KR20110101317A - Method and device for cipher-deciphering data automatically - Google Patents
Method and device for cipher-deciphering data automatically Download PDFInfo
- Publication number
- KR20110101317A KR20110101317A KR1020100020246A KR20100020246A KR20110101317A KR 20110101317 A KR20110101317 A KR 20110101317A KR 1020100020246 A KR1020100020246 A KR 1020100020246A KR 20100020246 A KR20100020246 A KR 20100020246A KR 20110101317 A KR20110101317 A KR 20110101317A
- Authority
- KR
- South Korea
- Prior art keywords
- data
- encryption
- automatic
- output
- communication device
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The present invention relates to a method for automatically encrypting and decrypting data, and an apparatus for automatically encrypting and decrypting data using the same.
The automatic data encryption / decryption method is an automatic data encryption / decryption method for automatically encrypting / decrypting data stored in an information communication device. When the data is stored in the information communication device, an encryption key for the data is automatically generated, and An automatic encryption step of separating and processing the plurality of pieces of output sentences together and storing them in the information communication device and at least one external device, and regenerating the pieces of information of the output pieces stored in the information communication device as keywords; And an automatic decryption step of reforming the data through the encryption key.
According to the present invention, it is convenient that the user can automatically decrypt data without having to remember and input an encryption key such as a password. In addition, when the user loses the information communication device, if only one of the pieces stored in the external device is removed, decryption is impossible, thereby effectively exposing confidential data.
Description
The present invention relates to a method for automatically encrypting and decrypting data, and an apparatus for automatically encrypting and decrypting data using the same.
In the case of storing confidential information in an information communication device such as a mobile phone, when a user sets a password, an encryption key is generated and encrypted, and confidential information is generally stored.
However, this data encryption method has a disadvantage that the user must remember the password.
In addition, in the case of a mobile phone, the password setting is simple, so that the password can be obtained by repeatedly attempting to enter the password, so that confidential information is often exposed, and in other portable devices or applications, the encryption method is simple and easily decrypted. There is a lot.
Accordingly, if the information communication device is lost, although confidential information is encrypted, there is a risk that the encryption method is easily exposed to a decryption attack.
Due to these problems, there has been a demand for a data encryption / decryption method and apparatus that can easily decrypt data from a user's point of view and cannot easily decrypt data from another user's point of view.
The present invention has been created to solve the problems described above, the problem to be solved by the present invention is a data automatic encryption and decryption method that can automatically decrypt data without input of an encryption key such as a password and portable using the same It is to provide a device.
Another object of the present invention is to provide an automatic data encryption / decryption method and a portable device using the same to prevent another person from easily decrypting the user's data when the user loses the portable device.
The automatic data decryption method according to an embodiment of the present invention for achieving the above object is a data automatic encryption and decryption method for automatically encrypting and decrypting data stored in the information communication device, the data is stored in the information communication device And automatically generating an encryption key for the data, and then separately processing the data into pieces of a plurality of pieces of output and dividing them into the information communication device and at least one external device, and storing the pieces of output text stored in the information communication device. And an automatic decryption step of reconstructing the data through the encryption key regenerated by collecting the plurality of pieces of the output sentence using the information as a keyword.
The automatic encryption step includes a data input step of receiving the data from a user, an encryption step of automatically generating the encryption key for the data and encrypting the data through the encryption key to form an encryption text, the encryption key and the encryption text. A certificate generation step of generating and verifying a certificate for the certificate, a mixing step of generating an output statement by arranging the data of the certificate in an arbitrary order, and separating the output statement into the plurality of pieces of the output statement and the one or more information communication devices. It may include a distributed storage step of distributed storage in an external device.
The automatic decoding step includes an output statement fragment selection step of a user selecting an output statement fragment stored in the information communication device among the plurality of output statement fragments, an aggregation step of regenerating the output statement by collecting the plurality of output statement fragments, and regenerating the output statement. A restoration step of regenerating the certificate by arranging the reverse order for the random order; an authentication step of authenticating through the cipher text, the encryption key, and an authentication key extracted from the certificate; and if the authentication succeeds, the encryption key Decrypting the cipher text through the decrypting step of reforming the data, and may provide a data providing step of providing the decrypted data to the user.
