High-expansibility password encrypted storage method

A high scalability, encrypted storage technology, applied in the field of computer information technology security, can solve problems such as restricting the use of new encryption algorithms in new systems, and achieve the goal of improving scalability and maintainability, increasing difficulty, and ensuring security. Effect

Active Publication Date: 2020-11-24
CHENGDU DBAPP SECURITY
View PDF14 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In terms of portability: the existing popular password storage methods must ensure that the new system and the old system password encryption algorithm must be consistent during system upgrades and data migration, which restricts the new system from using new encryption algorithms. possibility

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • High-expansibility password encrypted storage method
  • High-expansibility password encrypted storage method
  • High-expansibility password encrypted storage method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0051] This embodiment proposes a highly scalable password encryption storage method, such as figure 1 shown, including the following steps:

[0052] Step 1: first obtain the list of encryption algorithms generated by the encryption algorithm configuration module; the list of encryption algorithms includes a plurality of encryption algorithms, and each of the encryption algorithms has a unique encoding code and corresponding name and type; the type includes system built-in and user-added;

[0053] Step 2: Generate a 32-bit random string in the encrypted salt value generation module, and the random string is the salt value salt of the encryption algorithm; then perform symmetrical encryption on the salt value salt by the AES algorithm to obtain the encrypted salt value aes_salt;

[0054] Step 3: Obtain the encryption algorithm set by the user in the password encryption module, and judge whether it is necessary to use the salt value salt to encrypt the user password s through ...

Embodiment 2

[0061] In this embodiment, on the basis of the above-mentioned embodiment 1, in step 1, the specific steps are:

[0062] Step 1.1: The user obtains a list of password encryption algorithms. Each encryption algorithm has a unique code and corresponding name and type, including system built-in and user added; system built-in encryption algorithms such as md5, sha, hamc, pkddf2, crc, etc.:

[0063] Step 1.2: The user selects the password encryption algorithm that the user wants to set. If there is an encryption algorithm that the user wants to set in the current encryption algorithm list, directly select the algorithm and set it; otherwise, add and set it through step s1.3;

[0064] Step 1.3: The user adds the implementation of the encryption algorithm, and names the encryption algorithm. After the addition is successful, the system will generate a unique code for the newly added encryption algorithm; then obtain the list of encryption algorithms, and set the newly added encryptio...

Embodiment 3

[0079] This embodiment is based on any one of the above-mentioned embodiments 1-2, such as figure 2 , image 3 As shown, encrypt the salt value salt to generate the encrypted salt value aes_salt and decrypt the encrypted salt value back to the salt value salt;

[0080] The following briefly introduces the function and significance of each part:

[0081] Salt value salt: unencrypted data, in this system is the unencrypted salt value salt

[0082] Key K: the salt value salt used to encrypt the plaintext. In the symmetric encryption algorithm, the key k for encryption and decryption is the same. The key k is generated through negotiation between the receiver and the sender, but it cannot be directly transmitted on the network, otherwise the key k will be leaked. Usually, the key k is encrypted by an asymmetric encryption algorithm, and then transmitted to the other party through the network, or Negotiate the key k directly face to face. The key k must never be leaked, otherw...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a high-expansibility encrypted storage method. Different encryption algorithms are configured, salt value encryption is performed on salt values of the encryption algorithms once, and then encoding rules are set to realize storage of plaintext passwords, ciphertext passwords, salt values, encrypted salt values and the like of a user, so that password encrypted storage with high security, high transportability and high maintainability is realized. According to the method, the diversity of a password storage encryption algorithm is expanded, the salt value and the passwordare subjected to dual encryption and then coded and stored, meanwhile, interference factors are increased, and the password cracking difficulty is greatly increased. Meanwhile, a user-defined encryption algorithm, a password storage coding rule and a specified noise factor position and length are supported, so that the complexity and diversity of a password storage scheme can be flexibly improved. Meanwhile, the scheme is friendly to system upgrading and data migration, and the upgrading and extension of the system can be well met.

Description

technical field [0001] The invention belongs to the field of computer information technology security, and in particular relates to a highly expansible password encryption storage method. Background technique [0002] In the era of informationization and digitization, information security is becoming more and more important, but some existing encryption methods have the following deficiencies: [0003] In terms of security: in some existing password encryption schemes, a popular method is that a system determines an encryption algorithm, and then encrypts the password with salt to obtain the ciphertext, and then stores the ciphertext field and the salt value separately field. One disadvantage of this method is that the ciphertext and salt value are parsed through the database field, which reduces the cost of being cracked. If the database data is leaked, the criminals can try the existing encryption algorithm through brute force cracking. Attempts to crack the encryption a...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/60G06F21/45
CPCG06F21/602G06F21/45
Inventor 陈志范渊吴永越郑学新刘韬
Owner CHENGDU DBAPP SECURITY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap