TWI640187B - Tenon encryption method - Google Patents

Abstract

The invention discloses a splicing encryption method, which can improve the problem of poor encryption and decryption performance when a large amount of data is accessed by the prior art. The method is implemented by a computer system, and the method comprises: reading a data set, the data set comprises a plurality of pens Data, each data contains several fields, each field contains a clear text; according to different fields, the data set is divided into several subsets, each subset contains all the plaintext of the same kind, according to the plaintext contained in each data The association between the two sets of plaintexts of each subset is made clear to the plaintext of the other subsets, so that the plaintexts of the different subsets are related; and the keys are encrypted to form a password, and all the keys are not the same. Thereby, all subsets containing the crypto can be stored in the same storage, and the above problems can be effectively improved.

Description

Connection encryption method

The present invention relates to a data encryption method; in particular, to a splicing encryption method based on an association factor (interface) between data.

With the advancement of information technology, more and more data (such as video, video, audio or text) stored in the database in digital form, such as non-public information (such as: finance, communication or medical) Such records can be protected or hidden by encryption/decryption techniques in case the information conveyed by the material is stolen, intercepted or tampered with by an unauthorized user.

Taking medical records as an example, the conventional data encryption method can encrypt the plaintext of the patient's name, medical record, and the like by using at least one key, and store the encrypted ciphertext in the data sequentially. In the library, when the data of a particular patient is to be obtained, the ciphertext of the same patient needs to be decrypted by the key. One embodiment can refer to the "Electronic Medical Record System" patent case of the Republic of China Announcement No. TW M410262 .

However, when a legitimate user (such as a researcher) needs to access the full data of the database, such as using big data technology to analyze the evolution of epidemics, the database must be classified into different diseases. The ciphertexts that are affected are decrypted one by one in order to obtain specific plaintext for analyzing information (such as virus infection mechanism, etc.), which will generate a huge amount of computation, and consume a lot of computing resources and time costs. Moreover, since the above data is added/decrypted by a fixed rule, if the decryption method is cracked, there is a flaw in the leakage of important information. To this end, the data needs to be stored separately to prevent the data from being completely exposed.

In view of this, it is necessary to improve the shortcomings of the above-mentioned prior art "the data encryption and decryption performance is not good" to meet the actual needs and improve its practicability.

The invention provides a splicing encryption method, which can improve data encryption and decryption performance.

The invention discloses a splicing encryption method, which is executed by a computer system, and the steps thereof comprise: reading a data set, the data set comprises a plurality of data, each data comprises a plurality of fields, and each field contains a plaintext; According to different fields, the data set is cut into several subsets, and each subset contains all the plaintexts of the same kind of field. According to the association between the plaintexts contained in each data, all the plaintexts of each subset are respectively separated by one image. The plaintext of the subset makes the plaintext of different subsets related; and the interfaces are encrypted to form a key, all the keys are different, and the order of the same plaintext in the subset is different from the order of the dataset .

Each of the interfaces includes a correlation factor for pointing to the plaintext of at least one subset.

The correlation factor includes at least one indicator.

Each of the subsets has an identification code, and all the plaintexts of each subset respectively have a serial number, and the correlation factor includes at least one subset of the identification code and at least one serial number.

The plaintext pairs in the different subsets are identical.

All the contacts in each subset are different.

The keys are encrypted according to different keys.

The key can be encrypted using a 3DES, AES or RSA algorithm.

The subset containing the crypt can be stored in the same reservoir.

The encryption method can be used for encryption and decryption only for the above-mentioned plaintext interface, and the information in the data can be effectively protected without the need to encrypt and decrypt the plaintext one by one in the data set, and the resources required for the operation can be greatly reduced. Time; and, since all the keys are different, all subsets containing the key can be stored in the same storage to improve the utilization of the data storage, even if any key is cracked, because of the cracker I don't know the relevance of other plaintexts, so I can only get what seems to be irrelevant. I can't know the information provided after the correct composition of the plaintext. I don't have any doubts about the information in the data. Improve data encryption and decryption efficiency" And the "improving data confidentiality" and other functions can be further applied to data access systems that require a large amount of data analysis.

S1‧‧‧ Construction steps

S2‧‧‧Association steps

S3‧‧‧Encryption steps

U‧‧‧ data set

U1~U4‧‧‧ subset

U1’~U4’‧‧‧ subset

Q‧‧‧User Information Sheet

Q1, Q2‧‧‧ subset

R‧‧‧Video Classification Table

R1, R2‧‧‧ subset

Q1’, R1’‧‧‧ subset

W1~W4‧‧‧ field

W1’, W2’‧‧‧ field

W1”, W2”‧‧‧ field

X, X1, X2‧‧‧

Y, Y1, Y2‧‧‧

N, N1, N2‧‧‧榫

The first data of the Z1‧‧‧ data set

BRIEF DESCRIPTION OF THE DRAWINGS Figure 1 is a flow chart showing the operation of the embodiment of the present invention.

FIG. 2 is a schematic diagram (1) of a data set of an embodiment of the present invention.

Figure 3 is a schematic diagram of the data set of Figure 2 applied to a unidirectionally associated subset and interface.

Figure 4 is a schematic diagram of the data set of Figure 2 applied to a one-way association of subsets and keys.

Figure 5 is a schematic diagram of the data set of Figure 2 applied to the bidirectionally associated subset and interface.

Figure 6 is a schematic diagram of the data set of Figure 2 applied to a bidirectionally associated subset and key.

Figure 7 is a schematic diagram of a data set (2) of an embodiment of the splicing encryption method of the present invention.

Figure 8 is a schematic diagram of the data set of Figure 7 applied to a one-way association of subsets and interfaces.

Figure 9 is a schematic diagram of the data set of Figure 7 applied to the subset and interface of the multi-party association.

Figure 10 is a schematic diagram of the data set of Figure 7 applied to the multi-party association and the key.

The above and other objects, features and advantages of the present invention will become more <RTIgt; "Tenon" refers to the relationship factor between different characteristics of a dataset belonging to the same group, such as the name, identity card, age, disease, and treatment of the same patient in the medical database. The connection relationship between the features, and the like, is not limited thereto, and can be understood by those having ordinary knowledge in the technical field to which the present invention pertains.

Please refer to FIG. 1, which is a flowchart of the operation of the embodiment of the present invention. The embodiment of the splicing encryption method may utilize a computer system as an execution architecture, and the computer system may access a dataset in a storage (eg, a database or a memory). In this embodiment, the computer system can be a processor An encryption program is implemented as an implementation aspect, but is not limited thereto; the connection encryption method embodiment may include a construction step S1, an association step S2, and an encryption step S3, as described below.

Please refer to FIG. 1 again. The forming step S1 is to read a dataset containing a plurality of data (datum), such as graphic materials or personal data, but not as such. Limits, each data contains several fields, each field contains a plaintext. In this embodiment, the computer system can read the data set from the database or the data storage. The data set can be in the form of a form, where the medical record is used as an implementation description, but limit.

Referring to FIG. 2, it is a schematic diagram (1) of a data set of an embodiment of the present invention. Among them, a medical record form U contains 6 pieces of data, each of which contains the fields W1~W4, such as the name 〞, 〝 ID card ID, 〝 age 〞 and 〝 disease ,, such as: the first data Z1 above The fields W1~W4 contain plain text such as {〝Alice〞, 〝A9457729〞, 〝45〞, 〝 cancer 〞}, and the rest are shown in the figure, but not limited to this.

Referring to FIG. 1 again, the association step S2 cuts the data set into a plurality of sub-sets according to different fields, and each subset contains all the plaintexts of the same field, according to the information contained in each data. The relationship between the plaintexts causes all the plaintexts of each subset to be mapped by the tenon (tenon) to the plaintext of the other subsets, so that the plaintexts of the different subsets are related. In this embodiment, the computer system can cut the data set U according to different fields W1, W2, W3, and W4 (as shown in FIG. 2), and generate a plurality of subsets U1~U4 (as shown in FIG. 3). Show).

Please refer to Figures 2 and 3, and Figure 3 is a schematic diagram of the data set of Figure 2 applied to the unidirectional association subset and interface. The plurality of subsets U1~U4 may respectively have an identification code, such as: 〝Table 1〞, 〝Table 2〞, 〝Table 3〞, 〝Table 4〞, etc., and the plurality of subsets U1~U4 have respectively A sequence column X, a text column Y, and a tenon column N, the text column is used to accommodate the plaintext of the same field, such as: the data set U The 〝 〝 name 〞 field W1, 〝 identity card ID 〞 field W2, 〝 age 〞 field W3, 〝 disease 〞 field W4 clear text; each subset U1 ~ U4 plaintext can be given a serial number, such as : 〝1〞, 〝2〞, 〝3〞, 〝4〞, 〝5〞, 〝6〞, etc., and are contained in the sequence column X. The content of the serial number X may also be a randomly generated code to make the same The order of the plaintext U1, U2, U3 or U4 (which can be expressed as a serial number) and the order of the data set U can be different, such as: Mingwen 〝 A9457729 〞 in the data set U 〝 identity card ID 〞 field The order in W2 is 〝1st 〞, and the serial number in 〝ID ID 〞 subset U2 is 〝3〞 (not 〝1st 〞). In this way, the association of plaintext between different subsets can be avoided from being too obvious, so as to prevent the information composed of the plaintexts from being stolen by illegal users.

According to the above, the computer system can be based on the correlation between the plaintext contained in the above data (for example, the relative relationship between 〝Alice〞, 〝A9457729〞, 〝45〞, 〝 cancer 〞, etc. contained in the data Z1) , so that all plaintexts of each subset (such as: U1) are respectively reflected by a tenon (ten) against the plaintext of other subsets (such as U2), such as: 〝Name 〞 subset U1, the plaintext with the serial number 〝1〞 〝Alice〞 can refer to the content of the first data D1 in the data set U {〝Alice〞, 〝A9457729〞, 〝45〞, 〝 cancer 〞}, using the name of the nickname U1 in the plaintext 〝Alice〞 The interface can be mapped to the plaintext A9457729〞 in the identity card ID subset, so that the plaintexts of different subsets are related to each other, and the plaintext of the same data is used to indicate the relationship between the different subsets of the same data. The interface may contain a correlation factor for pointing to at least a subset of the plaintext, such as: by the name of the sub-set U1, the plaintext, Alice, the identity card ID, the sub-set U2, the plaintext, A9457729〞 (the serial number is 3) The indicator 〝T2#3〞 enables one-way correlation between different subsets.

The correlation factor may include at least one subset of the identification code and at least one serial number, for example, the name of the 〞 subset U subset U1, and the associated factor of the Alice 可 may be 〝T2#3〞, for the name The scorpion set U1's plaintext 〝Alice 〝 〝 〝 identity ID 〞 subset U2 (identification code 〝 Table2 〞) in the plain text 〝 〞 〞 945 945 945 945 945 945 945 945 945 945 945 945 945 945 945 945 945 945 945 945 945 945 945 945 945 945 945 945 945 945 945 945 945 〞, 〝 ID card ID 〞 subset U2 明文〝 A9457729〞 and the first data Z1 is related, and so on, all the contacts in all subsets are different. However, the plaintext pairs in different subsets may be the same, so that the plaintext belonging to the same material has an association between different subsets, such as: 〝Name 〞 subset U1 plaintext 〝Alice〞, 〝 ID card ID 〞子集 U2的明文〝 A9457729〞, 〝 Age 〞 subset U3 〝45〞 Mingwen's 榫 can be 〝T4#1〞, for these plaintexts simultaneously to map the 〝 disease 〞 subset U4 (ID For the sake of Table 4〞), the text is 〝1〝, which is not limited to this.

Referring to FIG. 1 again, the encryption step S3 encrypts each interface to form an encrypted tenon, and all the keys are different. For example, the different interfaces are encrypted by using the same or different keys. , or use the same key to encrypt the same interface content. In this embodiment, the password may be encrypted by using an algorithm such as 3DES, AES, or RSA, but not limited thereto. For example, each key may be based on a different key. Encrypting the correlation factor in the above interface (.), where j{1, 2, 3, 4} is used for the subsets U1~U4, i such as Table 1〞, 〝Table 2〞, 〝Table 3〞, 〝Table 4〞, etc. {A, B, C, D, E, F}, for each subset U1~U4, the plain texts such as 〝1〞 to 〝6〞 point to their associated subsets, so regardless of whether the interfaces are the same, each The passwords are different, which can prevent the same password from appearing in different subsets at the same time, which can prevent illegal users from using the key to guess the association between the plaintexts of different subsets.

Please refer to Figures 3 and 4, and Figures 3 and 4 are respectively a schematic diagram of the data set of Figure 2 applied to the one-way association and the interface and the key. Among them, the name of the subgroup U1 is clearly related to the contact of Alice and the associated factor 〝T2#3〞 available key Encrypted to form a secret content〝 ( T 2#3)〞, the rest of the keys can be generated in the same way (as shown in Figure 4). Also, since all the keys are different, all the subsets U1~U4 containing the key can be Stored in the same storage (such as: database or memory), even if any key is cracked, because all keys and their encryption keys are different, and the cracker does not know the association between other plaintexts. Sex, so that only seemingly irrelevant words or garbled characters can be obtained, and the information provided after the correct composition is not known, so there is no doubt that the information in the information is leaked.

In addition, in addition to the unidirectional association between different subsets U1~U4, the interface can also generate bidirectional association between different subsets for encryption.

For example, as shown in FIG. 5, the plaintext Alice in the 〝Name 〞 subset U1' with the serial number 〝1〞 can refer to a forward related subset (eg: 〝 disease 〞 subset U4', identification code For the table 4〞), the number of 明1〞 of the plain text 〝 cancer 〞 and a backward related subset (such as: 〝 identity card ID 〞 subset U2 ', the identification code is 〝 Table 2 〞), the serial number is 〝 3 〞明文〝A9457729〞, and the correlation factor 〝T4#1, T2#3〞 (with two correlation factors) contained in the interface of the plaintext and Alice is generated, and the connection of each subset U1'~U4' is generated. The method can be deduced by analogy (as shown in Figure 5), and will not be described here.

Please refer to the figures 5 and 6 together. The name of the 〝 〞 〞 〞 〞 〞 U U 〞 〞 〞 〞 〞 〞 〞 〞 〞 〞 〞 〞 〞 〞 〞 〞 〞 〞 〞 〞 〞 〞 〞 〞 〞 〞 〞 〞 〞 〞 〞 〞 〞 〞 〞 〞 〞 , Generate secret content〝 ( T 4#1), ( T 2#3)〞, the rest of the key content can be based on different keys Encrypted to form (.), where j {1, 2, 3, 4}, for the above identification code is 〝Table 1〞, 〝Table 2〞, 〝Table 3〞, 〝Table 4〞 and other subsets U1'~U4',i {A1, A2, B1, B2, C1, C2, D1, D2, E1, E2, F1, F2}, used for each of the subsets U1'~U4' with a plain text such as 〝1〞 to 〝6〞 The backward related subset (as shown in Figure 6) is not described here.

Moreover, the form of the data set may also be a graphical form or a multi-table, and the interface may be used to generate multi-party association between different data sets for encryption. An example is as follows.

Please refer to FIG. 7, which is a schematic diagram (2) of the data set of the embodiment of the present invention. Wherein, the left table is a user data table Q, and the right table is a video. Classification table R, the middle connection is the correlation between the left and right tables, which is used to indicate the viewing records of different users. For example: 〝Alice〞 has seen the whole family is Mijiatun and 〝reverse ace, 〝Bob〞 〝金钢狼〞 and 〝厉阴宅〞,〝Charlie〞 watched the whole family is Mijiatun and 〝厉阴宅〞, 〝David〞 saw the elf elf 2〞, 〝Emily〞 watched the elf elf 2〞 Hey, the chief shopkeeper, 〝Fanny〞 has seen the reversal of the ace and the 〝金钢狼〞.

First, as shown in FIG. 8, the computer system can divide the left and right tables into a plurality of subsets Q1, Q2, R1, and R2 and establish a interface, and the interface is only described by using a one-way associated subset as an example. For example, 〝Name 〞 subset Q1 (identification code is 〞Table 1〞), the plaintext 〝Alice〞 (serial number 〝1〞) contains the correlation factor 〝T2#3 can point to 〝 birthday 〞 subset Q2 (The identification code is 〞Table 2〞), the plain text /76/8/5〞 (the serial number is 〝3〞), used to generate the correlation; in addition, the scorpion name 〞 subset R1 (the identification code is 〝Table 3〞) The plaintext reversal of the ace of the ace (number 〝6〞) contains the correlation factor 〝T4#1〞 can point to the 〝classification 〞 subset R2 (identification code 〝Table 4〞) of the plain text 〝 plot (number 〝1〞), used to generate the correlation, the connection generation mode of each subset Q1, Q2, R1, R2 can be deduced by analogy (as shown in Fig. 8), and will not be described here.

Then, as shown in FIG. 9, the computer system may add a correlation factor of the viewing record to the interface to generate a subset of the multi-party association, such as: 〝Name 〞 subset Q1' (identification code is 〝Table 1〞) The plaintext Alice〞 (serial number 〝1〞) has a total of three correlation factors 〝T2#3, T3#2, T3#6〞, which is used to indicate the user 〝Alice〞 and 〝 birthday 〞子Set Q2 (identification code is 〞Table 2〞), Mingwen 〝76/8/5〞 (serial number is 〝3〞), 〝片名〞 subset R1' (identification code is 〝Table 3〞), the whole family is rice The plain texts of the family 〞 (number is 〝 2〞) and 〝 reversal ace (number 〝 6〞) are related; in addition, the snippet name 〞 subset R1 ' (identification code is 〝 Table 3 〞) The plaque of the ace (number 〝6〞) contains three correlation factors 〝T4#1, T1#1, T1#6〞, which are used to indicate the title 〝 reversal ace and 〝 classification 〞 subset R2 (identification code) 〝Alice〞 (No. 〝1〞) and 〝Fanny〞 of the Ming dynasty drama (number 〝1〞), 〝Name 〞 subset Q1' (identification code 〝Table 1〞) (The serial number is 〝6〞) The plaintext is related, and the other joints of the subsets Q1' and R1' can be generated by the same method (as shown in Fig. 9), and will not be described here.

After that, as shown in FIG. 10, the computer system can connect the above interface according to the key. Encryption produces different passwords (.), where j {1, 2, 3, 4}, for the above identification code is 子Table 1〞, 〝Table 2〞, 〝Table 3〞, 〝Table 4〞, etc., i {A1, A2, A3, B1, B2, B3, C1, C2, C3, D1, D2, E1, E2, E3, F1, F2; A, B, C, D, E, F; G1, G2, H1 , H2, H3, I1, I2, I3, J1, J2, J3, K1; G, H, I, J, K, H}, so that the number of each subset Q1', Q2, R1', R2 is 〝1明 to 〝6〞 and other plain texts can point to their associated multi-party subsets, such as: 〝Alice 〞 subset Q1' 〝Alice 〞 Ming 的 榫 榫 榫 〝 〝 2 2 2 2 2 T2#3, T3#2, T3# 6〞 can use the key separately , , Encryption forms the key, and the content of the key can be 〝 ( T 2#3), ( T 3#2), ( T 3#6) 〞, the remaining key generation modes of each subset Q1', Q2, R1', R2 can be deduced by analogy (as shown in Fig. 10), and are not described here.

The main features of the embodiment of the present invention are as follows: the data set is read by the computer system, and the data set includes a plurality of data, each of which contains several fields, each of which The field contains the plaintext; the data set is cut into several subsets according to different fields, and each subset contains all the plaintexts of the same kind of field, and all the plaintexts of each subset are respectively determined according to the association between the plaintexts contained in each data. By clearing the plaintext of the other subsets, the plaintexts of the different subsets are related; and each interface is encrypted into the password, and all the keys are different. Therefore, it is only necessary to encrypt and decrypt the above-mentioned plaintext interface, and it is not necessary to encrypt and decrypt all the plaintexts in the dataset one by one, thereby effectively protecting the information in the data, and greatly reducing the resources and time required for the operation. Achieving the "enhancement of data encryption and decryption efficiency" can be further applied to data access systems that require large amounts of data analysis.

Moreover, in the embodiment of the splicing encryption method of the present invention, since all the keys are not in phase Similarly, all subsets containing the key can be stored in the same storage to improve the utilization of the data storage. Even if any key is cracked, the cracker does not know the correlation between other plaintexts. It is only possible to obtain content that appears to be irrelevant, and it is impossible to know the information provided after the correct composition of the plain text. There is no doubt that the information in the information will be leaked, and the effect of "enhancing data confidentiality" can be achieved.

While the invention has been described in connection with the preferred embodiments described above, it is not intended to limit the scope of the invention. The technical scope of the invention is protected, and therefore the scope of the invention is defined by the scope of the appended claims.

Claims (9)

A splicing encryption method is implemented by a computer system, and the steps include: reading a data set, the data set includes a plurality of data, each data includes a plurality of fields, each field contains a plaintext; The bit cuts the data set into a plurality of subsets, each subset contains all the plaintexts of the same kind of field, and according to the association between the plaintexts included in each data, all the plaintexts of each subset are respectively mapped to other subsets. In plaintext, the plaintexts of different subsets are related; and each interface is encrypted to form a key, all the keys are different, and the order of the same plaintext in the subset is different from the order of the dataset. The splicing encryption method according to claim 1, wherein each interface includes at least one association factor for pointing to at least one subset of plaintext. The splicing encryption method according to claim 2, wherein the correlation factor includes at least one indicator. According to the splicing encryption method of claim 2, wherein each subset has an identification code, and all the plaintexts of each subset respectively have a serial number, the association factor includes at least one subset of the identification code and at least one sequence number. . According to the splicing encryption method described in claim 1, wherein the plaintext pairs in different subsets are identical. According to the splicing encryption method of claim 1, wherein all the interfaces in each subset are different. According to the connection encryption method described in claim 1, wherein each password is based on Different keys are encrypted. The splicing encryption method according to claim 7, wherein the cryptographic encryption is performed using a 3DES, AES or RSA algorithm. The splicing encryption method according to claim 1, wherein all subsets containing the cryptogram are stored in the same storage.