CN110990807B - Method and equipment for encrypting and decrypting mobile terminal - Google Patents
Method and equipment for encrypting and decrypting mobile terminal Download PDFInfo
- Publication number
- CN110990807B CN110990807B CN201911128930.4A CN201911128930A CN110990807B CN 110990807 B CN110990807 B CN 110990807B CN 201911128930 A CN201911128930 A CN 201911128930A CN 110990807 B CN110990807 B CN 110990807B
- Authority
- CN
- China
- Prior art keywords
- user
- mobile terminal
- key
- encrypted file
- external storage
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 40
- 238000012795 verification Methods 0.000 claims abstract description 51
- 230000015654 memory Effects 0.000 claims abstract description 40
- 238000005192 partition Methods 0.000 claims abstract description 21
- 230000002194 synthesizing effect Effects 0.000 claims abstract description 9
- 230000008569 process Effects 0.000 claims description 9
- 230000005291 magnetic effect Effects 0.000 description 5
- 238000004590 computer program Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 230000005055 memory storage Effects 0.000 description 1
- 230000008707 rearrangement Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 230000001052 transient effect Effects 0.000 description 1
- 230000003936 working memory Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Databases & Information Systems (AREA)
- Telephone Function (AREA)
- Storage Device Security (AREA)
Abstract
The method comprises the steps of obtaining equipment information of the mobile terminal and a user key set by a user; synthesizing the equipment information of the mobile terminal and the user key in the memory of the mobile terminal, writing the synthesized equipment information and the user key into an encrypted file, and writing the encrypted file into an encrypted partition; informing the user to copy the encrypted file to an external storage device under a specified path, and deleting the encrypted file in the memory of the mobile terminal; when the mobile terminal needs to be restarted, a starting instruction of a user and a key input by the user are obtained, and the key input by the user is verified according to an encrypted file under a path specified by the external storage equipment to obtain a verification result; and judging whether the mobile terminal is normally started or not according to the checking result. Therefore, the startup cannot be normally finished under the condition that the correct key file is not acquired, and the encryption safety of the mobile terminal is improved.
Description
Technical Field
The present application relates to the field of computers, and in particular, to a method and an apparatus for encrypting and decrypting a mobile terminal.
Background
After the intelligent device is lost accidentally, privacy leakage is easily caused, and property loss is caused. After encrypting to smart machine among the prior art, non owner still can start up, uses external equipment to decrypt after connecting smart machine even, leads to owner's privacy to leak and cause loss of property.
Disclosure of Invention
An object of the present application is to provide a method and device for encrypting and decrypting a mobile terminal, which solve the problem in the prior art that an external mobile device can be used to decrypt the mobile terminal after a non-owner is powered on.
According to an aspect of the present application, there is provided a method for encrypting and decrypting a mobile terminal, the method comprising:
acquiring equipment information of a mobile terminal and a user key set by a user;
synthesizing the equipment information of the mobile terminal and the user key in the memory of the mobile terminal, writing the synthesized equipment information and the user key into an encrypted file, and writing the encrypted file into an encrypted partition;
informing the user to copy the encrypted file to an external storage device under a specified path, and deleting the encrypted file in the memory of the mobile terminal;
when the mobile terminal needs to be restarted, a starting instruction of a user and a key input by the user are obtained, and the key input by the user is verified according to an encrypted file under a path specified by the external storage equipment to obtain a verification result;
and judging whether the mobile terminal is normally started or not according to the checking result.
Further, the device information of the mobile terminal includes a device model and a device identification number of the mobile terminal.
Further, after the user key set by the user is obtained, a corresponding key flag bit is generated.
Further, the obtaining a boot instruction of a user and a key input by the user, and verifying the key input by the user according to the encrypted file in the path specified by the external storage device to obtain a verification result includes:
acquiring a starting-up instruction of a user and a key input by the user, writing a newly generated key into a new key file according to the key input by the user and equipment information of the mobile terminal, and writing the new key file into an encryption partition;
judging whether the key zone bit exists or not, starting the mobile terminal when the key zone bit does not exist, and judging whether an external storage device exists or not when the key zone bit exists;
when an external storage device exists, comparing whether an encrypted file under the specified path of the external storage device is consistent with a new key file in the encrypted partition, if so, performing key verification according to a key input by the user to obtain a verification result;
and when no external storage equipment exists, carrying out key verification according to the key input by the user to obtain a verification result.
Further, judging whether the mobile terminal is normally started according to the checking result includes:
when the key verification process passes verification, starting the mobile terminal;
and when the key verification process fails, closing the mobile terminal.
Further, the performing key verification according to the key input by the user includes:
and performing key verification in each boot stage according to the key input by the user, wherein the boot stage comprises a software and hardware environment configuration stage, a boot loading stage and a kernel initialization stage.
Further, when the key flag bit exists, determining whether an external storage device exists includes:
and when the key zone bit exists, acquiring identification information, and judging whether an external storage device exists according to the identification information.
According to another aspect of the present application, there is provided an apparatus for encrypting and decrypting a mobile terminal, the apparatus comprising:
the calling device is used for acquiring the equipment information of the mobile terminal and the user key set by the user;
the processing device is used for synthesizing the equipment information of the mobile terminal and the user key in the memory of the mobile terminal and writing the synthesized equipment information and the user key into an encrypted file, and writing the encrypted file into an encrypted partition;
the notification device is used for notifying the user to copy the encrypted file to an external storage device under a specified path and delete the encrypted file in the internal memory of the mobile terminal;
the verification device is used for acquiring a starting instruction of a user and a key input by the user when the mobile terminal needs to be restarted, and verifying the key input by the user according to the encrypted file under the appointed path of the external storage equipment to obtain a verification result;
and the judging device is used for judging whether the mobile terminal is normally started or not according to the checking result.
According to yet another aspect of the present application, there is also provided a computer readable medium having stored thereon computer readable instructions executable by a processor to implement a method for encryption and decryption of a mobile terminal according to any one of the preceding claims.
According to still another aspect of the present application, there is also provided an apparatus for encrypting and decrypting a mobile terminal, the apparatus including:
one or more processors; and
a memory storing computer readable instructions that, when executed, cause the processor to perform the operations of a method for mobile terminal encryption, decryption as described in any of the preceding.
Compared with the prior art, the method and the device have the advantages that the equipment information of the mobile terminal and the user key set by the user are obtained; synthesizing the equipment information of the mobile terminal and the user key in the memory of the mobile terminal, writing the synthesized equipment information and the user key into an encrypted file, and writing the encrypted file into an encrypted partition; informing the user to copy the encrypted file to an external storage device under a specified path, and deleting the encrypted file in the memory of the mobile terminal; when the mobile terminal needs to be restarted, a starting instruction of a user and a key input by the user are obtained, and the key input by the user is verified according to an encrypted file under a path specified by the external storage equipment to obtain a verification result; and judging whether the mobile terminal is normally started or not according to the checking result. Therefore, the starting-up can not be normally finished under the condition that the correct key file is not acquired, and the mobile terminal is closed after the verification fails, so that a user who does not acquire the key file can not decrypt the mobile terminal by using the external storage equipment, and the encryption safety of the mobile terminal is improved.
Drawings
Other features, objects and advantages of the present application will become more apparent upon reading of the following detailed description of non-limiting embodiments thereof, made with reference to the accompanying drawings in which:
fig. 1 illustrates a flow chart of a method for encrypting and decrypting by a mobile terminal according to an aspect of the present application;
fig. 2 is a flow chart illustrating a method for encrypting and decrypting by a mobile terminal in a preferred embodiment of the present application;
fig. 3 shows a schematic diagram of a device framework for encryption and decryption of a mobile terminal.
The same or similar reference numbers in the drawings identify the same or similar elements.
Detailed Description
The present application is described in further detail below with reference to the attached figures.
In a typical configuration of the present application, the terminal, the device serving the network, and the trusted party each include one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, computer readable media does not include non-transitory computer readable media (transient media), such as modulated data signals and carrier waves.
Fig. 1 shows a flowchart of a method for encrypting and decrypting by a mobile terminal according to an aspect of the present application, where the method includes: S11-S15, wherein, in the step S11, the device information of the mobile terminal and the user key set by the user are obtained; step S12, the device information of the mobile terminal and the user key are synthesized in the memory of the mobile terminal and then written into an encrypted file, and the encrypted file is written into an encrypted partition; step S13, informing the user to copy the encrypted file to an external storage device under a specified path, and deleting the encrypted file in the memory of the mobile terminal; step S14, when the mobile terminal needs to be restarted, obtaining a starting instruction of a user and a key input by the user, and verifying the key input by the user according to an encrypted file under the appointed path of the external storage device to obtain a verification result; and step S15, judging whether the mobile terminal is started normally according to the checking result. Therefore, the starting-up can not be normally finished under the condition that the correct key file is not acquired, and the mobile terminal is closed after the verification fails, so that a user who does not acquire the key file can not decrypt the mobile terminal by using the external storage equipment, and the encryption safety of the mobile terminal is improved.
Specifically, in step S11, the device information of the mobile terminal and the user key set by the user are acquired. Here, after the mobile terminal is powered on, acquiring device information of the mobile terminal, such as hardware information, system information and the like; then, a user key set by the user is acquired.
Step S12, the device information of the mobile terminal and the user key are synthesized in the memory of the mobile terminal and then written into an encrypted file, and the encrypted file is written into an encrypted partition. Here, the device information of the mobile terminal and the user key are synthesized by an algorithm in the memory of the mobile terminal and then written into an encrypted file.
In a preferred embodiment of the present application, the algorithm is to rearrange the identified data through a series of computer languages, and after the device information of the mobile terminal and the user key are respectively marked, rearrange the device information of the mobile terminal and the data of the user key, for example, the device information is 222222, and the user key is 010101, and obtain 021202120212 after rearrangement through the algorithm. It should be noted that the algorithm in this embodiment is only an example, and the algorithm may be customized by a user, and other algorithm arrangements are also included.
Step S13, notifying the user to copy the encrypted file to an external storage device under a specified path, and deleting the encrypted file in the memory of the mobile terminal. The path designated by the external storage device is preset in the mobile terminal, and the format of the encrypted file is also preset in the mobile terminal; and informing the user to copy the encrypted file to an external storage device under a specified path through a popup window and the like, and after deleting the encrypted file in the memory of the mobile terminal, closing the mobile terminal and restarting the mobile terminal.
Step S14, when the mobile terminal needs to be restarted, the starting instruction of the user and the key input by the user are obtained, and the key input by the user is verified according to the encrypted file under the path specified by the external storage device, so as to obtain a verification result. Here, when the mobile terminal needs to be started, a power-on instruction of a user and a key input by the user are obtained, and whether the key input by the user and a key set in an encrypted file in a path specified by the external storage device are consistent or not is compared to obtain a verification result, where the verification result is any one of the following: the key input by the user is consistent with the key set in the encrypted file under the path specified by the external storage equipment; and the key input by the user is inconsistent with the key set in the encrypted file under the specified path of the external storage device.
And step S15, judging whether the mobile terminal is started normally according to the checking result. When the key input by the user is consistent with the key set in the encrypted file under the path specified by the external storage device, normally starting the mobile terminal; and when the key input by the user is inconsistent with the key set in the encrypted file under the path specified by the external storage device, closing the mobile terminal so as to improve the information security of the mobile terminal.
Preferably, the device information of the mobile terminal includes a device model and a device identification number of the mobile terminal. Here, the device information of the mobile terminal is preferably a device model and an equipment identification number (IMEI) of the mobile terminal, and is used to synthesize a unique encrypted file.
Preferably, after the user key set by the user is obtained, a corresponding key flag is generated. Here, the user is notified to customize a user key through a pop-up window or the like, and after the user key set by the user is obtained, the mobile terminal writes a corresponding key flag bit to identify that the user key has been set by the mobile terminal.
Preferably, in step S14, a power-on instruction of the user and a key input by the user are obtained, a key newly generated according to the key input by the user and the device information of the mobile terminal is written into a new key file, and the new key file is written into the encryption partition; judging whether the key zone bit exists or not, starting the mobile terminal when the key zone bit does not exist, and judging whether an external storage device exists or not when the key zone bit exists; when an external storage device exists, comparing whether an encrypted file under the specified path of the external storage device is consistent with a new key file in the encrypted partition, if so, performing key verification according to a key input by the user to obtain a verification result; and when no external storage equipment exists, carrying out key verification according to the key input by the user to obtain a verification result. Here, the key input by the user and the device information of the mobile terminal are combined into a new key file, and the new key file is written into the encryption partition. And judging whether the key zone bit exists, if not, the mobile terminal is not provided with the key, the mobile terminal is normally started, and if so, judging whether an external storage device exists through identification information on a system architecture and the like.
When an external storage device exists, comparing whether the encrypted file under the specified path of the external storage device is consistent with the new key file in the encrypted partition so as to determine whether the external storage device has decryption authority; and the key verification is to compare whether the key input by the user is consistent with the encrypted key used by the mobile terminal.
Preferably, in step S15, when the key verification process passes verification, the mobile terminal is started; and when the key verification process fails, closing the mobile terminal. After the key verification process is started, if the key verification process is completely passed, that is, the key input by the user is consistent with the encrypted file in the encryption partition, the mobile terminal is started. If any one of the key verification processes fails, the mobile terminal is closed, so that the information of the mobile terminal is prevented from being acquired by an unauthorized user, and the safety of the mobile terminal is improved.
Preferably, in step S15, a key check is performed in each boot phase according to the key input by the user, where the boot phase includes a configuration software and hardware environment phase (BOOTROM), a boot load phase (BOOTLOADER), and a kernel initialization phase (KERNEL INIT). The boot stage includes a plurality of stages, and performs key verification according to the key input by the user in each boot stage, and if the key verification fails in any boot stage, the mobile terminal is turned off.
Fig. 2 is a schematic flow chart illustrating a method for encrypting and decrypting a mobile terminal in a preferred embodiment of the present application, in which the mobile terminal (hereinafter referred to as a device) collects device information such as a device model, an IMEI number, and the like after being turned on; informing a user to define a key by user, and writing a corresponding key zone bit by the equipment after defining the key by user; synthesizing the equipment model, the IMEI number and a secret key set by a user through an algorithm and writing the synthesized secret key into an encrypted file; writing the generated encrypted file into the encrypted partition for checking and comparing; informing the user to copy the key file to the external storage device under the designated path; deleting a key file generated in the memory storage of the mobile terminal, and shutting down and restarting the equipment; after receiving a starting-up instruction, judging whether a key zone bit exists or not, if the key zone bit does not exist, proving that no key is set in the equipment, and starting up normally; if the key zone bit exists, judging whether an external storage device exists, comparing the key under the corresponding path with the key of the encryption partition to judge whether the key is consistent, and if the key zone bit does not exist, closing the device; when each stage of starting up is started, the key is checked, the equipment is closed when the key check fails in any stage of the starting up stages, and the equipment can be normally opened only when the checking of the starting up stages such as BOOTROM, BOOTLOADER, KERNEL INIT is passed.
Preferably, in step S15, when the key flag bit exists, identification information is acquired, and whether an external storage device exists is determined according to the identification information. When the key zone bit exists, the identification information in the system frame is acquired, and whether the outgoing storage device exists is judged according to the identification information.
Fig. 3 shows a schematic diagram of a device framework for encryption and decryption of a mobile terminal, the device comprising: the calling device 011 is used for acquiring the equipment information of the mobile terminal and a user key set by a user; a processing device 012, configured to write the device information of the mobile terminal and the user key into an encrypted file after synthesizing the device information and the user key in the memory of the mobile terminal, and write the encrypted file into an encrypted partition; a notifying device 013, configured to notify the user to copy the encrypted file to a path specified by an external storage device, and delete the encrypted file in the memory of the mobile terminal; a verifying device 014, configured to, when the mobile terminal needs to be restarted, obtain a power-on instruction of a user and a key input by the user, and verify the key input by the user according to an encrypted file in a path specified by the external storage device to obtain a verification result; and a determining device 015, configured to determine whether the mobile terminal is normally started according to the check result. Therefore, the starting-up can not be normally finished under the condition that the correct key file is not acquired, and the mobile terminal is closed after the verification fails, so that a user who does not acquire the key file can not decrypt the mobile terminal by using the external storage equipment, and the encryption safety of the mobile terminal is improved.
It should be noted that the contents executed by the calling device 011, the processing device 012, the notification device 013, the verification device 014 and the judgment device 015 are respectively the same as or corresponding to the contents executed in the above steps S11, S12, S13, S14 and S15, and for brevity, are not described again.
In addition, the embodiment of the present application also provides a computer readable medium, on which computer readable instructions are stored, the computer readable instructions being executable by a processor to implement the aforementioned method for encrypting and decrypting by a mobile terminal.
According to still another aspect of the present application, there is also provided an apparatus, wherein the apparatus includes:
one or more processors; and
a memory storing computer readable instructions that, when executed, cause the processor to perform the operations of one of the aforementioned methods for encryption, decryption of a mobile terminal.
For example, the computer readable instructions, when executed, cause the one or more processors to:
acquiring equipment information of a mobile terminal and a user key set by a user; synthesizing the equipment information of the mobile terminal and the user key in the memory of the mobile terminal, writing the synthesized equipment information and the user key into an encrypted file, and writing the encrypted file into an encrypted partition; informing the user to copy the encrypted file to an external storage device under a specified path, and deleting the encrypted file in the memory of the mobile terminal; when the mobile terminal needs to be restarted, a starting instruction of a user and a key input by the user are obtained, and the key input by the user is verified according to an encrypted file under a path specified by the external storage equipment to obtain a verification result; and judging whether the mobile terminal is normally started or not according to the checking result.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present application without departing from the spirit and scope of the application. Thus, if such modifications and variations of the present application fall within the scope of the claims of the present application and their equivalents, the present application is intended to include such modifications and variations as well.
It should be noted that the present application may be implemented in software and/or a combination of software and hardware, for example, implemented using Application Specific Integrated Circuits (ASICs), general purpose computers or any other similar hardware devices. In one embodiment, the software programs of the present application may be executed by a processor to implement the steps or functions described above. Likewise, the software programs (including associated data structures) of the present application may be stored in a computer readable recording medium, such as RAM memory, magnetic or optical drive or diskette and the like. Additionally, some of the steps or functions of the present application may be implemented in hardware, for example, as circuitry that cooperates with the processor to perform various steps or functions.
In addition, some of the present application may be implemented as a computer program product, such as computer program instructions, which when executed by a computer, may invoke or provide methods and/or techniques in accordance with the present application through the operation of the computer. Program instructions which invoke the methods of the present application may be stored on a fixed or removable recording medium and/or transmitted via a data stream on a broadcast or other signal-bearing medium and/or stored within a working memory of a computer device operating in accordance with the program instructions. An embodiment according to the present application comprises an apparatus comprising a memory for storing computer program instructions and a processor for executing the program instructions, wherein the computer program instructions, when executed by the processor, trigger the apparatus to perform a method and/or a solution according to the aforementioned embodiments of the present application.
It will be evident to those skilled in the art that the present application is not limited to the details of the foregoing illustrative embodiments, and that the present application may be embodied in other specific forms without departing from the spirit or essential attributes thereof. The present embodiments are therefore to be considered in all respects as illustrative and not restrictive, the scope of the application being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference sign in a claim should not be construed as limiting the claim concerned. Furthermore, it is obvious that the word "comprising" does not exclude other elements or steps, and the singular does not exclude the plural. A plurality of units or means recited in the apparatus claims may also be implemented by one unit or means in software or hardware. The terms first, second, etc. are used to denote names, but not any particular order.
Claims (9)
1. A method for encrypting and decrypting by a mobile terminal, wherein the method comprises the following steps:
acquiring equipment information of a mobile terminal and a user key set by a user, and generating a corresponding key zone bit after acquiring the user key set by the user;
synthesizing the equipment information of the mobile terminal and the user key in the memory of the mobile terminal, writing the synthesized equipment information and the user key into an encrypted file, and writing the encrypted file into an encrypted partition;
informing the user to copy the encrypted file to an external storage device under a specified path, and deleting the encrypted file in the memory of the mobile terminal;
when the mobile terminal needs to be restarted, a starting instruction of a user and a key input by the user are obtained, and the key input by the user is verified according to an encrypted file under a path specified by the external storage equipment to obtain a verification result;
and judging whether the mobile terminal is normally started or not according to the checking result.
2. The method according to claim 1, wherein the device information of the mobile terminal comprises a device model and a device identification number of the mobile terminal.
3. The method according to claim 1, wherein the obtaining of the boot instruction of the user and the key input by the user, and verifying the key input by the user according to the encrypted file in the specified path of the external storage device to obtain a verification result comprises:
acquiring a starting-up instruction of a user and a key input by the user, writing a newly generated key into a new key file according to the key input by the user and equipment information of the mobile terminal, and writing the new key file into an encryption partition;
judging whether the key zone bit exists or not, starting the mobile terminal when the key zone bit does not exist, and judging whether an external storage device exists or not when the key zone bit exists;
when an external storage device exists, comparing whether an encrypted file under the specified path of the external storage device is consistent with a new key file in the encrypted partition, if so, performing key verification according to a key input by the user to obtain a verification result;
and when no external storage equipment exists, carrying out key verification according to the key input by the user to obtain a verification result.
4. The method of claim 1, wherein determining whether the mobile terminal is normally started according to the checking result comprises:
when the key verification process passes verification, starting the mobile terminal;
and when the key verification process fails, closing the mobile terminal.
5. The method of claim 3, wherein the key verification according to the user-entered key comprises:
and performing key verification in each boot stage according to the key input by the user, wherein the boot stage comprises a software and hardware environment configuration stage, a boot loading stage and a kernel initialization stage.
6. The method of claim 3, wherein determining whether an external storage device is present when the key flag bit is present comprises:
and when the key zone bit exists, acquiring identification information, and judging whether an external storage device exists according to the identification information.
7. An apparatus for encrypting and decrypting a mobile terminal, wherein the apparatus comprises:
the calling device is used for acquiring the equipment information of the mobile terminal and the user key set by the user, and generating a corresponding key zone bit after the user key set by the user is acquired;
the processing device is used for synthesizing the equipment information of the mobile terminal and the user key in the memory of the mobile terminal and writing the synthesized equipment information and the user key into an encrypted file, and writing the encrypted file into an encrypted partition;
the notification device is used for notifying the user to copy the encrypted file to an external storage device under a specified path and delete the encrypted file in the internal memory of the mobile terminal;
the verification device is used for acquiring a starting instruction of a user and a key input by the user when the mobile terminal needs to be restarted, and verifying the key input by the user according to the encrypted file under the appointed path of the external storage equipment to obtain a verification result;
and the judging device is used for judging whether the mobile terminal is normally started or not according to the checking result.
8. A computer readable medium having computer readable instructions stored thereon which are executable by a processor to implement the method of any one of claims 1 to 6.
9. An apparatus for encrypting and decrypting a mobile terminal, wherein the apparatus comprises:
one or more processors; and
memory storing computer readable instructions that, when executed, cause the processor to perform the operations of the method of any of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911128930.4A CN110990807B (en) | 2019-11-18 | 2019-11-18 | Method and equipment for encrypting and decrypting mobile terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911128930.4A CN110990807B (en) | 2019-11-18 | 2019-11-18 | Method and equipment for encrypting and decrypting mobile terminal |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110990807A CN110990807A (en) | 2020-04-10 |
| CN110990807B true CN110990807B (en) | 2022-04-12 |
Family
ID=70085024
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911128930.4A Active CN110990807B (en) | 2019-11-18 | 2019-11-18 | Method and equipment for encrypting and decrypting mobile terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110990807B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113204805B (en) * | 2021-04-25 | 2022-12-20 | 山东英信计算机技术有限公司 | A server power-on method, system, device and medium |
| CN113282939B (en) * | 2021-06-07 | 2022-05-24 | 中国电子科技集团公司第二十九研究所 | Data unloading encryption and decryption method and system based on PowerPC and detachable storage equipment |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101237353A (en) * | 2007-09-07 | 2008-08-06 | 北京飞天诚信科技有限公司 | A method and system for monitoring mobile storage device based on USBKEY |
| CN102722670A (en) * | 2012-05-29 | 2012-10-10 | 中国联合网络通信集团有限公司 | Mobile storage equipment-based file protection method, equipment and system |
| CN105205401A (en) * | 2015-09-30 | 2015-12-30 | 中国人民解放军信息工程大学 | Trusted computer system based on safe password chip and trusted guiding method thereof |
| CN108599930A (en) * | 2018-04-02 | 2018-09-28 | 湖南国科微电子股份有限公司 | Firmware encrypting and deciphering system and method |
Family Cites Families (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN201349238Y (en) * | 2008-12-23 | 2009-11-18 | 康佳集团股份有限公司 | Cell phone with separated encryption card |
| CN101938520B (en) * | 2010-09-07 | 2015-01-28 | 中兴通讯股份有限公司 | Mobile terminal signature-based remote payment system and method |
| CN102281531A (en) * | 2011-08-10 | 2011-12-14 | 胡光力 | Mobile phone antitheft system and method |
| CN102521165B (en) * | 2011-11-30 | 2018-03-09 | 北京宏思电子技术有限责任公司 | Safe USB disk and its recognition methods and device |
| US9547767B2 (en) * | 2013-11-13 | 2017-01-17 | Via Technologies, Inc. | Event-based apparatus and method for securing bios in a trusted computing system during execution |
| CN105354493B (en) * | 2015-10-22 | 2018-11-23 | 中国人民解放军装备学院 | Trusted end-user Enhancement Method and system based on virtualization technology |
| CN106548054A (en) * | 2016-10-13 | 2017-03-29 | 北京握奇智能科技有限公司 | It is a kind of towards PC and mobile terminal without driving personal identification number management method and equipment |
| CN109120998B (en) * | 2018-08-28 | 2021-04-02 | 苏州科达科技股份有限公司 | Media data transmission method, device and storage medium |
| CN109886014A (en) * | 2019-02-28 | 2019-06-14 | 上海龙旗科技股份有限公司 | A kind of method and apparatus logging in testing tool |
-
2019
- 2019-11-18 CN CN201911128930.4A patent/CN110990807B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101237353A (en) * | 2007-09-07 | 2008-08-06 | 北京飞天诚信科技有限公司 | A method and system for monitoring mobile storage device based on USBKEY |
| CN102722670A (en) * | 2012-05-29 | 2012-10-10 | 中国联合网络通信集团有限公司 | Mobile storage equipment-based file protection method, equipment and system |
| CN105205401A (en) * | 2015-09-30 | 2015-12-30 | 中国人民解放军信息工程大学 | Trusted computer system based on safe password chip and trusted guiding method thereof |
| CN108599930A (en) * | 2018-04-02 | 2018-09-28 | 湖南国科微电子股份有限公司 | Firmware encrypting and deciphering system and method |
Non-Patent Citations (2)
| Title |
|---|
| 一种加密硬盘的身份鉴别和密钥保护方案;谷双双;《密码学报》;20160620;第3卷(第2期);第126-136页 * |
| 双钥模式加密U盘研究与设计;江钇帜;《软件导刊》;20190801;第18卷(第7期);第186-189页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110990807A (en) | 2020-04-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US12052356B2 (en) | Method and apparatus for data storage and verification | |
| CN108628611B (en) | Data calling method and data calling device | |
| EP2115655B1 (en) | Virtual secure on-chip one time programming | |
| CN105678192B (en) | A kind of key application method and application apparatus based on smart card | |
| KR20170055933A (en) | Method and apparatus for protecting kernel control-flow integrity using static binary instrumentaiton | |
| US9152788B2 (en) | Detecting a malware process | |
| CN112131595B (en) | Safe access method and device for SQLite database file | |
| CN108763951B (en) | Data protection method and device | |
| CN113268742B (en) | Data authorization method and device and electronic equipment | |
| US20210012017A1 (en) | Method and apparatus for storing and processing application program information | |
| WO2011134207A1 (en) | Method for protecting software | |
| CN110990807B (en) | Method and equipment for encrypting and decrypting mobile terminal | |
| US20060218649A1 (en) | Method for conditional disclosure of identity information | |
| CN109871327B (en) | Trusted execution environment security storage security testing method and device | |
| WO2019210471A1 (en) | Data invoking method and data invoking apparatus | |
| CN109344656B (en) | Database data encryption/decryption method, device and equipment | |
| CN109446011A (en) | A kind of firmware safety detecting method, device and the storage medium of hard disk | |
| CN112148709A (en) | Data migration method, system and storage medium | |
| CN111600882A (en) | Block chain-based account password management method and device and electronic equipment | |
| CN117592069A (en) | Encryption and decryption method and system for external mobile storage medium | |
| CN113268737A (en) | Environment security verification method, system and client | |
| CN110516468B (en) | A method and device for encrypting a virtual machine memory snapshot | |
| CN111901095B (en) | Safe starting method and system based on hardware encryption | |
| CN105574425B (en) | Access the method and device of storage data | |
| WO2017167052A1 (en) | Method and device for concealing user information contained in application |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20221101 Address after: No.66 Miaojing Road, Minhang District, Shanghai, 201199 Patentee after: Shanghai Longqi Intelligent Technology Co.,Ltd. Address before: Floor 1, Building 401 Caobao Road, Xuhui District, Shanghai, 2003 Patentee before: SHANGHAI LONGCHEER TECHNOLOGY Co.,Ltd. |
|
| TR01 | Transfer of patent right |