[go: up one dir, main page]

CN114528575A - File encryption method and system - Google Patents

File encryption method and system Download PDF

Info

Publication number
CN114528575A
CN114528575A CN202210151793.1A CN202210151793A CN114528575A CN 114528575 A CN114528575 A CN 114528575A CN 202210151793 A CN202210151793 A CN 202210151793A CN 114528575 A CN114528575 A CN 114528575A
Authority
CN
China
Prior art keywords
data
file
data block
encrypted
random
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210151793.1A
Other languages
Chinese (zh)
Inventor
王旭
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shandong Inspur Genersoft Information Technology Co Ltd
Original Assignee
Shandong Inspur Genersoft Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shandong Inspur Genersoft Information Technology Co Ltd filed Critical Shandong Inspur Genersoft Information Technology Co Ltd
Priority to CN202210151793.1A priority Critical patent/CN114528575A/en
Publication of CN114528575A publication Critical patent/CN114528575A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides a file encryption method and a file encryption system, wherein the method comprises the following steps: dividing a file to be encrypted into a plurality of data blocks; assigning a marker to each data block and determining location coordinates for each data block based on the markers; regularizing each data block into a first character string according to a preset rule and a corresponding position coordinate; acquiring a random secret key, and encrypting the first character string again through the random secret key to obtain a second character string; and generating an encrypted file, randomly sequencing the plurality of second character strings, storing the second character strings into a file body of the encrypted file, and storing the characteristic fields for file data restoration into a file data header of the encrypted file. The beneficial effects of the invention include: the file encryption method provided by the invention is simple and reliable, is convenient for users to realize file encryption by using the method, and is easy to maintain and manage.

Description

一种文件加密方法及系统A file encryption method and system

技术领域technical field

本发明涉及文件加密技术领域,尤其涉及一种文件加密方法及系统。The invention relates to the technical field of file encryption, in particular to a file encryption method and system.

背景技术Background technique

随着网络技术的蓬勃发展,很多公司都会上线信息化系统,这导致电脑文件的使用率飞速提升,同时网络安全也成为现在关注的一个重要问题。数据通过网络传送,如果其中的机密文件被泄露,那么将会带来不可估量的损失,在这样的大背景下文件加密的方法应运而生。With the vigorous development of network technology, many companies have launched information systems, which has led to a rapid increase in the utilization rate of computer files, and network security has also become an important issue of concern now. Data is transmitted through the network. If the confidential files are leaked, it will bring immeasurable losses. In this context, the method of file encryption emerges as the times require.

因此,如何设计一种简单可靠的、且方便用户使用和管理的文件数据加密方法是目前所亟需的。Therefore, how to design a file data encryption method that is simple and reliable, and is convenient for users to use and manage is urgently needed.

发明内容SUMMARY OF THE INVENTION

为了提供一种简单可靠的文件加密方法,在本发明的一个方面,提出了一种文件加密方法,所述方法包括:将待加密文件划分为多个数据块;为每个所述数据块分配标记,并基于所述标记确定每个数据块的位置坐标;根据预设规则及对应的位置坐标将每个所述数据块规则化为第一字符串;获取随机秘钥,通过所述随机秘钥再次加密所述第一字符串以获得第二字符串;生成加密文件,将多个所述第二字符串随机排序并保存到所述加密文件的文件体,将用于文件数据还原的特征字段保存到所述加密文件的文件数据头。In order to provide a simple and reliable file encryption method, in one aspect of the present invention, a file encryption method is proposed. The method includes: dividing a file to be encrypted into multiple data blocks; mark, and determine the position coordinates of each data block based on the mark; regularize each of the data blocks into a first character string according to preset rules and corresponding position coordinates; obtain a random secret key, and use the random secret key The key encrypts the first string again to obtain the second string; generates an encrypted file, randomly sorts and saves a plurality of the second strings to the file body of the encrypted file, and uses the features for file data restoration field is saved to the file header of the encrypted file.

在一个或多个实施例中,每个所述数据块划分到所述待加密文件的至少一行中的部分数据,且所述数据块的总数小于所述待加密文件的数据的总行数。In one or more embodiments, each of the data blocks is divided into part of data in at least one line of the file to be encrypted, and the total number of the data blocks is less than the total number of lines of data of the file to be encrypted.

在一个或多个实施例中,为每个所述数据块分配标记,并基于所述标记确定每个数据块的位置坐标,包括:随机为每个所述数据块分配不重复的标记;并且分别以每个所述数据块为中心,确定其相邻的数据块的标识,并按照预设次序组成中心数据块的位置坐标;其中,响应于所述中心数据块的某一相邻位置上没有数据块,以第一默认标记代替。In one or more embodiments, assigning a marker to each of the data blocks, and determining the location coordinates of each data block based on the marker includes: randomly assigning a unique marker to each of the data blocks; and Take each of the data blocks as the center, determine the identification of its adjacent data blocks, and form the position coordinates of the central data blocks according to the preset order; wherein, in response to a certain adjacent position of the central data block There is no data block, the first default token is used instead.

在一个或多个实施例中,所述标记包括大写字母、小写字母、数字以及特殊符号;所述第一默认标记为多个所述标记中的一个,响应于多个所述标记中的一个被确定为第一默认标记,不再以所述第一默认标记作为随机为所述多个数据块分配的标记。In one or more embodiments, the indicia includes uppercase letters, lowercase letters, numbers, and special symbols; the first default indicia is one of a plurality of the indicia, responsive to one of the plurality of the indicia It is determined as the first default mark, and the first default mark is no longer used as the mark randomly allocated to the plurality of data blocks.

