Data encryption method and apparatus

By using an encryption method that generates keys based on offset time and environmental variables, the problem of unreliable data encryption in existing technologies is solved, and higher-security data protection is achieved.

CN114254368BActive Publication Date: 2026-06-23CHINA TELECOM CORP LTD

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
CHINA TELECOM CORP LTD
Filing Date
2021-12-27
Publication Date
2026-06-23

AI Technical Summary

Technical Problem

Existing technologies cannot provide more reliable encryption for data, resulting in a high risk of data breaches.

Method used

The data is encrypted by generating keys based on offset time and environment variables, and the randomness of the encryption method increases the difficulty of cracking.

Benefits of technology

It achieves more reliable and secure data encryption, reducing the risk of data leakage.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN114254368B_ABST
    Figure CN114254368B_ABST
Patent Text Reader

Abstract

The application discloses a data encryption method and device. The method comprises the following steps: obtaining a first target time, a target place and to-be-encrypted data in input parameter data; selecting an arbitrary time before the first target time as an offset time from a historical time period; generating first offset information based on the offset time and the target place; obtaining an environmental information array of the target place in the offset time, and combining a plurality of target environmental variables selected from the environmental information array to generate a key; and encrypting the to-be-encrypted data based on the first offset information and the key. The application solves the technical problem of data leakage caused by the fact that the prior art cannot provide more reliable encryption for data.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This application relates to the field of network technology and security, and more specifically, to a data encryption method and apparatus. Background Technology

[0002] Information security technology has evolved from cryptography to hiding technology over the years. However, in the application of information hiding technology, various information hiding algorithms can no longer reliably encrypt data information, and attackers can easily crack information hiding algorithms.

[0003] There is currently no effective solution to the above problems. Summary of the Invention

[0004] This application provides a data encryption method and apparatus to at least solve the technical problem of data leakage caused by the inability of existing technologies to provide more reliable encryption for data.

[0005] According to one aspect of the embodiments of this application, a data encryption method is provided, comprising: obtaining a first target time, a target location, and data to be encrypted from input parameter data; selecting any time from a historical time period before the first target time as an offset time; generating first offset information based on the offset time and the target location; obtaining an array of environmental information of the target location within the offset time, and selecting multiple target environmental variables from the array of environmental information to combine and generate a key; and encrypting the data to be encrypted based on the first offset information and the key.

[0006] Optionally, selecting any time from the historical time period before the first target time as the offset time further includes: obtaining a specified duration; and determining the historical time period based on the first target time and the specified duration.

[0007] Optionally, obtaining an array of environmental information for the target location within the offset time includes: obtaining multiple types of environmental information for the target location within the offset time, wherein the environmental variables in the environmental information include at least two of the following environmental variables: temperature, humidity, weather, air quality, and wind force; and generating an array of environmental information based on the multiple types of environmental information and the offset time, wherein the array of environmental information includes environmental information within the same offset time.

[0008] Optionally, before encrypting the data to be encrypted based on the first offset information and the key, the process includes: converting the data to be encrypted into a first target array, and arbitrarily splitting the first target array to obtain multiple sub-target arrays; initializing the code instructions corresponding to the key and the first offset information to generate a cryptographer for the encryption mode.

[0009] Optionally, encrypting the data to be encrypted based on the first offset information and the key includes: using a cryptographer based on the encryption mode to encrypt a first sub-target array in the first target array to obtain a first sub-encrypted array, wherein the first sub-encrypted array is used to indicate: the encrypted first sub-target array; and using the first sub-encrypted array as offset information for the second sub-target array.

[0010] Optionally, after using the first sub-encrypted array as the offset information of the second sub-target array, the process includes: obtaining multiple sub-encrypted arrays corresponding to multiple sub-target arrays in the first target array; and combining the multiple sub-encrypted arrays to obtain the encrypted array corresponding to the first target array.

