CN113297613A - Key access method, key processing device, key processing equipment and computer storage medium - Google Patents
Key access method, key processing device, key processing equipment and computer storage medium Download PDFInfo
- Publication number
- CN113297613A CN113297613A CN202110519280.7A CN202110519280A CN113297613A CN 113297613 A CN113297613 A CN 113297613A CN 202110519280 A CN202110519280 A CN 202110519280A CN 113297613 A CN113297613 A CN 113297613A
- Authority
- CN
- China
- Prior art keywords
- key
- image
- data
- result
- pixel data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6227—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06T—IMAGE DATA PROCESSING OR GENERATION, IN GENERAL
- G06T11/00—2D [Two Dimensional] image generation
- G06T11/60—Editing figures and text; Combining figures or text
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- Databases & Information Systems (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Editing Of Facsimile Originals (AREA)
Abstract
The invention discloses a secret key access method, a secret key processing device, equipment and a computer storage medium. The method comprises the following steps: acquiring a selected original image and a key to be stored; converting the key into a byte array; carrying out fusion processing on the byte array and the original image to obtain an image result and a data result subjected to fusion processing; and storing the data result, and feeding back the image result to the user side for storage. According to the embodiment of the invention, the technical problem that the existing storage mode is easy to generate key leakage is solved, the security of key storage is improved, and the user-oriented key storage cost is low.
Description
Technical Field
The present invention belongs to the technical field of data security, and in particular, to a key storage method, a key extraction method, a key processing apparatus, a key processing device, and a computer storage medium.
Background
When the data use security is improved, a key is often needed, the key is also data with extremely high requirements on security, and how to store the key is a very important problem. At present, data storage is mostly carried out in the form of cipher plaintext no matter on a user side or a server side, and the storage mode is easy to generate key leakage on the whole.
Disclosure of Invention
The embodiment of the invention provides a secret key storage method, a secret key extraction method, a secret key processing device, secret key processing equipment and a computer storage medium, and can solve the technical problem that a secret key is easy to leak in the existing storage mode.
In one aspect, an embodiment of the present invention provides a key storage method, where the method includes:
acquiring a selected original image and a key to be stored;
converting the key into a byte array;
carrying out fusion processing on the byte array and the original image to obtain an image result and a data result subjected to fusion processing;
and storing the data result, and feeding back the image result to the user side for storage.
Optionally, the fusing processing is performed on the byte array and the original image, and includes:
generating a position coordinate point, and acquiring image pixel data in a corresponding range of the position coordinate point from an original image;
and carrying out fusion processing on the byte array and the image pixel data.
Optionally, the fusing processing is performed on the byte array and the image pixel data, and includes:
inputting the byte array and the image pixel data into a preset arithmetic unit for operation, wherein the operation comprises at least one of numerical operation and logic operation;
the operation result and the position coordinate point of the operator are preset as data results, and the original image is an image result.
Optionally, inputting the byte array and the image pixel data into a preset arithmetic unit for operation, including:
selecting a preset number of color component data from image pixel data, inputting the color component data into a first preset arithmetic unit for operation, and outputting a first operation result;
and inputting the first operation result and the byte array into a second preset operator for operation so as to output a second operation result, wherein the second operation result is an operation result.
Optionally, the fusing processing is performed on the byte array and the image pixel data, and includes:
superposing the byte array to the image pixel data according to a preset rule to obtain superposed image pixel data;
adjusting the original image according to the pixel data of the superposed image and the position coordinate point to obtain an adjusted image;
and adjusting the image to be an image result, and setting the position coordinate point to be a data result.
Optionally, acquiring image pixel data in a corresponding range of the position coordinate point from the original image, includes:
converting the original image into a gray image;
and acquiring image pixel data in a range corresponding to the position coordinate point from the gray-scale image.
Optionally, after the image result is fed back to the user side for storage, the method further includes:
and when a user logout instruction is received, deleting the data result.
In another aspect, an embodiment of the present invention provides a key extraction method, including:
acquiring an image selected by a user, and acquiring fusion processing data from a server, wherein the fusion processing data is data saved when the server stores a secret key;
and performing inverse fusion processing on the image pixel data according to the fusion processing data, wherein the result of the inverse fusion processing is a secret key.
In another aspect, an embodiment of the present invention provides a key processing apparatus, where the apparatus includes:
the acquisition module is used for acquiring the selected original image and the key to be stored;
the conversion module is used for converting the key into a byte array;
the fusion module is used for carrying out fusion processing on the byte array and the original image to obtain an image result and a data result which are subjected to fusion processing;
the storage module is used for storing the data result and feeding back the image result to the user side for storage;
alternatively, the apparatus comprises:
the acquisition module is used for acquiring the image selected by the user and acquiring fusion processing data from the server, wherein the fusion processing data is data stored when the server stores the secret key;
and the anti-fusion processing module is used for performing anti-fusion processing on the image pixel data according to the fusion processing data, and the result of the anti-fusion processing is a secret key.
In another aspect, an embodiment of the present invention provides a key processing device, where the key processing device includes: a processor and a memory storing computer program instructions;
the processor, when executing the computer program instructions, implements a key storage method as in the above aspect, or a key extraction method as in the above aspect.
In yet another aspect, an embodiment of the present invention provides a computer storage medium, on which computer program instructions are stored, and the computer program instructions, when executed by a processor, implement the key storage method according to the above aspect, or the key extraction method according to the above aspect.
In the key storage method, the key extraction method, the key processing device, the key processing equipment and the computer storage medium of the embodiment of the invention, the fused data result is stored when the key is stored, and the fused image result is stored by the user side; when the key is extracted, the anti-fusion processing of the key is carried out through the image and the fusion processing data, the image is obtained by the user side, and the fusion processing data is stored when the server stores the key. Therefore, the server side and the user side do not directly store the key plaintext, the technical problem that the existing storage mode is easy to cause key leakage is solved, the security of key storage is improved, the user side stores images, and the user-oriented key storage cost is low.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required to be used in the embodiments of the present invention will be briefly described below, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic flowchart of a key storage method according to an embodiment of the present invention;
fig. 2 is a schematic flow chart of a key extraction method according to another embodiment of the present invention;
fig. 3 is a schematic diagram of a virtual module structure of a key processing apparatus according to another embodiment of the present invention;
fig. 4 is a schematic structural diagram of a key processing device according to yet another embodiment of the present invention.
Detailed Description
Features and exemplary embodiments of various aspects of the present invention will be described in detail below, and in order to make objects, technical solutions and advantages of the present invention more apparent, the present invention will be further described in detail below with reference to the accompanying drawings and specific embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not limiting. It will be apparent to one skilled in the art that the present invention may be practiced without some of these specific details. The following description of the embodiments is merely intended to provide a better understanding of the present invention by illustrating examples of the present invention.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The definition of computer system security is: the technology established and adopted for the data processing system and the safety protection of management protect the hardware, software and data of the computer from being damaged, changed and leaked due to accidental and malicious reasons. The security of a computer network can thus be understood as: by adopting various technologies and management measures, the network system can normally operate, thereby ensuring the availability, integrity and confidentiality of network data. Therefore, network security protection is mainly used to prevent data transmitted and exchanged through the network from being added, modified, lost, leaked, and the like.
Data security is used as an important component of network security protection, and the important component includes two meanings, one is the security of data, and the modern cryptographic algorithm is mainly adopted to actively protect the data, such as data confidentiality, data integrity and the like, and the other is the security of data protection, and the modern information storage means is mainly adopted to actively protect the data, such as data backup and the like, so as to ensure the security of the data.
The key is the main parameter used in modern cryptographic algorithm, and is the parameter input in the algorithm for converting plaintext into ciphertext or converting ciphertext into plaintext, and is divided into symmetric key and asymmetric key. After the asymmetric key is generated, the private key is stored by the user, and the existing storage mode aiming at the user side can be divided into two modes.
The first is to intercept the key into an image, print and store or copy the image on a book; furthermore, the generated private key can be stored dispersedly, that is, the key is dispersed into a plurality of keys through a certain algorithm, the original key can be restored only by obtaining a plurality of the dispersed keys at the same time, and the person who owns the key also needs to store the key on his own hand. The method for recording and storing the complex private key password is easy to see by others, namely the key is easy to directly leak.
The second is that the key is generated and stored by means of hardware devices, for example, the hardware devices may be hardware encryption machines, and the key is not exposed to an external hardware encryption machine, although the intervention of such hardware devices enhances the security of key storage and use, the cost is too high, and the applicability to individuals, medium and small enterprises is extremely low.
In order to solve the problems in the prior art, embodiments of the present invention provide a key storage method, a key extraction method, a key processing apparatus, a key processing device, and a computer storage medium. The following first describes a key storage method provided in an embodiment of the present invention.
Fig. 1 is a flowchart illustrating a key storage method according to an embodiment of the present invention. As shown in fig. 1, the method may include:
step S110, acquiring a selected original image and a key to be stored;
step S120, converting the key into a byte array;
step S130, carrying out fusion processing on the byte array and the original image to obtain an image result and a data result of the fusion processing;
and step S140, storing the data result and feeding back the image result to the user side for storage.
