KR20110101317A - Method and device for cipher-deciphering data automatically - Google Patents

Method and device for cipher-deciphering data automatically Download PDF

Info

Publication number
KR20110101317A
KR20110101317A KR1020100020246A KR20100020246A KR20110101317A KR 20110101317 A KR20110101317 A KR 20110101317A KR 1020100020246 A KR1020100020246 A KR 1020100020246A KR 20100020246 A KR20100020246 A KR 20100020246A KR 20110101317 A KR20110101317 A KR 20110101317A
Authority
KR
South Korea
Prior art keywords
data
encryption
automatic
output
communication device
Prior art date
Application number
KR1020100020246A
Other languages
Korean (ko)
Inventor
강대현
Original Assignee
강대현
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 강대현 filed Critical 강대현
Priority to KR1020100020246A priority Critical patent/KR20110101317A/en
Priority to PCT/KR2011/001592 priority patent/WO2011111981A2/en
Publication of KR20110101317A publication Critical patent/KR20110101317A/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention relates to a method for automatically encrypting and decrypting data, and an apparatus for automatically encrypting and decrypting data using the same.
The automatic data encryption / decryption method is an automatic data encryption / decryption method for automatically encrypting / decrypting data stored in an information communication device. When the data is stored in the information communication device, an encryption key for the data is automatically generated, and An automatic encryption step of separating and processing the plurality of pieces of output sentences together and storing them in the information communication device and at least one external device, and regenerating the pieces of information of the output pieces stored in the information communication device as keywords; And an automatic decryption step of reforming the data through the encryption key.
According to the present invention, it is convenient that the user can automatically decrypt data without having to remember and input an encryption key such as a password. In addition, when the user loses the information communication device, if only one of the pieces stored in the external device is removed, decryption is impossible, thereby effectively exposing confidential data.

Description

Method and device for encrypting data automatically {Method and device for cipher-deciphering data automatically}

The present invention relates to a method for automatically encrypting and decrypting data, and an apparatus for automatically encrypting and decrypting data using the same.

In the case of storing confidential information in an information communication device such as a mobile phone, when a user sets a password, an encryption key is generated and encrypted, and confidential information is generally stored.

However, this data encryption method has a disadvantage that the user must remember the password.

In addition, in the case of a mobile phone, the password setting is simple, so that the password can be obtained by repeatedly attempting to enter the password, so that confidential information is often exposed, and in other portable devices or applications, the encryption method is simple and easily decrypted. There is a lot.

Accordingly, if the information communication device is lost, although confidential information is encrypted, there is a risk that the encryption method is easily exposed to a decryption attack.

Due to these problems, there has been a demand for a data encryption / decryption method and apparatus that can easily decrypt data from a user's point of view and cannot easily decrypt data from another user's point of view.

The present invention has been created to solve the problems described above, the problem to be solved by the present invention is a data automatic encryption and decryption method that can automatically decrypt data without input of an encryption key such as a password and portable using the same It is to provide a device.

Another object of the present invention is to provide an automatic data encryption / decryption method and a portable device using the same to prevent another person from easily decrypting the user's data when the user loses the portable device.

The automatic data decryption method according to an embodiment of the present invention for achieving the above object is a data automatic encryption and decryption method for automatically encrypting and decrypting data stored in the information communication device, the data is stored in the information communication device And automatically generating an encryption key for the data, and then separately processing the data into pieces of a plurality of pieces of output and dividing them into the information communication device and at least one external device, and storing the pieces of output text stored in the information communication device. And an automatic decryption step of reconstructing the data through the encryption key regenerated by collecting the plurality of pieces of the output sentence using the information as a keyword.

The automatic encryption step includes a data input step of receiving the data from a user, an encryption step of automatically generating the encryption key for the data and encrypting the data through the encryption key to form an encryption text, the encryption key and the encryption text. A certificate generation step of generating and verifying a certificate for the certificate, a mixing step of generating an output statement by arranging the data of the certificate in an arbitrary order, and separating the output statement into the plurality of pieces of the output statement and the one or more information communication devices. It may include a distributed storage step of distributed storage in an external device.

The automatic decoding step includes an output statement fragment selection step of a user selecting an output statement fragment stored in the information communication device among the plurality of output statement fragments, an aggregation step of regenerating the output statement by collecting the plurality of output statement fragments, and regenerating the output statement. A restoration step of regenerating the certificate by arranging the reverse order for the random order; an authentication step of authenticating through the cipher text, the encryption key, and an authentication key extracted from the certificate; and if the authentication succeeds, the encryption key Decrypting the cipher text through the decrypting step of reforming the data, and may provide a data providing step of providing the decrypted data to the user.

