[go: up one dir, main page]

CN106850597A - A kind of distributed cryptographic method and system - Google Patents

A kind of distributed cryptographic method and system Download PDF

Info

Publication number
CN106850597A
CN106850597A CN201710034822.5A CN201710034822A CN106850597A CN 106850597 A CN106850597 A CN 106850597A CN 201710034822 A CN201710034822 A CN 201710034822A CN 106850597 A CN106850597 A CN 106850597A
Authority
CN
China
Prior art keywords
encryption equipment
predetermined number
encryption
information
common recognition
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710034822.5A
Other languages
Chinese (zh)
Inventor
亓兵
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Cloud Technology Co Ltd
Original Assignee
Beijing Cloud Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Cloud Technology Co Ltd filed Critical Beijing Cloud Technology Co Ltd
Priority to CN201710034822.5A priority Critical patent/CN106850597A/en
Publication of CN106850597A publication Critical patent/CN106850597A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0464Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload using hop-by-hop encryption, i.e. wherein an intermediate entity decrypts the information and re-encrypts it before forwarding it
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/045Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The application is related to a kind of distributed cryptographic method and system, wherein, methods described includes:Process unit's information is extracted from information to be encrypted, and process unit's information is split as the message segment of the first predetermined number;Encryption equipment for the second predetermined number carries out selecting for the first predetermined number number of times;Each message segment is encrypted respectively using the public key in the encryption equipment for selecting the first predetermined number for obtaining, and the information after encryption is broadcasted;By the transmission to private key authorized person that puts in order of the encryption equipment of first predetermined number, to cause that the information after the encryption is decrypted according to described being put in order using the private key being pre-configured with for the private key authorized person.A kind of distributed cryptographic method and system that the application is provided, even if also can guarantee that the safety of encryption data in Key Exposure, even if while when a part of encryption equipment is damaged, moreover it is possible to ensure that encryption system can normally run.