在一个或多个实施例中,所述预设规则包括:判断每个所述数据块中划分到的属于所述待加密文件的不同行的数据的长度是否相同;响应于长度相同,则对所述数据块中的多个数据进行规则转换,规则转换包括将所述数据块转换为对应的位置坐标加所述数据块中包含的数据个数加数据长度加循环数据,所述循环数据为所述数据在所述数据块中的循环行号加所述数据;响应于长度不同,则对所述数据块中的多个数据进行非规则转换,非规则转换包括将所述数据块转换为对应的位置坐标加所述数据块中包含的数据个数加第二默认值加循环数据,所述循环数据为所述数据在所述数据块中的循环行号加所述数据的长度加所述数据。In one or more embodiments, the preset rule includes: judging whether the lengths of data belonging to different lines of the to-be-encrypted file divided into each of the data blocks are the same; A plurality of data in the data block is subjected to rule conversion, and the rule conversion includes converting the data block into corresponding position coordinates plus the number of data contained in the data block plus the data length plus cyclic data, and the cyclic data is: The cycle line number of the data in the data block is added to the data; in response to different lengths, irregular conversion is performed on a plurality of data in the data block, and the irregular conversion includes converting the data block into The corresponding position coordinates plus the number of data contained in the data block plus the second default value plus cyclic data, where the cyclic data is the cyclic line number of the data in the data block plus the length of the data plus the length of the data. stated data.

在一个或多个实施例中,所述预设规则还包括:响应于所述数据块仅划分到属于所述待加密文件的某一行中的数据,默认对所述数据进行规则转换。In one or more embodiments, the preset rule further includes: in response to the data block being divided into only data belonging to a certain row of the to-be-encrypted file, performing rule conversion on the data by default.

在一个或多个实施例中,所述获取随机秘钥,通过所述随机秘钥再次加密所述第一字符串以获得第二字符串,包括:获取第一随机秘钥及第一随机符,并与所述第一字符串中的数据块绑定;利用所述第一随机符替换所述第一字符串中的数据块的位置坐标;利用所述第一字符串的长度除以所述第一随机秘钥的长度的确定所述数据块的分割位;将所述第一随机秘钥的每一位依次插入对应的分割位中,获得第二字符串。In one or more embodiments, the obtaining a random key, and re-encrypting the first string with the random key to obtain the second character string includes: obtaining a first random key and a first random character , and bind with the data block in the first character string; use the first random character to replace the position coordinates of the data block in the first character string; divide the length of the first character string by all The length of the first random key determines the division bits of the data block; and each bit of the first random key is sequentially inserted into the corresponding division bits to obtain a second character string.

在一个或多个实施例中,所述方法还包括:根据所述第二字符串生成新的数据块;将用于数据还原的特征字段保存在所述新的数据块的数据头。In one or more embodiments, the method further includes: generating a new data block according to the second character string; and saving a feature field for data restoration in a data header of the new data block.

在一个或多个实施例中,所述将多个所述第二字符串随机排序,包括:为每个所述新的数据块分配第二随机符;根据所述第二随机符的大小对多个所述第二字符串对应的多个新的数据块重新排序。In one or more embodiments, the random ordering of the plurality of second character strings includes: allocating a second random character to each of the new data blocks; according to the size of the second random character Multiple new data blocks corresponding to multiple second character strings are reordered.

在本发明的第二方面,提出了一种文件加密系统,包括:数据划分模块,配置用于将待加密文件划分为多个数据块;数据标记模块,配置用于为每个所述数据块分配标记,并基于所述标记确定每个数据块的位置坐标;第一加密模块,配置用于根据预设规则及对应的位置坐标将每个所述数据块规则化为无序的第一字符串;第二加密模块,配置用于获取随机秘钥,通过所述随机秘钥再次加密所述第一字符串以获得第二字符串;加密文件生成模块,配置用于生成加密文件,将多个所述第二字符串随机排序并保存到所述加密文件的文件体,将用于文件数据还原的特征字段保存到所述加密文件的文件数据头。In a second aspect of the present invention, a file encryption system is proposed, comprising: a data dividing module configured to divide a to-be-encrypted file into a plurality of data blocks; a data marking module configured to provide each of the data blocks Allocating marks, and determining the position coordinates of each data block based on the marks; a first encryption module, configured to regularize each of the data blocks into disordered first characters according to preset rules and corresponding position coordinates a second encryption module, configured to obtain a random secret key, and re-encrypt the first character string with the random secret key to obtain a second character string; an encrypted file generation module, configured to generate an encrypted file, The second character strings are randomly sorted and saved in the file body of the encrypted file, and the characteristic field used for file data restoration is saved in the file data header of the encrypted file.

本发明的有益效果包括:本发明方法提出的文件加密方法简单可靠,便于用户利用上述方法实现文件加密且易于维护管理。The beneficial effects of the present invention include: the file encryption method proposed by the method of the present invention is simple and reliable, which is convenient for users to realize file encryption by using the above method, and is easy to maintain and manage.

附图说明Description of drawings

为了更清楚地说明本发明实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的实施例。In order to explain the embodiments of the present invention or the technical solutions in the prior art more clearly, the following briefly introduces the accompanying drawings that need to be used in the description of the embodiments or the prior art. Obviously, the accompanying drawings in the following description are only These are some embodiments of the present invention. For those of ordinary skill in the art, other embodiments can also be obtained according to these drawings without creative efforts.

图1为本发明的一种文件加密方法的工作流程图;Fig. 1 is the working flow chart of a kind of file encryption method of the present invention;

图2为本发明的一种文件加密系统的结构示意图。FIG. 2 is a schematic structural diagram of a file encryption system according to the present invention.

具体实施方式Detailed ways

为使本发明的目的、技术方案和优点更加清楚明白,以下结合具体实施例,并参照附图,对本发明实施例进一步详细说明。In order to make the objectives, technical solutions and advantages of the present invention more clearly understood, the embodiments of the present invention will be further described in detail below with reference to the specific embodiments and the accompanying drawings.

需要说明的是,本发明实施例中所有使用“第一”和“第二”的表述均是为了区分两个相同名称非相同的实体或者非相同的参量,可见“第一”“第二”仅为了表述的方便,不应理解为对本发明实施例的限定,后续实施例对此不再一一说明。It should be noted that all expressions using "first" and "second" in the embodiments of the present invention are for the purpose of distinguishing two entities with the same name but not the same or non-identical parameters. It can be seen that "first" and "second" It is only for the convenience of expression and should not be construed as a limitation to the embodiments of the present invention, and subsequent embodiments will not describe them one by one.

图1所示为本发明的一种文件加密方法的工作流程图。如图1所示,本发明的文件加密方法的工作流程包括:步骤S1、将待加密文件划分为多个数据块;步骤S2、为每个数据块分配标记,并基于标记确定每个数据块的位置坐标;步骤S3、根据预设规则及对应的位置坐标将每个所述数据块规则化为第一字符串;步骤S4、获取随机秘钥,通过随机秘钥再次加密第一字符串以获得第二字符串;以及步骤S5、生成加密文件,将多个第二字符串随机排序并保存到加密文件的文件体,将第二字符串对应的特征字段依序保存到加密文件的文件数据头。Fig. 1 shows a working flow chart of a file encryption method of the present invention. As shown in FIG. 1, the workflow of the file encryption method of the present invention includes: step S1, dividing the file to be encrypted into a plurality of data blocks; step S2, assigning a mark to each data block, and determining each data block based on the mark step S3, regularize each of the data blocks into a first character string according to preset rules and corresponding position coordinates; step S4, obtain a random secret key, and encrypt the first character string again with the random secret key to Obtain a second character string; and step S5, generate an encrypted file, randomly sort and save a plurality of second character strings to the file body of the encrypted file, and sequentially save the characteristic fields corresponding to the second character string to the file data of the encrypted file head.

为了能够更加清楚的阐述本发明的技术方案,以下将对本发明的每一步骤进行更加详细的说明。In order to explain the technical solution of the present invention more clearly, each step of the present invention will be described in more detail below.

对于步骤S1,本发明利用步骤S1,目的在于将一个完整的数据文件分解为数据不连续的数据块,使得即使部分数据块泄露后也无法由该数据块还原出正确的信息,或者至少无法还原出完整信息。其中,本发明的待加密文件是经过二进制转换后的数据文件。For step S1, the present invention uses step S1 to decompose a complete data file into data blocks with discontinuous data, so that even if some data blocks are leaked, correct information cannot be restored from the data blocks, or at least cannot be restored. out complete information. Wherein, the to-be-encrypted file of the present invention is a data file after binary conversion.

在一个可选的实施例中,为了达到上述将一个完整的数据文件分解为数据不连续的数据块的技术效果,在划分数据块时应尽量将数据文件中的同一行数据划分在多个数块中,每个数据块中将包含来自数据文件中多行的部分数据,其中,每个数据块划分到待加密文件的至少一行中的部分数据,且数据块的总数小于待加密文件的数据的总行数。In an optional embodiment, in order to achieve the above technical effect of decomposing a complete data file into data blocks with discontinuous data, when dividing data blocks, try to divide the same line of data in the data file into multiple data blocks. In the block, each data block will contain partial data from multiple lines in the data file, wherein each data block is divided into partial data in at least one line of the file to be encrypted, and the total number of data blocks is less than the data of the file to be encrypted. the total number of rows.

在一个具体的实施中,可以通过对待加密文件进行分析,根据待加密文件中的总数据行数,确定行分组以确定每个数据块中所包含的数据的行数,再确定列分组以确定需要将待加密文件的一行数据划分为几段。经划分后的待加密文件将形成类似下述表格的形式:In a specific implementation, by analyzing the to-be-encrypted file, according to the total number of data lines in the to-be-encrypted file, determine the row grouping to determine the number of rows of data contained in each data block, and then determine the column grouping to determine A line of data in the file to be encrypted needs to be divided into several segments. The divided files to be encrypted will form a form similar to the following table:

Figure BDA0003510731020000041
Figure BDA0003510731020000041

Figure BDA0003510731020000051
Figure BDA0003510731020000051

由上述可知,列分组数越多每个数据块中的数据完整性越差,但数据块的数量不宜过多,数据块过多将导致数据块丢失的风险大大增加,因此在一个优选实施例中,数据块的数量可以为待加密文件的总行数的一半。It can be seen from the above that the more the number of column groupings, the worse the data integrity in each data block, but the number of data blocks should not be too large. Too many data blocks will greatly increase the risk of data block loss. Therefore, in a preferred embodiment , the number of data blocks can be half of the total number of lines in the file to be encrypted.

对于步骤S2,本发明将为每个数据分配标记,目的在于利用标记生成该数据块在上述实施例的表格中的位置坐标,以为后续步骤中打乱数据块的排列后恢复待加密文件时使用。For step S2, the present invention will assign a mark to each data, and the purpose is to use the mark to generate the position coordinates of the data block in the table of the above embodiment, so as to be used when restoring the to-be-encrypted file after disrupting the arrangement of the data blocks in the subsequent steps .

在一个可选的实施例中,为了降低上述位置坐标被识别以及被推导的可能,本发明将随机为每个数据块分配不重复的标记;并且分别以每个数据块为中心,确定其相邻的数据块的标识,并按照预设次序(如上下左右)组成中心数据块的位置坐标;其中,响应于中心数据块的某一相邻位置上没有数据块,以第一默认标记代替。其中,第一默认标记为多个标记中的一个,响应于多个标记中的一个被确定为第一默认标记后,不再以该第一默认标记作为随机为多个数据块分配的标记。即在本发明中会存在一个标记记录表,该记录表中将记录特殊标记的特殊作用,如本实施例中第一默认标记以及后续实施例中的第二默认值等等;其中,一旦某个标记被用作特殊用途时,其将不再被用于形成位置坐标的组合。In an optional embodiment, in order to reduce the possibility of the above-mentioned position coordinates being identified and derived, the present invention will randomly assign non-repetitive marks to each data block; and take each data block as the center to determine its phase The identifiers of adjacent data blocks, and the position coordinates of the central data block are formed in a preset order (such as up, down, left, and right); wherein, in response to the absence of a data block in a certain adjacent position of the central data block, the first default mark is used instead. Wherein, the first default marker is one of the multiple markers, and in response to one of the multiple markers being determined as the first default marker, the first default marker is no longer used as the marker randomly assigned to the multiple data blocks. That is, there will be a mark record table in the present invention, and the special function of the special mark will be recorded in the record table, such as the first default mark in this embodiment and the second default value in subsequent embodiments, etc.; When a marker is used for a special purpose, it will no longer be used to form a combination of position coordinates.

在另一个可选的实施例中,为了进一步降低上述位置坐标被识别以及被推导的可能,分配给每个数据块的标记包括但不限于大写字母、小写字母、数字以及特殊符号。在一个优选的实施例中,分别为相邻的数据随机分配不同种类的标记,以最大化其被推断以及被识别的难度。In another optional embodiment, in order to further reduce the possibility of the above-mentioned position coordinates being identified and derived, the marks assigned to each data block include but are not limited to uppercase letters, lowercase letters, numbers and special symbols. In a preferred embodiment, adjacent data are randomly assigned different kinds of labels to maximize the difficulty of inference and identification.

在下述实施中,为了能够更加清楚的阐述其它加密步骤,将仅以数字标记为例进行说明。In the following implementation, in order to be able to explain other encryption steps more clearly, only the digital mark will be used as an example for description.

在一个具体的实施例中,每一个数据块按照提取与其相邻的上下左右的数据块的标记,顺序形成中心数据块的位置坐标,并对在某一方向上没有相邻数据块的情形以第一默认标记“0”代替。例如,数据块1的位置坐标是0402;又例如,数据块5的位置坐标是2046。In a specific embodiment, each data block sequentially forms the position coordinates of the central data block according to the labels of the adjacent upper, lower, left and right data blocks, and for the case that there is no adjacent data block in a certain direction, the first A default flag "0" instead. For example, the location coordinate of data block 1 is 0402; for another example, the location coordinate of data block 5 is 2046.

对于步骤S3、本发明利用步骤S3实现对数据块的第一次加密,本次加密的主要目的在于将位置坐标与对应的数据块绑定,从而为后续数据块排列打乱后的位置恢复做准备。当然,步骤S3本身也能实现数据加密的技术效果。For step S3, the present invention utilizes step S3 to realize the first encryption of the data block. The main purpose of this encryption is to bind the position coordinates with the corresponding data block, so as to restore the position after the subsequent data block arrangement is scrambled. Prepare. Of course, step S3 itself can also achieve the technical effect of data encryption.

在一个可选的实施例中,预设规则包括:In an optional embodiment, the preset rules include:

步骤S31、判断每个数据块中划分到的属于待加密文件的不同行的数据的长度是否相同;即当数据块中包含多条数据时,判断多条数据的长度是否相同;Step S31, judge whether the length of the data of the different rows of the file to be encrypted that is divided into in each data block is the same; that is, when the data block contains multiple pieces of data, judge whether the lengths of the multiple pieces of data are the same;

步骤S32,若长度相同,则对数据块中的多个数据进行规则转换,规则转换包括将数据块转换为对应的位置坐标加数据块中包含的数据个数加数据长度加循环数据,其中,循环数据为数据在数据块中的循环行号加数据;Step S32, if the length is the same, then the multiple data in the data block is subjected to rule conversion, and the rule conversion includes converting the data block into a corresponding position coordinate plus the number of data contained in the data block plus the data length plus cyclic data, wherein, The loop data is the loop line number of the data in the data block plus data;

例如,设数据块1中共包含三条长度相同的数据,具体组成如下表1所示:For example, suppose that data block 1 contains three pieces of data with the same length, and the specific composition is shown in Table 1 below:

表1数据块1的组成Table 1 Composition of data block 1

行号line number 规则化数据regularized data 11 QWERTQWERT 22 ASDFGASDFG 33 ZXCVBZXCVB

其中,由于数据块1中的三条数据长度相同,因此将采用规则转换对数据块1进行转换,转换结果为:0402351QWERT2ASDFG3ZXCVB,其中0402为数据块1的位置坐标,3表示数据块有三行数据,5表示规则化数据长度为5,1是循环行号,QWERT即为被加密的数据,依次类推形成如上字符串。Among them, since the three pieces of data in data block 1 have the same length, the regular conversion will be used to convert data block 1. The conversion result is: 0402351QWERT2ASDFG3ZXCVB, where 0402 is the position coordinate of data block 1, 3 means that the data block has three rows of data, 5 Indicates that the length of the regularized data is 5, 1 is the loop line number, QWERT is the encrypted data, and so on to form the above string.