The generating of the certificate may include creating a compound sentence by attaching the encryption key to the cipher text, generating a first authentication key by applying a hash algorithm to the compound sentence, and including the compound statement and the first authentication key. And generating a certificate.
The random order may be determined by a preset randomization scheme.
The one or more external devices may be connectable with the information communication device in wired or wireless communication.
In the distributed storage step, information for identifying a fragment of an output sentence stored in the information communication apparatus is designated as a keyword, and the information storage includes a distributed storage list including information and storage locations of the plurality of output sentence fragments according to the keyword. Storing on the device.
In the collecting step, acquiring a distributed storage list including information and storage locations of the plurality of pieces of output pieces from the information communication device through a keyword designated as information for distinguishing pieces of output sentences stored in the information communication device, and And regenerating the output statement by collecting the plurality of pieces of the output statement according to a distributed storage list.
The authenticating step may include extracting a compound statement with the encryption key attached to the cipher text and the first authentication key from the certificate, generating a second authentication key from the compound text, and the first authentication key and the second authentication key. The method may include determining whether the authentication key matches.
The second authentication key may be generated by applying a hash algorithm to the compound statement.
The authentication step may include an authentication result providing step of providing a result of the authentication to a user.
The decrypting step may include separating and extracting the encryption key and the encryption text from the compound text.
The data providing step may include updating the plurality of pieces of output statements by re-activating the automatic encryption step on the decrypted data.
The automatic data encryption and decryption apparatus according to an embodiment of the present invention is a data automatic encryption and decryption apparatus that automatically encrypts and decrypts data stored in the information communication apparatus, and when the data is stored in the information communication apparatus, an encryption key for the data. The automatic encryption module for automatically generating and separating and processing the data fragments into a plurality of pieces of the output sentence with the data, and the information stored in the information communication device and the information fragments stored in the information communication device as a keyword And an automatic decryption module for collecting the pieces of the output sentence and reforming the data through the regenerated encryption key.
The automatic encryption module receives the data from a user, automatically generates the encryption key for the data, encrypts the data through the encryption key to form a ciphertext, and generates a certificate for the encryption key and the ciphertext. And verifying, arranging the data of the certificate in an arbitrary order to generate an output statement, and separating the output statement into the plurality of pieces of the output statement to be distributed and stored in the information communication device and the one or more external devices.
The automatic decoding module selects an output sentence fragment stored in the information communication device among the plurality of output sentence fragments, collects the plurality of output sentence fragments, regenerates the output sentence, and regenerates the reproduced output sentence in the arbitrary order. The certificate is regenerated by sorting in a reverse conversion scheme, and authentication is performed through the cipher text, the cipher key, and the authentication key extracted from the certificate. When the authentication is successful, the cipher text is decrypted through the cipher key to decrypt the data. And regenerate the data and provide the decrypted data to the user.
The automatic encryption module creates a compound statement by attaching the encryption key to the cipher text, generates a first authentication key by applying a hash algorithm to the compound statement, and generates a certificate including the compound statement and the first authentication key. Can be generated.
The random order may be determined by a preset randomization scheme.
The one or more external devices may be connectable with the information communication device in wired or wireless communication.
The automatic encryption module designates information that can distinguish the fragment of the output sentence stored in the information communication device as a keyword, and sends the distributed storage list including the information and the storage location of the plurality of fragments to the information communication device according to the keyword. Can be stored.
The automatic decoding module acquires a distributed storage list including information and storage locations of the plurality of pieces of output pieces from the information communication device through a keyword designated as information for distinguishing pieces of output sentences stored in the information communication device, and the distribution Regeneration of the output statement may be performed by collecting the plurality of pieces of output statement according to the storage list to the information communication device.
The automatic decryption module extracts the composite text and the first authentication key with the encryption key attached to the cipher text from the certificate, generates a second authentication key from the compound text, and the first authentication key and the second authentication key. Can be determined.