Description

A kind of distributed cryptographic method and system
Technical field
The application is related to data encryption technology field, more particularly to a kind of distributed cryptographic method and system.
Background technology
The basic process of data encryption is exactly, to being originally that the file or data of plaintext are processed by certain algorithm, to make it As one section of unreadable code, commonly referred to " ciphertext ", make it that this can only can be just shown after corresponding key is input into Carry out content, the purpose for protecting data not stolen by juridical-person, read is reached by such approach.The inverse process of the process is Decryption, will the coding information be converted into the process of its original data.
Used encryption technology is broadly divided into symmetry encryption technology and unsymmetrical tridiagonal matrix technology.Wherein, symmetric cryptography Algorithm is using AES, technology maturation earlier.In a symmetric encryption algorithm, data transmission side will plaintext and encryption key Sent by after the treatment of special AES, making it become complicated encrypted cipher text together.After destination receives ciphertext, if Want to understand original text, then need to use the used key of encryption and the algorithm for inversion of identical algorithms to be decrypted ciphertext, can just make it Revert to readable plaintext.In a symmetric encryption algorithm, the key only one of which for using, hair collection of letters both sides use this key pair Data are encrypted and decrypted, and this requires that decryption side must be known by encryption key in advance.
Rivest, shamir, adelman uses " public-key cryptography " right with " private cipher key " in the encryption and decryption of information, this Key to being made by decryption person (i.e. the recipient of information), " public-key cryptography " as the key being encrypted to information, to sending Person issues, while " private cipher key " required for recipient takes good care of decryption.Herein, using the information of public key encryption Can be decrypted by private cipher key, but private cipher key can not be speculated according to public-key cryptography, it is possible in the environment via the third party Middle issue public-key cryptography.If user A will give the public affairs that user B transmission secret informations m, A should find B from open key sheet first Drive key, and form the AES EB of B, with EB to plaintext m scrambleds, obtain ciphertext C=EB (m), then C is sent to B.With Family B is after ciphertext C is received, it is possible to recover plaintext m=DB (C)=DB with decipherment algorithm DB determined by the key of oneself (EB(m))。
The defect that current encryption method is present is:
1st, either symmetry encryption technology or unsymmetrical tridiagonal matrix technology, because AES is unique and determines, one Denier key is compromised, and encrypted content will be cracked;
Once for the 2nd, being responsible in the encryption equipment of encryption is destroyed, whole encryption system failure.
The content of the invention
The purpose of the application is to provide a kind of distributed cryptographic method and system, even if also be can guarantee that in Key Exposure The safety of encryption data, even if while when a part of encryption equipment is damaged, moreover it is possible to ensure that encryption system can normally run.
To achieve the above object, on the one hand the application provides a kind of distributed cryptographic method, and methods described includes:From treating Process unit's information is extracted in the information of encryption, and process unit's information is split as the information of the first predetermined number Section;Encryption equipment for the second predetermined number carries out selecting for the first predetermined number number of times, to obtain adding for the first predetermined number Close machine;The message segment of first predetermined number is added respectively using the public key in the encryption equipment of first predetermined number It is close, and the information after encryption is broadcasted;Transmission to the private key that puts in order of the encryption equipment of first predetermined number is awarded Quan Zhe, to cause that the private key authorized person is put in order to the information after the encryption using the private key being pre-configured with according to described It is decrypted.
Further, in the encryption equipment of second predetermined number, same encryption equipment can be selected 0 time or at least 1 Secondary, every encryption equipment possesses the key pair comprising public key and private key, and different keys is different to corresponding enciphering and deciphering algorithm.
Further, methods described also includes:Each message segment is numbered and to selecting the encryption for obtaining every time Machine is numbered;Correspondingly, using the public key in the encryption equipment of first predetermined number to the letter of first predetermined number Breath section is encrypted specifically includes respectively:Every encryption equipment in the encryption equipment of first predetermined number is traveled through, and utilization is worked as Message segment of the public key pair of preceding encryption equipment with the current crypto equipment for identical numbering is encrypted.
Further, the encryption equipment for the second predetermined number carries out selecting for the first predetermined number number of times, to obtain The encryption equipment of one predetermined number is specifically included:S11:Determine the hash algorithm used during initial value and calculating to be calculated; S12:It is every common recognition unit of encryption equipment distribution at least one, and is counted repeatedly using each common recognition unit described hash algorithm of execution The initial value is calculated, until result of calculation meets pre-conditioned;S13:Cause that result of calculation meets default bar when occurring first During the common recognition unit of part, cause that result of calculation meets pre-conditioned common recognition unit using described first single as target common recognition Unit, and notify that other common recognition units stop the process for calculating;S14:The encryption equipment that the target is known together belonging to unit is used as choosing The encryption equipment selected;S15:Step S11 to S14 is repeated, untill the encryption equipment of the first predetermined number is obtained.
Further, result of calculation meets pre-conditioned specifically including:Result of calculation is less than or equal to default cryptographic Hash.
Further, it is encrypted respectively in the message segment to first predetermined number, and the information after encryption is entered After row broadcast, methods described also includes:Encryption equipment again for the second predetermined number carries out the first predetermined number number of times Select, to retrieve the encryption equipment of the first predetermined number;In encryption equipment using first predetermined number for retrieving Message segment of the public key again to first predetermined number be encrypted respectively, and the information after encrypting again is carried out extensively Broadcast.
To achieve the above object, the application implementation method also provides a kind of distributed cryptographic system, and the system includes:Plus Work unit information split cells, for extracting process unit's information from information to be encrypted, and by the process unit Information is split as the message segment of the first predetermined number;Encryption equipment module of selection, enters for the encryption equipment for the second predetermined number Row the first predetermined number number of times is selected, obtaining the encryption equipment of the first predetermined number;Ciphering unit, for utilizing described first Public key in the encryption equipment of predetermined number is encrypted respectively to the message segment of first predetermined number, and by the letter after encryption Breath is broadcasted;Decryption unit, for putting in order for the encryption equipment of first predetermined number to be sent to private key authorized person, To cause that the information after the encryption is carried out according to described being put in order using the private key being pre-configured with for the private key authorized person Decryption.
Further, in the encryption equipment of second predetermined number, same encryption equipment can be selected 0 time or at least 1 Secondary, every encryption equipment possesses the key pair comprising public key and private key, and different keys is different to corresponding enciphering and deciphering algorithm.
Further, the system also includes:Numbered cell, for being numbered to each message segment and to choosing every time The encryption equipment that choosing is obtained is numbered;Correspondingly, the ciphering unit is specifically included:Spider module, for traveling through described first Every encryption equipment in the encryption equipment of predetermined number, and using current crypto machine public key pair with the current crypto equipment for phase It is encrypted with the message segment of numbering.
Further, the encryption equipment module of selection is specifically included:Initial setting module, it is to be calculated initial for determining The hash algorithm used when value and calculating;Hash calculation module, for being every common recognition unit of encryption equipment distribution at least one, And the initial value is calculated repeatedly using each common recognition unit described hash algorithm of execution, until result of calculation meets default bar Part;Target common recognition unit determining module, when causing that result of calculation meets pre-conditioned common recognition unit for occurring first, will Described first causes that result of calculation meets pre-conditioned common recognition unit as target common recognition unit, and notifies that other common recognitions are single Unit stops the process for calculating;Encryption equipment determining module, for encryption equipment that the target is known together belonging to unit as picking out Encryption equipment;Module is repeated, for repeating the initial setting module to the encryption equipment determining module, until To the encryption equipment of the first predetermined number.
Therefore, data can be split as multiple message segments by the application implementation method when being encrypted to data. Meanwhile, the encryption equipment number consistent with the quantity of message segment can be picked out from being scattered in unordered encryption equipment, and in encryption Mapped one by one between machine and message segment, so that the public key in each encryption equipment can encrypt a message segment.So, exist , it is necessary to be decrypted using corresponding private key according to be put in order for encryption equipment during decryption.Even if Key Exposure, add not knowing In the case that close machine puts in order, still correctly encryption data cannot be decrypted.Simultaneously as same encryption equipment can Repeatedly to be selected, even if a part of encryption equipment therein generates failure, other encryption equipments are still able to ensure encryption system The normal operation of system.
Brief description of the drawings
Fig. 1 is the flow chart of distributed cryptographic method in the application implementation method;
Fig. 2 is the process analysis figure of distributed cryptographic method in the application implementation method;
Fig. 3 is the functional block diagram of distributed cryptographic system in the application implementation method.
Specific embodiment
In order that those skilled in the art more fully understand the technical scheme in the application, below in conjunction with the application reality The accompanying drawing in mode is applied, the technical scheme in the application implementation method is clearly and completely described, it is clear that described Implementation method is only a part of implementation method of the application, rather than whole implementation methods.Based on the embodiment party in the application Formula, all other implementation method that those of ordinary skill in the art are obtained under the premise of creative work is not made all should When the scope for belonging to the application protection.
Fig. 1 is referred to, the application implementation method provides a kind of distributed cryptographic method, the described method comprises the following steps.
S1:Process unit's information is extracted from information to be encrypted, and process unit's information is split as the The message segment of one predetermined number;
S2:Encryption equipment for the second predetermined number carries out selecting for the first predetermined number number of times, is preset with obtaining first The encryption equipment of quantity;
S3:The message segment of first predetermined number is distinguished using the public key in the encryption equipment of first predetermined number It is encrypted, and the information after encryption is broadcasted;
S4:By the transmission to private key authorized person that puts in order of the encryption equipment of first predetermined number, to cause the private The information after the encryption is decrypted according to described being put in order using the private key being pre-configured with for key authorized person.
Also referring to Fig. 2, in the present embodiment, a unit processing letter can be extracted from information to be encrypted Breath, the unit machining information is divided into n sections.Meanwhile, can currently possess the m unordered encryption equipment that is scattered, these encryptions Machine can be pre-registered in the server, but the particular location of these encryption equipments can be maintained secrecy.In the server, Each encryption equipment can be configured, and the public key in each encryption equipment can be utilized to be encrypted data.
In the present embodiment, selecting for machine can be encrypted by the common recognition mechanism of block chain.Specifically, step S2 In when being encrypted machine and selecting, can be realized by following sub-step:
S11:Determine the hash algorithm used during initial value and calculating to be calculated;
S12:It is every common recognition unit of encryption equipment distribution at least one, and is calculated using each common recognition unit described Hash of execution Method calculates the initial value repeatedly, until result of calculation meets pre-conditioned;
S13:When occurring first so that result of calculation meets pre-conditioned common recognition unit, described first is caused Result of calculation meets pre-conditioned common recognition unit as target common recognition unit, and notifies that other common recognition units stop the mistake for calculating Journey;
S14:Using the encryption equipment belonging to target common recognition unit as the encryption equipment picked out;
S15:Step S11 to S14 is repeated, untill the encryption equipment of the first predetermined number is obtained.
In the present embodiment, the initial value can be a character string being arbitrarily designated, and the hash algorithm is for example Can be SHA256 hash algorithms.When encryption equipment is selected, can in m encryption equipment each encryption equipment distribution at least one it is common Know unit, each character string of common recognition unit by SHA256 hash algorithms repeatedly to being input into then can be allowed to calculate, often Secondary calculating can obtain a result of calculation.In the present embodiment, a default cryptographic Hash can be provided, the default Hash Value can be used to judge whether computation structure meets the requirements.Specifically, every time calculate after, if result of calculation be less than or Equal to default cryptographic Hash, then show that the result that the common recognition unit is calculated repeatedly meets pre-conditioned.So, when occur first make Result of calculation when meeting pre-conditioned common recognition unit, can cause that result of calculation meets pre-conditioned by described first Common recognition unit is known together unit as target, and notifies that other common recognition units stop the process for calculating, and target common recognition unit institute The encryption equipment of category just can be as the encryption equipment picked out.
In present embodiment kind, selecting for n encryption equipment can be carried out altogether, can be caused when selecting every time m plus The common recognition unit of each encryption equipment carries out the calculating process repeatedly of character string in close machine.Due to the operational capability of each common recognition unit Relatively, when therefore calculating every time, each common recognition unit is likely to become calculating time most short target common recognition unit. That is, the encryption equipment picked out every time is entirely random, so as to ensure that the randomness of data encryption, also increases violence The difficulty for cracking.
In the present embodiment, in the encryption equipment of second predetermined number, same encryption equipment can be selected 0 time or At least 1 time, every encryption equipment possesses the key pair comprising public key and private key, different key to corresponding enciphering and deciphering algorithm not Together.
In the present embodiment, after splitting out n message segment and picking out n encryption equipment, can be to each information Section is numbered and is numbered to selecting the encryption equipment for obtaining every time.So, the numbering of message segment is 1 to n, encryption equipment Numbering is also 1 to n, such that it is able to every encryption equipment in the encryption equipment for traveling through first predetermined number, and is added using current Message segment of the public key pair of close machine with the current crypto equipment for identical numbering is encrypted.That is, numbering identical Encryption equipment and message segment can be corresponded.
In the present embodiment, after being encrypted successively to n message segment using the n public key of encryption equipment, can be with Information after encryption is broadcasted.So, the information after encryption can then be required the user being decrypted and receive.
In the present embodiment, when being decrypted, it is necessary to know the n respective key of encryption equipment and encryption equipment to letter The order of breath section encryption, could sequentially decrypt each message segment.Therefore, for the private key authorized person for needing to decrypt, can be advance The private key of each encryption equipment is configured, the encryption equipment of communication channel reception first predetermined number of encryption is may then pass through Put in order, such that it is able to the information after the encryption is decrypted according to described being put in order using corresponding private key.
In the present embodiment, in order to strengthen the security of encryption information, encryption information can be enabled over time Change.Specifically, it is encrypted respectively in the message segment to first predetermined number, and the information after encryption is broadcasted Afterwards, selecting for the first predetermined number number of times can be carried out again for the encryption equipment of the second predetermined number, to retrieve The encryption equipment of one predetermined number.Because the operational capability of encryption equipment is very nearly the same, the encryption equipment picked out again is chosen with the last time The encryption equipment selected then has difference, so, using the public key in the encryption equipment of first predetermined number for retrieving again The secondary message segment to first predetermined number is encrypted respectively, such that it is able to generate the encryption information different from the last time, Then the information after encrypting again can be broadcasted, thus ensure each encryption information can change over time without Together.
Fig. 3 is referred to, the application implementation method also provides a kind of distributed cryptographic system, and the system includes:
Process unit information split cells 100, for extracting process unit's information from information to be encrypted, and will Process unit's information is split as the message segment of the first predetermined number;
Encryption equipment module of selection 200, the first predetermined number number of times is carried out for the encryption equipment for the second predetermined number Select, to obtain the encryption equipment of the first predetermined number;
Ciphering unit 300, for the public key in the encryption equipment using first predetermined number to first present count The message segment of amount is encrypted respectively, and the information after encryption is broadcasted;
Decryption unit 400, for putting in order for the encryption equipment of first predetermined number to be sent to private key authorized person, To cause that the information after the encryption is carried out according to described being put in order using the private key being pre-configured with for the private key authorized person Decryption.
Specifically, in the encryption equipment of second predetermined number, same encryption equipment can be selected 0 time or at least 1 time, Every encryption equipment possesses the key pair comprising public key and private key, and different keys is different to corresponding enciphering and deciphering algorithm.
In the present embodiment, the system also includes:
Numbered cell, is numbered for being numbered to each message segment and to selecting the encryption equipment for obtaining every time;
Correspondingly, the ciphering unit is specifically included:
Spider module, for every encryption equipment in the encryption equipment for traveling through first predetermined number, and is added using current Message segment of the public key pair of close machine with the current crypto equipment for identical numbering is encrypted.
In the present embodiment, the encryption equipment module of selection 200 is specifically included:
Initial setting module, for the hash algorithm for determining to be used during initial value and calculating to be calculated;
Hash calculation module, for being every common recognition unit of encryption equipment distribution at least one, and using each common recognition unit Perform the hash algorithm and calculate the initial value repeatedly, until result of calculation meets pre-conditioned;
Target common recognition unit determining module, causes that result of calculation meets pre-conditioned common recognition unit for occurring first When, cause that result of calculation meets pre-conditioned common recognition unit as target common recognition unit using described first, and notify other Common recognition unit stops the process for calculating;
Encryption equipment determining module, for encryption equipment that the target is known together belonging to unit as the encryption equipment picked out;
Module is repeated, for repeating the initial setting module to the encryption equipment determining module, until To the encryption equipment of the first predetermined number.
In the present embodiment, the Hash calculation module is specifically included:
Determination module, for when result of calculation is less than or equal to default cryptographic Hash, stopping calculating process.
Therefore, the beneficial effect of technical scheme at least includes:
1st, one section of process unit's packet contains multiple encryption algorithms, and its encryption algorithm type for including and quantity are by area The common recognition mechanism selection of block chain is determined, it is impossible to artificial interference, it is ensured that diversity and randomness, so as in the case of Key Exposure Due to not knowing putting in order for key, remain able to guarantee information and be difficult to be decrypted;And encrypted result with changing constantly, per complete It is broadcasted on network after into one-time pad encryption and random start ciphering process next time, increasing cracks difficulty;
2nd, whole encryption method has fault-tolerance, i.e., after limited encryption equipment is destroyed, remaining encryption equipment can be Continue Choice encryption algorithm under the common recognition mechanism of block chain and ensure that ciphering process normally runs.
Description to the various implementation methods of the application above is supplied to those skilled in the art with the purpose for describing.It is not Be intended to exhaustion or be not intended to limit the invention to single disclosed embodiment.As described above, the application's is various Substitute and change will be apparent for above-mentioned technology one of ordinary skill in the art.Therefore, although specifically beg for The implementation method of some alternatives has been discussed, but other embodiment will be apparent, or those skilled in the art are relative Easily draw.The application is intended to be included in this of the invention all replacement for having discussed, modification and change, and falls Other embodiment in the spirit and scope of above-mentioned application.

Claims (10)

1. a kind of distributed cryptographic method, it is characterised in that methods described includes:
Process unit's information is extracted from information to be encrypted, and process unit's information is split as the first present count The message segment of amount;
Encryption equipment for the second predetermined number carries out selecting for the first predetermined number number of times, to obtain adding for the first predetermined number Close machine;
The message segment of first predetermined number is added respectively using the public key in the encryption equipment of first predetermined number It is close, and the information after encryption is broadcasted;
By the transmission to private key authorized person that puts in order of the encryption equipment of first predetermined number, to cause the private key authorized person The information after the encryption is decrypted according to described being put in order using the private key being pre-configured with.
2. distributed cryptographic method according to claim 1, it is characterised in that the encryption equipment of second predetermined number In, same encryption equipment can be selected 0 time or at least 1 time, and every encryption equipment possesses the key pair comprising public key and private key, no Same key is different to corresponding enciphering and deciphering algorithm.
3. distributed cryptographic method according to claim 1, it is characterised in that methods described also includes:To each information Section is numbered and is numbered to selecting the encryption equipment for obtaining every time;
Correspondingly, the message segment of first predetermined number is distinguished using the public key in the encryption equipment of first predetermined number It is encrypted and specifically includes:
Travel through every encryption equipment in the encryption equipment of first predetermined number, and public key pair using current crypto machine with it is described Current crypto equipment is encrypted for the message segment of identical numbering.
4. distributed cryptographic method according to claim 1, it is characterised in that the encryption equipment for the second predetermined number enters Selecting for row the first predetermined number number of times, is specifically included with the encryption equipment for obtaining the first predetermined number:
S11:Determine the hash algorithm used during initial value and calculating to be calculated;
S12:It is every common recognition unit of encryption equipment distribution at least one, and it is anti-to perform described hash algorithm using each common recognition unit The initial value is calculated again, until result of calculation meets pre-conditioned;
S13:When occurring first so that result of calculation meets pre-conditioned common recognition unit, described first is caused to calculate Result meets pre-conditioned common recognition unit as target common recognition unit, and notifies that other common recognition units stop the process for calculating;
S14:Using the encryption equipment belonging to target common recognition unit as the encryption equipment picked out;
S15:Step S11 to S14 is repeated, untill the encryption equipment of the first predetermined number is obtained.
5. distributed cryptographic method according to claim 4, it is characterised in that result of calculation meets pre-conditioned specific bag Include:
Result of calculation is less than or equal to default cryptographic Hash.
6. distributed cryptographic method according to claim 1, it is characterised in that in the information to first predetermined number Section is encrypted respectively, and after the information after encryption is broadcasted, methods described also includes:
Encryption equipment again for the second predetermined number carries out selecting for the first predetermined number number of times, is preset with retrieving first The encryption equipment of quantity;
Using the public key in the encryption equipment of first predetermined number for retrieving again to the letter of first predetermined number Breath section is encrypted respectively, and the information after encrypting again is broadcasted.
7. a kind of distributed cryptographic system, it is characterised in that the system includes:
Process unit's information split cells, for extracting process unit's information from information to be encrypted, and described will add Work unit information is split as the message segment of the first predetermined number;
Encryption equipment module of selection, selecting for the first predetermined number number of times is carried out for the encryption equipment for the second predetermined number, with Obtain the encryption equipment of the first predetermined number;
Ciphering unit, for the public key in the encryption equipment using first predetermined number to the information of first predetermined number Section is encrypted respectively, and the information after encryption is broadcasted;
Decryption unit, for by the transmission to private key authorized person that puts in order of the encryption equipment of first predetermined number, to cause The information after the encryption is decrypted according to described being put in order using the private key being pre-configured with for the private key authorized person.
8. distributed cryptographic system according to claim 7, it is characterised in that the encryption equipment of second predetermined number In, same encryption equipment can be selected 0 time or at least 1 time, and every encryption equipment possesses the key pair comprising public key and private key, no Same key is different to corresponding enciphering and deciphering algorithm.
9. distributed cryptographic system according to claim 7, it is characterised in that the system also includes:
Numbered cell, is numbered for being numbered to each message segment and to selecting the encryption equipment for obtaining every time;
Correspondingly, the ciphering unit is specifically included:
Spider module, for every encryption equipment in the encryption equipment for traveling through first predetermined number, and utilizes current crypto machine Message segment of the public key pair with the current crypto equipment for identical numbering be encrypted.
10. distributed cryptographic system according to claim 7, it is characterised in that the encryption equipment module of selection is specifically wrapped Include:
Initial setting module, for the hash algorithm for determining to be used during initial value and calculating to be calculated;
Hash calculation module, for being every common recognition unit of encryption equipment distribution at least one, and is performed using each common recognition unit The hash algorithm calculates the initial value repeatedly, until result of calculation meets pre-conditioned;
Target common recognition unit determining module, when causing that result of calculation meets pre-conditioned common recognition unit for occurring first, Cause that result of calculation meets pre-conditioned common recognition unit as target common recognition unit using described first, and notify that other are known together Unit stops the process for calculating;
Encryption equipment determining module, for encryption equipment that the target is known together belonging to unit as the encryption equipment picked out;
Module is repeated, for repeating the initial setting module to the encryption equipment determining module, until obtaining Untill the encryption equipment of one predetermined number.
CN201710034822.5A 2017-01-18 2017-01-18 A kind of distributed cryptographic method and system Pending CN106850597A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710034822.5A CN106850597A (en) 2017-01-18 2017-01-18 A kind of distributed cryptographic method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710034822.5A CN106850597A (en) 2017-01-18 2017-01-18 A kind of distributed cryptographic method and system

Publications (1)

Publication Number Publication Date
CN106850597A true CN106850597A (en) 2017-06-13

Family

ID=59124474

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710034822.5A Pending CN106850597A (en) 2017-01-18 2017-01-18 A kind of distributed cryptographic method and system

Country Status (1)

Country Link
CN (1) CN106850597A (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI655549B (en) * 2017-12-28 2019-04-01 李耀庭 Decentralized computing system
CN110401631A (en) * 2019-06-19 2019-11-01 深圳壹账通智能科技有限公司 System upgrade information acquisition method, device, storage medium and block chain node
CN110708380A (en) * 2019-10-09 2020-01-17 广州峻林互联科技有限公司 Big data processing system and method of block chain database
WO2021212660A1 (en) * 2020-04-23 2021-10-28 平安科技(深圳)有限公司 Distributed data encryption method, device, cloud storage server, and storage medium
CN119276610A (en) * 2024-11-11 2025-01-07 广州添越信息技术有限公司 A method and system for secure transmission of information data

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102710414A (en) * 2012-05-30 2012-10-03 中国电力科学研究院 Randomized document block encryption method
CN103916363A (en) * 2012-12-30 2014-07-09 航天信息股份有限公司 Communication security management method and system for encryption machine
CN105763315A (en) * 2014-12-16 2016-07-13 展讯通信(深圳)有限公司 Data encryption and decryption method and apparatus thereof, and communication system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102710414A (en) * 2012-05-30 2012-10-03 中国电力科学研究院 Randomized document block encryption method
CN103916363A (en) * 2012-12-30 2014-07-09 航天信息股份有限公司 Communication security management method and system for encryption machine
CN105763315A (en) * 2014-12-16 2016-07-13 展讯通信(深圳)有限公司 Data encryption and decryption method and apparatus thereof, and communication system

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI655549B (en) * 2017-12-28 2019-04-01 李耀庭 Decentralized computing system
CN110401631A (en) * 2019-06-19 2019-11-01 深圳壹账通智能科技有限公司 System upgrade information acquisition method, device, storage medium and block chain node
CN110708380A (en) * 2019-10-09 2020-01-17 广州峻林互联科技有限公司 Big data processing system and method of block chain database
WO2021212660A1 (en) * 2020-04-23 2021-10-28 平安科技(深圳)有限公司 Distributed data encryption method, device, cloud storage server, and storage medium
CN119276610A (en) * 2024-11-11 2025-01-07 广州添越信息技术有限公司 A method and system for secure transmission of information data

Similar Documents

Publication Publication Date Title
US10594472B2 (en) Hybrid fully homomorphic encryption (F.H.E.) systems
CN101594227B (en) Methods and devices for data encrypting and decrypting and communication system
CN102227887B (en) Method for generating encryption/decryption key
CN106850597A (en) A kind of distributed cryptographic method and system
KR101608815B1 (en) Method and system for providing service encryption in closed type network
EP1182777B1 (en) Self-corrective randomizer-encryptor system and method
KR20150142623A (en) Cryptographic method for securely exchanging messages and device and system for implementing this method
CN100536393C (en) Secret shared key mechanism based user management method
JP4860708B2 (en) Stream cipher method and cipher system
CN106941404A (en) Cryptographic key protection method and device
EP3509246B1 (en) Key exchange method and key exchange system
CN104092551B (en) Safe secret key transmission method based on RSA algorithm
US11368436B2 (en) Communication protocol
JPH04297157A (en) Data ciphering device
CN101179374A (en) Communication equipment, communications system and method therefor
EP3309995B1 (en) Key exchange method, key exchange system, key distribution device, communication device, and program
KR101991775B1 (en) Method for data encryption and decryption based on fpga
US11019042B1 (en) Data assisted key switching in hybrid cryptography
US20100150343A1 (en) System and method for encrypting data based on cyclic groups
Gaur et al. A comparative study and analysis of cryptographic algorithms: RSA, DES, AES, BLOWFISH, 3-DES, and TWOFISH
CN107493287A (en) Industry control network data security system
Prasanthi et al. Hybrid approach for securing the IoT devices
CN112149166B (en) Unconventional password protection method and intelligent bank machine
Soni et al. Performance analysis of cascaded hybrid symmetric encryption models
CN106027553A (en) Encryption/decryption method based on dynamic password

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20170613