This embodiment may be applied to a server, a processor for key preservation, or an application front-end. The application program front end can be a program front end which is triggered to be opened after the application program is installed by the user side, or a website which is opened by inputting a website by the user. Taking the application front end as an example, the process of implementing key storage for the server or the processor may refer to execution.
The selected original image can be uploaded to the application program front end through the user end after being selected by the user, or can be randomly or sequentially distributed to the user by the application program front end. Illustratively, the user selects photos in a photo album of the mobile terminal as original images, and the original images are uploaded to the application program front end by the mobile terminal.
The keys may be user set or distributed by the server, and may be single or multiple. The byte array corresponds to a key, which may be a collection of keys composed of strings expressed as hexadecimal numbers. The fusing processing is carried out by using the byte array corresponding to the key and the original image together, namely generating a position coordinate point and acquiring image pixel data in a corresponding range of the position coordinate point from the original image; and carrying out fusion processing on the byte array and the image pixel data. The number of the position coordinate points can be single or multiple, the position coordinate points can be random coordinate points, and also can be corresponding fixed coordinate points distributed by the front end of the application program for the key to be stored. The image pixel data may be RGB data, or RGBA data, where R data is a red pixel component in the image pixel data, G data is a green pixel component in the image pixel data, B data is a blue pixel component in the image pixel data, and a data is a transparency attribute in the image pixel data.
The fusion process is a process of synthesizing parameters of at least two or more fusion parameters, and the result after the fusion process does not include the fusion parameters used for data synthesis. It can be understood that, in this embodiment, the fusion parameter may be the original image and the byte array corresponding to the key, and the fusion processing may be performed by replacing or overlapping the image pixel data in the original image according to the byte array, or performing a logical operation and/or a numerical operation on the byte array and the image pixel data to obtain an operation result. The fusion processing is carried out to obtain an image result and a data result, wherein the image result can be an original image, an image obtained after the synthesis processing, and carrier information of the image corresponding to the feedback key; the data result may be at least one of data from which a fusion parameter is obtained, for example, a position coordinate point, and an operation result.
It should be noted that the image result is fed back to the user side for storage may be sent to the user side by an email or an application message, and the user side stores the image result in a local manner or in a cloud manner after being allowed by the user. When the image result is fed back with carrier information, for example, the carrier information is a preview confirmation mail when the image is used as a card surface, the card entity is finally delivered to the user for storage after being made.
In this embodiment, the data result of the fusion processing is stored when the key is stored, and the image result of the fusion processing is fed back to the user side for storage. Therefore, the server side and the user side do not directly store the key plaintext, the technical problem that the existing storage mode is easy to cause key leakage is solved, the security of key storage is improved, the user stores images, and the user-oriented key storage cost is low.
In another embodiment, the fusing the byte array and the image pixel data may include inputting the byte array and the image pixel data to a preset operator for operation, the operation including at least one of a numerical operation and a logical operation; the operation result and the position coordinate point of the operator are preset as data results, and the original image is an image result.
In this embodiment, the preset operator can perform a single or multiple operations. For example, the two operations performed by the preset operator may be a process of selecting a preset number of color component data from the image pixel data and inputting the color component data to the first preset operator for operation to output a first operation result; the preset number may be the total number of color components, or some number of color components may be selected. The first operator may perform a difference operation and an exclusive or operation. After the first operation result is obtained, the first operation result and the byte array may be input to a second preset operator for operation, so as to output a second operation result, where the second operation result is the operation result of the preset operator.
For example, the user selects image a of the smart card face as the original image, and the server converts the key into byte array byte key [ n ] ═ 0x 01. Then, a coordinate system is set by taking the lower left corner of the original image as an origin. And then generating a plurality of random coordinate points from the coordinate system by taking the constructed coordinate system as a reference, combining the plurality of random coordinate points to form a random coordinate point string (x, y) p [ n ], and then acquiring corresponding RGBA data when the random coordinate point string is mapped into the original image, wherein the RGBA data of the position of the (x, y) p [ n ] is (0x01, 0x02, 0x03 and 0 xff). And finally, performing logic operation and numerical operation on the RGBA data and the byte array key [ n ]. The RGBA data may be input to a first preset operator to perform an exclusive-or operation, the output first operation result is 0X00, and then the first operation result 0X00 and the byte key [ n ] ═ 0X01 are subjected to a difference operation, an obtained difference string is a second operation result, and the difference string is also an operation result of inputting the byte array and the image pixel data to the preset operator.
After the operation is finished, the fusion processing is finished, at this time, the operation result and the position coordinate point can be stored by a background server corresponding to the program front end, the original image is delivered to the user side for self storage, for example, the original image is stored in a local album as the user side, or the original image is printed on a fixed carrier and is stored for a long time, for example, the original image is stored as the card surface of the smart card.
In another example, to increase the sample size of the RGBA data, RGBA data of a position coordinate point and several pixels around the coordinate point may also be selected as image pixel data.
Further, it is understood that the foregoing processes of setting the coordinate system and operating by the operator are only examples, and may be performed with other origins as a standard, or with other types of coordinate systems. The arithmetic unit is not limited to the exclusive-or operation and the difference operation, and other operations may be used.
According to the scheme, the byte array corresponding to the key and the original image are fused together, so that a processed image result and a data result are obtained. The original image is stored as an image result by a user side, and the position coordinate point and the operation result are stored as a data result by a program background. The key is split into two different forms through fusion processing, the user side and the server side are not stored in a plaintext form any more, the problem that the whole key is easy to leak is solved, the key cannot be restored even if a single user side or a single server side leaks, and the security of key storage is improved. When the user saves, the logic carrier for obtaining the key is an image, so that the user can easily remember the obtaining way of the password and can also easily save the password.
In another embodiment, the fusing the byte array and the image pixel data may include superimposing the byte array on the image pixel data according to a preset rule to obtain superimposed image pixel data; adjusting the original image according to the pixel data of the superposed image and the position coordinate point to obtain an adjusted image; and adjusting the image to be an image result, and setting the position coordinate point to be a data result.
For example, the preset rule may be to obtain the number of character strings of the byte array, then select color components of the number of character strings from the image pixel data, and replace the color components according to the arrangement order of the byte array. Or further after the color component is selected, summing each byte number in the byte array and a preset value respectively, and replacing the result obtained by summation as a new color component in sequence. It should be noted that, when selecting color components, color components may be selected randomly, sequentially, in reverse order, or with a certain color component as a starting position according to each user. The RGBA data at the position of the byte array byte key [ n ] ═ 0x01, (x, y) p [ n ] is (0x01, 0x02, 0x03, 0xff) for illustration. If the preset rule is to select the a data as the replaced color component, the pixel data of the superimposed image obtained after the replacement is (0x01, 0x02, 0x03, 0x 01). The image pixel data of the position coordinate point in the original image can be updated and stored according to (0x01, 0x02, 0x03, 0x01), and the updated and stored image is the adjustment image.
In another example, to prevent the image result from being hacked, several other points may be randomly selected in addition to changing the image pixel data based on the coordinate string to adjust the updated image. Random numbers are added according to a preset rule to update image pixel data of other points in the adjusted image, and image pixels which are changed in the image result and fed back to the user finally have interference, so that the possibility of cracking the key is further reduced.
It can be understood that the image result saved by the user side is used for masking the secret key, even if a third party obtains the image result or the user no longer accords with the secret key verification authority, the plain text of the secret key cannot be seen even if the third party obtains the image result or the user does not accord with the secret key verification authority, and the safety of the use of the secret key is improved.
In yet another embodiment, a check value, such as a hash value, may also be calculated for the original image after the selected original image is acquired. And when the program front end triggers the background server to store the data result, storing the check value together. The verification value of the original picture is verified in advance in the later period of key extraction, and the key extraction operation is executed only after the verification is passed, so that unnecessary key extraction operation is reduced, and the processing process is accelerated.
In order to prevent the problem that the key cannot be restored and extracted due to slight change of image pixel data, the original image can be converted into a gray image firstly when the image pixel data in the corresponding range of the position coordinate point is acquired from the original image; and then acquiring image pixel data in a corresponding range of the position coordinate point from the gray level image. Or after obtaining the image pixel data, converting the image pixel data into the gray scale image pixel data to perform subsequent operation. It will be appreciated that small changes in image pixel data are typically the last half byte, whereas a grayscale image is a black and white image, which can mask deviations caused by small changes in the image. Taking the example that the red component R data in the image pixel data of the position coordinate point is 0x9F, when converted into a grayscale image, the image pixel data of the position coordinate point is converted from 0x9F to 0 xFF.
In another example, at least the second half byte of each color component in the image pixel data may also be saved to the background server as an error correction character after the image pixel data is obtained. The error correction character is not the complete array of bytes to which the key corresponds. In the key extraction link, firstly, the stored error correction characters and the corresponding position coordinate points are obtained from the background server, pixel points are taken from the image selected by the user according to the position coordinate points to obtain image pixel data, error correction is carried out on the image pixel data obtained in the key extraction link according to the error correction characters to obtain original image pixel data, and then, the original image pixel data is continuously used for carrying out verification value detection and key extraction operation on the image. By introducing the error correction characters, on the premise of ensuring the security of key storage, the problem that the key extraction fails due to slight changes of images caused by transmission or other factors is prevented, and the success rate of key extraction verification is improved.
In another embodiment, when the key is invalid or the key verification authority of the user is invalid, a user logout instruction may be sent to the application front end by the user end/management terminal, and the application front end deletes the data result stored in the backend server. For scenes such as user leaving, the key association is removed by destroying the deleted data result, and the security of key verification is not affected even if images are stored.
Fig. 2 is a flowchart illustrating a key extraction method according to an embodiment of the present invention. As shown in fig. 2, the method may include:
step S210, acquiring an image selected by a user, and acquiring fusion processing data from a server, wherein the fusion processing data is data saved when the server stores a secret key;
and step S220, performing inverse fusion processing on the image pixel data according to the fusion processing data, wherein the result of the inverse fusion processing is a secret key.
The embodiment can be applied to the application program front end. For example, the user side is provided with a user-oriented application front-end interface, and the user operates the user side to enter the interface and input account information, for example, the account information may be a user name or a communication address used when applying for distributing a key. And when the application program front end receives the account information input by the user, starting a key extraction program. The user may also select and upload an image at the application front-end, which may not be uploaded to the backend server, but only for key extraction. And after the application program front end calls the fusion processing data corresponding to the account information from the background server, performing anti-fusion processing by combining the image selected by the user.
It should be noted that the user may not input account information, and the application front end may determine the fusion processing data according to the device serial number and the IP (Internet Protocol) address of the user end. The fusion processing data is not a key, but is a result that a part of the obtained key has a data form, namely a data result stored in a key storage link. Correspondingly, the inverse fusion process is a reverse operation of the fusion process, and is a process of extracting a key, which is one of the fusion parameters, by performing an inverse fusion operation using the image as an authentication image and the fusion process data as authentication data.
The above-described embodiment obtains the key by performing the inverse fusion processing on the image and the fusion processing data, the image being selected by the user, and the fusion processing data being data stored when the server performs the key storage. Therefore, the server side and the user side do not directly store the plaintext of the key, the technical problem that the key is easy to leak in the existing storage mode is solved, and the security of key storage is improved. The user stores the image, and the storage cost of the key facing the user is low.
In an example, the fusion process data may include a position coordinate point generated when the key is stored. The process of performing inverse fusion processing on the image pixel data according to the fusion processing data may include acquiring image pixel data within a range corresponding to the position coordinate point from the image; and performing inverse fusion processing on the image pixel data according to the fusion processing data. The position coordinate point is a fixed coordinate point or a random coordinate point assigned by the application program front end when the key assignment is stored, and may be single or multiple. The image pixel data may be RGB data or RGBA data depending on the consistent setting when the key is stored.
In another example, when the original image is used as the image result to be saved, the fusion processing data may further include an operation result obtained by an operation of a preset operator when the key is stored. The process of performing inverse fusion processing on the image pixel data according to the fusion processing data may include inputting the image pixel data and an operation result to a preset operator to perform inverse operation, where the operation result of the inverse operation is a result of the inverse fusion processing.
In still another example, when the adjusted image is saved as an image result, the process of performing inverse fusion processing on the image pixel data according to the fusion processing data may be to decompose the image pixel data within the range corresponding to each position coordinate point with reference to a preset rule of key storage, and to compose the decomposed bytes into a byte array according to the preset rule; and finally converting the byte array into a key.
It should be noted that, if in the key storage step, the front end of the application program is image pixel data obtained after converting an image into a grayscale image, and in the key extraction step, it is also necessary to convert the image into the grayscale image and then obtain image pixel data in the corresponding range of the position coordinate point from the grayscale image, so as to ensure the consistency of the obtained image pixel data and further ensure the accuracy of key extraction.
If the image pixel data is stored in the key storage link, in order to prevent the problem that the key cannot be restored and extracted due to slight change of the image pixel data, error correction characters are stored in a background server, and the error correction characters corresponding to the image pixel data can be acquired from the server in the key extraction process correspondingly to serve as correction pixel data; and according to the corrected pixel data, the reference key storage link carries out self-updating on the image pixel data, so that the accuracy of the image pixel data is ensured.
Fig. 3 is a schematic diagram illustrating a virtual module structure of a key processing apparatus according to an embodiment of the present invention. In the apparatus, comprising:
an obtaining module 10, configured to obtain a selected original image and a key to be stored;
a conversion module 20, configured to convert the key into a byte array;
the fusion module 30 is configured to perform fusion processing on the byte array and the original image to obtain an image result and a data result of the fusion processing;
and the storage module 40 is used for storing the data result and feeding back the image result to the user side for storage.
In another embodiment, the fusion module comprises:
the generating unit is used for generating the position coordinate point and acquiring image pixel data in a corresponding range of the position coordinate point from the original image;
and the fusion unit is used for carrying out fusion processing on the byte array and the image pixel data.
In yet another embodiment, the fusion unit includes:
the operation subunit is used for inputting the byte arrays and the image pixel data into a preset arithmetic unit for operation, and the operation comprises at least one of numerical operation and logic operation;
the operation result and the position coordinate point of the operator are preset as data results, and the original image is an image result.
In another embodiment, the operation subunit is further configured to select a preset number of color component data from the image pixel data to be input to the first preset operator for operation, so as to output a first operation result; and inputting the first operation result and the byte array into a second preset operator for operation so as to output a second operation result, wherein the second operation result is an operation result.
In yet another embodiment, the fusion unit includes:
the superposition subunit is used for superposing the byte arrays to the image pixel data according to a preset rule to obtain superposed image pixel data;
the adjusting subunit is used for adjusting the original image according to the superposed image pixel data and the position coordinate point to obtain an adjusted image;
and adjusting the image to be an image result, and setting the position coordinate point to be a data result.
In yet another embodiment, the generating unit includes:
a converting subunit, configured to convert the original image into a grayscale image;
and the acquisition subunit is used for acquiring the image pixel data in the corresponding range of the position coordinate point from the gray-scale image.
In yet another embodiment, the apparatus further comprises:
and the deleting module is used for deleting the data result when a user logout instruction is received.
In yet another embodiment, an apparatus comprises:
the acquisition module is used for acquiring the image selected by the user and acquiring fusion processing data from the server, wherein the fusion processing data is data stored when the server stores the secret key;
and the anti-fusion processing module is used for performing anti-fusion processing on the image pixel data according to the fusion processing data, and the result of the anti-fusion processing is a secret key.
Fig. 4 is a schematic diagram illustrating a hardware structure of a key processing device according to an embodiment of the present invention.
The key processing device may comprise a processor 301 and a memory 302 in which computer program instructions are stored.
In particular, the processor 301 may include a Central Processing Unit (CPU), or an Application Specific Integrated Circuit (ASIC), or may be configured as one or more Integrated circuits implementing embodiments of the present invention.
In particular embodiments, memory may include Read Only Memory (ROM), Random Access Memory (RAM), magnetic disk storage media devices, optical storage media devices, flash memory devices, electrical, optical, or other physical/tangible memory storage devices. Thus, in general, the memory includes one or more tangible (non-transitory) computer-readable storage media (e.g., memory devices) encoded with software comprising computer-executable instructions and when the software is executed (e.g., by one or more processors), it is operable to perform the operations described with reference to the above-described methods in accordance with the present disclosure.
The processor 301 realizes any one of the key storage methods or the key extraction methods in the above embodiments by reading and executing the computer program instructions stored in the memory 302.
In one example, the key processing device may also include a communication interface 303 and a bus 310. As shown in fig. 4, the processor 301, the memory 302, and the communication interface 303 are connected via a bus 310 to complete communication therebetween.
The communication interface 303 is mainly used for implementing communication between modules, apparatuses, units and/or devices in the embodiment of the present invention.
The key processing device may perform a key storage method or a key extraction method, thereby implementing the key access method and the key processing apparatus described in conjunction with fig. 1 to 3.
In addition, in combination with the key storage method or the key extraction method in the foregoing embodiments, embodiments of the present invention may provide a computer storage medium to implement. The computer storage medium having computer program instructions stored thereon; the computer program instructions, when executed by a processor, implement any one of the key storage methods or key extraction methods of the above embodiments.
It is to be understood that the invention is not limited to the specific arrangements and instrumentality described above and shown in the drawings. A detailed description of known methods is omitted herein for the sake of brevity. In the above embodiments, several specific steps are described and shown as examples. However, the method processes of the present invention are not limited to the specific steps described and illustrated, and those skilled in the art can make various changes, modifications and additions or change the order between the steps after comprehending the spirit of the present invention.
The functional blocks shown in the above-described structural block diagrams may be implemented as hardware, software, firmware, or a combination thereof. When implemented in hardware, it may be, for example, an electronic circuit, an Application Specific Integrated Circuit (ASIC), suitable firmware, plug-in, function card, or the like. When implemented in software, the elements of the invention are the programs or code segments used to perform the required tasks. The program or code segments may be stored in a machine-readable medium or transmitted by a data signal carried in a carrier wave over a transmission medium or a communication link. A "machine-readable medium" may include any medium that can store or transfer information. Examples of a machine-readable medium include electronic circuits, semiconductor memory devices, ROM, flash memory, Erasable ROM (EROM), floppy disks, CD-ROMs, optical disks, hard disks, fiber optic media, Radio Frequency (RF) links, and so forth. The code segments may be downloaded via computer networks such as the internet, intranet, etc.
It should also be noted that the exemplary embodiments mentioned in this patent describe some methods or systems based on a series of steps or devices. However, the present invention is not limited to the order of the above-described steps, that is, the steps may be performed in the order mentioned in the embodiments, may be performed in an order different from the order in the embodiments, or may be performed simultaneously.
Aspects of the present disclosure are described above with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the disclosure. It will be understood that each block of the flowchart illustrations and/or block diagrams, and combinations of blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, enable the implementation of the functions/acts specified in the flowchart and/or block diagram block or blocks. Such a processor may be, but is not limited to, a general purpose processor, a special purpose processor, an application specific processor, or a field programmable logic circuit. It will also be understood that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware for performing the specified functions or acts, or combinations of special purpose hardware and computer instructions.
As described above, only the specific embodiments of the present invention are provided, and it can be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working processes of the system, the module and the unit described above may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again. It should be understood that the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive various equivalent modifications or substitutions within the technical scope of the present invention, and these modifications or substitutions should be covered within the scope of the present invention.
Claims (11)
1. A method of storing a key, comprising:
acquiring a selected original image and the key to be stored;
converting the key into a byte array;
performing fusion processing on the byte array and the original image to obtain an image result and a data result subjected to fusion processing;
and storing the data result, and feeding back the image result to a user side for storage.
2. The key storage method according to claim 1, wherein the fusing the byte array and the original image includes:
generating a position coordinate point, and acquiring image pixel data in a range corresponding to the position coordinate point from the original image;
and carrying out fusion processing on the byte array and the image pixel data.
3. The key storage method according to claim 2, wherein the fusing the byte array and the image pixel data includes:
inputting the byte array and the image pixel data into a preset arithmetic unit for operation, wherein the operation comprises at least one of numerical operation and logic operation;
the operation result of the preset operator and the position coordinate point are the data result, and the original image is the image result.
4. The key storage method according to claim 3, wherein the inputting the byte array and the image pixel data to a preset operator for operation comprises:
selecting a preset number of color component data from the image pixel data, inputting the color component data into a first preset arithmetic unit for operation, and outputting a first operation result;
and inputting the first operation result and the byte array into a second preset operator for operation so as to output a second operation result, wherein the second operation result is the operation result.
5. The key storage method according to claim 2, wherein the fusing the byte array and the image pixel data includes:
superposing the byte array to the image pixel data according to a preset rule to obtain superposed image pixel data;
adjusting the original image according to the superposed image pixel data and the position coordinate point to obtain an adjusted image;
the adjusted image is the image result and the position coordinate point is the data result.
6. The key storage method according to any one of claims 2 to 5, wherein the obtaining of the image pixel data in the range corresponding to the position coordinate point from the original image includes:
converting the original image into a gray image;
and acquiring image pixel data in a range corresponding to the position coordinate point from the gray-scale image.
7. The key storage method according to claim 1, wherein after the feeding back the image result to the user side for storage, the method further comprises:
and when a user logout instruction is received, deleting the data result.
8. A method of key extraction, comprising:
acquiring an image selected by a user, and acquiring fusion processing data from a server, wherein the fusion processing data is data stored when the server stores a secret key;
and performing inverse fusion processing on the image pixel data according to the fusion processing data, wherein the result of the inverse fusion processing is the secret key.
9. A key processing apparatus, characterized in that the apparatus comprises:
the acquisition module is used for acquiring the selected original image and the key to be stored;
the conversion module is used for converting the key into a byte array;
the fusion module is used for carrying out fusion processing on the byte array and the original image to obtain an image result and a data result which are subjected to fusion processing;
the storage module is used for storing the data result and feeding back the image result to the user side for storage;
alternatively, the apparatus comprises:
the acquisition module is used for acquiring an image selected by a user and acquiring fusion processing data from a server, wherein the fusion processing data is data stored when the server stores a secret key;
and the anti-fusion processing module is used for performing anti-fusion processing on the image pixel data according to the fusion processing data, and the result of the anti-fusion processing is the secret key.
10. A key processing apparatus, characterized in that the apparatus comprises: a processor and a memory storing computer program instructions;
the processor, when executing the computer program instructions, implements a key storage method as claimed in any one of claims 1 to 7, or a key extraction method as claimed in claim 8.
11. A computer storage medium having computer program instructions stored thereon, which when executed by a processor implement the key storage method of any one of claims 1 to 7 or the key extraction method of claim 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110519280.7A CN113297613A (en) | 2021-05-12 | 2021-05-12 | Key access method, key processing device, key processing equipment and computer storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110519280.7A CN113297613A (en) | 2021-05-12 | 2021-05-12 | Key access method, key processing device, key processing equipment and computer storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113297613A true CN113297613A (en) | 2021-08-24 |
Family
ID=77321566
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110519280.7A Pending CN113297613A (en) | 2021-05-12 | 2021-05-12 | Key access method, key processing device, key processing equipment and computer storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113297613A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113872762A (en) * | 2021-11-29 | 2021-12-31 | 国网浙江省电力有限公司金华供电公司 | Quantum encryption communication system based on power distribution terminal equipment and use method thereof |
| CN114139186A (en) * | 2021-12-02 | 2022-03-04 | 捷德(中国)科技有限公司 | Data encryption method and device |
| CN114745109A (en) * | 2022-04-06 | 2022-07-12 | 国网浙江省电力有限公司宁波供电公司 | Power distribution terminal encryption communication system and method based on quantum encryption |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104468090A (en) * | 2014-11-12 | 2015-03-25 | 辽宁大学 | Chinese character password encoding method based on image pixel coordinates |
| CN109413051A (en) * | 2018-10-09 | 2019-03-01 | 深圳南方德尔汽车电子有限公司 | Data encryption method and device, computer equipment and storage medium |
| CN109698745A (en) * | 2018-12-25 | 2019-04-30 | 歌尔科技有限公司 | A kind of key management method, system and earphone and storage medium |
| CN111192187A (en) * | 2018-08-27 | 2020-05-22 | 优信数享(北京)信息技术有限公司 | Decryption method and system |
-
2021
- 2021-05-12 CN CN202110519280.7A patent/CN113297613A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104468090A (en) * | 2014-11-12 | 2015-03-25 | 辽宁大学 | Chinese character password encoding method based on image pixel coordinates |
| CN111192187A (en) * | 2018-08-27 | 2020-05-22 | 优信数享(北京)信息技术有限公司 | Decryption method and system |
| CN109413051A (en) * | 2018-10-09 | 2019-03-01 | 深圳南方德尔汽车电子有限公司 | Data encryption method and device, computer equipment and storage medium |
| CN109698745A (en) * | 2018-12-25 | 2019-04-30 | 歌尔科技有限公司 | A kind of key management method, system and earphone and storage medium |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113872762A (en) * | 2021-11-29 | 2021-12-31 | 国网浙江省电力有限公司金华供电公司 | Quantum encryption communication system based on power distribution terminal equipment and use method thereof |
| CN113872762B (en) * | 2021-11-29 | 2022-03-25 | 国网浙江省电力有限公司金华供电公司 | Quantum encryption communication system based on power distribution terminal equipment and use method thereof |
| CN114139186A (en) * | 2021-12-02 | 2022-03-04 | 捷德(中国)科技有限公司 | Data encryption method and device |
| CN114745109A (en) * | 2022-04-06 | 2022-07-12 | 国网浙江省电力有限公司宁波供电公司 | Power distribution terminal encryption communication system and method based on quantum encryption |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111079128B (en) | Data processing method and device, electronic equipment and storage medium | |
| US20200068394A1 (en) | Authentication of phone caller identity | |
| CN113297613A (en) | Key access method, key processing device, key processing equipment and computer storage medium | |
| CN114036542B (en) | Data encryption and decryption method and computer storage medium | |
| US11531746B2 (en) | Method for electronic signing of a document by a plurality of signatories | |
| CN114065148A (en) | Block chain-based security management and disclosure tracing method for confidential documents | |
| EP3023900A1 (en) | A method, device and system for account recovery with a durable code | |
| CN113282911A (en) | Identity authentication method, device, equipment and computer storage medium | |
| CN107579903B (en) | Picture message secure transmission method and system based on mobile device | |
| CN106130733A (en) | More newly configured methods, devices and systems | |
| CN116455572B (en) | Data encryption method, device and equipment | |
| CN107465504A (en) | A kind of method and device for improving key safety | |
| CN107749854B (en) | Single sign-on method and system based on client | |
| US20220067129A1 (en) | Encryption to limit digitally altered imaging data | |
| CN116113946A (en) | Data management system | |
| CN105490814A (en) | Ticket real name authentication method and system based on three-dimensional code | |
| CN112491840B (en) | Information modification method, device, computer equipment and storage medium | |
| CN115861020A (en) | Image processing method and device | |
| Abboud | Multifactor authentication for software protection | |
| CN114066708A (en) | Traceable picture authorization method and device | |
| KR20180116628A (en) | User access authentication system based on personal image | |
| CN110691068A (en) | Cloud server login system, method and device | |
| CN106453232B (en) | Auxiliary multi-user's authentication registration method and system based on mobile client identification module | |
| CN109391616B (en) | Information management method and terminal | |
| CN112230868B (en) | Safety copying machine and copying control method based on safety chip |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210824 |