步骤S33,若长度不同,则对数据块中的多个数据进行非规则转换,非规则转换包括将数据块转换为对应的位置坐标加数据块中包含的数据个数加第二默认值加循环数据,循环数据为数据在数据块中的循环行号加数据的长度加数据。可以理解为,在非规则转换中,由于数据的长度不一致,因此需要将每条数据的长度由循环数据分别记录;Step S33, if the lengths are different, then perform irregular conversion on a plurality of data in the data block, and the irregular conversion includes converting the data block into corresponding position coordinates plus the number of data contained in the data block plus the second default value plus circulation. Data, the loop data is the loop line number of the data in the data block plus the length of the data plus the data. It can be understood that in the irregular conversion, because the length of the data is inconsistent, the length of each data needs to be recorded separately by the cyclic data;

例如,设数据块5中共包含三条长度相同的数据,具体组成如下表2所示:For example, suppose that data block 5 contains three pieces of data with the same length, and the specific composition is shown in Table 2 below:

表2数据块5的组成Table 2 Composition of data block 5

行号line number 不规则话数据Irregular speech data 11 QWERTFDQWERTFD 22 ASDSAASFGDASDSAASFGD 33 ASFSASFS

对数据块5的非规则转换结果为:20463017QWERTFD210ASDSAASFGD34ASFS。其中,2046是数据块5的位置坐标,3表示数据块5中共有三行数据,第二默认值“0”表示当前数据块5为非结构化数据,“1”是循环行号,“7”是该数据的长度,“QWERTFD”即为被加密的数据,依次类推形成如上字符串。The irregular conversion result of data block 5 is: 20463017QWERTFD210ASDSAASFGD34ASFS. Among them, 2046 is the position coordinate of data block 5, 3 indicates that there are three lines of data in data block 5, the second default value "0" indicates that the current data block 5 is unstructured data, "1" is the loop line number, "7" is the length of the data, "QWERTFD" is the encrypted data, and so on to form the above string.

在另一个可选的实施中,响应于数据块仅划分到属于待加密文件的某一行中的数据,默认对数据块进行规则转换。In another optional implementation, in response to the data block being divided into only data belonging to a certain row of the file to be encrypted, the data block is subjected to rule conversion by default.

对于步骤S4,本发明利用步骤S4的主要目的在于,对数据块的真实位置坐标进行加密。For step S4, the main purpose of using step S4 in the present invention is to encrypt the real position coordinates of the data block.

在一个可选的实施例中,获取随机秘钥,通过随机秘钥再次加密第一字符串以获得第二字符串,包括:步骤S41、获取随机秘钥及随机符,并与第一字符串中的数据块绑定;步骤S42、利用随机符替换第一字符串中的数据块的位置坐标;步骤S43、利用第一字符串的长度除以随机秘钥的长度确定数据块的分割位;步骤S44、将随机秘钥的每一位依次插入对应的分割位中,获得第二字符串。在后续的数据还原中,只需去掉第二字符串中的随机秘钥和随机符即可将第二字符串还原为第一字符串。In an optional embodiment, obtaining a random secret key, and encrypting the first character string again with the random secret key to obtain a second character string includes: step S41, obtaining a random secret key and a random character, and combining them with the first character string Step S42, utilize random character to replace the position coordinates of the data block in the first character string; Step S43, utilize the length of the first character string divided by the length of the random secret key to determine the division position of the data block; Step S44: Insert each bit of the random key into the corresponding split bit in turn to obtain a second character string. In subsequent data restoration, the second character string can be restored to the first character string by simply removing the random secret key and random characters in the second character string.

其中,对于步骤S43,在一个可选的实施例中,可以利用第一字符串的长度除以随机秘钥的长度的余数确定数据块的分割位,当余数小于3时,默认以每3位确定一个分割位;例如,设对于上述的第一字符串0402351QWERT2ASDFG3ZXCVB,设获取的随机秘钥为TSDS,获取的随机符为9879;利用9879替换位置坐标0402,获得9879351QWERT2ASDFG3ZXCVB,共计24位,利用24除以4余数为0,0小于等于3,因此以每三位确定一个分割位并插入秘钥位的结果为:T_987_S_935_D_1QW_S_ERT_T_2AS_S_DFG_D_3ZX_S_CVB_T。需说明的是,实际数据中无下划线,本文为更好理解而增加了下划线以便于展示。在另一个可选的实施例中,可以在第二字符串的最前端加设字符串长度,生成的新的字符串为:24T987S935D1QWSERTT2ASSDFGD3ZXSCVBT。Wherein, for step S43, in an optional embodiment, the remainder of dividing the length of the first character string by the length of the random secret key can be used to determine the division bits of the data block, and when the remainder is less than 3, the default is to use every 3 bits Determine a division bit; for example, for the first character string 0402351QWERT2ASDFG3ZXCVB, set the obtained random key to be TSDS, and the obtained random character to be 9879; use 9879 to replace the position coordinate 0402 to obtain 9879351QWERT2ASDFG3ZXCVB, a total of 24 bits, divide by 24 The remainder of 4 is 0, and 0 is less than or equal to 3, so the result of determining a division bit for every three bits and inserting the key bit is: T_987_S_935_D_1QW_S_ERT_T_2AS_S_DFG_D_3ZX_S_CVB_T. It should be noted that there is no underline in the actual data. This article adds an underline for better understanding. In another optional embodiment, the string length may be added at the foremost end of the second string, and the generated new string is: 24T987S935D1QWSERTT2ASSDFGD3ZXSCVBT.

在一个可选的实施例中,在生成第二字符串后,需要将第二字符串打包成新的数据块,并将用于数据还原的特征字段保存在新的数据块的数据头。In an optional embodiment, after the second string is generated, the second string needs to be packaged into a new data block, and the characteristic field used for data restoration is stored in the data header of the new data block.

对于步骤S5、利用步骤S5将数据块的排序打乱并生成新的加密文件。具体步骤包括:步骤S51、为每个新的数据块分配第二随机符;以及步骤S52根据第二随机符的大小对多个第二字符串对应的多个新的数据块重新排序。For step S5, use step S5 to disrupt the order of the data blocks and generate a new encrypted file. The specific steps include: step S51, assigning a second random character to each new data block; and step S52, reordering multiple new data blocks corresponding to multiple second character strings according to the size of the second random character.

在一个可选的实施例中,用于文件数据还原的特征字段的组成包括:秘钥+方向位1+方位1对应的随机符+方向位2+方向位2对应的随机符+方向位3+方向位3对应的随机符+……+方位N+方向位N对应的随机符+秘钥+数据分割标识+秘钥。其中,通过特征字段“向位1+方位1对应的随机符+方向位2+方向位2对应的随机符+方向位3+方向位3对应的随机符+……+方位N+方向位N对应的随机符”能够还原多个新的数据块被打乱前的排序;而数据分割标识所对应的数据记录了待加密文件的划分方式,用于在将文件数据还原后的校验工作,而特征字段中的秘钥主要起到分隔作用。In an optional embodiment, the composition of the feature field used for file data restoration includes: secret key + direction bit 1 + random symbol corresponding to direction bit 1 + direction bit 2 + random symbol corresponding to direction bit 2 + direction bit 3 + random symbol corresponding to direction bit 3+... + azimuth N+ random symbol corresponding to direction bit N+secret key+data division identifier+secret key. Among them, through the feature field "orientation bit 1 + random symbol corresponding to orientation 1 + orientation bit 2 + random symbol corresponding to orientation bit 2 + orientation bit 3 + random symbol corresponding to orientation bit 3 + ... + orientation N + orientation bit N corresponds to The “random character” can restore the order of multiple new data blocks before they are scrambled; and the data corresponding to the data segmentation identifier records the division method of the file to be encrypted, which is used for the verification work after the file data is restored, and The key in the feature field is mainly used for separation.

如上述各实施例,本发明方法提出的文件加密方法简单可靠,便于用户利用上述方法实现文件加密且易于维护管理。As in the above-mentioned embodiments, the file encryption method proposed by the method of the present invention is simple and reliable, which is convenient for users to realize file encryption by using the above-mentioned method, and is easy to maintain and manage.

在本发明的第二方面,提出了一种文件加密装置。图2为本发明的一种文件机密系统的结构示意图。如图2所示本发明的文件加密系统包括:数据划分模块100,配置用于将待加密文件划分为多个数据块;数据标记模块200,配置用于为每个数据块分配标记,并基于标记确定每个数据块的位置坐标;第一加密模块300,配置用于根据预设规则及对应的位置坐标将每个数据块规则化为无序的第一字符串;第二加密模块400,配置用于获取随机秘钥,通过随机秘钥再次加密第一字符串以获得第二字符串;以及加密文件生成模块500,配置用于生成加密文件,将多个第二字符串随机排序并保存到加密文件的文件体,将用于文件数据还原的特征字段保存到加密文件的文件数据头。In a second aspect of the present invention, a file encryption device is provided. FIG. 2 is a schematic structural diagram of a file confidentiality system of the present invention. As shown in FIG. 2, the file encryption system of the present invention includes: a data division module 100, configured to divide a file to be encrypted into multiple data blocks; a data marking module 200, configured to assign a mark to each data block, and based on The mark determines the position coordinates of each data block; the first encryption module 300 is configured to regularize each data block into an unordered first character string according to preset rules and corresponding position coordinates; the second encryption module 400, is configured to obtain a random secret key, and encrypt the first character string again by using the random secret key to obtain a second character string; and an encrypted file generation module 500, configured to generate an encrypted file, and randomly order and save a plurality of second character strings to the file body of the encrypted file, and save the characteristic fields used for file data restoration to the file data header of the encrypted file.

本发明方法提出的文件加密系统简单可靠,便于用户利用上述系统实现文件加密且易于维护管理。The file encryption system proposed by the method of the present invention is simple and reliable, which is convenient for users to use the system to realize file encryption and easy to maintain and manage.

