CN112187448B - Data encryption method and system - Google Patents
Data encryption method and systemDownload PDFInfo
- Publication number
- CN112187448B CN112187448BCN201910584441.3ACN201910584441ACN112187448BCN 112187448 BCN112187448 BCN 112187448BCN 201910584441 ACN201910584441 ACN 201910584441ACN 112187448 BCN112187448 BCN 112187448B
- Authority
- CN
- China
- Prior art keywords
- data
- encryption
- key
- encrypted
- quantum
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
- H04L9/0858—Details about key distillation or coding, e.g. reconciliation, error correction, privacy amplification, polarisation coding or phase coding
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0822—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Software Systems (AREA)
- Health & Medical Sciences (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Electromagnetism (AREA)
- Storage Device Security (AREA)
Abstract
Description
Technical Field
The present invention relates to a data processing method and device, and more particularly, to a data encryption method and system.
Background
In order to solve the problem of secure storage of data in a database, the invention patent cn201711205844.X discloses an encrypted database based on a quantum key distribution technology; fig. 1 is a schematic flow chart of a data encryption and decryption method provided in the prior art, and as shown in fig. 1, each data segment in a database is encrypted into ciphertext data using an independent key: the method comprises the following steps: step 1: generating a data characteristic value: the data feature processing device sends an encryption storage request containing the data to be stored and the data feature value to the data encryption and decryption control device to wait for a data storage result; and 2, step: sending a key distribution request: the data encryption and decryption control device receives the data encryption and storage request and sends a key distribution request containing the data characteristic value to the key encryption and decryption control device; and step 3: storing a data characteristic value: the key encryption and decryption control device receives the key distribution request and controls the first quantum key distribution device and the second quantum key distribution device to provide a pair of same quantum keys; the key encryption and decryption control device generates a unique mark ID; the key encryption and decryption control device stores the content containing the data characteristic value and the mark ID into the data characteristic value storage device; and 4, step 4: storage data encryption key: the key encryption and decryption control device acquires a quantum key from the second quantum key distribution device, wherein the quantum key is a data encryption key; the key encryption and decryption control device stores the content containing the tag ID and the data encryption key into the data encryption and decryption key storage device; the key encryption and decryption control device sends a key distribution response containing the tag ID to the data encryption and decryption control device; and 5: encrypting and storing data: the data encryption and decryption control device receives the key distribution response and obtains the same quantum key from the first quantum key distribution device, wherein the quantum key is the data encryption key; the data encryption and decryption control device encrypts data to be stored to generate ciphertext data; the data encryption and decryption control device stores the contents including the tag ID and the ciphertext data into the ciphertext data storage device; and the data encryption and decryption control device returns a data storage result.
However, in the prior art, a quantum key is used as an encryption key of data, and the encryption key is also encrypted and transmitted by using the quantum key, so that the prior art has a large demand on the quantum key. Data encryption efficiency can be reduced if the amount of quantum keys required for the data to be encrypted exceeds the amount of quantum keys that can be provided by the device for data encryption. Therefore, the technical problem of insufficient quantum key quantity for encrypting the data to be encrypted exists in the prior art.
Disclosure of Invention
The invention aims to provide a data encryption method and a data encryption system so as to improve the quantum key amount of data to be encrypted.
The invention solves the technical problems through the following technical scheme: the embodiment of the invention provides a data encryption method, which is applied to a data encryption storage module in a quantum encryption database system, and comprises the following steps:
inputting data to be encrypted, and generating a data index value of the data to be encrypted;
generating a quantum random number;
encrypting the data to be encrypted by taking the quantum random number as an encryption key;
storing the encrypted data to be encrypted;
quantum keys are generated in a data encryption storage module and a key encryption storage module by using a quantum key distribution technology, a data index value of the data to be encrypted and the encryption key are encrypted by using the quantum keys through a classical encryption algorithm, and the encrypted encryption key and the data index value are sent to a key encryption storage module so that the key encryption storage module stores the encryption key and the data index value.
Optionally, the encrypting the data to be encrypted by using the quantum random number as an encryption key includes:
judging whether the data volume of the data to be encrypted is larger than a first preset threshold value or not;
if so, encrypting the data to be encrypted with the data volume of a second preset threshold value by using the quantum random number as an encryption key, wherein the second preset threshold value is larger than the first preset threshold value;
and if not, encrypting the data to be encrypted by taking the quantum random number with the same character length as the data to be encrypted as an encryption key.
The embodiment of the invention also provides a data encryption method, which is applied to a key encryption storage module in a quantum encryption database system, and the method comprises the following steps:
receiving an encrypted data index value and the encryption key which are sent by a data encryption storage module in the quantum encryption database system, wherein the encryption key is a quantum random number sent by the data encryption storage module in the quantum encryption database system;
decrypting the data index value and the encryption key by using a quantum key obtained by a quantum key distribution technology through a classical decryption algorithm, and encrypting the encryption key by using a root key;
the data index value is stored along with the encryption key encrypted using the root key.
An embodiment of the present invention further provides a data encryption system, where the system includes: a data encryption storage module and a key encryption storage module, wherein,
the data encryption storage module comprises: the device comprises a data encryption and decryption device, and a data index generation device, a quantum random number generation device, a data storage device and a first quantum key distribution device which are respectively in communication connection with the data encryption and decryption device, wherein the data index generation device is used for generating a data index value of data to be encrypted; quantum random number generating means for generating quantum random numbers; the data encryption and decryption device is used for encrypting the data to be encrypted by taking the quantum random number as an encryption key; generating a quantum key at a data encryption storage module and a key encryption storage module by using a quantum key distribution technology, encrypting a data index value of the data to be encrypted and the encryption key by using the quantum key through a classical encryption algorithm, and sending the encrypted encryption key and the data index value to a key encryption storage module so that the key encryption storage module stores the encryption key and the data index value; the data storage device is used for storing the data index value and the encrypted data to be encrypted;
the key encryption storage module comprises: the system comprises a key encryption and decryption device, a key storage device and a second quantum key distribution device, wherein the key storage device and the second quantum key distribution device are respectively in communication connection with the key encryption and decryption device, the key encryption and decryption device is used for receiving the encrypted data index value and the encrypted key which are sent by the data encryption storage module, decrypting the data index value and the encrypted key by using a quantum key obtained by using a quantum key distribution technology through a classical decryption algorithm, and encrypting the encrypted key by using a root key; the key storage device is used for storing the data index value and an encryption key encrypted by using a root key;
the first quantum key distribution device and the second quantum key distribution device are used for generating a pair of quantum keys in the data encryption storage module and the key encryption storage module by using a quantum key distribution technology.
Optionally, the data encryption and decryption apparatus is further configured to:
judging whether the data volume of the data to be encrypted is larger than a first preset threshold value or not;
if so, encrypting the data to be encrypted with the data volume of a second preset threshold value by using the quantum random number as an encryption key, wherein the second preset threshold value is larger than the first preset threshold value;
if not, the quantum random number with the character length equal to that of the data to be encrypted is used as an encryption key to encrypt the data to be encrypted.
Optionally, the data to be encrypted is composed of multiple lines of data, and the second preset threshold is:
the sum of the data amounts of the data to be encrypted of at least one line.
Optionally, the root key is a hardware root key.
Optionally, the classical encryption algorithm includes: a symmetric encryption algorithm.
Optionally, the data index generating device is configured to generate a data index value of the data to be encrypted by using an irreversible algorithm.
Optionally, the irreversible algorithm includes: and (4) carrying out a hash algorithm.
Compared with the prior art, the invention has the following advantages:
by applying the embodiment of the invention, the quantum true random number generated by the quantum random number generator is used as the database data segment encryption key, the generation rate of the quantum random number generator key can reach Gbps magnitude, and the requirement of large key amount for large data encryption can be met.
Drawings
Fig. 1 is a schematic flow chart of a data encryption and decryption method provided in the prior art;
fig. 2 is a schematic structural diagram of a data encryption system according to an embodiment of the present invention;
fig. 3 is a schematic flow chart of a data encryption method according to an embodiment of the present invention;
fig. 4 is a comparison diagram of plaintext data, encrypted key data, and encrypted ciphertext data according to an embodiment of the present invention.
Detailed Description
The following examples are given for the detailed implementation and the specific operation procedures, but the scope of the present invention is not limited to the following examples.
Example 1
Fig. 2 is a schematic structural diagram of a data encryption system according to an embodiment of the present invention, and as shown in fig. 2, the system includes: a data encryption storage module and a key encryption storage module, wherein,
the data encryption storage module comprises: the device comprises a data encryption and decryption device, and a data index generation device, a quantum random number generation device, a data storage device and a first quantum key distribution device which are respectively in communication connection with the data encryption and decryption device, wherein the data index generation device is used for generating a data index value of data to be encrypted; quantum random number generating means for generating quantum random numbers; the data encryption and decryption device is used for judging whether the data volume of the data to be encrypted is larger than a first preset threshold value or not; if so, encrypting the data to be encrypted with the data volume of a second preset threshold value by using the quantum random number as an encryption key, wherein the second preset threshold value is larger than the first preset threshold value; if not, encrypting the data to be encrypted by taking the quantum random number with the same character length as the data to be encrypted as an encryption key; encrypting the data to be encrypted by using the quantum random number as an encryption key; generating a quantum key at a data encryption storage module and a key encryption storage module by using a quantum key distribution technology, encrypting a data index value of the data to be encrypted and the encryption key by using the quantum key through a classical encryption algorithm, and sending the encrypted encryption key and the data index value to a key encryption storage module so that the key encryption storage module stores the encryption key and the data index value; the classical encryption algorithm comprises: a symmetric encryption algorithm; sending the data index value of the data to be encrypted and the encryption key to a key encryption storage module in the quantum encryption database system so that the key encryption storage module stores the encryption key; the data storage device is used for storing the data index value and the encrypted data to be encrypted;
the key encryption storage module comprises: the system comprises a key encryption and decryption device, a key storage device and a second quantum key distribution device, wherein the key storage device and the second quantum key distribution device are respectively in communication connection with the key encryption and decryption device, the key encryption and decryption device is used for receiving an encrypted data index value and an encrypted key which are sent by the data encryption storage module, decrypting the data index value and the encrypted key by using a classical decryption algorithm through a quantum key obtained by using a quantum key distribution technology, and encrypting the encrypted key by using a root key; the key storage device is used for storing a data index value and an encryption key encrypted by using a root key.
The first quantum key distribution device and the second quantum key distribution device are used for generating a pair of quantum keys in the data encryption storage module and the key encryption storage module by using a quantum key distribution technology.
By applying the embodiment shown in FIG. 2 of the invention, the quantum random number generated by the quantum random number generator is used as the encryption key of the database data segment, the generation rate of the key of the quantum random number generator can reach Gbps magnitude, and the requirement of large key amount for large data encryption can be met.
Example 2
It is first emphasized that the embodiments of the present invention provide a data encryption method, which is preferably applied to a data encryption storage module in a quantum encryption database system.
Fig. 3 is a schematic flow chart of a data encryption method according to an embodiment of the present invention, as shown in fig. 3, the method includes:
s301: inputting data to be encrypted, and generating a data index value of the data to be encrypted.
Specifically, in this step, the data index generating device receives the data to be encrypted, or obtains the data to be encrypted from the database, and processes the data to be encrypted by using a one-way irreversible algorithm, such as a hash algorithm, to obtain a data index value of the data to be encrypted.
In practical application, the data index generating device intercepts fields with set length from the data to be encrypted, or intercepts fields with set length from the data to be encrypted in the database as the input of a one-way irreversible algorithm, and processes the data to be encrypted by using the one-way irreversible algorithm, such as a hash algorithm, to obtain the data index value of the data to be encrypted.
S302: quantum random numbers are generated.
Specifically, the data encryption/decryption device in the data encryption memory module may use the quantum random number in the quantum random number sequence generated from the quantum random number generation device as the encryption key.
S303: and encrypting the data to be encrypted by taking the quantum random number as an encryption key.
S304: and storing the data index value and the encrypted data to be encrypted.
Fig. 4 is a comparison diagram of plaintext data, encrypted key data, and encrypted ciphertext data according to an embodiment of the present invention; as shown in fig. 4, the plaintext data is encrypted by the data encryption/decryption device and stored in the data storage device as ciphertext data.
S305: quantum keys are generated in a data encryption storage module and a key encryption storage module by using a quantum key distribution technology, a data index value of the data to be encrypted and the encryption key are encrypted by using the quantum keys through a classical encryption algorithm, and the encrypted encryption key and the data index value are sent to a key encryption storage module so that the key encryption storage module stores the encryption key and the data index value.
Specifically, a quantum key may be generated in a data encryption storage module and a key encryption storage module by using a quantum key distribution technology, the data index value of the data to be encrypted and the encryption key are encrypted by using the quantum key, and the encrypted data index value of the data to be encrypted and the encryption key are sent to a key encryption storage module in the quantum encryption database system. The key encryption and decryption device decrypts by using the quantum key after receiving the encrypted encryption key and the encrypted data index value, encrypts the encryption key by using the root key, and stores the data index value and the encrypted key into the key storage device in the key encryption storage module.
As shown in fig. 4, the data index value and the encryption key encrypted using the root key are stored in the key storage device. The plaintext data in fig. 4 corresponds to data to be encrypted, the key data corresponds to an encryption key, and the ciphertext data corresponds to encrypted data. The plaintext data is encrypted by using the key data in fig. 4 to obtain ciphertext data.
In the prior art, a quantum key distribution technique is used to generate keys, which are generated at a rate on the order of hundreds of kb per second and decay as the distance between the data encryption memory module and the key encryption memory module increases.
By applying the embodiment shown in FIG. 2 of the invention, the quantum random number generated by the quantum random number generator is used as the encryption key of the database data segment, the generation rate of the key of the quantum random number generator can reach Gbps magnitude, and the requirement of large key amount for large data encryption can be met.
In addition, in the prior art, the number of keys generated by the quantum key distribution device needs to meet the encryption requirement of each data segment in the database and the encryption transmission requirement of the keys during query, so that the requirement amount of the keys is large, and the key requirement is difficult to meet especially in large-scale data encryption application scenes such as data centers.
In a specific implementation manner of the embodiment of the present invention, in order to improve the security of data in the database, the data encryption storage module and the key encryption storage module are mutually independent devices, for example, there is no shared device or component between the data encryption storage module and the key encryption storage module, and the data encryption storage module and the key encryption storage module may be located in different cabinets in the same machine room or may be located in machine rooms in different places respectively.
Example 3
The difference between embodiment 3 of the present invention and embodiment 2 of the present invention is that in step S303, it may be determined whether the data size of the data to be encrypted is greater than a first preset threshold; if so, encrypting the data to be encrypted with the data volume of a second preset threshold value by using the quantum random number as an encryption key, wherein the second preset threshold value is larger than the first preset threshold value; and if not, encrypting the data to be encrypted by taking the quantum random number with the same character length as the data to be encrypted as an encryption key.
For example, when the data amount of the data to be encrypted is small, for example, the data amount is smaller than a first preset threshold, for example, 1kb, the data to be encrypted is encrypted by using a quantum random number string having the same length as the character length of the data to be encrypted, and this encryption manner may also be referred to as "one-time pad". When the data volume of the data to be encrypted is large, for example, the data volume of the data to be encrypted is a second preset threshold, for example, 2.3kb, the encryption key is directly used for encryption, for example, 150kb of data to be encrypted can be encrypted by using a 50kb quantum random number, or 2.3kb of data to be encrypted can be encrypted by using a 0.5kb quantum random number.
In practical applications, the number of rows of the character string, the number of bits corresponding to the character string, and other ways may be used to measure the data amount, and the embodiment of the present invention is not limited thereto. By applying the embodiment of the invention, the security of the database and the key amount requirement of big data encryption can be well considered.
Further, the data to be encrypted may be composed of a plurality of lines of data, and the second preset threshold is: sum of data amounts of data to be encrypted of at least one line.
The data encryption and decryption device stores the data to be encrypted, which is encrypted by using the quantum random number, in the data storage device, and then the first quantum key distribution device and the second quantum key distribution device generate a pair of quantum keys. The data encryption and decryption device encrypts the data index value and the key by using a quantum key by using a symmetric encryption algorithm, and sends the encrypted data index value and the key to the key encryption and decryption device, so that the key encryption and decryption device decrypts by using the quantum key after receiving the encrypted encryption key and the encrypted data index value, and then stores the data index value and the key to the key encryption and decryption device in the key encryption storage terminal.
Example 4
Theembodiment 4 of the invention is applied to a key encryption storage module in a quantum encryption database system, and the method comprises the following steps:
receiving an encrypted data index value and the encryption key which are sent by a data encryption storage module in the quantum encryption database system, wherein the encryption key is a quantum random number sent by the data encryption storage module in the quantum encryption database system;
and decrypting the data index value and the encryption key by using a quantum key obtained by using a quantum key distribution technology through a classical decryption algorithm, and encrypting the encryption key by using a root key.
Specifically, a key encryption/decryption device in the key encryption/storage module may receive the encrypted data index value and the encrypted encryption key, acquire a quantum key by using a quantum key distribution technique, and decrypt the encryption key through a classical decryption algorithm according to the quantum key, where the classical decryption algorithm includes: a symmetric decryption algorithm.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents and improvements made within the spirit and principle of the present invention are intended to be included within the scope of the present invention.
Claims (10)
1. A data encryption method is applied to a data encryption storage module in a quantum encryption database system, wherein the quantum encryption database system comprises the data encryption storage module and a key encryption storage module, and the method comprises the following steps:
inputting data to be encrypted, and generating a data index value of the data to be encrypted;
generating a quantum random number;
encrypting the data to be encrypted by using the quantum random number as an encryption key;
storing the data index value and the encrypted data to be encrypted;
quantum keys are generated in a data encryption storage module and a key encryption storage module by using a quantum key distribution technology, a data index value of the data to be encrypted and the encryption key are encrypted by using the quantum keys through a classical encryption algorithm, and the encrypted encryption key and the data index value are sent to a key encryption storage module so that the key encryption storage module stores the encryption key and the data index value.
2. The data encryption method according to claim 1, wherein the encrypting the data to be encrypted by using the quantum random number as an encryption key comprises:
judging whether the data volume of the data to be encrypted is larger than a first preset threshold value or not;
if yes, the quantum random number is used as an encryption key to encrypt data to be encrypted with the data volume of a second preset threshold, and the second preset threshold is larger than the first preset threshold;
and if not, encrypting the data to be encrypted by taking the quantum random number with the same character length as the data to be encrypted as an encryption key.
3. A data encryption method is applied to a key encryption storage module in a quantum encryption database system, and comprises the following steps:
receiving an encrypted data index value and an encrypted encryption key which are sent by a data encryption storage module in a quantum encryption database system, wherein the encryption key is a quantum random number sent by the data encryption storage module in the quantum encryption database system;
decrypting the data index value and the encryption key by using a quantum key obtained by a quantum key distribution technology through a classical decryption algorithm, and encrypting the encryption key by using a root key;
storing the data index value and an encryption key encrypted by using the root key;
the data encryption storage module uses the quantum random number as an encryption key to encrypt data to be encrypted.
4. A data encryption system, the system comprising: a data encryption storage module and a key encryption storage module, wherein,
the data encryption storage module comprises: the system comprises a data encryption and decryption device, and a data index generation device, a quantum random number generation device, a data storage device and a first quantum key distribution device which are respectively in communication connection with the data encryption and decryption device, wherein the data index generation device is used for generating a data index value of data to be encrypted; quantum random number generating means for generating quantum random numbers; the data encryption and decryption device is used for encrypting the data to be encrypted by taking the quantum random number as an encryption key, encrypting a data index value of the data to be encrypted and the encryption key by using a quantum key generated by a quantum key distribution technology in a data encryption storage module and a key encryption storage module through a classical encryption algorithm, and sending the encrypted encryption key and the data index value to the key encryption storage module so that the key encryption storage module stores the encryption key and the data index value; the data storage device is used for storing the data index value and the encrypted data to be encrypted;
the key encryption storage module comprises: the system comprises a key encryption and decryption device, a key storage device and a second quantum key distribution device, wherein the key storage device and the second quantum key distribution device are respectively in communication connection with the key encryption and decryption device, the key encryption and decryption device is used for receiving an encrypted data index value and an encrypted encryption key which are sent by the data encryption storage module, decrypting the data index value and the encryption key by using a classical decryption algorithm through a quantum key obtained by using a quantum key distribution technology, and encrypting the encryption key by using a root key; the key storage device is used for storing the data index value and an encryption key encrypted by using a root key;
the first quantum key distribution device and the second quantum key distribution device are used for generating a pair of quantum keys in the data encryption storage module and the key encryption storage module by using a quantum key distribution technology.
5. The data encryption system according to claim 4, wherein said data encryption/decryption means is further configured to:
judging whether the data volume of the data to be encrypted is larger than a first preset threshold value or not;
if yes, the quantum random number is used as an encryption key to encrypt data to be encrypted with the data volume of a second preset threshold, and the second preset threshold is larger than the first preset threshold;
and if not, encrypting the data to be encrypted by taking the quantum random number with the same character length as the data to be encrypted as an encryption key.
6. The data encryption system according to claim 5, wherein the data to be encrypted is composed of a plurality of lines of data, and the second preset threshold is:
sum of data amounts of data to be encrypted of at least one line.
7. A data encryption system according to claim 4, wherein said root key is a hardware root key.
8. A data encryption system according to claim 4, wherein said classical encryption algorithm comprises: a symmetric encryption algorithm.
9. A data encryption system according to claim 4, characterized in that said data index generating means is adapted to generate a data index value of the data to be encrypted by using an irreversible algorithm.
10. A data encryption system according to claim 9, wherein said irreversible algorithm comprises: and (4) carrying out a hash algorithm.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910584441.3ACN112187448B (en) | 2019-07-01 | 2019-07-01 | Data encryption method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910584441.3ACN112187448B (en) | 2019-07-01 | 2019-07-01 | Data encryption method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112187448A CN112187448A (en) | 2021-01-05 |
| CN112187448Btrue CN112187448B (en) | 2023-04-07 |
Family
ID=73914921
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910584441.3AActiveCN112187448B (en) | 2019-07-01 | 2019-07-01 | Data encryption method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112187448B (en) |
Families Citing this family (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11695552B2 (en)* | 2021-03-25 | 2023-07-04 | International Business Machines Corporation | Quantum key distribution in a multi-cloud environment |
| CN114285670B (en)* | 2021-12-31 | 2022-11-15 | 安徽中科锟铻量子工业互联网有限公司 | Internet of things gateway data encryption communication method based on quantum random number key |
| CN114884716B (en)* | 2022-04-28 | 2024-02-27 | 世融能量科技有限公司 | Encryption and decryption method, device and medium |
| GB2620388A (en)* | 2022-07-04 | 2024-01-10 | Univ Oxford Innovation Ltd | Secure storage of data |
| CN114896620A (en)* | 2022-07-07 | 2022-08-12 | 安徽华典大数据科技有限公司 | Quantum encryption-based database indexing method, equipment and storage medium |
| CN115174083B (en)* | 2022-07-07 | 2025-05-27 | 重庆连芯智能科技研究院有限公司 | Vehicle networking information encryption method, device and vehicle networking system |
| CN115361123B (en)* | 2022-08-18 | 2025-04-15 | 安徽省极光智能科技有限公司 | A drone control system based on quantum encryption technology |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104918243A (en)* | 2015-06-15 | 2015-09-16 | 上海交通大学 | Mobile terminal secrecy system and method based on quantum true random number |
| CN106357649A (en)* | 2016-09-23 | 2017-01-25 | 浙江神州量子网络科技有限公司 | User identity authentication system and method |
| CN107800537A (en)* | 2017-11-27 | 2018-03-13 | 安徽问天量子科技股份有限公司 | Encrypting database system and method, storage method and querying method based on quantum key distribution technology |
| CN109561047A (en)* | 2017-09-26 | 2019-04-02 | 安徽问天量子科技股份有限公司 | Encryption data storage system and method based on the storage of key strange land |
| CN209017054U (en)* | 2018-12-29 | 2019-06-21 | 安徽问天量子科技股份有限公司 | A kind of safe quantum communication system for multimedia data stream |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070130455A1 (en)* | 2005-12-06 | 2007-06-07 | Elliott Brig B | Series encryption in a quantum cryptographic system |
- 2019
- 2019-07-01CNCN201910584441.3Apatent/CN112187448B/enactiveActive
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104918243A (en)* | 2015-06-15 | 2015-09-16 | 上海交通大学 | Mobile terminal secrecy system and method based on quantum true random number |
| CN106357649A (en)* | 2016-09-23 | 2017-01-25 | 浙江神州量子网络科技有限公司 | User identity authentication system and method |
| CN109561047A (en)* | 2017-09-26 | 2019-04-02 | 安徽问天量子科技股份有限公司 | Encryption data storage system and method based on the storage of key strange land |
| CN107800537A (en)* | 2017-11-27 | 2018-03-13 | 安徽问天量子科技股份有限公司 | Encrypting database system and method, storage method and querying method based on quantum key distribution technology |
| CN209017054U (en)* | 2018-12-29 | 2019-06-21 | 安徽问天量子科技股份有限公司 | A kind of safe quantum communication system for multimedia data stream |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112187448A (en) | 2021-01-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112187448B (en) | Data encryption method and system | |
| US6125185A (en) | System and method for encryption key generation | |
| US9379891B2 (en) | Method and system for ID-based encryption and decryption | |
| CN102624522B (en) | A kind of key encryption method based on file attribute | |
| CN113132099B (en) | Method and device for encrypting and decrypting transmission file based on hardware password equipment | |
| CN107086915B (en) | Data transmission method, data sending end and data receiving end | |
| US9276913B2 (en) | Transmission/reception system, transmission device, reception device, authentication device, user equipment, method executed using these, and program | |
| CN103368975B (en) | A kind of method and system of batch data safe transmission | |
| US9954859B2 (en) | Random number distribution | |
| CN104967693A (en) | Document similarity calculation method facing cloud storage based on fully homomorphic password technology | |
| CN104579680B (en) | A kind of method of secure distribution seed | |
| CN105099653A (en) | Distributed data processing method, device and system | |
| CN109005184A (en) | File encrypting method and device, storage medium, terminal | |
| CN101325483B (en) | Method and apparatus for updating symmetrical cryptographic key, symmetrical ciphering method and symmetrical deciphering method | |
| CN113347144A (en) | Method, system, equipment and storage medium for reciprocal data encryption | |
| CN111131158A (en) | Single byte symmetric encryption and decryption method, device and readable medium | |
| CN109711178B (en) | Key value pair storage method, device, equipment and storage medium | |
| CN112187449B (en) | Quantum database query method, encryption and decryption method and system | |
| CN107872315A (en) | Data processing method and intelligent terminal | |
| CN115022057A (en) | Security authentication method, device and device, and storage medium | |
| CN109726584A (en) | Cloud database key management system | |
| CN105681027A (en) | HSM encrypted information synchronization method, device and system | |
| CN104301102A (en) | Widget communication method, device and system | |
| CN106357382A (en) | Encryption method and system for network data transmission | |
| CN107707611B (en) | Power data cloud processing method, device and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |