[go: up one dir, main page]

CN116432241A - Text encryption system and method - Google Patents

Text encryption system and method Download PDF

Info

Publication number
CN116432241A
CN116432241A CN202310677926.3A CN202310677926A CN116432241A CN 116432241 A CN116432241 A CN 116432241A CN 202310677926 A CN202310677926 A CN 202310677926A CN 116432241 A CN116432241 A CN 116432241A
Authority
CN
China
Prior art keywords
encryption
module
data
hash value
platform
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310677926.3A
Other languages
Chinese (zh)
Inventor
周枭淳
蔡先勇
杜峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Aolian Information Security Technology Co ltd
Original Assignee
Shenzhen Aolian Information Security Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Aolian Information Security Technology Co ltd filed Critical Shenzhen Aolian Information Security Technology Co ltd
Priority to CN202310677926.3A priority Critical patent/CN116432241A/en
Publication of CN116432241A publication Critical patent/CN116432241A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0872Generation of secret information including derivation or calculation of cryptographic keys or passwords using geo-location information, e.g. location data, time, relative position or proximity to other entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3006Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
    • H04L9/302Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters involving the integer factorization problem, e.g. RSA or quadratic sieve [QS] schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2111Location-sensitive, e.g. geographical location, GPS
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2117User registration
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Computing Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Electromagnetism (AREA)
  • Automation & Control Theory (AREA)
  • Algebra (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a text encryption system and a text encryption method, belongs to the field of information confidentiality, relates to encryption technology, and is used for solving the problem that the text information protection is insufficient in the prior art in a mode of simply acquiring a stored text by means of account login; the system comprises a registration login module, an encryption platform connected with the registration login module, an account distribution module, a data encryption module and a data decryption module; when the target user stores text data, the identity of the target user is required to be verified, the verification basis is verification characters fed back by the encryption platform, the uploading authentication process is added on the basis of the traditional text storage, the phenomenon that other personnel upload manuscripts at will caused by account passwords are prevented from happening, when data are read, the geographic position of data reading equipment and the geographic position of initial equipment are obtained through comparison of the geographic positions, and the problem of data leakage caused by different-place account login is reduced.

Description

Text encryption system and method
Technical Field
The invention belongs to the field of information confidentiality, relates to encryption technology, and in particular relates to a text encryption system and a text encryption method.
Background
The data in the information age is massive, the personal privacy is related to a plurality of data, the data safety has influence on all aspects of our daily life, and the work and life data are required to be safely and effectively protected; cloud storage is a better way of storing data information at present, namely, storing the data on a plurality of virtual servers usually hosted by a third party, rather than on a dedicated server.
Most of the existing cloud storage modes have a storage account, storage documents can be obtained from different login devices through the input of the storage account and passwords, and the phenomenon that the storage account is stolen due to forgetting to exit is increased increasingly, so that a method and a system for obtaining storage texts through non-simple account login are needed to ensure effective protection of storage text information.
Therefore, the invention provides a text encryption system and a text encryption method.
Disclosure of Invention
The purpose of the application is to provide a text encryption system and a text encryption method, which are used for solving the problem that the text information protection is insufficient in the prior art in a mode of simply acquiring a stored text by means of account login.
In order to achieve the above objective, one embodiment of the present application provides a text encryption system, which includes a registration login module, an encryption platform connected with the registration login module, an account distribution module, a data encryption module, and a data decryption module;
the registration login module is used for inputting personal information by a target user to register an encrypted account number, storing the personal information in the encryption platform, and sending the geographic position of equipment for registration to the encryption platform; and marking the registration device as an initial device;
the account distribution module is used for receiving an account newly-added request of the encryption platform, generating an encryption account and a password, and sending the generated encryption account and password to a target user;
the encryption platform is used for generating verification characters and feeding the verification characters back to the target user; also used for storing text data;
the data encryption module is used for encrypting text data transmitted into the encryption platform by the target user;
the data decryption module is used for decrypting and transmitting text data in the encryption platform; comprising the following steps:
step P1: after the encryption platform is connected with the data reading equipment in a wireless network mode, the initial equipment is connected with the data reading equipment in a wireless mode;
step P2: the encryption platform acquires the geographic position of the data reading equipment; the geographic position of the data reading equipment is sent to a data decryption module;
step P3: the data decryption module reads the geographic position of the data reading device; comparing the read geographic position with the geographic position of the initial equipment; if the two geographic positions are the same, turning to a step P4; otherwise, sending the equipment error information to a registration login module;
step P4: the data decryption module decrypts the stored text data by using the quantum key and sends the decrypted text data to the data reading device.
As a further scheme of the invention: the registration login module also comprises an identity verification process before transmitting text data to the encryption platform, and the identity verification mode of the identity verification module comprises the following steps:
step S1: the target user inputs the verification character to the identity verification module, and the identity verification module obtains the hash value of the verification character through a hash algorithm after obtaining the verification character;
step S2: the identity verification module encrypts the hash value of the verification character by using the public key to obtain a secondary hash value;
step S3: the identity verification module sends the encrypted secondary hash value to an encryption platform;
step S4: the encryption platform uses the same hash algorithm to calculate the hash value of the verification character; marking the hash value as HX1;
step S5: the encryption platform decrypts the secondary hash value sent by the identity verification module by using a private key; marking the decrypted hash value as HX2;
step S6: the encryption platform compares the hash value HX1 with the hash value HX2; if the hash value HX1 is the same as the hash value HX2, the authentication is successful; otherwise, the authentication fails.
As a further scheme of the invention: the personal information comprises a name, an identity card number and a contact way;
the generation of the encrypted account number and password depends on the name, identification number and contact.
As a further scheme of the invention: the registration login module is a mobile terminal or a PC terminal of a target user; the encryption platform is a quantum encryption special platform.
As a further scheme of the invention: the encryption platform is a cloud platform for temporarily or permanently storing data, and after a target user logs in, the data needing to be stored is sent to the encryption platform.
As a further scheme of the invention: the registration login module is connected with the encryption platform in a wireless network mode, and transmits text data to the encryption platform, and the encryption platform encrypts data transmitted by a target user by using a quantum password after receiving the text data;
the encrypted text data is decrypted and read through a data decryption module.
As a further scheme of the invention: the encryption platform generates a set of private keys and public keys of an asymmetric encryption algorithm;
storing the private key; sending the public key to an identity verification module;
the asymmetric encryption algorithm is an RSA algorithm or an elliptic curve encryption algorithm.
Another embodiment of the present application provides a text encryption method, including the steps of:
step S101: the target user inputs personal information through a registration login module to register an encrypted account, and the registration login module sends the geographical position of the equipment for registration to an encryption platform; and marking the registration device as an initial device;
step S102: the encryption platform sends an account number newly-added request to an account number distribution module, the account number distribution module acquires personal information of a target user, generates an encryption account number and a password according to the personal information of the target user, and sends the generated encryption account number and password to a registration login module; the encryption platform feeds back verification characters to the registration login module;
step S103: when the target user logs in the encryption platform through the initial equipment again, the target user inputs verification characters to the identity verification module, and the identity verification module obtains the verification characters and then obtains hash values of the verification characters through a hash algorithm; the identity verification module encrypts the hash value of the verification character by using the public key to obtain a secondary hash value; the identity verification module sends the encrypted secondary hash value to an encryption platform;
step S104: the encryption platform uses the same hash algorithm to calculate the hash value of the verification character; marking the hash value as HX1; the encryption platform decrypts the secondary hash value sent by the identity verification module by using a private key; marking the decrypted hash value as HX2; the encryption platform compares the hash value HX1 with the hash value HX2; if the hash value HX1 is the same as the hash value HX2, the authentication is successful;
step S105: the target user sends the data to be stored to the encryption platform; the data encryption module encrypts text data transmitted by the target user into an encryption platform;
step S106: the data decryption module reads and decrypts text data in the encryption platform, and the encryption platform acquires the geographic position of the data reading equipment; the geographic position of the data reading equipment is sent to a data decryption module; the data decryption module reads the geographic position of the data reading device; comparing the read geographic position with the geographic position of the initial equipment; and if the two geographic positions are the same, the data decryption module decrypts the stored text data by using the quantum key and sends the decrypted text data to the data reading equipment.
Compared with the prior art, the invention has the beneficial effects that:
according to the invention, after the target user is registered, an account number is generated and distributed by an account number distribution module connected with an encryption platform, so that the problem that account number leakage is easily guessed by a traditional mobile phone or an identity card number registration illegitimate is avoided, meanwhile, in the application, when the target user stores text data, the identity of the target user is required to be verified, the verification basis is verification characters fed back by the encryption platform, the uploading authentication process is added on the basis of the traditional text storage, the phenomenon that other personnel upload manuscripts at will due to account number password leakage is prevented, and when the identity verification module is used for carrying out identity verification, the verification characters are firstly subjected to hash algorithm to obtain hash values of the verification characters; the identity verification module encrypts the hash value of the verification character by using the public key to obtain a secondary hash value; the identity verification module sends the encrypted secondary hash value to an encryption platform; the encryption platform uses the same hash algorithm to calculate the hash value of the verification character; marking the hash value as HX1; the encryption platform decrypts the secondary hash value sent by the identity verification module by using a private key; marking the decrypted hash value as HX2; comparing the hash value HX1 and the hash value HX2 by the encryption platform, and if the hash value HX1 is the same as the hash value HX2, successfully verifying the identity; the verification strength is increased by adopting a hash value secondary calculation mode, so that the phenomenon that other personnel upload manuscripts at will is avoided; and when the data is read, the geographic position of the data reading equipment and the geographic position of the initial equipment are obtained through the comparison of the geographic positions, so that the problem of data leakage caused by different-place account login is reduced.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required in the prior art and the embodiments will be briefly described below, and it is apparent that the drawings in the following description are only some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a block diagram of a text encryption system according to the present invention;
fig. 2 is a block flow diagram of a text encryption method according to the present invention.
Detailed Description
For the purposes of making the objects, technical solutions and advantages of the embodiments of the present application more clear, the technical solutions of the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is apparent that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be made by one of ordinary skill in the art without undue burden from the present disclosure, are within the scope of the present disclosure.
Example 1
Referring to fig. 1 specifically, the text encryption system provided in this embodiment includes a registration login module and an encryption platform, where the registration login module is configured to input personal information by a target user to perform encrypted account registration, where the personal information includes a name, an identification card number and a contact manner; it will be appreciated that the personal information is stored in an encryption platform;
after the target user finishes the registration of the encrypted account, the registration login module also sends the geographic position of the equipment for registration to the encryption platform; and marking the registration device as an initial device; when the same account logs in the same equipment for a plurality of times, the login equipment is also marked as initial equipment; the number of the initial devices can be multiple, and the number of the initial devices is set by the encryption platform;
the registration login module is also used for inputting a login account number and a password login encryption platform by a target user;
the text encryption system further comprises an account distribution module, wherein the account distribution module is mainly used for generating a login account on the encryption platform and distributing the login account to a target user;
after the target user is registered, the encryption platform sends an account number newly-added request to an account number distribution module, the account number distribution module acquires personal information of the target user and generates an encryption account number and a password according to the personal information of the target user, and the account number distribution module sends the generated encryption account number and password to a registration login module;
the encryption platform generates verification characters and feeds the verification characters back to the registration login module;
then, the target user can modify the login password in the later period;
in one embodiment, the registration login module may be a mobile terminal or a PC terminal of the target user; the encryption platform can be a quantum encryption special platform;
the encryption platform can be a cloud platform for temporarily or permanently storing data, and after a target user logs in, the data needing to be stored can be sent to the encryption platform;
wherein the data packet block to be stored is not limited to text data;
in the application, the encryption platform is connected with a data encryption module and a data decryption module, and the data encryption module is mainly used for encrypting text data transmitted into the encryption platform by a target user;
in a preferred embodiment, the registration login module is connected with the encryption platform in a wireless network mode, the registration login module transmits text data to the encryption platform, and the encryption platform encrypts data transmitted by a target user by using a quantum password after receiving the text data;
it can be understood that the encrypted text data can be read and decrypted by the data decryption module;
the data decryption module is mainly used for decrypting and transmitting text data in the encryption platform;
in a preferred embodiment, the data decryption module performs reading decryption on text data in the encryption platform, including the steps of:
step P1: after the encryption platform is connected with the data reading equipment in a wireless network mode, the initial equipment is connected with the data reading equipment in a wireless mode;
step P2: the encryption platform acquires the geographic position of the data reading equipment; the geographic position of the data reading equipment is sent to a data decryption module;
step P3: the data decryption module reads the geographic position of the data reading device; comparing the read geographic position with the geographic position of the initial equipment; if the two geographic positions are the same, turning to a step P4; otherwise, sending the equipment error information to a registration login module;
step P4: the data decryption module decrypts the stored text data by using the quantum key and sends the decrypted text data to the data reading device.
The method comprises the following steps that before the registration login module transmits text data to the encryption platform, the authentication process is further included, and the authentication mode of the authentication module comprises the following steps:
step S1: the target user inputs the verification character to the identity verification module, and the identity verification module obtains the hash value of the verification character through a hash algorithm after obtaining the verification character;
step S2: the identity verification module encrypts the hash value of the verification character by using the public key to obtain a secondary hash value;
step S3: the identity verification module sends the encrypted secondary hash value to an encryption platform;
step S4: the encryption platform uses the same hash algorithm to calculate the hash value of the verification character; marking the hash value as HX1;
step S5: the encryption platform decrypts the secondary hash value sent by the identity verification module by using a private key; marking the decrypted hash value as HX2;
step S6: the encryption platform compares the hash value HX1 with the hash value HX2; if the hash value HX1 is the same as the hash value HX2, the authentication is successful; otherwise, the identity verification fails;
the encryption platform generates a group of private keys and public keys of an asymmetric encryption algorithm; and storing the private key; sending the public key to an identity verification module; the asymmetric encryption algorithm can be an RSA algorithm or an elliptic curve encryption algorithm;
according to the text encryption system provided by the embodiment, after the target user is registered, the account number is generated and distributed by the account number distribution module connected with the encryption platform, so that the problem that account number leakage is caused by the fact that the traditional mobile phone or identity card number is easily guessed in registration is avoided, meanwhile, in the text encryption system, when the target user stores text data, the identity of the target user is required to be verified, verification characters fed back by the encryption platform are used as verification bases, the uploading authentication process is added on the basis of the traditional text storage, the phenomenon that other personnel upload manuscripts at will due to account number password leakage is prevented, and when identity verification is carried out through the identity verification module, the verification characters are firstly subjected to hash algorithm to obtain hash values of the verification characters; the identity verification module encrypts the hash value of the verification character by using the public key to obtain a secondary hash value; the identity verification module sends the encrypted secondary hash value to an encryption platform; the encryption platform uses the same hash algorithm to calculate the hash value of the verification character; marking the hash value as HX1; the encryption platform decrypts the secondary hash value sent by the identity verification module by using a private key; marking the decrypted hash value as HX2; comparing the hash value HX1 and the hash value HX2 by the encryption platform, and if the hash value HX1 is the same as the hash value HX2, successfully verifying the identity; the verification strength is increased by adopting a hash value secondary calculation mode, so that the phenomenon that other personnel upload manuscripts at will is avoided;
similarly, during data reading, the geographic position of the data reading equipment and the geographic position of the initial equipment are obtained through comparison of the geographic positions, so that the problem of data leakage caused by different-place account login is reduced.
Example 2
Referring to fig. 2, the text encryption method provided in this embodiment mainly includes the following steps:
step S101: the target user inputs personal information through a registration login module to register an encrypted account, and the registration login module sends the geographical position of the equipment for registration to an encryption platform; and marking the registration device as an initial device;
step S102: the encryption platform sends an account number newly-added request to an account number distribution module, the account number distribution module acquires personal information of a target user, generates an encryption account number and a password according to the personal information of the target user, and sends the generated encryption account number and password to a registration login module; the encryption platform feeds back verification characters to the registration login module;
step S103: when the target user logs in the encryption platform through the initial equipment again, the target user inputs verification characters to the identity verification module, and the identity verification module obtains the verification characters and then obtains hash values of the verification characters through a hash algorithm; the identity verification module encrypts the hash value of the verification character by using the public key to obtain a secondary hash value; the identity verification module sends the encrypted secondary hash value to an encryption platform;
step S104: the encryption platform uses the same hash algorithm to calculate the hash value of the verification character; marking the hash value as HX1; the encryption platform decrypts the secondary hash value sent by the identity verification module by using a private key; marking the decrypted hash value as HX2; the encryption platform compares the hash value HX1 with the hash value HX2; if the hash value HX1 is the same as the hash value HX2, the authentication is successful;
step S105: the target user sends the data to be stored to the encryption platform; the data encryption module encrypts text data transmitted by the target user into an encryption platform;
step S106: the data decryption module reads and decrypts text data in the encryption platform, and the encryption platform acquires the geographic position of the data reading equipment; the geographic position of the data reading equipment is sent to a data decryption module; the data decryption module reads the geographic position of the data reading device; comparing the read geographic position with the geographic position of the initial equipment; and if the two geographic positions are the same, the data decryption module decrypts the stored text data by using the quantum key and sends the decrypted text data to the data reading equipment.
According to the text encryption method provided by the embodiment, after the target user is registered, an account number is generated and distributed by the account number distribution module connected with the encryption platform, so that the problem that account numbers are revealed due to the fact that illegal parts are easily guessed in the conventional mobile phone or identity card number registration is avoided, meanwhile, in the text encryption method, when the target user stores text data, the identity of the target user is required to be verified, verification characters fed back by the encryption platform are used as verification bases, the uploading authentication process is added on the basis of the conventional text storage, the phenomenon that other personnel upload manuscripts at will due to account number password leakage is prevented, and when identity verification is carried out through the identity verification module, the verification characters are firstly subjected to hash algorithm to obtain hash values of the verification characters; the identity verification module encrypts the hash value of the verification character by using the public key to obtain a secondary hash value; the identity verification module sends the encrypted secondary hash value to an encryption platform; the encryption platform uses the same hash algorithm to calculate the hash value of the verification character; marking the hash value as HX1; the encryption platform decrypts the secondary hash value sent by the identity verification module by using a private key; marking the decrypted hash value as HX2; comparing the hash value HX1 and the hash value HX2 by the encryption platform, and if the hash value HX1 is the same as the hash value HX2, successfully verifying the identity; the verification strength is increased by adopting a hash value secondary calculation mode, so that the phenomenon that other personnel upload manuscripts at will is avoided; similarly, during data reading, the geographic position of the data reading equipment and the geographic position of the initial equipment are obtained through comparison of the geographic positions, so that the problem of data leakage caused by different-place account login is reduced.
It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein. The solutions in the embodiments of the present application may be implemented in various computer languages, for example, object-oriented programming language Java, and an transliterated scripting language JavaScript, etc.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While preferred embodiments of the present application have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. It is therefore intended that the following claims be interpreted as including the preferred embodiments and all such alterations and modifications as fall within the scope of the application.
It will be apparent to those skilled in the art that various modifications and variations can be made in the present application without departing from the spirit or scope of the application. Thus, if such modifications and variations of the present application fall within the scope of the claims and the equivalents thereof, the present application is intended to cover such modifications and variations.

Claims (10)

1. The text encryption system is characterized by comprising a registration login module, an encryption platform connected with the registration login module, an account distribution module, a data encryption module and a data decryption module;
the registration login module is used for inputting personal information by a target user to register an encrypted account number, storing the personal information in the encryption platform, and sending the geographic position of equipment for registration to the encryption platform; and marking the registration device as an initial device;
the account distribution module is used for receiving an account newly-added request of the encryption platform, generating an encryption account and a password, and sending the generated encryption account and password to a target user;
the encryption platform is used for generating verification characters and feeding the verification characters back to the target user; also used for storing text data;
the data encryption module is used for encrypting text data transmitted into the encryption platform by the target user;
the data decryption module is used for decrypting and transmitting text data in the encryption platform; comprising the following steps:
step P1: after the encryption platform is connected with the data reading equipment in a wireless network mode, the initial equipment is connected with the data reading equipment in a wireless mode;
step P2: the encryption platform acquires the geographic position of the data reading equipment; the geographic position of the data reading equipment is sent to a data decryption module;
step P3: the data decryption module reads the geographic position of the data reading device; comparing the read geographic position with the geographic position of the initial equipment; if the two geographic positions are the same, turning to a step P4; otherwise, sending the equipment error information to a registration login module;
step P4: the data decryption module decrypts the stored text data by using the quantum key and sends the decrypted text data to the data reading device.
2. A text encryption system as recited in claim 1, wherein the registration login module further includes an authentication process prior to transmitting the text data to the encryption platform, the authentication module performing authentication by means of the authentication module comprising the steps of:
step S1: the target user inputs the verification character to the identity verification module, and the identity verification module obtains the hash value of the verification character through a hash algorithm after obtaining the verification character;
step S2: the identity verification module encrypts the hash value of the verification character by using the public key to obtain a secondary hash value;
step S3: the identity verification module sends the encrypted secondary hash value to an encryption platform;
step S4: the encryption platform uses the same hash algorithm to calculate the hash value of the verification character; marking the hash value as HX1;
step S5: the encryption platform decrypts the secondary hash value sent by the identity verification module by using a private key; marking the decrypted hash value as HX2;
step S6: the encryption platform compares the hash value HX1 with the hash value HX2; if the hash value HX1 is the same as the hash value HX2, the authentication is successful; otherwise, the authentication fails.
3. A text encryption system as recited in claim 1, wherein the personal information includes name, identification number and contact information;
the generation of the encrypted account number and password depends on the name, identification number and contact.
4. The text encryption system of claim 1, wherein the registration login module is a mobile terminal or a PC terminal of the target user; the encryption platform is a quantum encryption special platform.
5. The text encryption system of claim 1, wherein the encryption platform is a cloud platform for temporarily or permanently storing data, and the target user logs in and then sends the data to be stored to the encryption platform.
6. The text encryption system of claim 1, wherein the registration login module is connected with the encryption platform by a wireless network, and the registration login module transmits text data to the encryption platform, and the encryption platform encrypts data transmitted by the target user by using a quantum password after receiving the text data;
the encrypted text data is decrypted and read through a data decryption module.
7. A text encryption system as recited in claim 1, wherein the encryption platform generates a set of private and public keys for an asymmetric encryption algorithm;
storing the private key; sending the public key to an identity verification module;
the asymmetric encryption algorithm is one of SM2 and SM9 national encryption algorithms and RSA or ECC elliptic curve algorithm.
8. A text encryption method implemented based on the text encryption system of any one of claims 1-7, comprising the steps of:
step S101: the target user inputs personal information through a registration login module to register an encrypted account, and the registration login module sends the geographical position of the equipment for registration to an encryption platform; and marking the registration device as an initial device;
step S102: the encryption platform sends an account number newly-added request to an account number distribution module, the account number distribution module acquires personal information of a target user, generates an encryption account number and a password according to the personal information of the target user, and sends the generated encryption account number and password to a registration login module; the encryption platform feeds back verification characters to the registration login module;
step S103: when the target user logs in the encryption platform through the initial equipment again, the target user inputs verification characters to the identity verification module, and the identity verification module obtains the verification characters and then obtains hash values of the verification characters through a hash algorithm; the identity verification module encrypts the hash value of the verification character by using the public key to obtain a secondary hash value; the identity verification module sends the encrypted secondary hash value to an encryption platform;
step S104: the encryption platform uses the same hash algorithm to calculate the hash value of the verification character; marking the hash value as HX1; the encryption platform decrypts the secondary hash value sent by the identity verification module by using a private key; marking the decrypted hash value as HX2; the encryption platform compares the hash value HX1 with the hash value HX2; if the hash value HX1 is the same as the hash value HX2, the authentication is successful;
step S105: the target user sends the data to be stored to the encryption platform; the data encryption module encrypts text data transmitted by the target user into an encryption platform;
step S106: the data decryption module reads and decrypts text data in the encryption platform, and the encryption platform acquires the geographic position of the data reading equipment; the geographic position of the data reading equipment is sent to a data decryption module; the data decryption module reads the geographic position of the data reading device; comparing the read geographic position with the geographic position of the initial equipment; and if the two geographic positions are the same, the data decryption module decrypts the stored text data by using the quantum key and sends the decrypted text data to the data reading equipment.
9. An electronic device comprising a memory and a processor, the memory having stored thereon a computer program capable of being loaded by the processor and performing the text encryption method of claim 8.
10. A computer-readable storage medium, characterized in that a computer program is stored that can be loaded by a processor and that performs the text encryption method as claimed in claim 8.
CN202310677926.3A 2023-06-09 2023-06-09 Text encryption system and method Pending CN116432241A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310677926.3A CN116432241A (en) 2023-06-09 2023-06-09 Text encryption system and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310677926.3A CN116432241A (en) 2023-06-09 2023-06-09 Text encryption system and method

Publications (1)

Publication Number Publication Date
CN116432241A true CN116432241A (en) 2023-07-14

Family

ID=87083600

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310677926.3A Pending CN116432241A (en) 2023-06-09 2023-06-09 Text encryption system and method

Country Status (1)

Country Link
CN (1) CN116432241A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117633829A (en) * 2023-11-21 2024-03-01 北京智城联合科技发展有限公司 Urban security data password encryption method and system

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015062378A1 (en) * 2013-10-31 2015-05-07 北京奇虎科技有限公司 User registration method, mobile terminal and server of client application program
CN109117674A (en) * 2018-09-25 2019-01-01 深圳市元征科技股份有限公司 A kind of client validation encryption method, system, equipment and computer media
CN111817858A (en) * 2020-07-27 2020-10-23 北京金仓幸福科技有限公司 Block chain data security method based on multiple signatures
CN112329042A (en) * 2020-11-17 2021-02-05 季速漫 Big data secure storage system and method
CN113469698A (en) * 2021-06-30 2021-10-01 深圳市商汤科技有限公司 Registration method, system, electronic device and storage medium
CN114157451A (en) * 2021-11-11 2022-03-08 广东石油化工学院 Internet of things equipment identity authentication method, device and system and storage medium

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015062378A1 (en) * 2013-10-31 2015-05-07 北京奇虎科技有限公司 User registration method, mobile terminal and server of client application program
CN109117674A (en) * 2018-09-25 2019-01-01 深圳市元征科技股份有限公司 A kind of client validation encryption method, system, equipment and computer media
CN111817858A (en) * 2020-07-27 2020-10-23 北京金仓幸福科技有限公司 Block chain data security method based on multiple signatures
CN112329042A (en) * 2020-11-17 2021-02-05 季速漫 Big data secure storage system and method
CN113469698A (en) * 2021-06-30 2021-10-01 深圳市商汤科技有限公司 Registration method, system, electronic device and storage medium
CN114157451A (en) * 2021-11-11 2022-03-08 广东石油化工学院 Internet of things equipment identity authentication method, device and system and storage medium

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
王顺: "网络空间安全技术", 机械工业出版社, pages: 2 - 3 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117633829A (en) * 2023-11-21 2024-03-01 北京智城联合科技发展有限公司 Urban security data password encryption method and system

Similar Documents

Publication Publication Date Title
US9432346B2 (en) Protocol for controlling access to encryption keys
JP4866863B2 (en) Security code generation method and user device
US20170171183A1 (en) Authentication of access request of a device and protecting confidential information
CN110990827A (en) Identity information verification method, server and storage medium
CN101515319B (en) Cipher key processing method, cipher key cryptography service system and cipher key consultation method
CN110059458B (en) User password encryption authentication method, device and system
CN107920052B (en) Encryption method and intelligent device
WO2016014120A1 (en) Device authentication agent
WO2021190197A1 (en) Method and apparatus for authenticating biometric payment device, computer device and storage medium
CN107918731A (en) Method and apparatus for controlling the authority to access to open interface
CN111740995B (en) Authorization authentication method and related device
CN114692218A (en) Electronic signature method, equipment and system for individual user
CN104579680B (en) A kind of method of secure distribution seed
CN110493177B (en) Method and system for quantum communication service station AKA key negotiation based on asymmetric key pool pair and serial number
CN107453880A (en) A cloud data security storage method and system
CN115859267A (en) Method for safely starting application program, storage control chip and electronic equipment
CN105657699A (en) Safe data transmission method
JP2010231404A (en) System, method, and program for managing secret information
CN112241527B (en) Secret key generation method and system of terminal equipment of Internet of things and electronic equipment
CN102135944A (en) Method for safe data storage in mobile communication equipment
CN116432241A (en) Text encryption system and method
CN114240428A (en) Data transmission method and device, data transaction terminal and data supplier
JP6701011B2 (en) Terminal registration method and terminal registration system
CN111934862B (en) Server access method and device, readable medium and electronic equipment
CN107919958A (en) A kind of processing method of data encryption, device and equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20230714

RJ01 Rejection of invention patent application after publication