files of each client can be conveniently distributed to the corresponding client.
The decryptor typically includes:
(1) the characteristic acquisition module is used for collecting the environmental characteristics of the decryptor, wherein the environmental characteristics comprise a mainboard serial number, a display card serial number, a disk serial number, an operating system version, an application program MD5 value which permits to execute decryption and encryption operations, and the like, storing the environmental characteristics locally and sending the environmental characteristics to the encryptor;
(2) the decryption and encryption execution module: the system comprises a screening and filtering submodule and a decryption and encryption operation submodule; the screening and filtering submodule resides in the operating system and is used for screening and filtering reading and writing of all files, when an encrypted file header is not found in a current file so as to judge that the current file is a non-encrypted data file, normal reading and writing operation is allowed to be carried out on the current file, and when an encrypted file header is found in the current file so as to judge that the current file is an encrypted data file, the encrypted data file is handed to the decryption and encryption operating submodule; and the decryption and encryption operation submodule is used for decrypting the encrypted file based on the environmental characteristics of the decryption party.
Specifically, on the encryption side: and reading the normal file into the memory, replacing the normal file header with the encrypted file header, wherein the encrypted file header not only serves as an encrypted file identifier, but also records the allowable time length. And then, carrying out encryption calculation on the collected environmental characteristics of the decryption party as a secret key and normal file data to obtain ciphertext data, and storing the ciphertext data to obtain an encrypted file.
On the decryption side: the screening and filtering module is used for reading the hardware characteristics of the current environment after finding the data file which is being opened and carrying the encrypted file identification; and the application MD5 value that opened the data file, forming a decryption key. And after the permission time length loaded in the encrypted file is judged to be in accordance, the decryption calculation is carried out by utilizing the key and the encrypted file, and the decrypted data is obtained and stored in the memory to be called by the application program for opening the data file.
Fig. 1 is an exemplary flowchart of a file encryption and decryption method according to an embodiment of the present invention.
As shown in fig. 1, the method includes:
step 101: the encrypting party collects the environmental characteristics of the decrypting party and encrypts the file based on the environmental characteristics of the decrypting party.
In one embodiment, the environmental characteristic includes at least one of: a motherboard serial number; displaying the serial number of the card; a disk serial number; an operating system version; MD5 value of the application that is permitted to perform the decryption operation.
Specifically, the decryptor collects its own environmental characteristics, stores the environmental characteristics locally, and transmits the environmental characteristics to the encryptor.
When the number of the decryptors is multiple, each decryptor respectively collects the own environmental characteristics and sends the respective environmental characteristics to the encryptor. The encryption method adopts the environmental characteristics of the client as a key to encrypt the unencrypted files to be sent to each client, so that the encrypted files of each client can be conveniently distributed to the corresponding client.
The above exemplary descriptions are exemplary of exemplary environmental features of the decryptor, and those skilled in the art will appreciate that such descriptions are merely exemplary and are not intended to limit the scope of the embodiments of the present invention.
In one embodiment, encrypting the file based on the environmental characteristics of the decryptor includes: replacing the file header of the file with an encrypted file header containing an encrypted file identifier; encrypting the data content of the file by taking the environmental characteristics of the decryptor as a key; combining the encrypted file header and the encrypted data content to form an encrypted file.
When the data content of the file is encrypted by using the environmental characteristics of the decryption party as a key, the encryption algorithm specifically adopted may be implemented in various ways, for example, may be implemented as a symmetric encryption algorithm or an asymmetric encryption algorithm.
When the symmetric encryption algorithm is implemented, the environment characteristics are used as a unique key to encrypt the data content of the file, and the environment characteristics are used as a unique key to decrypt the data content of the file at a decryption side. When implemented as an asymmetric encryption algorithm, the data content of the file is encrypted using the environment feature as a private key (private key) together with a public key (public key), and decrypted at the decrypting side using the environment feature and the public key.
Specifically, the encryption algorithm may be implemented as the MD5 algorithm, the SHA1 algorithm, the HMAC algorithm, the AES/DES/3DES algorithm, the 3DES algorithm, or the AES algorithm, among others.
Step 102: the encryptor sends the encrypted file to the decryptor.
Step 103: and the decrypter acquires the own environmental characteristics and decrypts the encrypted file based on the acquired environmental characteristics.
The invention can be widely applied to transparent and non-inductive encryption of various data files, under the normal condition, the decryption encryption execution sub-module is executed in the operating system in a form of a file filter driver under the operating system in a very high system authority to filter the read and write of all data files, when the decryption side executes the non-encrypted files, the user experience is consistent with that of a normal non-encrypted system, and when the encrypted files are opened, the decryption encryption operation is executed according to the encryption condition, so that the user does not additionally input a secret key to decrypt and encrypt and can make the operation consistent with that of the non-encrypted system. The method and the device ensure that the operation feeling is consistent when the user uses the non-encrypted data file and the encrypted data file in a mixed mode, and ensure the safety of the data file and limit the unauthorized use of all the encrypted data files when the user does not need to carry out active decryption/encryption actions. And supports personalized encryption and decryption for different clients.
In one embodiment, the data content of the file is encrypted by taking a hash value in one item of environmental characteristics as a key; or, the data content of the file is encrypted by taking the respective hash values in the plurality of items of the environment characteristics as keys.
More preferably, when the data content of the file is encrypted using the respective hash values of the plurality of items of the environmental characteristics as keys: and further calculating the weighted average value of the hash values in the environmental characteristics based on the preset environmental characteristic weight, and encrypting the data content of the file by using the weighted average value.
For example, it is assumed that the environmental characteristics of the decryptor acquired by the encryptor include: feature 1, feature 2, feature 3 …, feature n. The encryption side sets respective weights for feature 1, feature 2, and feature 3 …, feature n, assuming that the weight of feature 1 is m1, the weight of feature 2 is m2, and the weight of feature 3 is m3 …, feature n is mn, where m1, m2, m3, until the sum of mn is one. The encryption side firstly calculates the respective hash values of the feature 1, the feature 2 and the feature 3 …, and then calculates the weighted average value k of the respective hash values of the feature 1, the feature 2 and the feature 3 … based on the respective weights of the feature 1, the feature 2 and the feature 3 …. The encryptor encrypts the data content of the file with the weighted average k. The encryptor also carries the respective weights of feature 1, feature 2, feature 3 …, feature n (i.e. m1, m2, m3, up to mn) in the encrypted file header and sends the encrypted file containing the encrypted file header and the encrypted data content to the decryptor.
The decryptor can obtain the respective weights of the environmental characteristics of the decryptor by analyzing the encrypted file header. Then, the decryption party acquires the own environmental characteristics, calculates respective hash values of the own environmental characteristics, calculates weighted average values of the respective hash values based on respective weights of the acquired environmental characteristics of the decryption party, and decrypts the data content of the file based on the weighted average values.
In one embodiment, a permission time interval is set in the encrypted file header; the decrypting party decrypts the encrypted file based on the collected environmental characteristics, including: and when the decryptor analyzes that the encrypted file header of the encrypted file contains an encrypted file identifier, extracting the permission time length, and when the current time is determined to be in the permission time interval, decrypting the encrypted file by taking the acquired environmental characteristics as a key.
Fig. 2 is an exemplary diagram of a file structure according to an embodiment of the present invention. As can be seen from fig. 2, the unencrypted file includes a header and data content.
Fig. 3 is an exemplary diagram of an encrypted file structure according to an embodiment of the present invention.
As can be seen from fig. 3, the encrypted file includes an encrypted file header and encrypted data content after performing an encryption operation on the data content of fig. 2. The encrypted file header comprises an encrypted file identifier for representing the encrypted file.
After the decryptor receives the file from the client, when the file header is judged not to contain the encrypted file identifier, the file can be determined not to be the encrypted file, so that normal read-write operation is allowed to be carried out on the current file. When the file header is judged to contain the encrypted file identification, the file is determined to be an encrypted file, and the encrypted data content is decrypted based on the environmental characteristics of the decryption party.
Fig. 4 is an exemplary diagram of an encrypted file header according to an embodiment of the present invention.
In fig. 4, the weights of the respective environment characteristics are further carried in the encrypted file header, thereby facilitating the subsequent decryption operation. Preferably, in the weight field of the feature 1, the identifier of the feature 1 and the weight of the feature 1 are respectively included in a left-to-right order, so that the decrypter determines that the subsequent weight corresponds to the feature 1 based on the identifier read in a left-to-right reading order; in the weight field of the feature 2, the identifier of the feature 2 and the weight of the feature 2 are respectively contained in the left-to-right sequence, so that the decryptor can conveniently determine that the subsequent weight corresponds to the feature 2 based on the identifier read in the left-to-right reading sequence; in the weight field of the feature 3, the identifier of the feature 3 and the weight of the feature 3 are respectively contained in the left-to-right sequence, so that the decryptor can conveniently determine that the subsequent weight corresponds to the feature 3 based on the identifier read in the left-to-right reading sequence; … … contain the identification of feature n and the weight of feature n, respectively, in left-to-right order in the weight field of feature n, thereby facilitating the decrypter to determine that subsequent weights correspond to feature n based on the identification read in left-to-right reading order.
Fig. 5 is a block diagram of a file encryption/decryption system according to an embodiment of the present invention.
As shown in fig. 5, the file encryption and decryption system includes:
the encryption party is used for collecting the environmental characteristics of the decryption party and encrypting the file based on the environmental characteristics of the decryption party; sending the encrypted file to the decrypter;
and the decryption party is used for acquiring the own environmental characteristics and decrypting the encrypted file based on the acquired environmental characteristics.
In one embodiment, the encryption party is configured to replace a header of the file with an encrypted header containing an encrypted file identifier; encrypting the data content of the file by taking the environmental characteristics of the decryptor as a key; combining the encrypted file header and the encrypted data content to form an encrypted file.
In one embodiment, the environmental characteristic includes at least one of: a motherboard serial number; displaying the serial number of the card; a disk serial number; an operating system version; MD5 value of the application that is permitted to perform the decryption operation; the encryption party is used for encrypting the data content of the file by taking the hash value in the environmental characteristic as a key; or the data content of the file is encrypted by taking the respective hash values in the plurality of items of the environment characteristics as keys.
In one embodiment, the encryptor is further configured to set a permitted time interval in the encrypted file header; and the decryptor is further configured to extract the permission time length when the decryptor analyzes that the encrypted file header of the encrypted file contains the encrypted file identifier, and decrypt the encrypted file by using the acquired environmental characteristics as a key when the current time is determined to be in the permission time interval.
It should be noted that not all steps and modules in the above flows and structures are necessary, and some steps or modules may be omitted according to actual needs. The execution order of the steps is not fixed and can be adjusted as required. The division of each module is only for convenience of describing adopted functional division, and in actual implementation, one module may be divided into multiple modules, and the functions of multiple modules may also be implemented by the same module, and these modules may be located in the same device or in different devices.
The hardware modules in the various embodiments may be implemented mechanically or electronically. For example, a hardware module may include a specially designed permanent circuit or logic device (e.g., a special purpose processor such as an FPGA or ASIC) for performing specific operations. A hardware module may also include programmable logic devices or circuits (e.g., including a general-purpose processor or other programmable processor) that are temporarily configured by software to perform certain operations. The implementation of the hardware module in a mechanical manner, or in a dedicated permanent circuit, or in a temporarily configured circuit (e.g., configured by software), may be determined based on cost and time considerations.
The present invention also provides a machine-readable storage medium storing instructions for causing a machine to perform a method as described herein. Specifically, a system or an apparatus equipped with a storage medium on which a software program code that realizes the functions of any of the embodiments described above is stored may be provided, and a computer (or a CPU or MPU) of the system or the apparatus is caused to read out and execute the program code stored in the storage medium. Further, part or all of the actual operations may be performed by an operating system or the like operating on the computer by instructions based on the program code. The functions of any of the above-described embodiments may also be implemented by writing the program code read out from the storage medium to a memory provided in an expansion board inserted into the computer or to a memory provided in an expansion unit connected to the computer, and then causing a CPU or the like mounted on the expansion board or the expansion unit to perform part or all of the actual operations based on the instructions of the program code. Examples of the storage medium for supplying the program code include floppy disks, hard disks, magneto-optical disks, optical disks (e.g., CD-ROMs, CD-R, CD-RWs, DVD-ROMs, DVD-RAMs, DVD-RWs, DVD + RWs), magnetic tapes, nonvolatile memory cards, and ROMs. Alternatively, the program code may be downloaded from a server computer or the cloud by a communication network.
"exemplary" means "serving as an example, instance, or illustration" herein, and any illustration, embodiment, or steps described as "exemplary" herein should not be construed as a preferred or advantageous alternative. For the sake of simplicity, the drawings are only schematic representations of the parts relevant to the invention, and do not represent the actual structure of the product. In addition, in order to make the drawings concise and understandable, components having the same structure or function in some of the drawings are only schematically illustrated or only labeled. In this document, "a" does not mean that the number of the relevant portions of the present invention is limited to "only one", and "a" does not mean that the number of the relevant portions of the present invention "more than one" is excluded. In this document, "upper", "lower", "front", "rear", "left", "right", "inner", "outer", and the like are used only to indicate relative positional relationships between relevant portions, and do not limit absolute positions of the relevant portions.
The above description is only a preferred embodiment of the present invention, and is not intended to limit the scope of the present invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (10)
1. A file encryption and decryption method is characterized by comprising the following steps:
the encryption method comprises the steps that an encryption party collects environmental characteristics of a decryption party and encrypts a file based on the environmental characteristics of the decryption party;
the encryptor sends the encrypted file to the decryptor;
and the decrypter acquires the own environmental characteristics and decrypts the encrypted file based on the acquired environmental characteristics.
2. The method for encrypting and decrypting the file according to claim 1, wherein the encrypting the file based on the environmental characteristics of the decrypting party includes:
replacing the file header of the file with an encrypted file header containing an encrypted file identifier;
encrypting the data content of the file by taking the environmental characteristics of the decryptor as a key;
combining the encrypted file header and the encrypted data content to form an encrypted file.
3. The file encryption and decryption method according to claim 2,
the environmental characteristic includes at least one of: a motherboard serial number; displaying the serial number of the card; a disk serial number; an operating system version; MD5 value of the application that is permitted to perform the decryption operation.
4. The file encryption and decryption method according to claim 3,
the encrypting the data content of the file by using the environmental characteristics of the decrypter as a key comprises at least one of the following:
encrypting the data content of the file by taking the hash value in the environmental characteristic as a key;
and encrypting the data content of the file by taking the respective hash values in the plurality of items of the environment characteristics as keys.
5. The file encryption and decryption method according to claim 2, further comprising:
setting a permission time interval in the encrypted file header;
the decrypting party decrypts the encrypted file based on the collected environmental characteristics, including:
and when the decryptor analyzes that the encrypted file header of the encrypted file contains an encrypted file identifier, extracting the permission time length, and when the current time is determined to be in the permission time interval, decrypting the encrypted file by taking the acquired environmental characteristics as a key.
6. A file encryption/decryption system, comprising:
the encryption party is used for collecting the environmental characteristics of the decryption party and encrypting the file based on the environmental characteristics of the decryption party; sending the encrypted file to the decrypter;
and the decryption party is used for acquiring the own environmental characteristics and decrypting the encrypted file based on the acquired environmental characteristics.
7. The file encryption/decryption system according to claim 6,
the encryption party is used for replacing the file header of the file with an encrypted file header containing an encrypted file identifier; encrypting the data content of the file by taking the environmental characteristics of the decryptor as a key; combining the encrypted file header and the encrypted data content to form an encrypted file.
8. The file encryption/decryption system according to claim 6,
the environmental characteristic includes at least one of: a motherboard serial number; displaying the serial number of the card; a disk serial number; an operating system version; MD5 value of the application that is permitted to perform the decryption operation;
the encryption party is used for encrypting the data content of the file by taking the hash value in the environmental characteristic as a key; or the data content of the file is encrypted by taking the respective hash values in the plurality of items of the environment characteristics as keys.
9. The file encryption/decryption system according to claim 6,
the encryptor is also used for setting an allowable time interval in the encrypted file header;
and the decryptor is further configured to extract the permission time length when the decryptor analyzes that the encrypted file header of the encrypted file contains the encrypted file identifier, and decrypt the encrypted file by using the acquired environmental characteristics as a key when the current time is determined to be in the permission time interval.
10. A computer-readable storage medium having stored therein computer-readable instructions for executing the file encryption/decryption method according to any one of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110323101.2A CN112966284A (en) | 2021-03-26 | 2021-03-26 | File encryption and decryption method and system and computer readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110323101.2A CN112966284A (en) | 2021-03-26 | 2021-03-26 | File encryption and decryption method and system and computer readable storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112966284A true CN112966284A (en) | 2021-06-15 |
Family
ID=76278525
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110323101.2A Pending CN112966284A (en) | 2021-03-26 | 2021-03-26 | File encryption and decryption method and system and computer readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112966284A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113792319A (en) * | 2021-09-18 | 2021-12-14 | 深圳须弥云图空间科技有限公司 | File encryption method and device, storage medium and electronic equipment |
| CN114785591A (en) * | 2022-04-21 | 2022-07-22 | 冯小龙 | Encrypted information management system based on big data |
Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101034424A (en) * | 2007-01-12 | 2007-09-12 | 深圳兆日技术有限公司 | Date safety storing system, device and method |
| CN101977190A (en) * | 2010-10-25 | 2011-02-16 | 北京中科联众科技有限公司 | Digital content encryption transmission method and server side |
| CN102075544A (en) * | 2011-02-18 | 2011-05-25 | 博视联(苏州)信息科技有限公司 | Encryption system, encryption method and decryption method for local area network shared file |
| US20130254537A1 (en) * | 2012-03-26 | 2013-09-26 | Symantec Corporation | Systems and methods for secure third-party data storage |
| CN103902922A (en) * | 2013-10-24 | 2014-07-02 | 哈尔滨安天科技股份有限公司 | Method and system for preventing file from being stolen |
| CN104732159A (en) * | 2013-12-24 | 2015-06-24 | 北京慧眼智行科技有限公司 | File processing method and file processing device |
| CN106209896A (en) * | 2016-07-29 | 2016-12-07 | 网宿科技股份有限公司 | Streaming media encryption method based on audio frequency and video form and module |
| CN107659632A (en) * | 2017-09-19 | 2018-02-02 | 咪咕数字传媒有限公司 | A kind of file encryption-decryption method, device and computer-readable recording medium |
| CN109409115A (en) * | 2018-11-07 | 2019-03-01 | 金蝶软件(中国)有限公司 | A kind of encryption and decryption method and relevant apparatus |
| CN110611830A (en) * | 2019-09-29 | 2019-12-24 | 腾讯科技(深圳)有限公司 | Video processing method, device, equipment and medium |
| CN112118088A (en) * | 2020-09-09 | 2020-12-22 | 燕山大学 | File encryption method and device based on MD5, AES and DH algorithms and storage medium |
-
2021
- 2021-03-26 CN CN202110323101.2A patent/CN112966284A/en active Pending
Patent Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101034424A (en) * | 2007-01-12 | 2007-09-12 | 深圳兆日技术有限公司 | Date safety storing system, device and method |
| CN101977190A (en) * | 2010-10-25 | 2011-02-16 | 北京中科联众科技有限公司 | Digital content encryption transmission method and server side |
| CN102075544A (en) * | 2011-02-18 | 2011-05-25 | 博视联(苏州)信息科技有限公司 | Encryption system, encryption method and decryption method for local area network shared file |
| US20130254537A1 (en) * | 2012-03-26 | 2013-09-26 | Symantec Corporation | Systems and methods for secure third-party data storage |
| CN103902922A (en) * | 2013-10-24 | 2014-07-02 | 哈尔滨安天科技股份有限公司 | Method and system for preventing file from being stolen |
| CN104732159A (en) * | 2013-12-24 | 2015-06-24 | 北京慧眼智行科技有限公司 | File processing method and file processing device |
| CN106209896A (en) * | 2016-07-29 | 2016-12-07 | 网宿科技股份有限公司 | Streaming media encryption method based on audio frequency and video form and module |
| CN107659632A (en) * | 2017-09-19 | 2018-02-02 | 咪咕数字传媒有限公司 | A kind of file encryption-decryption method, device and computer-readable recording medium |
| CN109409115A (en) * | 2018-11-07 | 2019-03-01 | 金蝶软件(中国)有限公司 | A kind of encryption and decryption method and relevant apparatus |
| CN110611830A (en) * | 2019-09-29 | 2019-12-24 | 腾讯科技(深圳)有限公司 | Video processing method, device, equipment and medium |
| CN112118088A (en) * | 2020-09-09 | 2020-12-22 | 燕山大学 | File encryption method and device based on MD5, AES and DH algorithms and storage medium |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113792319A (en) * | 2021-09-18 | 2021-12-14 | 深圳须弥云图空间科技有限公司 | File encryption method and device, storage medium and electronic equipment |
| CN114785591A (en) * | 2022-04-21 | 2022-07-22 | 冯小龙 | Encrypted information management system based on big data |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9240883B2 (en) | Multi-key cryptography for encrypting file system acceleration | |
| KR20210061426A (en) | Double-encrypted secret portion allowing assembly of the secret using a subset of the double-encrypted secret portion | |
| CN110855430B (en) | Computing system and method for managing a secure object store in a computing system | |
| CN112966284A (en) | File encryption and decryption method and system and computer readable storage medium | |
| JP2009103774A (en) | Secret sharing system | |
| KR20080025121A (en) | Generating a secret key from an asymmetric private key | |
| CN111404953A (en) | Message encryption method, message decryption method, related devices and related systems | |
| CN102780556A (en) | Method and device for encrypting and decrypting digital content section by section | |
| Belenko et al. | “Secure Password Managers” and “Military-Grade Encryption” on Smartphones: Oh, Really? | |
| WO2012053886A1 (en) | A method and system for file encryption and decryption in a server | |
| US20210248245A1 (en) | Calculation device, calculation method, calculation program and calculation system | |
| EP0891053B1 (en) | Key recovery condition encryption and decryption apparatuses | |
| CN108540486A (en) | The generation of cloud key and application method | |
| WO2007066039A3 (en) | Recovery of obsolete decryption keys | |
| CN105743906A (en) | Picture file encryption and decryption method and system based on content-associated secret key | |
| CN109787747B (en) | Anti-quantum-computation multi-encryption cloud storage method and system based on multiple asymmetric key pools | |
| CN106471510B (en) | Compound document access | |
| CN112528309A (en) | Data storage encryption and decryption method and device | |
| CN114756887A (en) | Method and device for encrypting and storing sensitive information block in file | |
| JPH10271104A (en) | Ciphering method and decipherinc method | |
| CN107276961A (en) | A kind of method and device based on cipher algorithm encryption and ciphertext data | |
| JP2008011092A (en) | Encrypted-content retrieval system | |
| CN109194663A (en) | A kind of method and device of file storage and downloading based on cloud computing | |
| CN115694921A (en) | Data storage method, device and medium | |
| JPH11161167A (en) | Device and method for ciphering and recording medium which records ciphering program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210615 |