The second authentication key may be generated by applying a hash algorithm to the compound statement.
The automatic decryption module may provide a result of the authentication to a user.
The automatic decryption module may separately extract the encryption key and the encryption text from the compound text.
The automatic decryption module may update the plurality of pieces of output statements by re-running the automatic encryption module on the decrypted data.
According to the present invention, when encrypting data, an encryption key for the data is automatically generated, the data is divided into a plurality of pieces, and the data is divided and stored in an information communication device and an external device, and when the data is decrypted, the data is collected and collected. By reshaping, it is convenient that the user can automatically decrypt data without having to remember and enter an encryption key such as a password.
In addition, by dividing the data into a plurality of pieces and storing them separately in the information communication device and the external device, if the user loses the information communication device, if only one of the pieces stored in the external device is removed, decryption is impossible. Can be effectively prevented.
1 is a schematic flowchart of a data automatic encryption / decryption method according to an embodiment of the present invention.
2 is a flowchart illustrating an automatic encryption step in the automatic data decryption method according to an embodiment of the present invention.
3 is a flowchart illustrating an automatic decoding step in an automatic data encryption / decryption method according to an embodiment of the present invention.
4 is a simplified block diagram showing an automatic data encryption and decryption apparatus and an information communication apparatus according to an embodiment of the present invention.
Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings.
In the automatic data encryption / decryption method according to an embodiment of the present invention, when a user stores data in an information communication device, an encryption key for the data is automatically generated, and the data is separated into a plurality of pieces to process the information communication device and an external device. The present invention relates to a method of performing automatic encryption by dividing into pieces, and to performing automatic decryption after collecting a plurality of divided pieces of pieces when a user uses data stored in an information communication device.
1 is a schematic flowchart of a data automatic encryption / decryption method according to an embodiment of the present invention. 2 is a flowchart illustrating an automatic encryption step in an automatic data decryption method according to an embodiment of the present invention, and FIG. 3 is an automatic decryption step in an automatic data decryption method according to an embodiment of the present invention. The flowchart is about.
The automatic data encryption / decryption method (S100) according to an embodiment of the present invention is a data automatic encryption / decryption method (S100) that automatically encrypts and decrypts data stored in an information communication device. Automatic generation of the encryption key for the data and then separated into a plurality of pieces of the output statement with the data, the automatic encryption step (S110) for storing the information in the communication device and one or more external devices, and the information of the information pieces stored in the information communication device keyword The automatic decryption step (S120) of collecting a plurality of pieces of output text and reforming data through a regenerated encryption key is performed.
For example, the encryption / decryption algorithm used in the process of performing the automatic encryption / decryption method of data may be a symmetric key encryption / decryption algorithm having a fixed length encryption key. This symmetric key decryption algorithm uses the same encryption key for encryption and decryption. For example, a Triple Data Encryption Standard (3DES) algorithm using an 168-bit encryption key, an Advanced Encryption Standard (AES) algorithm using an 128-bit encryption key, or IDEA (International IDEA) using an 128-bit encryption key. Data Encryption Algorithm) algorithm.
In general, data may correspond to plain text, but may correspond to all cases that can be defined as data other than plain text.
Here, the information communication device may be any device capable of performing data processing or communication functions such as a computer, a mobile phone, a personal digital assistant (PDA), and a portable multimedia player (PMP).
Referring to FIG. 1, the automatic encryption step S110 includes a data input step S111 for receiving data from a user, an encryption step for automatically generating an encryption key for the data and encrypting the data through the encryption key to form an encryption text ( S112), a certificate generation step of generating and verifying a certificate for the encryption key and the ciphertext (S113), a mixing step of generating an output statement by arranging the data of the certificate in an arbitrary order (S114), and outputting the pieces into a plurality of pieces of the output statement. It may include a distributed storage step (S115) to be separated and distributed to the information communication device and one or more external devices.
For example, the process of performing the automatic encryption step S110 is described in detail with reference to FIG. 2. However, the steps presented here are not necessarily to be performed in a fixed order, the order may be changed flexibly as needed.
First, a data input step of providing data input means to a user to receive data from the user (S111), an encryption step of automatically generating a fixed length encryption key for the data and then encrypting the data through the encryption key to form a ciphertext (S112). ) May proceed.
Next, creating a compound statement by attaching the encryption key to the cipher text (113a), generating a first authentication key by applying a hash algorithm to the compound statement (113b), and comprising the compound statement and the first authentication key The certificate generation step S113 may be performed, which includes the step of generating the certificate 113c.
In this case, the hash algorithm for generating the first authentication key may be MD5, SHA-1, or SHA-2. In addition, the certificate generated through the certificate generation step (S113) may be an HMAC certificate.
Next, a mixing step S114 is performed in which data of the certificate is arranged in an arbitrary order to generate an output statement. In this case, the random order may be determined by a predetermined randomization scheme.
Here, by way of example, the preset randomization scheme used in the mixing step S114 will be described. In the mixing step S114, the pad is added to the certificate such that the number of data bytes of the certificate plus 4 bytes is the square of a natural number N. An extended certificate is created by adding bytes and storing the length of the certificate in the last 4 bytes. A coordinate transformation rule that sorts the data bytes of these extended certificates in a two-dimensional N × N byte array in order, and then applies them once for the two-dimensional array coordinates (x, y) of all data bytes in the extended certificate is (x, y). -> Compare the original extended certificate with the mixed-converted extension certificate obtained by performing a mixed transform of (x + y, x + 2y) (modulo N) an arbitrary number of Ms greater than 1 and less than N × N. If the mixed-converted extended certificate is different from the original extended certificate, the mixed-converted extended certificate is confirmed as an output statement, and is transmitted to the distributed storage step S115 together with the application number M. FIG.
Next, a distributed storage step (S115) of dividing the output statement into pieces of a plurality of output statements and distributing and storing them in the information communication device and one or more external devices may be performed.
In this case, one or more external devices may be connected to the information communication device through wired or wireless communication. For example, the one or more external devices may be USB storage devices that are connected by wire or may be storage servers that are wirelessly connected via the Internet or the like.
When the distributed storage step (S115) is further subdivided and examined, after the output statement is divided into a plurality of pieces of output statements and distributed and stored in the information communication device and at least one external device, information that can be divided into pieces of the output statement stored in the information communication device Specifying a keyword as a keyword, and storing a distributed storage list including information on the plurality of pieces of output statements and a storage location according to the keyword, in the information communication device (115b).
For example, in the distributed storage step S115, the output statement having the number of data bytes N is divided into two or more arbitrary number of output statement fragments, and the output statement fragments are divided so that the difference in size is M. One of the plurality of pieces of the output statement is stored in the information communication device, and the remaining pieces of the output statement are stored in one or more external devices designated by the user. Next, the storage location and the output statement fragment information are listed in the divided order and stored in the information communication device according to the designated keyword.
In this case, as shown in FIG. 2, the information communication device may be referred to as a local device. In addition, the data automatic encryption / decryption method (S100) according to an embodiment of the present invention may be generally applied to an information communication device such as a portable terminal, but is not necessarily limited to the information communication device, and automatically encrypts and decrypts data. It can be widely applied to various devices that need to be used.
By separating and processing the data into a plurality of pieces and dividing the data into the information communication device and the external device, if the user loses the information communication device, if only one of the pieces stored in the external device is removed, decryption is impossible. Can be effectively prevented.
In addition, referring to Figure 1, the automatic decoding step (S120) is an output statement fragment selection step (S121) for the user to select the output statement fragments stored in the information communication device of the plurality of output statement fragments, regenerating the output statement by combining the plurality of output statement fragments The collecting step (S122), the reconstructing step of regenerating the certificate by arranging the regenerated output statement in an inverse conversion method in any order (S123), the authentication step that authentication is performed through the cipher text, encryption key, and authentication key extracted from the certificate ( S124), if the authentication is successful, a decryption step (S125) of decrypting the cipher text through the encryption key to reconstruct the data, and a data providing step (S126) of providing the decrypted data to the user.
For example, the process of performing the automatic decoding step S110 is described in detail with reference to FIG. 3. However, the steps presented here do not necessarily have to be performed in a fixed order, and the order may be changed flexibly as necessary.
First, an output sentence fragment selection step S121 may be performed to provide an output sentence fragment selecting means to allow a user to select an output sentence fragment stored in an information communication device among a plurality of output sentence fragments.
Next, acquiring a distributed storage list including information and a plurality of storage locations of the plurality of pieces of output pieces from the information communication device through keywords designated as information for distinguishing pieces of the output statements stored in the information communication device (S122a), and distributed storage. The collecting step S122 may include a step S122b of collecting a plurality of pieces of the output statement according to the list to the information communication device and regenerating the output statements.
For example, in the gathering step S122, the storage location information for the remaining pieces of the output pieces is acquired by using the information of the pieces of the output pieces stored in the information communication device selected by the user as a keyword to collect all the pieces of the plurality of pieces of the output pieces that are distributed and stored. The plurality of pieces of the output statement are connected in sequence to regenerate one output statement, and then the size difference M of each piece of the output statement is obtained, and the output statement is generated and transmitted to the restoration step (S123).
Subsequently, a reconstruction step (S123) of regenerating the certificate by arranging the regenerated output statement in an inverse transform manner in any order may proceed.
For example, when looking at the restoration step (S123), first check whether the size of the output statement received from the collecting step (S122) is a natural number N squared, if not the square of N to report the error to the user, the square of N If this is correct, the data bytes of the output statement are sorted into a two-dimensional N × N array. Next, the inverse transform of the mixed transform applied in the mixing step (S114) for the two-dimensional array coordinates (x, y), that is, the coordinate transformation rule to be applied once is (x, y)-> (2x-y, yx) (modulo The inverse mixed transform of N) is applied by the value M transmitted from the collecting step S122 to restore the extended certificate. Then, the certificate is extracted by removing the pad byte added at the end of the extended certificate by the difference between the number of bytes of the restored extended certificate and the length of the certificate stored in the last 4 bytes of the extended certificate. The extracted certificate is passed to the authentication step (S124).
Next, extracting the compound statement with the encryption key attached to the cipher text and the first authentication key from the certificate (S124a), generating a second authentication key from the compound statement (S124b), and the first authentication key and the second authentication The authentication step S124 may include a step S124c of determining whether the keys match.
In this case, the second authentication key may be generated by applying a hash algorithm to the compound statement, and the hash algorithm for generating the second authentication key may use the first authentication key in the certificate generation step (S113) of the automatic encryption step (S110). The same algorithm as the hash algorithm to generate may be MD5, SHA-1, or SHA-2.
In addition, the authentication step (S124) may include an authentication result providing step (S124d) for providing a result of the authentication to the user. In the authentication result providing step S124d, when the first authentication key and the second authentication key do not match, the authentication failure may be reported to the user.
Subsequently, the decryption step (S125) may include proceeding to separately extract the encryption key and the cipher text from the compound statement (S125a), and if the authentication is successful, decrypting the cipher text through the encryption key to reconstruct the data. have.
Next, a data providing step S126 of providing the decrypted data to the user may proceed.
Here, referring to FIGS. 1 to 3, the data providing step S126 may include updating a plurality of pieces of output statements by re-running the automatic encryption step S110 on the decrypted data.
Even if a plurality of pieces of output statements cannot be collected by only one hacking attempt, all of them can be collected if several hacking attempts continue. Therefore, the automatic encryption step (S110) is driven again in the data providing step (S126). The output statement fragment was updated. Through the update step (S127) of the plurality of pieces of the output statement can be more secure from hacking.
The plurality of output statement fragment updating steps S127 may be performed in a manner that proceeds automatically when the data providing step S126 is reached, but may be configured to determine whether or not to update them by a user's selection.
As described above, according to the present invention, when the data is encrypted, the encryption key for the data is automatically generated, the data is divided into a plurality of pieces, and the data is divided and stored in an information communication device and an external device, and when the data are decrypted, By reforming the data, it is convenient that the user can automatically decrypt the data without having to remember and enter an encryption key such as a password.
4 is a simplified block diagram showing an automatic data encryption and decryption apparatus and an information communication apparatus according to an embodiment of the present invention.
Referring to FIG. 4, the data automatic encryption /
Here, the data automatic encryption /
In addition, the
The
The
The random order may be determined by a preset randomization scheme.
One or more external devices may be connected to the
The
Next, the automatic decoding module 210 selects an output statement fragment stored in the
The
The
The second authentication key may be generated by applying a hash algorithm to the compound statement.
The
The
The
Although the embodiments of the present invention have been described above, the scope of the present invention is not limited thereto, and it is recognized that the present invention is easily changed and equivalent by those skilled in the art to which the present invention pertains. Includes all changes and modifications to the scope of the matter.
Claims (26)
An automatic encryption step of automatically generating an encryption key for the data when the data is stored in the information communication device, separating and processing the data into pieces of a plurality of output sentences together with the data, and dividing the data into one or more external devices; And
And an automatic decryption step of reconstructing the data through the encryption key regenerated by collecting the plurality of output statement fragments as keywords based on the information of the output sentence fragments stored in the information communication device.
The automatic encryption step
A data input step of receiving the data from a user,
An encryption step of automatically generating the encryption key for the data and encrypting the data with the encryption key to form an encryption text;
Certificate generation step of generating and verifying the certificate for the encryption key and the cipher text,
A mixing step of generating an output statement by arranging data of the certificate in an arbitrary order; and
And a distributed storage step of dividing the output statement into the plurality of pieces of output statement and distributing and storing the output statement in the information communication device and the at least one external device.
The automatic decoding step
An output statement fragment selection step of a user selecting an output statement fragment stored in the information communication device among the plurality of output statement fragments;
An aggregation step of regenerating the output statement by collecting the plurality of pieces of output statement;
A regenerating step of regenerating the certificate by sorting the regenerated output statement in an inverse transform manner for the random order;
An authentication step of authenticating through the cipher text, the encryption key, and an authentication key extracted from the certificate;
A decryption step of reforming the data by decrypting the cipher text through the encryption key if the authentication is successful; and
And a data providing step of providing the decrypted data to a user.
The certificate generation step
Creating a compound sentence by attaching the encryption key to the cipher text,
Generating a first authentication key by applying a hash algorithm to the compound statement, and
Automatic data encryption and decryption method comprising the step of generating a certificate containing the compound statement and the first authentication key.
The above random order
A method for automatically encrypting and decrypting data determined by a predetermined randomization scheme.
The one or more external devices
Automatic data encryption and decryption method that can be connected to the information communication device through wired and wireless communication.
The distributed storage step
Designating information that can distinguish an output sentence fragment stored in the information communication device as a keyword, and
And storing, in the information communication device, a distributed storage list including information of the plurality of pieces of output sentences and a storage location according to the keyword.
The collecting step
Acquiring a distributed storage list including information and storage locations of the plurality of pieces of output pieces from the information communication device through a keyword designated as information for distinguishing pieces of output sentences stored in the information communication device; and
And regenerating the output statement by collecting the plurality of pieces of output statement in the information communication device according to the distributed storage list.
The authentication step
Extracting a compound statement having the encryption key attached to the encryption text and the first authentication key from the certificate;
Generating a second authentication key from the compound statement, and
And determining whether the first authentication key matches the second authentication key.
The second authentication key
Automatic data encryption and decryption method generated by applying a hash algorithm to the compound statement.
The authentication step
And an authentication result providing step of providing a result of the authentication to a user.
The decryption step
And automatically extracting the encryption key and the encryption text from the compound text.
The data providing step
And re-running the automatic encryption step on the decrypted data to update the plurality of pieces of output statements.
An automatic encryption module for automatically generating an encryption key for the data when the data is stored in the information communication device, separating and processing the data into pieces of a plurality of output sentences together with the data, and dividing the data into one or more external devices; And
And an automatic decryption module for reconstructing the data through the encryption key regenerated by collecting the plurality of output sentence fragments as keywords based on the information of the output sentence fragments stored in the information communication device.
The automatic encryption module
Receive the data from the user,
Automatically generating the encryption key for the data and encrypting the data with the encryption key to form an encryption text,
Generate and verify a certificate for the encryption key and the ciphertext,
Arrange the data of the certificate in any order to generate an output statement,
And automatically separating and outputting the output statement into the plurality of output statement fragments in the information communication device and the at least one external device.
The automatic decoding module
A user selects an output statement fragment stored in the information communication device among the plurality of output statement fragments,
Regenerate the output statement by collecting the plurality of pieces of output statement;
Regenerate the certificate by sorting the regenerated output statement in an inverse transform fashion for the random order,
Authentication is made through the cipher text, the encryption key, and an authentication key extracted from the certificate,
If the authentication is successful, the ciphertext is decrypted through the encryption key to reconstruct the data.
Automatic data encryption and decryption apparatus for providing the decrypted data to the user.
The automatic encryption module
Attaching the encryption key to the cipher text to create a compound text,
Generating a first authentication key by applying a hash algorithm to the compound statement,
Automatic data encryption and decryption apparatus for generating a certificate comprising the compound statement and the first authentication key.
The above random order
A data automatic encryption / decryption apparatus determined by a predetermined randomization scheme.
The one or more external devices
Automatic data encryption and decryption apparatus that can be connected to the information communication device through wired and wireless communication.
The automatic encryption module
Designate information identifying a fragment of an output sentence stored in the information communication device as a keyword,
And a distributed storage list including information on the plurality of pieces of output sentences and a storage location according to the keyword in the information communication device.
The automatic decoding module
Acquire a distributed storage list including information and storage locations of the plurality of pieces of output pieces from the information communication device through a keyword designated as information for distinguishing pieces of pieces of output sentences stored in the information communication device,
And a plurality of pieces of the output statement in accordance with the distributed storage list to the information communication device to regenerate the output statement.
The automatic decoding module
Extracting the composite text and the first authentication key to which the encryption key is attached to the encryption text from the certificate;
Generating a second authentication key from the compound statement,
And an automatic data encryption / decryption apparatus for determining whether the first authentication key and the second authentication key match each other.
The second authentication key
Automatic data encryption and decryption apparatus generated by applying a hash algorithm to the compound statement.
The automatic decoding module
Automatic data decryption apparatus for providing a user with the result of the authentication.
The automatic decoding module
Automatic data encryption and decryption apparatus for separating and extracting the encryption key and the cipher text from the compound text.
The automatic decoding module
And an automatic encryption / decryption apparatus for updating the plurality of pieces of output statements by re-running the automatic encryption module on the decrypted data.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020100020246A KR20110101317A (en) | 2010-03-08 | 2010-03-08 | Method and device for cipher-deciphering data automatically |
PCT/KR2011/001592 WO2011111981A2 (en) | 2010-03-08 | 2011-03-08 | Method and device for automatic data encryption and decryption |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020100020246A KR20110101317A (en) | 2010-03-08 | 2010-03-08 | Method and device for cipher-deciphering data automatically |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020120072990A Division KR101224956B1 (en) | 2012-07-04 | 2012-07-04 | Method and device for cipher-deciphering data automatically |
Publications (1)
Publication Number | Publication Date |
---|---|
KR20110101317A true KR20110101317A (en) | 2011-09-16 |
Family
ID=44563986
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020100020246A KR20110101317A (en) | 2010-03-08 | 2010-03-08 | Method and device for cipher-deciphering data automatically |
Country Status (2)
Country | Link |
---|---|
KR (1) | KR20110101317A (en) |
WO (1) | WO2011111981A2 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101307573B1 (en) * | 2011-11-28 | 2013-11-21 | 한국과학기술정보연구원 | apparatus for encrypting or decrpting data and method thereof |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2017044677A1 (en) * | 2015-09-11 | 2017-03-16 | Alibaba Group Holding Limited | Method and apparatus for facilitating electronic payments using a wearable device |
CN106527673B (en) | 2015-09-11 | 2019-09-06 | 阿里巴巴集团控股有限公司 | Bind method and apparatus, electric paying method and the device of wearable device |
CN117540434B (en) * | 2024-01-10 | 2024-03-15 | 成都数据集团股份有限公司 | Database management and security analysis method |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR100457669B1 (en) * | 2002-10-09 | 2004-11-18 | 김성욱 | Method for enciphering and storing information in distributed fashion |
KR100510151B1 (en) * | 2004-06-28 | 2005-08-25 | 삼성전자주식회사 | Method to securely manage information in database |
KR20060078768A (en) * | 2004-12-31 | 2006-07-05 | 주식회사 케이티 | System and method for key recovery using distributed registration of private key |
JP4778361B2 (en) * | 2006-05-19 | 2011-09-21 | 日立オムロンターミナルソリューションズ株式会社 | Authentication apparatus, authentication system, and apparatus confirmation method for authentication apparatus |
-
2010
- 2010-03-08 KR KR1020100020246A patent/KR20110101317A/en active Application Filing
-
2011
- 2011-03-08 WO PCT/KR2011/001592 patent/WO2011111981A2/en active Application Filing
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101307573B1 (en) * | 2011-11-28 | 2013-11-21 | 한국과학기술정보연구원 | apparatus for encrypting or decrpting data and method thereof |
Also Published As
Publication number | Publication date |
---|---|
WO2011111981A3 (en) | 2011-12-29 |
WO2011111981A2 (en) | 2011-09-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110324143B (en) | Data transmission method, electronic device and storage medium | |
CN105760764B (en) | Encryption and decryption method and device for embedded storage device file and terminal | |
CN108769067B (en) | Authentication verification method, device, equipment and medium | |
JP5866460B2 (en) | Method and apparatus for packing / unpacking files | |
US9608822B2 (en) | Method for generating an HTML document that contains encrypted files and the code necessary for decrypting them when a valid passphrase is provided | |
US8995653B2 (en) | Generating a secret key from an asymmetric private key | |
CN111314050B (en) | Encryption and decryption method and device | |
CN103853943B (en) | program protection method and device | |
CN105790940A (en) | Electronic bid-inviting and bidding system and method based on Shamir threshold | |
KR20120072011A (en) | Data encoding and decoding apparatus capable of verifying integrity | |
CN113489710B (en) | File sharing method, device, equipment and storage medium | |
CN105468940A (en) | Software protection method and apparatus | |
CN115603907A (en) | Method, device, equipment and storage medium for encrypting storage data | |
KR20110101317A (en) | Method and device for cipher-deciphering data automatically | |
CN109299618B (en) | Quantum-resistant computing cloud storage method and system based on quantum key card | |
US20220284112A1 (en) | System and method for securely transferring data | |
CN114205142A (en) | Data transmission method and device, electronic equipment and storage medium | |
KR101224956B1 (en) | Method and device for cipher-deciphering data automatically | |
CN111866864B (en) | Method, device and storage medium for realizing encrypted storage and safe use management of cloud platform certificate based on wireless AP | |
CN107276961B (en) | Method and device for encrypting and decrypting data based on cryptographic algorithm | |
CN107070648B (en) | Key protection method and PKI system | |
JP5821040B2 (en) | Data management device, data division device, and data restoration device | |
CN109150867B (en) | Network information transmission encryption/decryption device and encryption/decryption method | |
CN110691069B (en) | Method and system for maintaining and managing terminal high-authority password | |
CN111314052B (en) | Data encryption and decryption method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A201 | Request for examination | ||
E902 | Notification of reason for refusal | ||
E902 | Notification of reason for refusal | ||
E601 | Decision to refuse application | ||
AMND | Amendment | ||
E801 | Decision on dismissal of amendment | ||
A107 | Divisional application of patent |