KR102617446B1 - Encoder, encoding method and computer readable recording medium - Google Patents

Abstract

Disclosed is an encoder, an encoding method, and a computer-readable recording medium. The encoder calculates a block unit indicating the data size based on a communication unit that receives the original file and an encryption key containing a plurality of elements, and based on the number of elements included in the encryption key and the value of each of the plurality of elements. It may include a control unit that encrypts the original file received by the communication unit in units of calculated blocks, and a storage unit that stores the encrypted file.

Description

Encoder, encoding method and computer readable recording medium {Encoder, encoding method and computer readable recording medium}

The present invention relates to an encoder, an encoding method, and a computer-readable recording medium, and more specifically, to an encoder, an encoding method, and a computer-readable recording medium capable of encoding files.

Almost all existing commercial industries, both domestically and internationally, have established business systems through the web and provide various services through PCs and mobile devices. In addition to cloud services such as Microsoft, Apple, and Google that store sensitive data of individuals, there are also types of cloud services that provide the server itself, such as AWS. There are also various ASPs (Application Service Providers) and IoT devices that manage sensitive personal information such as resident registration numbers and addresses through cloud services or individual methods.

When using the ERP (Enterprise resource planning) systems that we commonly know, if a company does not have the financial ability to operate a sufficient system as intended, it pays a monthly fee to use the ERP system provided by ASP companies. use. In the case of ERP services, various personal information such as employee management/salary management/customer management/business partner management is usually stored in the system, and as much of it is sensitive personal information, security is very important.

Additionally, in the case of IoT devices, a significant amount of data, such as images and videos, is stored or transmitted through individual devices. To this end, documents for the security of IoT devices are being prepared in various forms.

Text data that is stored directly in the database is basically encrypted and stored. In this case, the capacity of the text itself is not large, so each company stores the encrypted information in the database in various ways. Therefore, text-based personal information is usually encrypted according to the database password and an encoding method without any special rules. Even if the user hacks the database and server, it is not easy to check the data before reverse engineering in the server-side program.

However, in the case of files uploaded to hard disks, there are no strict legal standards for their storage method. The Korea Internet & Security Agency and others provide several recommendations for file security on web servers, but they are limited to strengthening the security of the server itself, building a firewall, and strengthening security in the file transfer process. These methods can be recommended for the highest level of security, but if the authority of the server where the file was uploaded is stolen, the information of all files stored on the server may be exposed to hackers.

For this reason, in the case of large files being uploaded, encrypting the entire file becomes a speed problem, so only the header is altered, the file extension is removed (in the case of Windows), and file permissions are removed (Unix-based systems). It can also be saved to disk. Other methods are used to encrypt uploaded files and store the encrypted key value in a database, but if even the data backed up to the cloud is deleted, there is no way to recover it. Alternatively, if the file size is large, there is a method that supports partial encryption to compensate for the performance overhead of encryption, but in the case of videos, partial encryption has limitations that make it difficult to protect the confidentiality of the entire data.

The problem to be solved by the present invention is to provide an encoder, encoding method, and computer-readable recording medium suitable for a lightweight encryption method for services that require fast feedback, such as web services.

Another problem to be solved by the present invention is to provide an encoder, an encoding method, and a computer-readable recording medium that can encrypt an entire file while compensating for the performance overhead that occurs during encryption, storage, and decryption on a hard disk.

Another problem to be solved by the present invention is to provide an encoder, an encoding method, and a computer-readable recording medium that can be modified into different encryption structures for each system based on the same encryption key.

Another problem that the present invention aims to solve is to provide an encoder, an encoding method, and a computer-readable recording medium that can prevent password loss or loss and protect files as much as possible when files are stolen due to hacking.

The encoding method according to the present invention includes calculating a block unit indicating the data size based on an encryption key including a plurality of elements, and calculating an original block unit based on the number of the plurality of elements and the value of each of the plurality of elements. It may include encrypting the file in units of the calculated blocks. Here, the encryption key includes at least one of alphabets, numbers, and special characters as an element, and the elements included in the encryption key may be different. A plurality of encryption keys and unique keys related to the plurality of encryption keys are generated and stored in advance, and the encryption key can be selected from the stored encryption keys.

The value of the element included in the encryption key may be the size of the element or a value mapped to the element. The size of the element may be a size encoded in descending order of byte units or a size encoded in ascending order. Elements and values mapped to elements are stored in a reference table, and values mapped to the elements can be searched from the reference table.

The encoding method may further include requesting transmission of the encryption key when reception of the original file begins, and receiving the encryption key and a unique key related to the encryption key.

The step of calculating the block unit may include calculating the sum of the values of each of the plurality of elements in the block unit.

The encrypting step includes generating a sum array for storing data of a size corresponding to the block unit, generating a plurality of element arrays related to each of the plurality of elements, and the sum array and the plurality of elements. It may include rearranging the original file in units of blocks using element arrangement. Here, the plurality of element arrays may have a size that corresponds to the value of the related element or may have a size that corresponds to the difference between the block unit and the value of the related element.

The rearranging step includes dividing and storing data stored in the original file in units of blocks into the plurality of element arrays, and rotating some data of each of the plurality of element arrays in the total array. It can be included. Here, the partial data is in byte units, and the total array and the plurality of element arrays are byte unit arrays, and the size corresponding to the value of the element related to the element array or the block unit and Data stored in the original file may be stored in the element array by a size corresponding to the difference between the values of the related elements.

The dividing and storing step may include dividing and storing the data into the plurality of element arrays in the order in which elements related to the plurality of element arrays are included in the encryption key.

The dividing and storing step may include dividing and storing the data into the plurality of element arrays in the reverse order of the order in which elements related to the plurality of element arrays are included in the encryption key.

The dividing and storing step may include dividing and storing the data into the plurality of element arrays in order of increasing value of elements related to the plurality of element arrays.

The dividing and storing step may include dividing and storing the data into the plurality of element arrays in descending order of the values of elements related to the plurality of element arrays.

In the rotationally storing step, some data of each of the plurality of element arrays may be alternately stored in the total array in the order in which elements related to the plurality of element arrays are included in the encryption key.

In the rotating storing step, some data of each of the plurality of element arrays may be stored in rotation in the total array in the reverse order of the order in which the elements related to the plurality of element arrays are included in the encryption key.

In the rotating storing step, some data of each of the plurality of element arrays may be stored in the total array in a rotating order in the order of the values of the elements related to the plurality of element arrays.

In the rotationally storing step, some data of each of the plurality of element arrays may be alternately stored in the total array in descending order of the values of elements related to the plurality of element arrays.

The rotating storage step includes checking whether there is data remaining in the element array that is not stored in the sum array, and if there is no remaining data, storage of data in the element array may be stopped. .

The rotating saving step may include the step of storing the total array in an encryption file when there is no data remaining in all element arrays that is not stored in the total array.

The encrypting step includes, when there is no data remaining in all element arrays that is not stored in the sum array, generating a second sum array for storing data of a size corresponding to the block unit, and the second sum array for storing data of a size corresponding to the block unit. The method may further include rearranging the remaining data of the original file in blocks by using the sum array and the plurality of element arrays.

The encoding method may further include storing data of the encrypted original file, information about the original file, and a unique key related to the encryption key in an encryption file. Information about the original file may include a file name of the original file and an extension of the original file.

The encoding method may further include receiving the original file, and the encrypting step may be performed while the original file is being received.

According to the encoder, encoding method, and computer-readable recording medium, the file being uploaded is encrypted in blocks, making it suitable as a lightweight encryption method for services that require quick feedback such as web services. It is possible to encrypt the entire file while compensating for performance overhead, and whether to attach the numeric combination and unique key used for an encryption key with multiple elements before or after the encryption data, or to change the element array to the elements of the received encryption key. Encoders and decoders of very diverse and complex forms can be created depending on whether they are declared in chronological order or chronological order, and can be transformed into different encryption structures depending on each system based on the encryption key. You can prevent loss and protect your files as much as possible in case of file theft due to hacking.

Figure 1A is a block diagram showing the configuration of an encoder according to an embodiment of the present invention.
Figure 1b is a diagram showing Table 1 showing an example of an encryption key database according to the present invention.
Figure 2 is a diagram illustrating the execution process of a block-level encryption method according to an embodiment of the present invention.
Figure 3a is a diagram showing the process of performing a rearrangement method according to an embodiment of the present invention.
Figure 3b is a diagram illustrating Table 2 showing data stored in a sum array according to a data allocation method according to an embodiment of the present invention.
FIG. 3C is a diagram showing Table 3 following Table 2 in FIG. 3B.
Figure 3d is a diagram showing the structure of a password file according to an embodiment of the present invention.
Figure 4a is a diagram showing the execution process of the encoding method in one embodiment of the present invention.
Figure 4b is a diagram showing the structure of an encryption file according to an embodiment of the present invention.
Figure 4c is a diagram showing the structure of a password file according to another embodiment of the present invention.
Figure 4d is a diagram showing the structure of a password file according to another embodiment of the present invention.
Figure 5 is a configuration diagram showing the configuration of an encoding system according to an embodiment of the present invention.
Figure 6 is a diagram showing the execution process of an encoding method in another embodiment of the present invention.
Figure 7 is a diagram showing the execution process of an encoding method in another embodiment of the present invention.

The embodiments herein and their various features and beneficial details are more fully described with reference to the non-limiting examples shown in the accompanying drawings and described in detail in the detailed description set forth below. Descriptions of well-known components and processing techniques are omitted so as not to unnecessarily obscure the embodiments herein. Additionally, the various embodiments described herein are not necessarily mutually exclusive, since some embodiments may be combined with one or more other embodiments to form new embodiments. The term “or”, as used herein, refers to the non-exclusive OR (or) unless otherwise indicated. The examples used herein are solely intended to facilitate an understanding of how the embodiments herein may be practiced and to further enable those skilled in the art to practice the embodiments herein. Correspondingly, the examples should not be construed as limiting the scope of the embodiments herein.

The terms used in the present invention are general terms that are currently widely used as much as possible while considering the functions in the present invention, but this may vary depending on the intention or practice of a technician working in the relevant technical field or the emergence of new technology. In addition, in certain cases, there are terms arbitrarily selected by the applicant, and in this case, the meaning will be described in detail in the description of the relevant invention. Therefore, we would like to clarify that the terms used in the present invention should be defined based on the meaning of the term and the overall content of the present invention, rather than simply the name of the term.

Figure 1A is a block diagram showing an encoder according to an embodiment of the present invention.

Referring to FIG. 1A, the encoder 100 according to the present invention may include a communication unit 110, a control unit 120, and a storage unit 130. The encoder 100 may be a personal computer system such as a desktop, laptop, tablet, mini computer, notebook, or handheld computer, or may be a server computer system such as a broadcast and streaming server, file server, or cloud server, and may be a navigator or It can be a digital TV such as IPTV and Smart TV, and can be a mobile phone, smart phone, digital broadcasting terminal, PDA (Personal Digital Assistants), PMP (Portable Multimedia Player), beam projector, and surveillance camera, but is limited to these. It doesn't work.

The communication unit 110 can transmit and receive signals or data through a network. For example, the communication unit 110 may receive an encryption key or file through a network. A network refers to a connection structure that allows information exchange between nodes such as a plurality of terminals and servers. Examples of such networks include RF, 3rd Generation Partnership Project (3GPP) network, and Long Term Evolution (LTE) network. , 5GPP (5rd Generation Partnership Project) network, WIMAX (World Interoperability for Microwave Access) network, Internet, LAN (Local Area Network), Wireless LAN (IEEE 802.11b, IEEE 802.11a, IEEE802.11g, IEEE802.11n ), WAN (Wide Area Network), PAN (Personal Area Network), WIBro (Wireless Broadband), Bluetooth network, ZigBee, NFC network, satellite broadcasting network, analog broadcasting network, DMB (Digital Multimedia Broadcasting) Includes, but is not limited to, networks.

The control unit 120 executes commands and performs operations associated with the encoder 100. For example, using commands retrieved from the storage unit 130, the control unit 120 can control input and output between components of the encoder 100, and reception and processing of data.

The control unit 120 executes program codes together with the operating system and generates and uses data. Operating systems are generally known and will not be described in more detail. For example, the operating system may be Windows-based OS, Unix, LINUX, Palm OS, DOS, Android, iOS, and Macintosh. An operating system, other computer code, and data may reside in storage unit 130 that operates in connection with control unit 120. The program code may be a source code generation module and an executable code generation module, and may be code executed in a web browser.

The control unit 120 may cause the encoder 100 to perform the encoding method according to the present invention by calling a program code including a command to perform the encoding method according to the present invention.

The storage unit 130 may store program code including instructions for performing the encoding method according to the present invention. The storage unit 130 may be implemented as read-only memory (ROM), random access memory (RAM), hard disk drive, etc. Program code and data may reside on a removable storage medium and may be loaded or installed onto encoder 100 as needed. Here, the removable storage medium may include a CD-ROM, PC-CARD, memory card, floppy disk, magnetic tape, and network component.

The control unit 120 may calculate a block unit indicating the data size based on an encryption key containing a plurality of elements. Here, the encryption key includes at least one of alphabets, numbers, and special characters as an element, and the elements included in the encryption key may be different. A plurality of encryption keys and unique keys related to the plurality of encryption keys are generated and stored in advance, and the encryption key can be selected from the stored encryption keys. The encryption key may be received by the communication unit 100 or may be previously stored in the storage unit 130.

encryption key database

To facilitate explanation and understanding, the encryption key can be basically created as an authentication key using a number, similar to Korea's lotto system. In some embodiments, a total of 8,303,765,625 keys can be created and stored in an encryption key database (DB) by generating the number as 456, and by expanding the number by one more, a total of 376,669,453,125 encryption methods can be created, and if the encryption key If you generate an encryption key of up to 6 characters in length without limiting the number of elements, 16+26+36+46+56+76........416+426+436+446+456 encryption An encoding method is created.

Additionally, if the elements of the encryption key are expanded based on a reference table corresponding to uppercase and lowercase letters of the alphabet rather than necessarily numbers, the number of cases that can be created increases infinitely.

Additionally, if you generate the listing order of the elements of the encryption key in ascending or descending order, you can create many more types of encryption keys and encoding methods.

Each time a key string of an encryption key is created, non-redundant alphabets, numbers, and special characters are mixed to create a unique key of 6 characters in length, and it is created in the encryption key DB, which is stored symmetrically. Here, the encryption key DB may be stored in the storage unit 130 or another server. In addition, the encryption key DB can be permanently stored through backup after initial creation. Since there are no additional encryption keys generated as the server operates, there is no need to worry about losing encryption keys between backup sections that occur during operation and backup. This generates an encryption key every time a password file is created, and to prevent the risk of loss that occurs when storing it in the encryption key DB, the number of encryption keys equal to the maximum file size expected to be stored in the encryption key DB is generated. It is created in advance. Accordingly, if an incorrect connection to the encoder is detected, security processing can be added, such as immediately deleting the encoding/decoding data for the key from the DB, processing it to prevent further requests, and isolating the file.

For example, key sequences of the encryption key and unique key with the structure shown in Table 1 shown in FIG. 1B are generated. In [Table 1], to facilitate understanding, all elements of the encryption key were treated as numbers and only generated as a combination of encryption keys with a total number of elements of 6. However, in another embodiment, an encryption key of unlimited length depending on the number and type of elements is created. You can also generate an encryption key.

