CN102710601B - Secure Encryption and Signature Method Based on Identity File - Google Patents
Secure Encryption and Signature Method Based on Identity File Download PDFInfo
- Publication number
- CN102710601B CN102710601B CN201210132720.4A CN201210132720A CN102710601B CN 102710601 B CN102710601 B CN 102710601B CN 201210132720 A CN201210132720 A CN 201210132720A CN 102710601 B CN102710601 B CN 102710601B
- Authority
- CN
- China
- Prior art keywords
- file
- identity
- information
- client
- encryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000000034 method Methods 0.000 title claims abstract description 28
- 238000012795 verification Methods 0.000 claims description 6
- 238000012545 processing Methods 0.000 claims description 5
- 238000004891 communication Methods 0.000 abstract description 3
- 238000010586 diagram Methods 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Landscapes
- Information Transfer Between Computers (AREA)
- Storage Device Security (AREA)
Abstract
本发明公开了一种基于身份文件的安全加密和签名方法,其步骤包括:获取客户端的基本设置的配置信息和高级加密标准设置的配置信息;在服务器端注册并申请一个适用于邮箱的身份文件;客户端下载并获取所述身份文件的数据信息;获取在客户端选择的需要执行的任务种类信息;根据身份文件的信息,客户端对文件进行加密或解密处理。本发明所述的基于身份文件的安全加密和签名方法,可以帮助用户保护重要数据从而不被查看或修改,并可在本不安全的信道上实现安全通信;同时,还可以防止以用户名义接发信息后加以否认的行为。
The invention discloses a security encryption and signature method based on an identity file, the steps of which include: obtaining the configuration information of the basic setting of the client and the configuration information of the advanced encryption standard setting; registering at the server and applying for an identity file suitable for a mailbox ; The client downloads and obtains the data information of the identity file; obtains the type of task selected on the client to be executed; according to the information of the identity file, the client encrypts or decrypts the file. The secure encryption and signature method based on identity files described in the present invention can help users protect important data from being viewed or modified, and can realize secure communication on an insecure channel; at the same time, it can also prevent users from accessing The act of denying after sending a message.
Description
技术领域 technical field
本发明涉及了一种软件系统,尤其涉及了一种基于身份文件的安全加密和签名方法。 The invention relates to a software system, in particular to a security encryption and signature method based on an identity file.
背景技术 Background technique
今年来,随着互联网的高速发展,人们开始越来越多、越来越深入的了解和学习互联网知识,网络在提供人们便利的同时,却存在很多的安全隐患,人们的发送的文件和信息常常会遭到泄露和窃取,给人们的生活、学习和工作带来了很大的不便。 This year, with the rapid development of the Internet, people began to understand and learn Internet knowledge more and more deeply. While the Internet provides people with convenience, there are many security risks. The files and information people send It is often leaked and stolen, which brings great inconvenience to people's life, study and work.
虽然目前文件的加解密方式有很多种,但是这些方法的安全系数不高,在不安全信道上进行文件传输,仍然存在被人修改和盗取的可能性,所以人们需要更符合要求的问价加解密系统。 Although there are many ways of encrypting and decrypting files at present, these methods are not highly secure, and there is still the possibility of being modified and stolen when transferring files on an insecure channel, so people need a price that meets the requirements more Encryption and decryption system.
发明内容 Contents of the invention
本发明主要是针对现有技术的不足,提供了一种安全性高、操作简单的基于身份文件的安全加密和签名方法。 The invention mainly aims at the deficiencies of the prior art, and provides a secure encryption and signature method based on identity files with high security and simple operation.
为了实现上述目的,本发明提供以下技术方案: In order to achieve the above object, the present invention provides the following technical solutions:
一种基于身份文件的安全加密和签名方法,其步骤包括: A security encryption and signature method based on an identity file, the steps of which include:
获取客户端的基本设置的配置信息和高级加密标准设置的配置信息; Obtain the configuration information of the basic settings of the client and the configuration information of the Advanced Encryption Standard settings;
在服务器端注册并申请一个适用于邮箱的身份文件; Register on the server side and apply for an identity document suitable for the mailbox;
客户端下载并获取所述身份文件的数据信息; The client downloads and obtains the data information of the identity file;
获取在客户端选择的需要执行的任务种类信息; Obtain information on the types of tasks that need to be performed selected on the client side;
根据身份文件的信息,客户端对文件进行加密或解密处理。 According to the information of the identity file, the client encrypts or decrypts the file.
作为本发明的一优选实施例,所述基本设置的配置信息包括采用了安全散列算法的验证算法的种类。 As a preferred embodiment of the present invention, the configuration information of the basic settings includes the type of authentication algorithm using a secure hash algorithm.
作为本发明的一优选实施例,所述高级加密标准设置的配置信息包括密钥长度和操作模式。 As a preferred embodiment of the present invention, the configuration information set by the Advanced Encryption Standard includes key length and operation mode.
作为本发明的一优选实施例,所述任务种类包括加密文件并签名和解密文件并验证签名。 As a preferred embodiment of the present invention, the task category includes encrypting files and signing and decrypting files and verifying signatures.
作为本发明的一优选实施例,所述在服务器端注册并申请一个适用于邮箱的身份文件的具体步骤包括: As a preferred embodiment of the present invention, the specific steps of registering on the server side and applying for an identity file suitable for a mailbox include:
服务器端获取注册表单中用户名、密码、电子邮件、验证码的信息和用户许可协议的同意信息; The server obtains the user name, password, email, verification code information and the consent information of the user license agreement in the registration form;
进行服务器端的注册处理; Perform server-side registration processing;
在注册成功后,重定向至服务器端登录界面; After successful registration, redirect to the server-side login interface;
服务器端获取和验证登录信息,并进行登录; The server obtains and verifies the login information, and performs login;
登录成功后,服务器端获取并验证身份文件的申请信息; After successful login, the server obtains and verifies the application information of the identity document;
服务器端对申请信息进行处理,并生成身份文件; The server side processes the application information and generates identity documents;
服务器端向客户端发送申请提示信息。 The server sends an application prompt message to the client.
作为本发明的一优选实施例,所述根据身份文件的信息,客户端对文件进行加密或解密处理的具体步骤包括: As a preferred embodiment of the present invention, the specific steps for the client to encrypt or decrypt the file according to the information of the identity file include:
如果选择加密文件并签名,客户端获取需要加密的文件; If you choose to encrypt the file and sign it, the client gets the file that needs to be encrypted;
客户端获取接收者的电子邮件、加密方法、保存路径和数字签名信息; The client obtains the recipient's email, encryption method, storage path and digital signature information;
客户端获取相应的身份文件信息; The client obtains the corresponding identity file information;
客户端对所述文件进行加密处理; The client encrypts the file;
如果选择解密文件并验证签名,客户端获取要解密的密文文件; If you choose to decrypt the file and verify the signature, the client gets the ciphertext file to be decrypted;
客户端获取并验证身份文件的信息; The client obtains and verifies the information of the identity file;
判断密文文件是否包含数字签名,若包含数字签名,对密文文件进行验证; Determine whether the ciphertext file contains a digital signature, and if it contains a digital signature, verify the ciphertext file;
获取密文文件的保存位置,并对密文文件进行解密处理。 Obtain the storage location of the ciphertext file, and decrypt the ciphertext file.
作为本发明的一优选实施例,所述加密方法包括高级加密标准和流式加密算法。 As a preferred embodiment of the present invention, the encryption method includes Advanced Encryption Standard and Stream Encryption Algorithm.
从上述技术方案可以看出,本发明所述的基于身份文件的安全加密和签名方法,可以帮助用户保护重要数据从而不被查看或修改,并可在本不安全的信道上实现安全通信;同时,还可以防止以用户名义接发信息后加以否认的行为。 It can be seen from the above technical solutions that the secure encryption and signature method based on identity files described in the present invention can help users protect important data from being viewed or modified, and can realize secure communication on an insecure channel; at the same time , It can also prevent the behavior of denying after sending and receiving information in the name of the user.
附图说明 Description of drawings
图1是本发明基于身份文件的安全加密和签名方法一较佳实施例的结构示意图。 Fig. 1 is a schematic structural diagram of a preferred embodiment of the security encryption and signature method based on the identity file of the present invention.
具体实施方式 Detailed ways
下面结合附图对本发明的较佳实施例进行详细阐述,以使本发明的优点和特征能更易于被本领域技术人员理解,从而对本发明的保护范围做出更为清楚明确的界定。 The preferred embodiments of the present invention will be described in detail below in conjunction with the accompanying drawings, so that the advantages and features of the present invention can be more easily understood by those skilled in the art, so as to define the protection scope of the present invention more clearly.
参阅图1,图1是本发明基于身份文件的安全加密和签名方法一较佳实施例的结构示意图。 Referring to Fig. 1, Fig. 1 is a structural schematic diagram of a preferred embodiment of the security encryption and signature method based on the identity file of the present invention.
一种基于身份文件的安全加密和签名方法,其步骤包括:获取客户端的基本设置的配置信息和高级加密标准设置的配置信息;在服务器端注册并申请一个适用于邮箱的身份文件;客户端下载并获取所述身份文件的数据信息;获取在客户端选择的需要执行的任务种类信息;根据身份文件的信息,客户端对文件进行加密或解密处理。 A secure encryption and signature method based on an identity file, the steps of which include: obtaining the configuration information of the basic settings of the client and the configuration information of the Advanced Encryption Standard setting; registering and applying for an identity file suitable for a mailbox at the server; downloading the And obtain the data information of the identity file; obtain the type information of the task selected by the client to be executed; according to the information of the identity file, the client encrypts or decrypts the file.
所述基本设置的配置信息包括采用了安全散列算法的验证算法的种类,安全散列算法(Secure Hash Algorithm)是一种能计算出一个数字消息所对应到的,长度固定的字符串(又称消息摘要)的算法,这样可以依照人们不同的需求,选择不同的验证算法,方便人们的使用。 The configuration information of the basic settings includes the type of verification algorithm using the secure hash algorithm. The secure hash algorithm (Secure Hash Algorithm) is a character string (also Called message digest) algorithm, so that different verification algorithms can be selected according to different needs of people, which is convenient for people to use.
所述高级加密标准设置的配置信息包括密钥长度和操作模式。 The configuration information set by the Advanced Encryption Standard includes key length and operation mode.
所述任务种类包括加密文件并签名和解密文件并验证签名,将文件的加密和解密处理分开,更方便了人们的选择和使用。 The task types include encrypting files and signing and decrypting files and verifying signatures, and the encryption and decryption processing of files are separated, which is more convenient for people to choose and use.
所述在服务器端注册并申请一个适用于邮箱的身份文件的具体步骤包括:服务器端获取注册表单中用户名、密码、电子邮件、验证码的信息和用户 The specific steps of registering on the server side and applying for an identity file suitable for a mailbox include: the server side obtains the information of the user name, password, email, verification code and user ID in the registration form.
许可协议的同意信息;进行服务器端的注册处理;在注册成功后,重定向至服务器端登录界面;服务器端获取和验证登录信息,并进行登录;登录成功后,服务器端获取并验证身份文件的申请信息;服务器端对申请信息进行处理,并生成身份文件;服务器端向客户端发送申请提示信息。这样可以使得申请得到的身份文件更加安全,防止在传输图中被人截获和修改。 The consent information of the license agreement; perform server-side registration processing; after successful registration, redirect to the server-side login interface; the server-side obtains and verifies the login information, and logs in; after the login is successful, the server-side obtains and verifies the application for identity documents information; the server processes the application information and generates an identity document; the server sends an application prompt message to the client. In this way, the identity documents obtained through the application can be more secure, and can be prevented from being intercepted and modified in the transmission diagram.
所述根据身份文件的信息,客户端对文件进行加密或解密处理的具体步骤包括: According to the information of the identity file, the specific steps for the client to encrypt or decrypt the file include:
如果选择加密文件并签名,客户端获取需要加密的文件;客户端获取接收者的电子邮件、加密方法、保存路径和数字签名信息;客户端获取相应的身份文件信息;客户端对所述文件进行加密处理。 If you choose to encrypt the file and sign it, the client obtains the file to be encrypted; the client obtains the recipient’s email, encryption method, storage path and digital signature information; the client obtains the corresponding identity file information; Encryption processing.
如果选择解密文件并验证签名,客户端获取要解密的密文文件;客户端获取并验证身份文件的信息;判断密文文件是否包含数字签名,若包含数字签名,对密文文件进行验证;获取密文文件的保存位置,并对密文文件进行解密处理。 If you choose to decrypt the file and verify the signature, the client obtains the ciphertext file to be decrypted; the client obtains and verifies the information of the identity file; judges whether the ciphertext file contains a digital signature, and if it contains a digital signature, verifies the ciphertext file; obtains The storage location of the ciphertext file, and decrypt the ciphertext file.
通过数字签名,文件的完整性是很容易验证的,同时也保证了别人不能冒用您的身份发送文件。 Through the digital signature, the integrity of the file is easily verified, and it also ensures that others cannot send files with your identity.
所述加密方法包括高级加密标准和流式加密算法。 The encryption methods include Advanced Encryption Standard and Stream Encryption Algorithm.
本发明所述的基于身份文件的安全加密和签名方法,可以帮助用户保护重要数据从而不被查看或修改,并可在本不安全的信道上实现安全通信;同时,还可以防止以用户名义接发信息后加以否认的行为。 The secure encryption and signature method based on identity files described in the present invention can help users protect important data from being viewed or modified, and can realize secure communication on an insecure channel; at the same time, it can also prevent users from accessing The act of denying after sending a message.
以上所述,仅为本发明优选实施例的具体实施方式,但本发明的保护范围并不局限于此,任何熟悉本领域的技术人员在本发明所揭露的技术范围内,可不经过创造性劳动想到的变化或替换,都应涵盖在本发明的保护范围之内。 The above is only the specific implementation of the preferred embodiment of the present invention, but the scope of protection of the present invention is not limited thereto, any person familiar with the art within the technical scope disclosed in the present invention can think of Any changes or substitutions should fall within the protection scope of the present invention.
Claims (6)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210132720.4A CN102710601B (en) | 2012-05-03 | 2012-05-03 | Secure Encryption and Signature Method Based on Identity File |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210132720.4A CN102710601B (en) | 2012-05-03 | 2012-05-03 | Secure Encryption and Signature Method Based on Identity File |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102710601A CN102710601A (en) | 2012-10-03 |
| CN102710601B true CN102710601B (en) | 2015-07-22 |
Family
ID=46903157
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210132720.4A Expired - Fee Related CN102710601B (en) | 2012-05-03 | 2012-05-03 | Secure Encryption and Signature Method Based on Identity File |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102710601B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104618120B (en) * | 2015-03-04 | 2018-01-23 | 青岛微智慧信息有限公司 | A kind of mobile terminal key escrow digital signature method |
| CN109729088B (en) * | 2018-12-29 | 2022-01-25 | 广东盈世计算机科技有限公司 | Mail processing method |
| CN109756343B (en) * | 2019-01-31 | 2021-07-20 | 平安科技(深圳)有限公司 | Authentication method and device for digital signature, computer equipment and storage medium |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1602601A (en) * | 2001-10-12 | 2005-03-30 | Geo信托有限公司 | Methods and systems for automated authentication, processing and issuance of digital certificates |
| CN1835434A (en) * | 2006-04-10 | 2006-09-20 | 北京易恒信认证科技有限公司 | Electronic mail system and method based on CPK safety authentication |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7395430B2 (en) * | 2001-08-28 | 2008-07-01 | International Business Machines Corporation | Secure authentication using digital certificates |
-
2012
- 2012-05-03 CN CN201210132720.4A patent/CN102710601B/en not_active Expired - Fee Related
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1602601A (en) * | 2001-10-12 | 2005-03-30 | Geo信托有限公司 | Methods and systems for automated authentication, processing and issuance of digital certificates |
| CN1835434A (en) * | 2006-04-10 | 2006-09-20 | 北京易恒信认证科技有限公司 | Electronic mail system and method based on CPK safety authentication |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102710601A (en) | 2012-10-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10652015B2 (en) | Confidential communication management | |
| CN109067524B (en) | Public and private key pair generation method and system | |
| JP6528008B2 (en) | Personal Device Security Using Elliptic Curve Cryptography for Secret Sharing | |
| CN103995991B (en) | Method for binding hardware information and secret keys in software copyright protection | |
| KR101010040B1 (en) | Method for encrypting and decrypting files, apparatus, program, and computer-readable recording medium recording the program | |
| JP4907895B2 (en) | Method and system for recovering password-protected private data over a communication network without exposing the private data | |
| WO2019020051A1 (en) | Method and apparatus for security authentication | |
| CN103516516B (en) | file security sharing method, system | |
| CN101977190B (en) | Digital content encryption transmission method and server side | |
| CN103095847B (en) | Cloud storage safety-ensuring method and system thereof | |
| CN104506515A (en) | Firmware protection method and firmware protection device | |
| CA2551113A1 (en) | Authentication system for networked computer applications | |
| CN103179086A (en) | Method and system for remote storing processing of data | |
| US9202023B2 (en) | Digital rights management method | |
| WO2013139079A1 (en) | Storage method, system and device | |
| CN106850566B (en) | Method and device for verifying data consistency | |
| CN101621794A (en) | Method for realizing safe authentication of wireless application service system | |
| CN110955918A (en) | A contract text protection method based on RSA encryption sha-256 digital signature | |
| CN102055685B (en) | Method for encrypting webmail information | |
| CN105791258A (en) | A data transmission method, terminal and open platform | |
| CN103237011A (en) | Digital-content encryption transmission method and server side | |
| CN102710601B (en) | Secure Encryption and Signature Method Based on Identity File | |
| CN105022962A (en) | Encryption protection method of network hard disk data content | |
| Hussien et al. | Scheme for ensuring data security on cloud data storage in a semi-trusted third party auditor | |
| CN108199830A (en) | Based on the legal method of the stringent management and control Android application programs of certificate |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20150722 Termination date: 20210503 |