[0011] According to another aspect of the embodiments of this application, a data decryption method is provided, comprising: obtaining a second target time, a target location, and data to be decrypted from input parameter data; selecting any time from a historical time period before the second target time as an offset time; generating second offset information based on the offset time and the target location; obtaining an array of environmental information of the target location within the offset time, and selecting multiple target environmental variables from the array of environmental information to combine and generate a key; and decrypting the data to be decrypted based on the second offset information and the key.

[0012] According to another aspect of the embodiments of this application, a data encryption device is provided, comprising: an acquisition module, configured to acquire a first target time, a target location, and data to be encrypted from input parameter data; a selection module, configured to select any time from a historical time period prior to the first target time as an offset time; a first generation module, configured to generate first offset information based on the offset time and the target location; a second generation module, configured to acquire an array of environmental information of the target location within the offset time, and select multiple target environmental variables from the environmental information array to combine and generate a key; and an encryption module, configured to encrypt the data to be encrypted based on the first offset information and the key.

[0013] According to another aspect of the embodiments of this application, a non-volatile storage medium is provided, the non-volatile storage medium including a stored program, wherein, when the program is running, it controls the device where the non-volatile storage medium is located to execute the above-described data encryption method.

[0014] According to another aspect of the embodiments of this application, a processor is provided for running a program, wherein the program executes the above-described data encryption method during runtime.

[0015] In this embodiment, an offset information is first generated based on an arbitrarily selected offset time, then a key is generated based on an arbitrarily selected environmental variable, and finally the data is encrypted based on the offset information and the key. By using a more random data encryption method, the difficulty of cracking encrypted data is increased, thereby achieving the technical effect of providing more reliable and secure encryption for data. This solves the technical problem of data leakage caused by the inability of existing technologies to provide more reliable encryption for data. Attached Figure Description

[0016] The accompanying drawings, which are included to provide a further understanding of this application and form part of this application, illustrate exemplary embodiments and are used to explain this application, but do not constitute an undue limitation of this application. In the drawings:

[0017] Figure 1 This is a hardware structure block diagram of a computer terminal for implementing a data encryption method according to an embodiment of this application;

[0018] Figure 2 This is a flowchart of a data encryption method according to an embodiment of this application;

[0019] Figure 3 This is a schematic diagram of a process for encrypting data to be encrypted according to an embodiment of this application;

[0020] Figure 4 This is a flowchart of a data decryption method according to an embodiment of this application;

[0021] Figure 5 This is a schematic diagram of a process for decrypting data to be decrypted according to an embodiment of this application;

[0022] Figure 6 This is a flowchart of a data encryption device according to an embodiment of this application. Detailed Implementation

[0023] To enable those skilled in the art to better understand the present application, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some embodiments of the present application, and not all embodiments. Based on the embodiments in the present application, all other embodiments obtained by those skilled in the art without creative effort should fall within the scope of protection of the present application.

[0024] It should be noted that the terms "first," "second," etc., in the specification, claims, and accompanying drawings of this application are used to distinguish similar objects and are not necessarily used to describe a specific order or sequence. It should be understood that such data can be interchanged where appropriate so that the embodiments of this application described herein can be implemented in orders other than those illustrated or described herein. Furthermore, the terms "comprising" and "having," and any variations thereof, are intended to cover non-exclusive inclusion; for example, a process, method, system, product, or apparatus that comprises a series of steps or units is not necessarily limited to those steps or units explicitly listed, but may include other steps or units not explicitly listed or inherent to such processes, methods, products, or apparatus.

[0025] According to an embodiment of this application, an embodiment of a data encryption method is provided. It should be noted that the steps shown in the flowchart in the accompanying drawings can be executed in a computer system such as a set of computer-executable instructions. Furthermore, although a logical order is shown in the flowchart, in some cases, the steps shown or described may be executed in a different order than that shown here.

[0026] The data encryption method provided in this application embodiment can be executed in a mobile terminal, computer terminal or similar computing device. Figure 1 A hardware block diagram of a computer terminal (or mobile device) for implementing a data encryption method is shown. Figure 1 As shown, the computer terminal 10 (or mobile device 10) may include one or more processors 102 (shown as 102a, 102b, ..., 102n in the figure) 102 (processor 102 may include, but is not limited to, a microprocessor MCU or a programmable logic device FPGA, etc.), a memory 104 for storing data, and a transmission module 106 for communication functions. In addition, it may also include: a display, an input / output interface (I / O interface), a universal serial bus (USB) port (which may be included as one of the ports of the I / O interface), a network interface, a power supply, and / or a camera. Those skilled in the art will understand that... Figure 1 The structure shown is for illustrative purposes only and does not limit the structure of the aforementioned electronic device. For example, computer terminal 10 may also include... Figure 1 The more or fewer components shown, or having the same Figure 1 The different configurations shown.

[0027] It should be noted that the aforementioned one or more processors 102 and / or other data processing circuits are generally referred to herein as "data processing circuits". These data processing circuits may be embodied, in whole or in part, in software, hardware, firmware, or any other combination thereof. Furthermore, the data processing circuits may be a single, independent processing module, or may be integrated, in whole or in part, into any other element within the computer terminal 10 (or mobile device). As involved in the embodiments of this application, the data processing circuits serve as a processor control mechanism (e.g., selection of a variable resistor termination path connected to an interface).

[0028] The memory 104 can be used to store software programs and modules of application software, such as the program instructions / data storage device corresponding to the data encryption method in this embodiment. The processor 102 executes various functional applications and data processing by running the software programs and modules stored in the memory 104, thereby implementing the aforementioned data encryption method. The memory 104 may include high-speed random access memory, and may also include non-volatile memory, such as one or more magnetic storage devices, flash memory, or other non-volatile solid-state memory. In some instances, the memory 104 may further include memory remotely located relative to the processor 102, and these remote memories can be connected to the computer terminal 10 via a network. Examples of such networks include, but are not limited to, the Internet, corporate intranets, local area networks, mobile communication networks, and combinations thereof.

[0029] The transmission module 106 is used to receive or send data via a network. Specific examples of the network described above may include a wireless network provided by the communication provider of the computer terminal 10. In one example, the transmission device 106 includes a Network Interface Controller (NIC), which can connect to other network devices via a base station to communicate with the Internet. In another example, the transmission device 106 may be a Radio Frequency (RF) module, used for wireless communication with the Internet.

[0030] The display can be, for example, a touchscreen liquid crystal display (LCD) that allows the user to interact with the user interface of the computer terminal 10 (or mobile device).

[0031] It should be noted here that, in some optional embodiments, the above... Figure 1 The computer device (or mobile device) shown may include hardware elements (including circuitry), software elements (including computer code stored on a computer-readable medium), or a combination of both hardware and software elements. It should be noted that... Figure 1This is only one instance of a specific particular instance and is intended to illustrate the types of components that may exist in the aforementioned computer device (or mobile device).

[0032] Under the above operating environment, the embodiments of this application provide, as follows: Figure 2 The data encryption method shown.

[0033] Figure 2 This is a flowchart of a data encryption method according to an embodiment of this application, such as... Figure 2 As shown, the method includes the following steps:

[0034] Step S202: Obtain the first target time, target location, and data to be encrypted from the input parameter data;

[0035] Step S204: Select any time from the historical time period before the first target time as the offset time;

[0036] Step S206: Generate first offset information based on offset time and target location;

[0037] Step S208: Obtain the environmental information array of the target location within the offset time, and select multiple target environmental variables from the environmental information array to combine and generate a key;

[0038] Step S210: Encrypt the data to be encrypted based on the first offset information and the key.

[0039] In the above steps, by first generating offset information based on an arbitrarily selected offset time, then generating a key based on an arbitrarily selected environment variable, and finally encrypting the data based on the offset information and the key, a more reliable and secure encryption effect for the data is achieved, thereby solving the technical problem of data leakage caused by the inability of existing technologies to provide more reliable encryption for data.

[0040] Optionally, in step S202, the first target time, target location, and data to be encrypted in the input parameter data are obtained by the following method.

[0041] In some embodiments of this application, the acquired input parameter data is stored in a database. The first target time and target location in the input parameter data are set by the target object or arbitrarily selected. For example, the target object may set 2021-10-13 10:12:00 as the first target time and Beijing as the target location.

[0042] Optionally, before step S204, the historical time period is determined in the following way. Specifically, a specified duration is first obtained, and then the historical time period is determined based on the first target time and the specified duration, wherein the specified duration is arbitrarily set by the target object or is a default duration.

[0043] In some optional embodiments of this application, when the first target time is 10:12:00 on October 13, 2021, a specified duration, such as 7 days, is obtained; based on the specified duration of 7 days, the second target time is determined to be 10:12:00 on October 7, 2021; the time period from 10:12:00 on October 7, 2021 to 10:12:00 on October 13, 2021 is determined as the historical time period, and the first target time, the second target time, and the historical time period are stored in the database.

[0044] Optionally, in step S204, an arbitrary time is selected from a historical time period prior to the first target time as the offset time through the following steps. Specifically, an arbitrary time is selected from the historical time period from 10:12:00 on October 7, 2021 to 10:12:00 on October 13, 2021 as the offset time, where the offset time is a time period. For example, any day within the historical time period can be selected as the offset time, such as from 00:00:00 on October 10, 2021 to 23:59:59 on October 10, 2021 as the offset time.

[0045] Optionally, in step S206, the generation of first offset information based on the offset time and target location can be achieved as follows: the first offset information indicates the distance between the actual address of the data to be encrypted stored in the database and the segment address of the segment it belongs to. Specifically, a first code instruction corresponding to the offset time and a second code instruction corresponding to the target time are called to generate a third code instruction corresponding to the first offset information, and the third code instruction corresponding to the first offset information is stored in the database.

[0046] Optionally, in step S208, an environmental information array of the target location within the offset time is obtained, and multiple target environmental variables are selected from the environmental information array and combined to generate a key. Specifically, multiple environmental information of the target location within the offset time is obtained, wherein the environmental variables in the environmental information include at least two of the following environmental variables: temperature, humidity, weather, air quality, and wind force; based on the multiple environmental information and the offset time, an environmental information array is generated, wherein the environmental information array includes environmental information within the same offset time.

[0047] In some embodiments of this application, environmental information of the target location within an offset time period is obtained through an application or through a network connection. For example, with an offset time of October 10, 2021, the environmental information of the target location Beijing during that offset time is obtained, such as a temperature of 30 degrees Celsius, humidity of 20%, weather as windy, air quality as excellent, and wind force as level 4. With an offset time of October 11, 2021, the environmental information of the target location Beijing during that offset time is obtained, such as a temperature of 28 degrees Celsius, humidity of 18%, weather as sunny, air quality as excellent, and wind force as level 3. Then, an environmental information array is constructed based on multiple environmental information and offset times, where each environmental information array consists of multiple environmental information within the same offset time. Finally, multiple target environmental variables are arbitrarily selected from the environmental information arrays and combined to generate a key. The combination method is either random or according to a pre-set combination rule, and the number of selected target environmental variables is at least two.

[0048] In some optional embodiments of this application, multiple target environmental variables can be combined according to a preset priority combination rule. Specifically, if the priority of the environmental variables is ordered as follows (priority decreases in order): temperature, humidity, weather, air quality, wind force, and the selected multiple target environmental variables are: temperature 30 degrees Celsius, humidity 20, and weather windy, after combining the target environmental variables based on priority, a key can be obtained: temperature (30) + humidity (20) + weather (windy), and the key is stored in the database. In the process of encrypting and decrypting data, the key stored in the database can be reused.

[0049] Optionally, before step S210, the data to be encrypted is converted into a first target array, and the first target array is arbitrarily split to obtain multiple sub-target arrays; the code instructions corresponding to the key and the first offset information are initialized to generate a cryptographer of the encryption mode.

[0050] In some embodiments of this application, multiple sub-target arrays are obtained in the following manner. Specifically, the data content to be encrypted, such as an anti-fraud handling and scheduling platform, is obtained; the data content to be encrypted is converted into a hexadecimal byte array to obtain a first target array: [anti-fraud scheduling platform]; the first target array is arbitrarily split to obtain multiple sub-target arrays, such as [anti-fraud], [handling and scheduling], and [scheduling platform]. It is easy to understand that the splitting operation is either an arbitrary splitting of the first target array or a splitting of the first target array based on a pre-set splitting rule.

[0051] In some optional embodiments of this application, the cryptographic device of the encryption mode is obtained by: calling the fourth code instruction corresponding to the key and the fifth code instruction corresponding to the first offset information; initializing the fourth code instruction and the fifth code instruction to generate a sixth code instruction corresponding to the cryptographic device of the encryption mode, wherein the encryption of the data to be encrypted is achieved by calling the sixth code instruction corresponding to the cryptographic device of the encryption mode.

[0052] Optionally, in step S210, the encryption of the data to be encrypted based on the first offset information and the key is achieved by the following method. Specifically, based on the encryption mode, the first sub-target array in the first target array is encrypted to obtain a first sub-encrypted array, wherein the first sub-encrypted array is used to indicate: the encrypted first sub-target array; the first sub-encrypted array is used as the offset information of the second sub-target array.

[0053] In some embodiments of this application, based on the above steps, Figure 3 This is a flowchart illustrating the process of encrypting data, such as... Figure 3As shown, the process mainly includes: converting the plaintext "anti-fraud dispatch platform" to be encrypted into a hexadecimal byte array [anti-fraud dispatch platform]; splitting and grouping the plaintext to obtain multiple groups of split plaintext, where each split plaintext is a byte array, such as [anti-fraud], [handling dispatch], and [dispatch platform]; selecting any time from the historical time period before the input time as the offset time, and generating the first offset information based on the offset time and the target location, where the offset time is a time period; obtaining the environmental information array of the target location within the offset time, and selecting multiple target environmental variables from the environmental information array to combine and generate a key; encrypting the first group of plaintext [anti-fraud] based on the first offset information and the key to obtain the ciphertext [VA= / iHgscRtllemK N] of the first group of plaintext; and using Base64 encoding to convert the ciphertext [VA= / iHgscRtllemK N] into the ciphertext string "VA= / iHgscRt The first plaintext ciphertext string is used as the offset information of the second plaintext [processing tone]. Based on the offset information "VA= / iHgscRtllemKN" and the key, the second plaintext [processing tone] is encrypted to obtain the ciphertext [E@NRBFxtkLDmhN] of the second plaintext. Base64 encoding is used to convert the ciphertext [E@NRBFxtkLDmhN] into the ciphertext string "E@NRBFxtkLDmhN". The second plaintext ciphertext string is used as the offset information of the third plaintext [degree platform]. Based on the offset information "E@NRBFxtkLDmhN" and the key, the third plaintext is encrypted to obtain the ciphertext [FhoSWV@qAtNEap] of the third plaintext. Base64 encoding is used to convert the ciphertext [FhoSWV@qAtNEap] into the ciphertext string "FhoSWV@qAtNEap".

[0054] Optionally, after step S210, the encrypted array corresponding to the first target array is obtained in the following manner. Specifically, multiple sub-encrypted arrays corresponding to multiple sub-target arrays in the first target array are obtained; the multiple sub-encrypted arrays are combined to obtain the encrypted array corresponding to the first target array.

[0055] In some embodiments of this application, the ciphertext [VA= / iHgscRtllemKN] of the first set of plaintext [anti-fraud], the ciphertext [E@NRBFxtkLDmhN] of the second set of plaintext [processing and scheduling], and the ciphertext [FhoSWV@qAtNEap] corresponding to the third set of plaintext [degree platform] are combined to obtain the ciphertext [VA= / iHgscRtllemKNE@NRBFxtkLDmhNFhoSWV@qAtNEap] corresponding to [anti-fraud processing and scheduling platform].

[0056] In some optional embodiments of this application, the encrypted array corresponding to the first target array is converted into an encrypted string by Base64 transcoding to obtain the encrypted string "VA= / iHgscRtllemKNE@NRBFxtkLDmhNFhoSWV@qAtNEap" corresponding to the data to be encrypted "Anti-fraud Dispatch Platform".

[0057] According to another aspect of the embodiments of this application, a data decryption method is provided. Specifically, Figure 4 This is a flowchart of a data decryption method according to an embodiment of this application, such as... Figure 4 As shown, the method includes the following steps:

[0058] Step S402: Obtain the second target time, target location, and data to be decrypted from the input parameter data.

[0059] Step S404: Select any time from the historical time period before the second target time as the offset time.

[0060] Step S406: Generate second offset information based on offset time and target location.

[0061] Step S408: Obtain the environmental information array of the target location within the offset time, and select multiple target environmental variables from the environmental information array to combine and generate a key.

[0062] Step S410: Decrypt the data to be decrypted based on the second offset information and the key.

[0063] In some embodiments of this application, Figure 5 This is a flowchart illustrating the process of decrypting data to be decrypted, such as... Figure 5As shown, the process mainly includes: splitting the data to be decrypted [VA= / iHgscRtllemKNE@NRBFxtkLDmhNFhoS WV@qAtNEap] into multiple groups to obtain multiple groups of ciphertext: the first group of ciphertext [VA= / iHgscRtllem KN], the second group of ciphertext [E@NRBFxtkLDmhN], and the third group of ciphertext [FhoSWV@qAtNEap]; retrieving the first offset information and key from the database, and decrypting the first group of ciphertext based on the first offset information and key to obtain the decryption result [anti-fraud], and converting the array [anti-fraud] into a string through Base64 encoding; using the first group of ciphertext [VA= / iHgscRtllemKN] as the offset information of the second group of ciphertext, and based on the offset information [VA= / iHg Using [scRtllemKN] and the key, the second set of ciphertext is decrypted to obtain the decryption result [processing tone]. This result is then converted to a string using Base64 encoding. The second set of ciphertext [E@NRBFxtkLDmhN] is used as the offset information for the third set of ciphertext. Based on the offset information [E@NRBFxtkLDmhN] and the key, the third set of ciphertext is decrypted to obtain the decryption result [degree platform]. This result is then converted to a string using Base64 encoding.

[0064] In some optional embodiments of this application, the strings corresponding to each group of ciphertext after decryption are summarized to obtain the decrypted string corresponding to the data to be decrypted.

[0065] Figure 6 This is a flowchart of a data encryption device according to an embodiment of this application, such as... Figure 5 As shown, the device includes the following modules:

[0066] The acquisition module 60 is used to acquire the first target time, target location, and data to be encrypted from the input parameter data;

[0067] Select module 62 is used to select any time from the historical time period before the first target time as the offset time;

[0068] The first generation module 64 is used to generate first offset information based on the offset time and the target location;

[0069] The second generation module 66 is used to obtain an array of environmental information of the target location within the offset time, and to select multiple target environmental variables from the array of environmental information to combine them and generate a key.

[0070] The encryption module 68 is used to encrypt the data to be encrypted based on the first offset information and the key.

[0071] In this data encryption device, the acquisition module includes: an acquisition unit for acquiring various environmental information of the target location within an offset time period, wherein the environmental variables in the environmental information include at least two of the following environmental variables: temperature, humidity, weather, air quality, and wind force; and a generation unit for generating an environmental information array based on the various environmental information and the offset time period, wherein the environmental information array includes environmental information within the same offset time period.

[0072] In this data encryption device, the encryption module includes: an encryption unit, which is used to encrypt a first sub-target array in a first target array based on an encryption mode, to obtain a first sub-encrypted array, wherein the first sub-encrypted array is used to indicate: the encrypted first sub-target array.

[0073] According to another aspect of the embodiments of this application, a non-volatile storage medium is provided, the non-volatile storage medium including a stored program, wherein, when the program is running, it controls the device where the non-volatile storage medium is located to execute the above-described data encryption method.

[0074] Specifically, the aforementioned memory is used to store program instructions that perform the following functions: acquiring the first target time, target location, and data to be encrypted from the input parameter data; selecting any time from the historical time period before the first target time as the offset time; generating first offset information based on the offset time and the target location; acquiring an array of environmental information of the target location within the offset time, and selecting multiple target environmental variables from the environmental information array to combine and generate a key; and encrypting the data to be encrypted based on the first offset information and the key.

[0075] The sequence numbers of the embodiments in this application are for descriptive purposes only and do not represent the superiority or inferiority of the embodiments.

[0076] In the above embodiments of this application, the descriptions of each embodiment have different focuses. For parts not described in detail in a certain embodiment, please refer to the relevant descriptions of other embodiments.

[0077] In the several embodiments provided in this application, it should be understood that the disclosed technical content can be implemented in other ways. The device embodiments described above are merely illustrative; for example, the division of units can be a logical functional division, and in actual implementation, there may be other division methods. For instance, multiple units or components may be combined or integrated into another system, or some features may be ignored or not executed. Furthermore, the displayed or discussed mutual coupling, direct coupling, or communication connection may be through some interfaces; the indirect coupling or communication connection between units or modules may be electrical or other forms.

[0078] The units described as separate components may or may not be physically separate. The components shown as units may or may not be physical units; that is, they may be located in one place or distributed across multiple units. Some or all of the units can be selected to achieve the purpose of this embodiment according to actual needs.

[0079] Furthermore, the functional units in the various embodiments of this application can be integrated into one processing unit, or each unit can exist physically separately, or two or more units can be integrated into one unit. The integrated unit can be implemented in hardware or as a software functional unit.

[0080] If the integrated unit is implemented as a software functional unit and sold or used as an independent product, it can be stored in a computer-readable storage medium. Based on this understanding, the technical solution of this application, in essence, or the part that contributes to the prior art, or all or part of the technical solution, can be embodied in the form of a software product. This computer software product is stored in a storage medium and includes several instructions to cause a computer device (which may be a personal computer, server, or network device, etc.) to execute all or part of the steps of the methods described in the various embodiments of this application. The aforementioned storage medium includes various media capable of storing program code, such as a USB flash drive, read-only memory (ROM), random access memory (RAM), portable hard drive, magnetic disk, or optical disk.

[0081] The above description is only a preferred embodiment of this application. It should be noted that for those skilled in the art, several improvements and modifications can be made without departing from the principle of this application, and these improvements and modifications should also be considered within the scope of protection of this application.

Claims

1. A data encryption method, characterized in that, include: Obtain the first target time, target location, and data to be encrypted from the input parameter data; Get the specified duration; The historical time period is determined based on the first target time and the specified duration; Select any time from the historical time period preceding the first target time as the offset time; First offset information is generated based on the offset time and the target location; Obtain an array of environmental information for the target location within the offset time, and arbitrarily select multiple target environmental variables from the array of environmental information to combine them to generate a key; The data to be encrypted is encrypted based on the first offset information and the key, wherein the data to be encrypted is converted into a first target array, and the first target array is arbitrarily split to obtain multiple sub-target arrays; the code instructions corresponding to the key and the first offset information are initialized to generate a cryptographic device for the encryption mode; based on the cryptographic device for the encryption mode, the first sub-target array in the first target array is encrypted to obtain a first sub-encrypted array, wherein the first sub-encrypted array is used to indicate: the encrypted first sub-target array; the first sub-encrypted array is used as the offset information of the second sub-target array; and the second sub-target array is encrypted based on the offset information and the key.

2. The method according to claim 1, characterized in that, Obtaining an array of environmental information for the target location within the offset time period includes: The target location is acquired within the offset time period, wherein the environmental variables in the environmental information include at least two of the following: temperature, humidity, weather, air quality, and wind force. Based on the various environmental information and the offset time, an environmental information array is generated, wherein the environmental information array includes environmental information within the same offset time.

3. The method according to claim 1, characterized in that, After using the first sub-encrypted array as the offset information of the second sub-target array, the method includes: Obtain multiple sub-encrypted arrays corresponding to the multiple sub-target arrays in the first target array; The multiple sub-encrypted arrays are combined to obtain the encrypted array corresponding to the first target array.

4. A data decryption method, characterized in that, include: Obtain the second target time, target location, and data to be decrypted from the input parameter data; Get the specified duration; The historical time period is determined based on the second target time and the specified duration; Select any time from the historical time period preceding the second target time as the offset time; A second offset information is generated based on the offset time and the target location; Obtain an array of environmental information for the target location within the offset time, and arbitrarily select multiple target environmental variables from the array of environmental information to combine them to generate a key; The data to be decrypted is decrypted based on the second offset information and the key, wherein the data to be decrypted is encrypted in the following manner: the data to be encrypted is converted into a first target array, and the first target array is arbitrarily split to obtain multiple sub-target arrays; the code instructions corresponding to the key and the first offset information are initialized to generate a cryptographic device for the encryption mode; based on the cryptographic device for the encryption mode, the first sub-target array in the first target array is encrypted to obtain a first sub-encrypted array, wherein the first sub-encrypted array is used to indicate: the encrypted first sub-target array; the first sub-encrypted array is used as the offset information of the second sub-target array; the second sub-target array is encrypted based on the offset information and the key.

5. A data encryption device, characterized in that, include: The acquisition module is used to acquire the first target time, target location, and data to be encrypted from the input parameter data; The selection module is used to obtain a specified duration; A historical time period is determined based on the first target time and the specified duration; any time from the historical time period prior to the first target time is selected as the offset time. The first generation module is used to generate first offset information based on the offset time and the target location; The second generation module is used to obtain an array of environmental information of the target location within the offset time, and to arbitrarily select multiple target environmental variables from the array of environmental information to combine them to generate a key; An encryption module is used to encrypt the data to be encrypted based on the first offset information and the key, wherein the data to be encrypted is converted into a first target array, and the first target array is arbitrarily split to obtain multiple sub-target arrays; code instructions corresponding to the key and the first offset information are initialized to generate a cryptographic device for an encryption mode; based on the cryptographic device for the encryption mode, a first sub-target array in the first target array is encrypted to obtain a first sub-encrypted array, wherein the first sub-encrypted array is used to indicate: the encrypted first sub-target array; the first sub-encrypted array is used as offset information for a second sub-target array; and the second sub-target array is encrypted based on the offset information and the key.

6. A non-volatile storage medium, characterized in that, The non-volatile storage medium includes a stored program, wherein, when the program is executed, it controls the device containing the non-volatile storage medium to perform the data encryption method according to any one of claims 1 to 3.

7. A processor, characterized in that, The processor is used to run a program, wherein the program executes the data encryption method according to any one of claims 1 to 3 when it runs.