The control unit 120 may calculate the sum of the values of each of the plurality of elements in units of the block. The value of the element included in the encryption key may be the size of the element or a value mapped to the element. The size of the element may be a size encoded in descending order of byte units or a size encoded in ascending order. Elements and values mapped to elements are stored in a reference table, and values mapped to the elements can be searched from the reference table.

For example, if the encryption key is [6,7,22,32,35,36], the elements included in the encryption key are 6, 7, 22, 32, 35, 36, and the sum of the total numbers (The sum of the values of each element) is 138, and the control unit 120 can calculate 138 in the block unit.

The control unit 120 may encrypt the original file in units of the calculated blocks based on the number of the plurality of elements and the value of each of the plurality of elements. The original file may be received by the communication unit 100 or may be previously stored in the storage unit 130. Additionally, while the communication unit 100 is receiving the original file, the control unit 120 may encrypt the received portion of the original file in units of the calculated blocks.

The control unit 120 can convert and use the stored or received encryption key. That is, the control unit 120 can calculate a block unit indicating the data size based on the converted encryption key, and based on the number of a plurality of elements included in the converted encryption key and the value of each of the plurality of elements. The original file can be encrypted in units of blocks calculated above. For example, even if the actual encryption key is [6 7 22 32 35 36], the control unit 120 uses symmetrical numbers (39,38,23,10,9), -since the maximum number is 45, 45-{6 ,7,22,32,35,36}-, use the substituted encryption key for encoding/decoding, respectively, or encode the bytes of the elements of the currently received encryption key in descending order and then encode them in ascending order. The replaced encryption key can be used for encoding/decoding, respectively.

Figure 2 is a diagram illustrating the execution process of a block-level encryption method according to an embodiment of the present invention.

Referring to FIG. 2, the control unit 120 generates a plurality of element arrays related to each of the plurality of elements (S100). For example, if the encryption key is [6,7,22,32,35,36], the control unit 120 generates an array of six elements a, b, c, d, e, and f as follows. can do. However, in this example, the element arrays a, b, c, d, e, and f are created as byte-unit arrays.

byte[6] a;//Array for the first number ‘6’ of the encryption key

byte[7] b;//Array for the second number ‘7’ of the encryption key

byte[22] c;//Array for the third number ‘22’ of the encryption key

byte[32] d;//Array for the fourth number ‘32’ of the encryption key

byte[35] e;//Array for the fifth number ‘35’ of the encryption key

byte[36] f;//Array for the sixth number ‘36’ of the encryption key

The control unit 120 creates a total array for storing data of a size corresponding to the block unit (S110). For example, if the encryption key is [6, 7, 22, 32, 35, 36], in step S110, the control unit 120 generates a sum array sum for storing data in units of 138 blocks as follows. can do.

byte[138] sum//Converted block of 138 bytes

The control unit 120 rearranges the data of the original file in units of blocks using the sum array and the plurality of element arrays (S120). Here, the plurality of element arrays may have a size that corresponds to the value of the related element or may have a size that corresponds to the difference between the block unit and the value of the related element.

Figure 3a is a diagram showing the process of performing a rearrangement method according to an embodiment of the present invention.

Referring to FIG. 3A, the control unit 120 divides the data stored in the original file in blocks into the plurality of element arrays and stores them (S200). In some embodiments, the control unit 120 may divide the data into the plurality of element arrays and store them in the order in which elements related to the plurality of element arrays are included in the encryption key. For example, as in the example above, if the encryption key is [6,7,22,32,35,36] and the sum array sum and element arrays a, b, c, d, e, and f are created, , data in the original file begins to be stored sequentially starting from array a. When the communication unit 110 receives the original file, the control unit 120 starts storing bytes from array a while a total of 138 bytes are received.

In some embodiments, the control unit 120 may divide the data into the plurality of element arrays and store them in the reverse order of the order in which elements related to the plurality of element arrays are included in the encryption key.

In some embodiments, the control unit 120 may divide the data into the plurality of element arrays and store them in the order of the values of elements related to the plurality of element arrays.

In some embodiments, the control unit 120 may divide the data into the plurality of element arrays and store them in descending order of the values of elements related to the plurality of element arrays.

The control unit 120 alternately stores some data of each of the plurality of element arrays in the sum array (S210). Here, some of the data may be in byte units, 2 bytes, or more than 2 bytes.

When the partial data is in byte units, the total array and the plurality of element arrays may be a byte-unit array, and may have a size corresponding to the value of the element related to the element array or the block unit and the related Data stored in the original file may be stored in the element array by a size corresponding to the difference value of the element values.

In some embodiments, the control unit 120 may alternately store some data of each of the plurality of element arrays in the total array in the order in which elements related to the plurality of element arrays are included in the encryption key.

In some embodiments, the control unit 120 may alternately store some data of each of the plurality of element arrays in the total array in the reverse order of the order in which elements related to the plurality of element arrays are included in the encryption key.

In some embodiments, the control unit 120 may alternately store some data of each of the plurality of element arrays in the total array in order of increasing value of the elements related to the plurality of element arrays.

In some embodiments, the control unit 120 may alternately store some data of each of the plurality of element arrays in the total array in descending order of the values of elements related to the plurality of element arrays.

Step S210 may include steps S211, S213, and S217, which will be described later.

The control unit 120 alternately stores some data of the element array in the sum array (S211). For example, as in the example above, if the encryption key is [6,7,22,32,35,36], a sum array sum, and element arrays a, b, c, d, e, and f are created, and some of the above When the data is in byte units and some data of each of the plurality of element arrays are stored in turn in the sum array in the order included in the encryption key, [Table 2] and element arrays a and b shown in FIG. 3B , c, d, e, and f are stored in the sum array sum, one byte each from the beginning, in the order of each element array.

The control unit 120 checks whether there is data remaining in the element array that is not stored in the sum array (S213). If the remaining data exists as a result of the confirmation, the control unit 120 performs step S211 for the next element arrangement.

If there is no remaining data, the control unit 120 excludes the element array so that storage of data in the element array without the remaining data is stopped (S215). That is, if there is no data remaining in a specific element array, the control unit 120 can automatically move to the next array by performing step S215.

For example, element array a has a total of 6 byte arrays, so based on the last sum[30] =a[5] in [Table 2] shown in Figure 3b, there is no more data in element array a. It proceeds as shown in [Table 3] shown in Figure 3c. Since the element array b also has a total of 7 data, as shown in [Table 3], b[6] is no longer added to the total array sum.

The control unit 120 checks whether there is a remaining element array that was not excluded in step S215 (S217). If there is a remaining element array as a result of the confirmation, the control unit 120 performs step S211 for the next element array among the remaining element arrays. The control unit 120 performs step S217, skips the element array with no remaining data as shown in [Table 3], and sequentially stores the element array that still has data until the end. Finally, when "sum[137] = f[35]" is performed, the data of the original file with a size of 138 bytes (in block units calculated above) is rearranged and stored in the sum array sum.

As a result of checking in step S217, if there is no data remaining in all element arrays that is not stored in the sum array, the control unit 120 stores the sum array in the password file (S220). For example, if “sum[137] = f[35]” is finally performed, the control unit 120 may proceed to step S220.

In some embodiments, in step S120 shown in FIG. 2, the control unit 120 may repeatedly perform the rearrangement method shown in FIG. 3A on a block basis. Each time the process is repeated, data of the next block of the original file may be stored in a plurality of element array in step S200, and block units may be sequentially stored in the above-described encryption file in step S220. For example, if the block unit is 135 bytes, the password file may have the structure shown in FIG. 3D. Block0 is the data stored in the password file in step S220 after the rearrangement method is executed the first time, Block1 is the data stored in the password file in step S220 after the rearrangement method is executed the second time, and Block2 is the data stored in the password file in step S220 after the rearrangement method is executed the third time. Block3 is the data stored in the password file in step S220 after the rearrangement method is executed for the fourth time, and Block4 is the data stored in the password file in step S220 after the rearrangement method is executed for the first time. .

In some embodiments, step S120 shown in FIG. 2 may include steps S200 and S210 described above in FIG. 3A. In this embodiment, the control unit 120 may repeatedly perform S110 and S120 in block units. A new total array is created each time it is repeated, and in step S200, data of the next block of the original file may be stored in a plurality of element array, and step S220 may not be required. A total array can be created and maintained as many times as the number of repetitions. For example, if the number of repetitions is 100 and the calculated block unit is 138 bytes, 100 sum arrays with a size of 138 bytes are created, and the data of the encrypted original file is stored in 100 sum arrays. . That is, the data of the encrypted original file is stored in blocks as shown in Figure 3d in a data array with a size of sum[100][138] bytes.

Figure 4a is a diagram showing the execution process of the encoding method according to an embodiment of the present invention.

Referring to FIG. 4A, the control unit 120 calculates a block unit indicating the data size based on an encryption key including a plurality of elements (S300). Here, the encryption key includes at least one of alphabets, numbers, and special characters as an element, and the elements included in the encryption key may be different. A plurality of encryption keys and unique keys related to the plurality of encryption keys are generated and stored in advance, and the encryption key can be selected from the stored encryption keys. For example, the encryption key may be selected from the above-described encryption key database, or the encryption key selected from the database may be converted. For example, the encryption key may be received, or the received encryption key may be converted.

In step S300, the control unit 120 may calculate the sum of the values of each of the plurality of elements in units of the block. The value of the element included in the encryption key may be the size of the element or a value mapped to the element. The size of the element may be a size encoded in descending order of byte units or a size encoded in ascending order. Elements and values mapped to elements are stored in a reference table, and values mapped to the elements can be searched from the reference table.

The control unit 120 encrypts the original file in units of the calculated blocks based on the number of the plurality of elements and the value of each of the plurality of elements (S310). In some embodiments, in step S310, the control unit 120 may perform the block-based encryption method described above in FIG. 2.

The control unit 120 stores the data of the encrypted original file, information about the original file, and a unique key related to the encryption key in an encryption file (S320). Here, the data of the encrypted original file may be stored in a plurality of total arrays depending on the embodiment, or may be stored in the encryption file of step S220 described above in FIG. 3A. The password file may be the same as or different from the password file in step S220. In the same case, in step S320, the control unit 120 may additionally store information about the original file and a unique key related to the encryption key in the encryption file of step S220. Information about the original file may include a file name of the original file and an extension of the original file.

As an example, the password file of step S320 may have the structure shown in FIG. 4B. In Figure 4b, 'Header' comes first in the data array, and 'encrypted key' comes last. The file name or extension of the original file can be entered in 'Header', and the unique key related to the encryption key used can be entered in 'encrypted key'. Here, Figure 4b is an example structure, and the arrangement of 'header' and 'encrypted key' is not for regulation but for expression, so the user can arbitrarily move or modify the location or data depending on the server and equipment to be implemented. there is. As a further example, the password file may have the structure shown in FIG. 4C or the structure shown in FIG. 4D. In the structure shown in Figure 4c, the data array is at the beginning, followed by 'FileHeaderInfo' and 'encrypted key'. In the structure shown in Figure 4d, 'encrypted key' comes first, followed by 'FileHeaderInfo' and data array. Information about the encrypted original file is entered into 'FileHeaderInfo'.

In the present invention, the length of the twisted sum array in block units varies depending on the length of the total number of given encryption keys, so the present invention has the advantage that a wide variety of transformation methods can be generated. In the above example, the encryption key has the numbers [6,7,22,32,35,36], so a total of 138 bytes was defined as one block, but if the number assigned to the encryption key for encoding is [1, 2,3,4,5,6], the length of one block unit is 21 (1+2+3+4+5+6 = 21).

Figure 5 is a configuration diagram showing the configuration of an encoding system according to an embodiment of the present invention.

Referring to FIG. 5, the encoding system 1 according to the present invention may include an encoder 10, an information providing server 20, and a user terminal 30. The encoder 10, the information providing server 20, and the user terminal 30 may be connected to the network 2. Network 2 refers to a connection structure that allows information exchange between nodes, such as a plurality of terminals and servers. Examples of such networks include RF, 3rd Generation Partnership Project (3GPP) network, and Long Term (LTE) network. Evolution) network, 5GPP (5th Generation Partnership Project) network, WIMAX (World Interoperability for Microwave Access) network, Internet, LAN (Local Area Network), Wireless LAN (IEEE 802.11b, IEEE 802.11a, IEEE802.11g, IEEE802.11n), WAN (Wide Area Network), PAN (Personal Area Network), WIBro (Wireless Broadband), Bluetooth network, ZigBee, NFC network, satellite broadcasting network, analog broadcasting network, DMB (Digital Multimedia Broadcasting (Multimedia Broadcasting) networks, etc. are included, but are not limited thereto.

Encoder 10 may include encoder 100 shown in FIG. 1A.

The information providing server 20 may generate an encryption key, store the generated encryption key, and transmit the stored encryption key to the encoder 100. Here, the encryption key includes at least one of alphabets, numbers, and special characters as an element, and the elements included in the encryption key may be different. A plurality of encryption keys and a unique key related to the plurality of encryption keys may be generated in advance and stored in the information providing server 20. The information providing server 20 can select an encryption key to be transmitted to the encoder 100 from the plurality of stored encryption keys. The information providing server 20 may store the above-described encryption key database, select an encryption key from the stored encryption key database, and transmit the selected encryption key to the encoder 100.

The information provision server 20 may be an electronic device with a communication function, and the electronic device may be a personal computer system such as a desktop, laptop, tablet, mini computer, notebook, or handheld computer, a broadcast and streaming server, a file server, It may be a server computer system such as a cloud server, a navigator or a digital TV such as IPTV and Smart TV, a mobile phone, a smart phone, a digital broadcasting terminal, a Personal Digital Assistant (PDA), or a Portable Multimedia Player (PMP). ), beam projectors, and surveillance cameras, but are not limited to these.

The user terminal 30 may transmit the original file to the encoder 100. The user terminal 30 may be a personal computer system such as a desktop, laptop, tablet, mini computer, notebook, or handheld computer, or a server computer system such as a broadcast and streaming server, a file server, or a cloud server, and may be a navigator or IPTV and It may be a digital TV such as Smart TV, a mobile phone, a smart phone, a digital broadcasting terminal, a PDA (Personal Digital Assistants), a PMP (Portable Multimedia Player), a beam projector, and a surveillance camera, but is limited to these. no.

Figure 6 is a diagram showing the execution process of the encoding method according to an embodiment of the present invention.

Referring to FIG. 6, the communication unit 110 receives the original file from the user terminal 30 (S400).

The control unit 120 calculates a block unit indicating the data size based on an encryption key containing a plurality of elements (S410). Here, the encryption key includes at least one of alphabets, numbers, and special characters as an element, and the elements included in the encryption key may be different. A plurality of encryption keys and unique keys related to the plurality of encryption keys are generated and stored in advance, and the encryption key can be selected from the stored encryption keys. For example, the encryption key may be selected from the above-described encryption key database, or the encryption key selected from the database may be converted. For example, the encryption key may be received, or the received encryption key may be converted.

In step S410, the control unit 120 may calculate the sum of the values of each of the plurality of elements in units of the block. The value of the element included in the encryption key may be the size of the element or a value mapped to the element. The size of the element may be a size encoded in descending order of byte units or a size encoded in ascending order. Elements and values mapped to elements are stored in a reference table, and values mapped to the elements can be searched from the reference table.

The control unit 120 encrypts the original file received in step S400 in units of the calculated blocks based on the number of elements and the values of each of the plurality of elements (S420). While the original file is being received, step S420 may proceed. In some embodiments, in step S420 described above in FIG. 3A, the control unit 120 may perform the block-based encryption method described above in FIG. 2.

The control unit 120 stores the data of the encrypted original file, information about the original file, and a unique key related to the encryption key in an encryption file (S430). Here, the data of the encrypted original file may be stored in a plurality of total arrays depending on the embodiment, or may be stored in the encryption file of step S220. The password file may be the same as or different from the password file in step S220. In the same case, in step S430, the control unit 120 may additionally store information about the original file and a unique key related to the encryption key in the encryption file of step S220. Information about the original file may include a file name of the original file and an extension of the original file.

As an example, the password file of step S430 may have the structure shown in FIG. 4B. In Figure 4b, 'Header' comes first in the data array, and 'encrypted key' comes last. The file name or extension of the original file can be entered in 'Header', and the unique key related to the encryption key used can be entered in 'encrypted key'. Here, Figure 4b is an example structure, and the arrangement of 'header' and 'encrypted key' is not for regulation but for expression, so the user can arbitrarily move or modify the location or data depending on the server and equipment to be implemented. there is. As a further example, the password file may have the structure shown in FIG. 4C or the structure shown in FIG. 4D. In the structure shown in Figure 4c, the data array is at the beginning, followed by 'FileHeaderInfo' and 'encrypted key'. In the structure shown in Figure 4d, 'encrypted key' comes first, followed by 'FileHeaderInfo' and data array. Information about the encrypted original file is entered into 'FileHeaderInfo'.

Figure 7 is a diagram showing the execution process of the encoding method according to an embodiment of the present invention.

Referring to FIG. 7, the communication unit 110 receives the original file from the user terminal 30 (S500).

When reception of the original file begins, the control unit 120 requests transmission of an encryption key to the information provision server 20 (S510).

The communication unit 110 receives an encryption key containing a plurality of elements and a unique key related to the encryption key from the information providing server 20 (S520). Here, the encryption key includes at least one of alphabets, numbers, and special characters as an element, and the elements included in the encryption key may be different. A plurality of encryption keys and unique keys related to the plurality of encryption keys are generated and stored in advance, and the encryption key can be selected from the stored encryption keys. As an example, the encryption key may be selected from the encryption key database described above.

The control unit 120 calculates a block unit indicating the data size based on the encryption key received in step S520 (S530). In some embodiments, the control unit 120 may convert the encryption key received in step S520 and calculate a block unit indicating the data size based on the converted encryption key.

In step S530, the control unit 120 may calculate the sum of the values of each of the plurality of elements in units of the block. The value of the element included in the encryption key may be the size of the element or a value mapped to the element. The size of the element may be a size encoded in descending order of byte units or a size encoded in ascending order. Elements and values mapped to elements are stored in a reference table, and values mapped to the elements can be searched from the reference table. In some embodiments, the reference table may be stored in the storage unit 130 in advance and may be received from the information providing server 20 in step S520.

The control unit 120 encrypts the original file received in step S500 in units of the calculated blocks based on the number of the plurality of elements and the value of each of the plurality of elements (S540). While the original file is being received, step S540 may proceed. In some embodiments, in step S540, the control unit 120 may perform the block-based encryption method described above in FIG. 2.

The control unit 120 stores the data of the encrypted original file, information about the original file, and a unique key related to the encryption key in an encryption file (S550). Here, the data of the encrypted original file may be stored in a plurality of total arrays depending on the embodiment, or may be stored in the encryption file of step S220 described above in FIG. 3A. The password file may be the same as or different from the password file in step S220. In the same case, in step S550, the control unit 120 may additionally store information about the original file and a unique key related to the encryption key in the encryption file of step S220. Information about the original file may include a file name of the original file and an extension of the original file.

For example, the password file of step S550 may have the structure shown in FIG. 4B. In Figure 4b, 'Header' comes first in the data array, and 'encrypted key' comes last. The file name or extension of the original file can be entered in 'Header', and the unique key related to the encryption key used can be entered in 'encrypted key'. Here, Figure 4b is an example structure, and the arrangement of 'header' and 'encrypted key' is not for regulation but for expression, so the user can arbitrarily move or modify the location or data depending on the server and equipment to be implemented. there is. As a further example, the password file may have the structure shown in FIG. 4C or the structure shown in FIG. 4D. In the structure shown in Figure 4c, the data array is at the beginning, followed by 'FileHeaderInfo' and 'encrypted key'. In the structure shown in Figure 4d, 'encrypted key' comes first, followed by 'FileHeaderInfo' and data array. Information about the encrypted original file is entered into 'FileHeaderInfo'.

Usually, the encoder/decoder for files stored on a universal server assumes the encoding/decoding method as a separate function in its own code and is stored together in the file server as a separate program or function. However, if, as in the present invention, the information providing server manages all encoding/decoding methods and only encoded password files exist in the file server corresponding to the encoder of the present invention, even if the decoder is hacked, a separate length is stored for each file. Data processed using block and encoding methods cannot be easily confirmed.

For example, for each encoding method stored in the information provision server, in one embodiment of the present invention, there is only an encryption key that is a combination of a plurality of elements used for encoding and a unique key associated with the encryption key. Depending on the method of generating the encryption key used, the method of using encryption key conversion, whether the unique key of the encryption file is appended to the front or the end, or whether the element array is declared in the order of the elements of the received encryption key or in reverse order, etc. It becomes possible to create encoders/decoders of various and complex types.

The module that processes encoding and decoding by receiving the encryption key for encoding/decoding from the information providing server and the information providing server at each time is binary, and the program code must be stored in the MAC address and CPU ID of the corresponding hardware device. , If the program was programmed to operate only when the characteristics and conditions of the server are met, as a result, even if the hacker succeeded in hacking both the database server and the files, the encryption method program of the currently operating server system was used to decrypt the password. If you do not disassemble the code, you will not be able to decrypt the password file.

Embodiments disclosed herein may be implemented through at least one software program running on at least one hardware device and performing a network management function for controlling components. The components shown in FIG. 1A include blocks that may be at least one of a hardware device or a combination of a hardware device and a software module.

The present invention can also be implemented as computer-readable code on a computer-readable recording medium. Computer-readable recording media include all types of recording devices that store data that can be read by a computer system. Examples of computer-readable recording media include ROM, RAM, CD-ROM, magnetic tape, floppy disk, and optical data storage devices. Additionally, the computer-readable recording medium may be distributed over networked computer systems to store and execute computer-readable code in a distributed manner.

These and other aspects of the embodiments herein will be better appreciated and understood upon consideration of the following detailed description and accompanying drawings. However, it is to be understood that the detailed description that follows, although it identifies preferred embodiments and numerous specific details thereof, is provided by way of example and not limitation. Many modifications and changes may be made within the scope of the embodiments herein without departing from the technical spirit of the embodiments, and the embodiments herein include all such changes.

Although preferred embodiments of the present invention have been shown and described above, the present invention is not limited to the specific preferred embodiments described above, and can be used in the technical field to which the invention pertains without departing from the gist of the present invention as claimed in the claims. Anyone skilled in the art can make various modifications, and such modifications fall within the scope of the claims.

Encoding system 1 Encoder 10
Information provision server 20 User terminal 30
Encoder 100 Communication Department 110
Control unit 120 Storage unit 130

Claims (12)

delete Calculating a block unit indicating data size based on an encryption key including a plurality of elements; and
Comprising the step of encrypting the original file in units of the calculated blocks based on the number of the plurality of elements and the value of each of the plurality of elements,
The encryption step is,
generating a plurality of element arrays associated with each of the plurality of elements;
generating a sum array for storing data of a size corresponding to the block unit; and
An encoding method comprising rearranging the original file in units of blocks using the sum array and the plurality of element arrays. According to clause 2,
The rearrangement step is,
dividing and storing data stored in the original file in units of the block into the plurality of element arrays; and
An encoding method comprising the step of sequentially storing some data of each of the plurality of element arrays in the sum array. According to clause 3,
The dividing and storing step is,
In the order in which the elements related to the plurality of element arrays are included in the encryption key, in the reverse order of the order in which the elements related to the plurality of element arrays are included in the encryption key, the values of the elements related to the plurality of element arrays are An encoding method comprising dividing and storing the data into the plurality of element arrays in ascending order or in descending order of the values of elements associated with the plurality of element arrays. According to clause 3,
The rotating saving step is,
In the order in which the elements related to the plurality of element arrays are included in the encryption key, in the reverse order of the order in which the elements related to the plurality of element arrays are included in the encryption key, the values of the elements related to the plurality of element arrays are An encoding method, characterized in that some data of each of the plurality of element arrays are stored in rotation in the sum array in the order of the largest or the smallest value of the elements associated with the plurality of element arrays. According to clause 3,
The rotating saving step is,
A step of checking whether there is data remaining in the element array that is not stored in the sum array,
An encoding method characterized in that, when there is no data remaining, storage of data of the element array is stopped. According to clause 6,
The rotating saving step is,
When there is no data remaining in all element arrays that is not stored in the sum array, an encoding method comprising the step of storing the sum array in an encryption file. According to clause 6,
The encryption step is,
If there is no data remaining in all element arrays that is not stored in the sum array, generating a second sum array to store data of a size corresponding to the block unit; and
The encoding method further comprising rearranging the remaining data of the original file in units of blocks using the second total array and the plurality of element arrays. According to clause 2,
The encoding method further comprising storing data of the encrypted original file, information about the original file, and a unique key related to the encryption key in an encryption file. According to clause 2,
The encryption key is,
Contains at least one of alphabets, numbers, and special characters as an element,
An encoding method, characterized in that the elements included in the encryption key are different from each other. A computer-readable storage medium storing program code including instructions for performing the encoding method according to any one of claims 2 to 10. a storage unit storing program code including instructions for performing the encoding method according to any one of claims 2 to 10; and
An encoder comprising a control unit that calls the program code to perform the encoding method.