以上是本发明公开的示例性实施例,但是应当注意,在不背离权利要求限定的本发明实施例公开的范围的前提下,可以进行多种改变和修改。根据这里描述的公开实施例的方法权利要求的功能、步骤和/或动作不需以任何特定顺序执行。此外,尽管本发明实施例公开的元素可以以个体形式描述或要求,但除非明确限制为单数,也可以理解为多个。The above are exemplary embodiments of the present disclosure, but it should be noted that various changes and modifications may be made without departing from the scope of the disclosure of the embodiments of the present invention as defined in the claims. The functions, steps and/or actions of the method claims in accordance with the disclosed embodiments described herein need not be performed in any particular order. Furthermore, although elements disclosed in the embodiments of the present invention may be described or claimed in the singular, unless explicitly limited to the singular, the plural may also be construed.

应当理解的是,在本文中使用的,除非上下文清楚地支持例外情况,单数形式“一个”旨在也包括复数形式。还应当理解的是,在本文中使用的“和/或”是指包括一个或者一个以上相关联地列出的项目的任意和所有可能组合。It should be understood that, as used herein, the singular form "a" is intended to include the plural form as well, unless the context clearly supports an exception. It will also be understood that "and/or" as used herein is meant to include any and all possible combinations of one or more of the associated listed items.

上述本发明实施例公开实施例序号仅仅为了描述,不代表实施例的优劣。The above-mentioned embodiments of the present invention disclose the serial numbers of the embodiments only for description, and do not represent the advantages and disadvantages of the embodiments.

所属领域的普通技术人员应当理解:以上任何实施例的讨论仅为示例性的,并非旨在暗示本发明实施例公开的范围(包括权利要求)被限于这些例子;在本发明实施例的思路下,以上实施例或者不同实施例中的技术特征之间也可以进行组合,并存在如上的本发明实施例的不同方面的许多其它变化,为了简明它们没有在细节中提供。因此,凡在本发明实施例的精神和原则之内,所做的任何省略、修改、等同替换、改进等,均应包含在本发明实施例的保护范围之内。Those of ordinary skill in the art should understand that the discussion of any of the above embodiments is only exemplary, and is not intended to imply that the scope (including the claims) disclosed by the embodiments of the present invention is limited to these examples; under the idea of the embodiments of the present invention , the technical features in the above embodiments or different embodiments can also be combined, and there are many other changes in different aspects of the above embodiments of the present invention, which are not provided in detail for the sake of brevity. Therefore, any omission, modification, equivalent replacement, improvement, etc. made within the spirit and principle of the embodiments of the present invention should be included within the protection scope of the embodiments of the present invention.

Claims (10)

1. A method for encrypting a file, the method comprising:
dividing a file to be encrypted into a plurality of data blocks;
assigning a marker to each of the data blocks and determining location coordinates of each data block based on the markers;
regularizing each data block into a first character string according to a preset rule and a corresponding position coordinate;
acquiring a random secret key, and encrypting the first character string again through the random secret key to obtain a second character string;
and generating an encrypted file, randomly sequencing the second character strings, storing the second character strings into a file body of the encrypted file, and storing the characteristic fields for file data restoration into a file data header of the encrypted file.
2. The file encryption method according to claim 1, wherein each of the data blocks is divided into partial data in at least one line of the file to be encrypted, and the total number of the data blocks is smaller than the total number of lines of data of the file to be encrypted.
3. The file encryption method of claim 1, wherein assigning a marker to each of the data blocks and determining location coordinates for each data block based on the markers comprises:
randomly distributing non-repeated marks for each data block; and is
Respectively taking each data block as a center, determining the identification of the adjacent data blocks, and forming the position coordinates of the central data block according to a preset sequence; wherein a first default marker is substituted in response to no data block being located in a certain adjacent position of the central data block.
4. The file encryption method of claim 3,
the marks comprise capital letters, lowercase letters, numbers and special symbols;
the first default flag is one of a plurality of the flags, and the first default flag is no longer used as a randomly assigned flag for the plurality of data blocks in response to the one of the plurality of the flags being determined to be the first default flag.
5. The file encryption method according to claim 2, wherein the preset rule includes:
judging whether the lengths of the data which belong to different lines of the file to be encrypted and are divided in each data block are the same or not;
in response to the length being the same, performing rule conversion on the plurality of data in the data block, the rule conversion including converting the data block into corresponding position coordinates plus the number of data contained in the data block plus data length plus cycle data, the cycle data being the number of a cycle line of the data in the data block plus the data;
and in response to the length difference, performing irregular conversion on the plurality of data in the data block, wherein the irregular conversion comprises converting the data block into corresponding position coordinates plus the number of data contained in the data block plus a second default value plus cycle data, and the cycle data is the cycle line number of the data in the data block plus the length of the data plus the data.
6. The file encryption method according to claim 5, wherein the preset rule further comprises:
and in response to the data block being divided into only data in a certain row belonging to the file to be encrypted, performing rule conversion on the data by default.
7. The file encryption method according to claim 1, wherein the obtaining of the random key, and re-encrypting the first string by the random key to obtain a second string, comprises:
acquiring a first random key and a first random symbol, and binding the first random key and the first random symbol with a data block in the first character string;
replacing the position coordinates of the data blocks in the first character string with the first random character;
determining a partition bit of the data block using a length of the first string divided by a length of the first random key;
and sequentially inserting each bit of the first random secret key into the corresponding segmentation bit to obtain a second character string.
8. The file encryption method of claim 7, wherein the method further comprises:
generating a new data block according to the second character string;
and saving the characteristic field for data recovery in the data header of the new data block.
9. The file encryption method of claim 8, wherein said randomly ordering a plurality of said second strings comprises:
allocating a second random symbol to each new data block;
and reordering a plurality of new data blocks corresponding to the second character strings according to the size of the second random character.
10. A file encryption system, comprising:
the data dividing module is configured to divide a file to be encrypted into a plurality of data blocks;
a data marking module configured to assign a mark to each of the data blocks and determine a position coordinate of each data block based on the mark;
the first encryption module is configured to normalize each data block into a disordered first character string according to a preset rule and a corresponding position coordinate;
the second encryption module is configured to obtain a random key, and encrypt the first character string again through the random key to obtain a second character string;
and the encrypted file generation module is configured to generate an encrypted file, randomly sequence and store the plurality of second character strings into a file body of the encrypted file, and store the characteristic field for file data restoration into a file data header of the encrypted file.
CN202210151793.1A 2022-02-18 2022-02-18 File encryption method and system Pending CN114528575A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210151793.1A CN114528575A (en) 2022-02-18 2022-02-18 File encryption method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210151793.1A CN114528575A (en) 2022-02-18 2022-02-18 File encryption method and system

Publications (1)

Publication Number Publication Date
CN114528575A true CN114528575A (en) 2022-05-24

Family

ID=81623837

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210151793.1A Pending CN114528575A (en) 2022-02-18 2022-02-18 File encryption method and system

Country Status (1)

Country Link
CN (1) CN114528575A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115459914A (en) * 2022-09-14 2022-12-09 山东银瑞信息科技有限公司 A blockchain-based data encryption and peer-to-peer transmission method

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106599698A (en) * 2015-10-19 2017-04-26 腾讯科技(深圳)有限公司 Method and device for picture encryption, and method and device for picture decryption
CN108173885A (en) * 2018-03-27 2018-06-15 国家基础地理信息中心 Data ciphering method, data decryption method and relevant apparatus
CN108667595A (en) * 2017-03-28 2018-10-16 吉林化工学院 A Compression and Encryption Method for Large Data Files
CN108809889A (en) * 2017-04-26 2018-11-13 北京邮电大学 A kind of data certainty delet method negated based on data block random site
US20190306221A1 (en) * 2018-03-28 2019-10-03 Ca, Inc. Adaptive encryption in checkpoint recovery of file transfers
CN110489942A (en) * 2019-08-06 2019-11-22 南开大学 A kind of processing method and system of WebAssembly file

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106599698A (en) * 2015-10-19 2017-04-26 腾讯科技(深圳)有限公司 Method and device for picture encryption, and method and device for picture decryption
CN108667595A (en) * 2017-03-28 2018-10-16 吉林化工学院 A Compression and Encryption Method for Large Data Files
CN108809889A (en) * 2017-04-26 2018-11-13 北京邮电大学 A kind of data certainty delet method negated based on data block random site
CN108173885A (en) * 2018-03-27 2018-06-15 国家基础地理信息中心 Data ciphering method, data decryption method and relevant apparatus
US20190306221A1 (en) * 2018-03-28 2019-10-03 Ca, Inc. Adaptive encryption in checkpoint recovery of file transfers
CN110489942A (en) * 2019-08-06 2019-11-22 南开大学 A kind of processing method and system of WebAssembly file

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115459914A (en) * 2022-09-14 2022-12-09 山东银瑞信息科技有限公司 A blockchain-based data encryption and peer-to-peer transmission method

Similar Documents

Publication Publication Date Title
CN107609356B (en) Text carrier-free information hiding method based on label model
CN103778590B (en) Using digital picture storage and the method and apparatus of transmission information
CN108829899B (en) Data table storage, modification, query and statistical method
CN103745164B (en) A kind of file safety storage method based on environmental and system
CN104317823B (en) A kind of method utilizing data fingerprint to carry out Data Detection
CN114338217B (en) Data encryption transmission method
CN116894273B (en) File encryption method, decryption method, equipment and media based on XOR and remainder
CN109840401A (en) For the watermark embedding method of data text
CN106357608A (en) Method for encrypting and decrypting private data for personal healthcare data
CN114528575A (en) File encryption method and system
CN114970464A (en) Method, device, terminal equipment and storage medium for generating identification
CN107248915A (en) A kind of method for the data message dynamic encryption for preventing from being decrypted by violence
CN102842053A (en) Anti-fake pattern and core tag and manufacturing method thereof
CN114201774B (en) Master key encryption method, master key decryption method, electronic device and storage medium
CN113094736A (en) Identity card number encryption method, identity card number decryption method, identity card number encryption system and identity card number decryption system
CN105204782A (en) Data storage achieving method and device
CN113642020A (en) Dynamic encryption method and device for configuration file, electronic equipment and storage medium
CN116484443B (en) Trusted security storage method and device based on hong Monte-go system
CN106910149A (en) Replacement number generation system and the generation method of a kind of citizen ID certificate number
KR20140134796A (en) Method and apparatus for managing distribution of file to recover original file with at least pre-determined number file fragments with random sizes
KR101977128B1 (en) Fixed length encryption apparatus and method for long text strings
Boulesnane et al. A new steganography technique based on dotted Arabic letters features
CN115935299A (en) Authorization control method, device, computer equipment and storage medium
CN108712424B (en) Method for encrypting text based on mapping control point result table
CN114218600A (en) Distributed storage data optimization method based on block chain technology

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination