File encrypting method in conjunction with cryptographic hashTechnical field
The present invention relates to file encryption, particularly, relate to file encrypting method in conjunction with cryptographic hash.
Background technology
Along with modern science and technology development at full speed day by day, people are more and more stronger to the dependence of network, and the powerful network system has also been brought the danger of leakage of personal information aspect when data sharing is provided.Society has also promoted the generation of various forms of cryptographic algorithm to the active demand of information privacy, and DES wherein (Data Encode Standard) is the most ripe at present cryptographic algorithm.DES is by IBM invention, and (National Bureau of Standard, NBS) approval be the government standard of non-confidential data, and is used in a large number in financial and government-works very soon by the Bureau of Standards of US Department of Commerce belonging country in 1977.
Although it is foolproof that DES is considered to, along with how much level growths of the operational speed of a computer, Brute-Force (brute force attack) can crack this algorithm easily.In January, 1999, the RSA data security session, EEF is only with just finishing the challenge of being initiated by RSA company that cracks to DES in 22 hours 15 minutes.It is found that 64 DES has not reached the requirement of present encryption far away, so scientists is just used 128 3DES encryption technology, the author introduces another kind of DES and the algorithm that combines of time parameter with 64 here, also can successfully resist the attack of Brute-Force.
Summary of the invention
At defective of the prior art, the purpose of this invention is to provide a kind of file encrypting method in conjunction with cryptographic hash.
According to an aspect of the present invention, provide file encrypting method, it is characterized in that, comprise the steps: steps A: receive first file identification information in conjunction with cryptographic hash; Step B: determine some text files according to described first file identification information; Step C: generate key, wherein, described key comprises User Defined data, check bit and Hash data, and wherein, described Hash data are used to put down in writing first cryptographic hash of described User Defined data; Step D: second cryptographic hash that generates described first key; Step e: write described second cryptographic hash at described text file end and generate file destination; Step F: use described key that described file destination is encrypted the acquisition cryptograph files.
Preferably, also comprise the steps: step G: receive second file identification information; Step H: determine some described cryptograph files according to described second file identification information; Step I: judge whether the cryptographic hash that the Hash data of described key are put down in writing is identical with described first cryptographic hash; Step J:, then use described key that described cryptograph files is decrypted and obtain described file destination if the cryptographic hash that the Hash data of described key are put down in writing is identical with described first cryptographic hash; Step K: whether the cryptographic hash of judging original text end of file in the described file destination is identical with described second cryptographic hash; Step L:, then export described text file if the cryptographic hash of original text end of file is identical with described second cryptographic hash in the described file destination.
Preferably, also comprise the steps: step J ': if cryptographic hash and described first cryptographic hash that the Hash data of described key are put down in writing are inequality, then output error information; Step L ': if the cryptographic hash and described second cryptographic hash of original text end of file are inequality in the described file destination, then output error information.
Preferably, described key is 64, and wherein, described User Defined data account for 36, and check bit accounts for 8, and the Hash data account for 20.
Preferably, described key is 64, and wherein, described User Defined data account for 24, and check bit accounts for 8, and the Hash data account for 32.
Preferably, described first file identification information comprises first asterisk wildcard, described step B comprises the steps: step B1: the file of filename and described first asterisk wildcard coupling is defined as described text file, and described second file identification information comprises second asterisk wildcard.Described step H comprises the steps: step H1: the file of filename and described second asterisk wildcard coupling is defined as described cryptograph files.
Preferably, in step F, adopt symmetric encipherment algorithm to encrypt.
Preferably, in step F, adopt the DES algorithm to encrypt.
The present invention verifies by checking first cryptographic hash corresponding with the User Defined data and with corresponding second cryptographic hash of key whether encrypt file is modified, and has improved the difficulty that cracks of existing symmetric cryptosystem.And the present invention can realize batch processing to file encryption/decryption by asterisk wildcard.
Embodiment
File encrypting method in conjunction with cryptographic hash provided by the invention comprises the steps: steps A: receive first file identification information; Step B: determine some text files according to described first file identification information; Step C: generate key, wherein, described key comprises User Defined data, check bit and Hash data, and wherein, described Hash data are used to put down in writing first cryptographic hash of described User Defined data; Step D: second cryptographic hash that generates described first key; Step e: write described second cryptographic hash at described text file end and generate file destination; Step F: use described key that described file destination is encrypted the acquisition cryptograph files.
Described steps A to step F has realized the encryption to file, next passes through step G to the deciphering of step L realization to file.
More specifically, described file encrypting method in conjunction with cryptographic hash also comprises the steps: step G: receive second file identification information; Step H: determine some described cryptograph files according to described second file identification information; Step I: judge whether the cryptographic hash that the Hash data of described key are put down in writing is identical with described first cryptographic hash; Step J:, then use described key that described cryptograph files is decrypted and obtain described file destination if the cryptographic hash that the Hash data of described key are put down in writing is identical with described first cryptographic hash; Step K: whether the cryptographic hash of judging original text end of file in the described file destination is identical with described second cryptographic hash; Step L:, then export described text file if the cryptographic hash of original text end of file is identical with described second cryptographic hash in the described file destination.
Preferably, described file encrypting method in conjunction with cryptographic hash also comprises the steps: step J ': if cryptographic hash and described first cryptographic hash that the Hash data of described key are put down in writing are inequality, and then output error information; Step L ': if the cryptographic hash and described second cryptographic hash of original text end of file are inequality in the described file destination, then output error information.
Preferably, described key is 64, and wherein, described User Defined data account for 36, and check bit accounts for 8, and the Hash data account for 20.Preferably, described key is 64, and wherein, described User Defined data account for 24, and check bit accounts for 8, and the Hash data account for 32.
Preferably, described first file identification information comprises first asterisk wildcard, described step B comprises the steps: step B1: the file of filename and described first asterisk wildcard coupling is defined as described text file, and described second file identification information comprises second asterisk wildcard.Described step H comprises the steps: step H1: the file of filename and described second asterisk wildcard coupling is defined as described cryptograph files.
Preferably, in step F, adopt symmetric encipherment algorithm to encrypt.Preferably, in step F, adopt the DES algorithm to encrypt.
More than specific embodiments of the invention are described.It will be appreciated that the present invention is not limited to above-mentioned specific implementations, those skilled in the art can make various distortion or modification within the scope of the claims, and this does not influence flesh and blood of the present invention.