Search

CN-116800411-B - Method and system for packaging, encrypting and decrypting full-disc files

CN116800411BCN 116800411 BCN116800411 BCN 116800411BCN-116800411-B

Abstract

The invention provides a method and a system for packing, encrypting and decrypting full disc files, and belongs to the technical field of data encryption. The invention encrypts all data in the folder into one ciphertext file by defining the packing encryption rule, and adds a certain interference number by the rule in the encryption process, thereby greatly increasing the difficulty of file decryption and decrypting and restoring the ciphertext file according to the rule by a matched decryption software tool. The invention has the beneficial effects of good reliability and high safety strength.

Inventors

  • JIANG XIANGYANG
  • QIN FALIN
  • ZHANG ZHONGGUO
  • Shi Nianwei
  • WANG XIAOYU
  • FAN XUANRONG
  • Yin Xiangyan

Assignees

  • 山东华芯半导体有限公司

Dates

Publication Date
20260512
Application Date
20230406

Claims (6)

  1. 1. The method for packaging, encrypting and decrypting the full disc file is characterized by comprising an encrypting process and a decrypting process, wherein the encrypting process comprises the following specific steps: Step 1, recursively traversing a target folder, storing traversed directory tree information into a directory tree linked list defined according to rules, and acquiring file information, wherein the file information comprises the number and the size of files; step 2, obtaining a random number from the USB cryptographic module and applying for a group of key ID numbers; step 3, determining the number of generated interference numbers according to the acquired file information, generating N groups of interference data blocks with different sizes, and forming an interference number linked list; initializing a USB cipher module, forming a real key for encryption through a random number and a key corresponding to the key ID, and initializing an encryption algorithm; step 5, generating a 512 byte ciphertext file header and storing an interference number linked list into the ciphertext file; Step 6, starting an encryption process, encrypting the data in the folder, randomly inserting the interference number while encrypting, updating an interference number linked list, and recording the position of each interference number; step 7, encryption is completed, and a final ciphertext file is generated; the decryption process comprises the following specific steps: step1, acquiring a ciphertext file, analyzing a file packet header, confirming whether the file packet header is tampered, acquiring a secret key ID and a random number if the file packet header is not tampered, and initializing a USB cryptographic module; step 2, analyzing the disturbance number linked list, extracting a file tree linked list according to the disturbance number linked list, decrypting the file linked list and restoring the file tree; Decrypting the first root file data packet, finding the next position of the linked list, decrypting the data packet, restoring the whole file tree, searching the interference number list in real time to discard the interference number data block, and calculating the correct file header offset to form a file tree directory; And 4, selecting all decryption or single file decryption according to the file tree directory, reversely decrypting and extracting ciphertext data according to an encryption algorithm, and transmitting the ciphertext data to the USB password module to finish decryption.
  2. 2. The method for encrypting and decrypting a full disc file according to claim 1, wherein each block of the number of disturbances is 512 bytes, the number of disturbances is N x 512, and the value of N is a random number ranging from 1 to 2048.
  3. 3. The method for encrypting and decrypting the whole disc file according to claim 1, wherein the random number obtained from the USB cryptographic module is 32 bytes.
  4. 4. The method for packaging, encrypting and decrypting the full disc file according to claim 1, wherein the decrypting process confirms whether the ciphertext file is tampered in a specific manner that the first 512 bytes of the ciphertext file are read to carry out CRC check, whether the CRC check values are consistent is judged, and if the CRC check values are consistent, the ciphertext file is not tampered.
  5. 5. The method of claim 1, wherein the ciphertext file structure comprises a 512 byte header, an interference number linked list, a ciphertext with an interference data block, and a file end.
  6. 6. The full-disc file packing encryption and decryption system is characterized in that the full-disc file packing encryption and decryption method of any one of claims 1-5 can be used and comprises an encryption and decryption host and a USB password module; the encryption and decryption host can run an encryption and decryption algorithm to encrypt and decrypt the target file; the USB cryptographic module is used for managing the secret key, generating a random number and storing the encrypted ciphertext file.

Description

Method and system for packaging, encrypting and decrypting full-disc files Technical Field The invention relates to a method and a system for packing, encrypting and decrypting full disc files, and belongs to the technical field of data encryption. Background With the popularization of the Internet, more and more people choose to transmit data through the network, so that the risk of data leakage is greatly increased while convenience is brought, and immeasurable loss is brought to secret-related units and individuals due to data leakage. Thus, in some special cases, secure storage devices (e.g., secure flash drives, etc.) are often used for data transfer, but once the password is lost, the data is at risk of leakage. In addition, the conventional encryption method for the whole disc encrypts the data with the whole disc capacity, and the encryption efficiency is extremely low when the storage files are few. Therefore, a method is needed that can encrypt all files of the whole mobile storage medium, and can encrypt a single designated folder, and has high security, high encryption speed and high efficiency. Disclosure of Invention The invention aims to provide a full-disc file packing encryption and decryption method, which greatly increases the difficulty of file decryption by adding a certain number of interference in a rule, and has high encryption speed and high efficiency. The invention aims to achieve the aim, and the aim is achieved by the following technical scheme: the method for packaging, encrypting and decrypting the full disc file comprises an encrypting process and a decrypting process, wherein the encrypting process comprises the following specific steps: Step 1, recursively traversing a target folder, storing traversed directory tree information into a directory tree linked list defined according to rules, and acquiring file information, wherein the file information comprises the number and the size of files; step 2, obtaining a random number from the USB cryptographic module and applying for a group of key ID numbers; step 3, determining the number of generated interference numbers according to the acquired file information, generating N groups of interference data blocks with different sizes, and forming an interference number linked list; initializing a USB cipher module, forming a real key for encryption through a random number and a key corresponding to the key ID, and initializing an encryption algorithm; step 5, generating a 512 byte ciphertext file header and storing an interference number linked list into the ciphertext file; Step 6, starting an encryption process, encrypting the data in the folder, randomly inserting the interference number while encrypting, updating an interference number linked list, and recording the position of each interference number; step 7, encryption is completed, and a final ciphertext file is generated; the decryption process comprises the following specific steps: step1, acquiring a ciphertext file, analyzing a file header, confirming whether the file header is tampered, acquiring a secret key ID and a random number if the file header is not tampered, and initializing a USB password module. And 2, analyzing the disturbance number linked list, extracting a file tree linked list according to the disturbance number linked list, decrypting the file linked list and restoring the file tree. And 3, decrypting the first root file data packet, finding the next position of the linked list, decrypting the data packet, restoring the whole file tree, searching the interference number list in real time to discard the interference number data block, and calculating the correct file header offset to form a file tree directory. And 4, selecting all decryption or single file decryption according to the file tree directory, reversely decrypting and extracting ciphertext data according to an encryption algorithm, and transmitting the ciphertext data to the USB password module to finish decryption. Preferably, each block of the interference number is 512 bytes, and the interference number is n×512, where N is a random number in the range of 1-2048. Preferably, the random number obtained from the USB cryptographic module is 32 bytes. Preferably, the decryption process confirms whether the ciphertext file is tampered in a specific mode that the first 512 bytes of the ciphertext file are read to carry out CRC check, whether CRC check values are consistent or not is judged, and if the CRC check values are consistent, the ciphertext file is not tampered. Preferably, the ciphertext file structure includes a 512 byte header, an interference number linked list, a ciphertext with an interference data block, and a file end. A full-disc file packing encryption and decryption system comprises an encryption and decryption host and a USB password module. The encryption and decryption host can run an encryption and decryption algorithm to encrypt and decrypt the target file. The USB crypt