The generating of the certificate may include creating a compound sentence by attaching the encryption key to the cipher text, generating a first authentication key by applying a hash algorithm to the compound sentence, and including the compound statement and the first authentication key. And generating a certificate.

The random order may be determined by a preset randomization scheme.

The one or more external devices may be connectable with the information communication device in wired or wireless communication.

In the distributed storage step, information for identifying a fragment of an output sentence stored in the information communication apparatus is designated as a keyword, and the information storage includes a distributed storage list including information and storage locations of the plurality of output sentence fragments according to the keyword. Storing on the device.

In the collecting step, acquiring a distributed storage list including information and storage locations of the plurality of pieces of output pieces from the information communication device through a keyword designated as information for distinguishing pieces of output sentences stored in the information communication device, and And regenerating the output statement by collecting the plurality of pieces of the output statement according to a distributed storage list.

The authenticating step may include extracting a compound statement with the encryption key attached to the cipher text and the first authentication key from the certificate, generating a second authentication key from the compound text, and the first authentication key and the second authentication key. The method may include determining whether the authentication key matches.

The second authentication key may be generated by applying a hash algorithm to the compound statement.

The authentication step may include an authentication result providing step of providing a result of the authentication to a user.

The decrypting step may include separating and extracting the encryption key and the encryption text from the compound text.

The data providing step may include updating the plurality of pieces of output statements by re-activating the automatic encryption step on the decrypted data.

The automatic data encryption and decryption apparatus according to an embodiment of the present invention is a data automatic encryption and decryption apparatus that automatically encrypts and decrypts data stored in the information communication apparatus, and when the data is stored in the information communication apparatus, an encryption key for the data. The automatic encryption module for automatically generating and separating and processing the data fragments into a plurality of pieces of the output sentence with the data, and the information stored in the information communication device and the information fragments stored in the information communication device as a keyword And an automatic decryption module for collecting the pieces of the output sentence and reforming the data through the regenerated encryption key.

The automatic encryption module receives the data from a user, automatically generates the encryption key for the data, encrypts the data through the encryption key to form a ciphertext, and generates a certificate for the encryption key and the ciphertext. And verifying, arranging the data of the certificate in an arbitrary order to generate an output statement, and separating the output statement into the plurality of pieces of the output statement to be distributed and stored in the information communication device and the one or more external devices.

The automatic decoding module selects an output sentence fragment stored in the information communication device among the plurality of output sentence fragments, collects the plurality of output sentence fragments, regenerates the output sentence, and regenerates the reproduced output sentence in the arbitrary order. The certificate is regenerated by sorting in a reverse conversion scheme, and authentication is performed through the cipher text, the cipher key, and the authentication key extracted from the certificate. When the authentication is successful, the cipher text is decrypted through the cipher key to decrypt the data. And regenerate the data and provide the decrypted data to the user.

The automatic encryption module creates a compound statement by attaching the encryption key to the cipher text, generates a first authentication key by applying a hash algorithm to the compound statement, and generates a certificate including the compound statement and the first authentication key. Can be generated.

The random order may be determined by a preset randomization scheme.

The one or more external devices may be connectable with the information communication device in wired or wireless communication.

The automatic encryption module designates information that can distinguish the fragment of the output sentence stored in the information communication device as a keyword, and sends the distributed storage list including the information and the storage location of the plurality of fragments to the information communication device according to the keyword. Can be stored.

The automatic decoding module acquires a distributed storage list including information and storage locations of the plurality of pieces of output pieces from the information communication device through a keyword designated as information for distinguishing pieces of output sentences stored in the information communication device, and the distribution Regeneration of the output statement may be performed by collecting the plurality of pieces of output statement according to the storage list to the information communication device.

The automatic decryption module extracts the composite text and the first authentication key with the encryption key attached to the cipher text from the certificate, generates a second authentication key from the compound text, and the first authentication key and the second authentication key. Can be determined.

The second authentication key may be generated by applying a hash algorithm to the compound statement.

The automatic decryption module may provide a result of the authentication to a user.

The automatic decryption module may separately extract the encryption key and the encryption text from the compound text.

The automatic decryption module may update the plurality of pieces of output statements by re-running the automatic encryption module on the decrypted data.

According to the present invention, when encrypting data, an encryption key for the data is automatically generated, the data is divided into a plurality of pieces, and the data is divided and stored in an information communication device and an external device, and when the data is decrypted, the data is collected and collected. By reshaping, it is convenient that the user can automatically decrypt data without having to remember and enter an encryption key such as a password.

In addition, by dividing the data into a plurality of pieces and storing them separately in the information communication device and the external device, if the user loses the information communication device, if only one of the pieces stored in the external device is removed, decryption is impossible. Can be effectively prevented.

1 is a schematic flowchart of a data automatic encryption / decryption method according to an embodiment of the present invention.
2 is a flowchart illustrating an automatic encryption step in the automatic data decryption method according to an embodiment of the present invention.
3 is a flowchart illustrating an automatic decoding step in an automatic data encryption / decryption method according to an embodiment of the present invention.
4 is a simplified block diagram showing an automatic data encryption and decryption apparatus and an information communication apparatus according to an embodiment of the present invention.

Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings.

In the automatic data encryption / decryption method according to an embodiment of the present invention, when a user stores data in an information communication device, an encryption key for the data is automatically generated, and the data is separated into a plurality of pieces to process the information communication device and an external device. The present invention relates to a method of performing automatic encryption by dividing into pieces, and to performing automatic decryption after collecting a plurality of divided pieces of pieces when a user uses data stored in an information communication device.

1 is a schematic flowchart of a data automatic encryption / decryption method according to an embodiment of the present invention. 2 is a flowchart illustrating an automatic encryption step in an automatic data decryption method according to an embodiment of the present invention, and FIG. 3 is an automatic decryption step in an automatic data decryption method according to an embodiment of the present invention. The flowchart is about.

The automatic data encryption / decryption method (S100) according to an embodiment of the present invention is a data automatic encryption / decryption method (S100) that automatically encrypts and decrypts data stored in an information communication device. Automatic generation of the encryption key for the data and then separated into a plurality of pieces of the output statement with the data, the automatic encryption step (S110) for storing the information in the communication device and one or more external devices, and the information of the information pieces stored in the information communication device keyword The automatic decryption step (S120) of collecting a plurality of pieces of output text and reforming data through a regenerated encryption key is performed.

For example, the encryption / decryption algorithm used in the process of performing the automatic encryption / decryption method of data may be a symmetric key encryption / decryption algorithm having a fixed length encryption key. This symmetric key decryption algorithm uses the same encryption key for encryption and decryption. For example, a Triple Data Encryption Standard (3DES) algorithm using an 168-bit encryption key, an Advanced Encryption Standard (AES) algorithm using an 128-bit encryption key, or IDEA (International IDEA) using an 128-bit encryption key. Data Encryption Algorithm) algorithm.

In general, data may correspond to plain text, but may correspond to all cases that can be defined as data other than plain text.

Here, the information communication device may be any device capable of performing data processing or communication functions such as a computer, a mobile phone, a personal digital assistant (PDA), and a portable multimedia player (PMP).

Referring to FIG. 1, the automatic encryption step S110 includes a data input step S111 for receiving data from a user, an encryption step for automatically generating an encryption key for the data and encrypting the data through the encryption key to form an encryption text ( S112), a certificate generation step of generating and verifying a certificate for the encryption key and the ciphertext (S113), a mixing step of generating an output statement by arranging the data of the certificate in an arbitrary order (S114), and outputting the pieces into a plurality of pieces of the output statement. It may include a distributed storage step (S115) to be separated and distributed to the information communication device and one or more external devices.

For example, the process of performing the automatic encryption step S110 is described in detail with reference to FIG. 2. However, the steps presented here are not necessarily to be performed in a fixed order, the order may be changed flexibly as needed.

First, a data input step of providing data input means to a user to receive data from the user (S111), an encryption step of automatically generating a fixed length encryption key for the data and then encrypting the data through the encryption key to form a ciphertext (S112). ) May proceed.

Next, creating a compound statement by attaching the encryption key to the cipher text (113a), generating a first authentication key by applying a hash algorithm to the compound statement (113b), and comprising the compound statement and the first authentication key The certificate generation step S113 may be performed, which includes the step of generating the certificate 113c.

In this case, the hash algorithm for generating the first authentication key may be MD5, SHA-1, or SHA-2. In addition, the certificate generated through the certificate generation step (S113) may be an HMAC certificate.

Next, a mixing step S114 is performed in which data of the certificate is arranged in an arbitrary order to generate an output statement. In this case, the random order may be determined by a predetermined randomization scheme.

Here, by way of example, the preset randomization scheme used in the mixing step S114 will be described. In the mixing step S114, the pad is added to the certificate such that the number of data bytes of the certificate plus 4 bytes is the square of a natural number N. An extended certificate is created by adding bytes and storing the length of the certificate in the last 4 bytes. A coordinate transformation rule that sorts the data bytes of these extended certificates in a two-dimensional N × N byte array in order, and then applies them once for the two-dimensional array coordinates (x, y) of all data bytes in the extended certificate is (x, y). -> Compare the original extended certificate with the mixed-converted extension certificate obtained by performing a mixed transform of (x + y, x + 2y) (modulo N) an arbitrary number of Ms greater than 1 and less than N × N. If the mixed-converted extended certificate is different from the original extended certificate, the mixed-converted extended certificate is confirmed as an output statement, and is transmitted to the distributed storage step S115 together with the application number M. FIG.

Next, a distributed storage step (S115) of dividing the output statement into pieces of a plurality of output statements and distributing and storing them in the information communication device and one or more external devices may be performed.

In this case, one or more external devices may be connected to the information communication device through wired or wireless communication. For example, the one or more external devices may be USB storage devices that are connected by wire or may be storage servers that are wirelessly connected via the Internet or the like.

When the distributed storage step (S115) is further subdivided and examined, after the output statement is divided into a plurality of pieces of output statements and distributed and stored in the information communication device and at least one external device, information that can be divided into pieces of the output statement stored in the information communication device Specifying a keyword as a keyword, and storing a distributed storage list including information on the plurality of pieces of output statements and a storage location according to the keyword, in the information communication device (115b).

For example, in the distributed storage step S115, the output statement having the number of data bytes N is divided into two or more arbitrary number of output statement fragments, and the output statement fragments are divided so that the difference in size is M. One of the plurality of pieces of the output statement is stored in the information communication device, and the remaining pieces of the output statement are stored in one or more external devices designated by the user. Next, the storage location and the output statement fragment information are listed in the divided order and stored in the information communication device according to the designated keyword.

In this case, as shown in FIG. 2, the information communication device may be referred to as a local device. In addition, the data automatic encryption / decryption method (S100) according to an embodiment of the present invention may be generally applied to an information communication device such as a portable terminal, but is not necessarily limited to the information communication device, and automatically encrypts and decrypts data. It can be widely applied to various devices that need to be used.

By separating and processing the data into a plurality of pieces and dividing the data into the information communication device and the external device, if the user loses the information communication device, if only one of the pieces stored in the external device is removed, decryption is impossible. Can be effectively prevented.

In addition, referring to Figure 1, the automatic decoding step (S120) is an output statement fragment selection step (S121) for the user to select the output statement fragments stored in the information communication device of the plurality of output statement fragments, regenerating the output statement by combining the plurality of output statement fragments The collecting step (S122), the reconstructing step of regenerating the certificate by arranging the regenerated output statement in an inverse conversion method in any order (S123), the authentication step that authentication is performed through the cipher text, encryption key, and authentication key extracted from the certificate ( S124), if the authentication is successful, a decryption step (S125) of decrypting the cipher text through the encryption key to reconstruct the data, and a data providing step (S126) of providing the decrypted data to the user.

For example, the process of performing the automatic decoding step S110 is described in detail with reference to FIG. 3. However, the steps presented here do not necessarily have to be performed in a fixed order, and the order may be changed flexibly as necessary.

First, an output sentence fragment selection step S121 may be performed to provide an output sentence fragment selecting means to allow a user to select an output sentence fragment stored in an information communication device among a plurality of output sentence fragments.

Next, acquiring a distributed storage list including information and a plurality of storage locations of the plurality of pieces of output pieces from the information communication device through keywords designated as information for distinguishing pieces of the output statements stored in the information communication device (S122a), and distributed storage. The collecting step S122 may include a step S122b of collecting a plurality of pieces of the output statement according to the list to the information communication device and regenerating the output statements.

For example, in the gathering step S122, the storage location information for the remaining pieces of the output pieces is acquired by using the information of the pieces of the output pieces stored in the information communication device selected by the user as a keyword to collect all the pieces of the plurality of pieces of the output pieces that are distributed and stored. The plurality of pieces of the output statement are connected in sequence to regenerate one output statement, and then the size difference M of each piece of the output statement is obtained, and the output statement is generated and transmitted to the restoration step (S123).

Subsequently, a reconstruction step (S123) of regenerating the certificate by arranging the regenerated output statement in an inverse transform manner in any order may proceed.

For example, when looking at the restoration step (S123), first check whether the size of the output statement received from the collecting step (S122) is a natural number N squared, if not the square of N to report the error to the user, the square of N If this is correct, the data bytes of the output statement are sorted into a two-dimensional N × N array. Next, the inverse transform of the mixed transform applied in the mixing step (S114) for the two-dimensional array coordinates (x, y), that is, the coordinate transformation rule to be applied once is (x, y)-> (2x-y, yx) (modulo The inverse mixed transform of N) is applied by the value M transmitted from the collecting step S122 to restore the extended certificate. Then, the certificate is extracted by removing the pad byte added at the end of the extended certificate by the difference between the number of bytes of the restored extended certificate and the length of the certificate stored in the last 4 bytes of the extended certificate. The extracted certificate is passed to the authentication step (S124).

Next, extracting the compound statement with the encryption key attached to the cipher text and the first authentication key from the certificate (S124a), generating a second authentication key from the compound statement (S124b), and the first authentication key and the second authentication The authentication step S124 may include a step S124c of determining whether the keys match.

In this case, the second authentication key may be generated by applying a hash algorithm to the compound statement, and the hash algorithm for generating the second authentication key may use the first authentication key in the certificate generation step (S113) of the automatic encryption step (S110). The same algorithm as the hash algorithm to generate may be MD5, SHA-1, or SHA-2.

In addition, the authentication step (S124) may include an authentication result providing step (S124d) for providing a result of the authentication to the user. In the authentication result providing step S124d, when the first authentication key and the second authentication key do not match, the authentication failure may be reported to the user.

Subsequently, the decryption step (S125) may include proceeding to separately extract the encryption key and the cipher text from the compound statement (S125a), and if the authentication is successful, decrypting the cipher text through the encryption key to reconstruct the data. have.

Next, a data providing step S126 of providing the decrypted data to the user may proceed.

Here, referring to FIGS. 1 to 3, the data providing step S126 may include updating a plurality of pieces of output statements by re-running the automatic encryption step S110 on the decrypted data.

Even if a plurality of pieces of output statements cannot be collected by only one hacking attempt, all of them can be collected if several hacking attempts continue. Therefore, the automatic encryption step (S110) is driven again in the data providing step (S126). The output statement fragment was updated. Through the update step (S127) of the plurality of pieces of the output statement can be more secure from hacking.

The plurality of output statement fragment updating steps S127 may be performed in a manner that proceeds automatically when the data providing step S126 is reached, but may be configured to determine whether or not to update them by a user's selection.

As described above, according to the present invention, when the data is encrypted, the encryption key for the data is automatically generated, the data is divided into a plurality of pieces, and the data is divided and stored in an information communication device and an external device, and when the data are decrypted, By reforming the data, it is convenient that the user can automatically decrypt the data without having to remember and enter an encryption key such as a password.

4 is a simplified block diagram showing an automatic data encryption and decryption apparatus and an information communication apparatus according to an embodiment of the present invention.

Referring to FIG. 4, the data automatic encryption / decryption apparatus 100 according to an embodiment of the present invention is a data automatic encryption / decryption apparatus 100 that automatically encrypts and decrypts data stored in the information communication apparatus 200. When the data is stored in the communication device 200, an automatic encryption module for automatically generating an encryption key for the data and separating and processing the data into pieces of a plurality of output statements together with the data to the information communication device 200 and one or more external devices ( 110, and an automatic decryption module 120 for reconstructing the data through the encryption key regenerated by collecting a plurality of pieces of the output sentence using the information of the pieces of the output sentence stored in the information communication device 200 as keywords.

Here, the data automatic encryption / decryption apparatus 100 according to an embodiment of the present invention is generally connected to the information communication apparatus 200 in a form included in the information communication apparatus 200 as shown in FIG. 4. This is merely an example and does not necessarily need to be included in the information communication device 200. That is, the data automatic encryption / decryption apparatus 100 may be connected to the information communication apparatus 200 in all possible ways of wired and wireless.

In addition, the automatic encryption module 110 and the automatic decryption module 120 included in the automatic data encryption and decryption apparatus 100 according to an embodiment of the present invention (S100) according to an embodiment of the present invention (S100). Is implemented by Therefore, the data automatic encryption / decryption apparatus 100 according to an embodiment of the present invention may also be easily understood by the description of the data automatic encryption / decryption method S100 according to the embodiment of the present invention. Therefore, hereinafter, a detailed description of the portable device 100 according to an embodiment of the present invention will be omitted.

The automatic encryption module 110 receives data from the user, automatically generates an encryption key for the data, encrypts the data through the encryption key to form a ciphertext, generates and verifies a certificate for the encryption key and the ciphertext, and The output data may be generated by arranging the data in any order, and the output statement may be divided into a plurality of pieces of the output statement, and may be distributed and stored in the information communication device 200 and the one or more external devices.

The automatic encryption module 110 may create a compound statement by attaching the encryption key to the cipher text, generate a first authentication key by applying a hash algorithm to the compound statement, and generate a certificate including the compound statement and the first authentication key. have.

The random order may be determined by a preset randomization scheme.

One or more external devices may be connected to the information communication device 200 through wired or wireless communication.

The automatic encryption module 110 designates information that can distinguish the fragment of the output statement stored in the information communication device 200 as a keyword, and the distributed storage list including the information and the storage location of the plurality of fragments of the output sentence according to the keyword. Can be stored at 200.

Next, the automatic decoding module 210 selects an output statement fragment stored in the information communication device 200 among the plurality of output fragments, collects the plurality of output fragments, regenerates the output statement, and randomly generates the regenerated output statement. The certificate is regenerated by sorting by the inverse transformation method for the certificate, and authentication is performed through a cipher text, an encryption key, and an authentication key extracted from the certificate. The generated data to the user.

The automatic decoding module 110 generates a distributed storage list including information on a plurality of pieces of output pieces and a storage location from the information communication device 200 through keywords designated as information for distinguishing pieces of output statements stored in the information communication device 200. The output statement may be regenerated by acquiring a plurality of pieces of output statements according to the distributed storage list and collecting the pieces of output statements into the information communication device 200.

The automatic decryption module 110 extracts the compound statement with the encryption key attached to the cipher text and the first authentication key from the certificate, generates a second authentication key from the compound statement, and checks whether the first authentication key and the second authentication key match. It can be determined.

The second authentication key may be generated by applying a hash algorithm to the compound statement.

The automatic decryption module 110 may provide a result of authentication to the user.

The automatic decryption module 110 may separately extract an encryption key and an encryption text from the compound text.

The automatic decryption module 110 may update the plurality of fragments of the output sentence by restarting the automatic encryption module 110 with respect to the decrypted data.

Although the embodiments of the present invention have been described above, the scope of the present invention is not limited thereto, and it is recognized that the present invention is easily changed and equivalent by those skilled in the art to which the present invention pertains. Includes all changes and modifications to the scope of the matter.

Claims (26)

A data automatic encryption / decryption method for automatically encrypting and decrypting data stored in an information communication device,
An automatic encryption step of automatically generating an encryption key for the data when the data is stored in the information communication device, separating and processing the data into pieces of a plurality of output sentences together with the data, and dividing the data into one or more external devices; And
And an automatic decryption step of reconstructing the data through the encryption key regenerated by collecting the plurality of output statement fragments as keywords based on the information of the output sentence fragments stored in the information communication device. In claim 1,
The automatic encryption step
A data input step of receiving the data from a user,
An encryption step of automatically generating the encryption key for the data and encrypting the data with the encryption key to form an encryption text;
Certificate generation step of generating and verifying the certificate for the encryption key and the cipher text,
A mixing step of generating an output statement by arranging data of the certificate in an arbitrary order; and
And a distributed storage step of dividing the output statement into the plurality of pieces of output statement and distributing and storing the output statement in the information communication device and the at least one external device. In claim 2,
The automatic decoding step
An output statement fragment selection step of a user selecting an output statement fragment stored in the information communication device among the plurality of output statement fragments;
An aggregation step of regenerating the output statement by collecting the plurality of pieces of output statement;
A regenerating step of regenerating the certificate by sorting the regenerated output statement in an inverse transform manner for the random order;
An authentication step of authenticating through the cipher text, the encryption key, and an authentication key extracted from the certificate;
A decryption step of reforming the data by decrypting the cipher text through the encryption key if the authentication is successful; and
And a data providing step of providing the decrypted data to a user. In claim 2,
The certificate generation step
Creating a compound sentence by attaching the encryption key to the cipher text,
Generating a first authentication key by applying a hash algorithm to the compound statement, and
Automatic data encryption and decryption method comprising the step of generating a certificate containing the compound statement and the first authentication key. In claim 2,
The above random order
A method for automatically encrypting and decrypting data determined by a predetermined randomization scheme. In claim 2,
The one or more external devices
Automatic data encryption and decryption method that can be connected to the information communication device through wired and wireless communication. In claim 2,
The distributed storage step
Designating information that can distinguish an output sentence fragment stored in the information communication device as a keyword, and
And storing, in the information communication device, a distributed storage list including information of the plurality of pieces of output sentences and a storage location according to the keyword. 4. The method of claim 3,
The collecting step
Acquiring a distributed storage list including information and storage locations of the plurality of pieces of output pieces from the information communication device through a keyword designated as information for distinguishing pieces of output sentences stored in the information communication device; and
And regenerating the output statement by collecting the plurality of pieces of output statement in the information communication device according to the distributed storage list. 4. The method of claim 3,
The authentication step
Extracting a compound statement having the encryption key attached to the encryption text and the first authentication key from the certificate;
Generating a second authentication key from the compound statement, and
And determining whether the first authentication key matches the second authentication key. In claim 9,
The second authentication key
Automatic data encryption and decryption method generated by applying a hash algorithm to the compound statement. 4. The method of claim 3,
The authentication step
And an authentication result providing step of providing a result of the authentication to a user. In claim 9,
The decryption step
And automatically extracting the encryption key and the encryption text from the compound text. 4. The method of claim 3,
The data providing step
And re-running the automatic encryption step on the decrypted data to update the plurality of pieces of output statements. A data automatic encryption / decryption apparatus for automatically encrypting and decrypting data stored in an information communication device,
An automatic encryption module for automatically generating an encryption key for the data when the data is stored in the information communication device, separating and processing the data into pieces of a plurality of output sentences together with the data, and dividing the data into one or more external devices; And
And an automatic decryption module for reconstructing the data through the encryption key regenerated by collecting the plurality of output sentence fragments as keywords based on the information of the output sentence fragments stored in the information communication device. The method of claim 14,
The automatic encryption module
Receive the data from the user,
Automatically generating the encryption key for the data and encrypting the data with the encryption key to form an encryption text,
Generate and verify a certificate for the encryption key and the ciphertext,
Arrange the data of the certificate in any order to generate an output statement,
And automatically separating and outputting the output statement into the plurality of output statement fragments in the information communication device and the at least one external device. The method of claim 15,
The automatic decoding module
A user selects an output statement fragment stored in the information communication device among the plurality of output statement fragments,
Regenerate the output statement by collecting the plurality of pieces of output statement;
Regenerate the certificate by sorting the regenerated output statement in an inverse transform fashion for the random order,
Authentication is made through the cipher text, the encryption key, and an authentication key extracted from the certificate,
If the authentication is successful, the ciphertext is decrypted through the encryption key to reconstruct the data.
Automatic data encryption and decryption apparatus for providing the decrypted data to the user. The method of claim 15,
The automatic encryption module
Attaching the encryption key to the cipher text to create a compound text,
Generating a first authentication key by applying a hash algorithm to the compound statement,
Automatic data encryption and decryption apparatus for generating a certificate comprising the compound statement and the first authentication key. The method of claim 15,
The above random order
A data automatic encryption / decryption apparatus determined by a predetermined randomization scheme. The method of claim 15,
The one or more external devices
Automatic data encryption and decryption apparatus that can be connected to the information communication device through wired and wireless communication. The method of claim 15,
The automatic encryption module
Designate information identifying a fragment of an output sentence stored in the information communication device as a keyword,
And a distributed storage list including information on the plurality of pieces of output sentences and a storage location according to the keyword in the information communication device. The method of claim 16,
The automatic decoding module
Acquire a distributed storage list including information and storage locations of the plurality of pieces of output pieces from the information communication device through a keyword designated as information for distinguishing pieces of pieces of output sentences stored in the information communication device,
And a plurality of pieces of the output statement in accordance with the distributed storage list to the information communication device to regenerate the output statement. The method of claim 16,
The automatic decoding module
Extracting the composite text and the first authentication key to which the encryption key is attached to the encryption text from the certificate;
Generating a second authentication key from the compound statement,
And an automatic data encryption / decryption apparatus for determining whether the first authentication key and the second authentication key match each other. The method of claim 22,
The second authentication key
Automatic data encryption and decryption apparatus generated by applying a hash algorithm to the compound statement. The method of claim 16,
The automatic decoding module
Automatic data decryption apparatus for providing a user with the result of the authentication. The method of claim 22,
The automatic decoding module
Automatic data encryption and decryption apparatus for separating and extracting the encryption key and the cipher text from the compound text. The method of claim 16,
The automatic decoding module
And an automatic encryption / decryption apparatus for updating the plurality of pieces of output statements by re-running the automatic encryption module on the decrypted data.
KR1020100020246A 2010-03-08 2010-03-08 Method and device for cipher-deciphering data automatically KR20110101317A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
KR1020100020246A KR20110101317A (en) 2010-03-08 2010-03-08 Method and device for cipher-deciphering data automatically
PCT/KR2011/001592 WO2011111981A2 (en) 2010-03-08 2011-03-08 Method and device for automatic data encryption and decryption

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020100020246A KR20110101317A (en) 2010-03-08 2010-03-08 Method and device for cipher-deciphering data automatically

Related Child Applications (1)

Application Number Title Priority Date Filing Date
KR1020120072990A Division KR101224956B1 (en) 2012-07-04 2012-07-04 Method and device for cipher-deciphering data automatically

Publications (1)

Publication Number Publication Date
KR20110101317A true KR20110101317A (en) 2011-09-16

Family

ID=44563986

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020100020246A KR20110101317A (en) 2010-03-08 2010-03-08 Method and device for cipher-deciphering data automatically

Country Status (2)

Country Link
KR (1) KR20110101317A (en)
WO (1) WO2011111981A2 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101307573B1 (en) * 2011-11-28 2013-11-21 한국과학기술정보연구원 apparatus for encrypting or decrpting data and method thereof

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017044677A1 (en) * 2015-09-11 2017-03-16 Alibaba Group Holding Limited Method and apparatus for facilitating electronic payments using a wearable device
CN106527673B (en) 2015-09-11 2019-09-06 阿里巴巴集团控股有限公司 Bind method and apparatus, electric paying method and the device of wearable device
CN117540434B (en) * 2024-01-10 2024-03-15 成都数据集团股份有限公司 Database management and security analysis method

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100457669B1 (en) * 2002-10-09 2004-11-18 김성욱 Method for enciphering and storing information in distributed fashion
KR100510151B1 (en) * 2004-06-28 2005-08-25 삼성전자주식회사 Method to securely manage information in database
KR20060078768A (en) * 2004-12-31 2006-07-05 주식회사 케이티 System and method for key recovery using distributed registration of private key
JP4778361B2 (en) * 2006-05-19 2011-09-21 日立オムロンターミナルソリューションズ株式会社 Authentication apparatus, authentication system, and apparatus confirmation method for authentication apparatus

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101307573B1 (en) * 2011-11-28 2013-11-21 한국과학기술정보연구원 apparatus for encrypting or decrpting data and method thereof

Also Published As

Publication number Publication date
WO2011111981A3 (en) 2011-12-29
WO2011111981A2 (en) 2011-09-15

Similar Documents

Publication Publication Date Title
CN110324143B (en) Data transmission method, electronic device and storage medium
CN105760764B (en) Encryption and decryption method and device for embedded storage device file and terminal
CN108769067B (en) Authentication verification method, device, equipment and medium
JP5866460B2 (en) Method and apparatus for packing / unpacking files
US9608822B2 (en) Method for generating an HTML document that contains encrypted files and the code necessary for decrypting them when a valid passphrase is provided
US8995653B2 (en) Generating a secret key from an asymmetric private key
CN111314050B (en) Encryption and decryption method and device
CN103853943B (en) program protection method and device
CN105790940A (en) Electronic bid-inviting and bidding system and method based on Shamir threshold
KR20120072011A (en) Data encoding and decoding apparatus capable of verifying integrity
CN113489710B (en) File sharing method, device, equipment and storage medium
CN105468940A (en) Software protection method and apparatus
CN115603907A (en) Method, device, equipment and storage medium for encrypting storage data
KR20110101317A (en) Method and device for cipher-deciphering data automatically
CN109299618B (en) Quantum-resistant computing cloud storage method and system based on quantum key card
US20220284112A1 (en) System and method for securely transferring data
CN114205142A (en) Data transmission method and device, electronic equipment and storage medium
KR101224956B1 (en) Method and device for cipher-deciphering data automatically
CN111866864B (en) Method, device and storage medium for realizing encrypted storage and safe use management of cloud platform certificate based on wireless AP
CN107276961B (en) Method and device for encrypting and decrypting data based on cryptographic algorithm
CN107070648B (en) Key protection method and PKI system
JP5821040B2 (en) Data management device, data division device, and data restoration device
CN109150867B (en) Network information transmission encryption/decryption device and encryption/decryption method
CN110691069B (en) Method and system for maintaining and managing terminal high-authority password
CN111314052B (en) Data encryption and decryption method

Legal Events

Date Code Title Description
A201 Request for examination
E902 Notification of reason for refusal
E902 Notification of reason for refusal
E601 Decision to refuse application
AMND Amendment
E801 Decision on dismissal of amendment
A107 Divisional application of patent