Data security system applicable to sharing encrypted file and restoring secrete key and method thereof

Abstract

The invention relates to a data security system applicable to sharing an encrypted file and recovering a secrete key and a method thereof, which are used for converting a source file into the encrypted file, wherein an administrator secrete key and a user secrete key are input through an input unit; a random secrete key is generated through a processing unit with a random derivation function according to the administrator secrete key; and a secrete key storage area is provided for storing the random secrete key and the user secrete key, which are encrypted and protected through the administrator secrete key. In the encryption process, an encryption module randomly generates a session secrete key so that the content of the source file is encrypted into encrypted data; the session secrete key is encrypted through the administrator secrete key or the user secrete key so that an encrypted session secrete key is generated; and the encrypted session secrete key and the encrypted data are packed into the encrypted file. Thereby, the encrypted file only has one encrypted session secrete key so that the safety strength of the encrypted file can be ensured. In the decryption process, the administration secrete key can be used by an administrator to decrypt the secrete key storage area, and consequently the random secrete key and the user secrete key are taken out to decrypt the encrypted file.

Description

Technical field [0001] The present invention relates to a data security system and method, and more particularly to a data security system and method suitable for sharing encrypted files and recovering keys. Background technique [0002] In the process of continuous technological innovation and change, people have entered a new era in which people can freely send and receive information. However, what follows is that people's living space and personal privacy have been threatened and challenged unprecedentedly. Therefore, when data is shared or in order to prevent the data from being easily used by others, many data encryption / decryption systems and methods have been developed, such as encrypting a file to be shared with a key. [0003] When the administrator wants to share the file with the user, and does not want to inform the administrator of the key to the user, the file must be encrypted with the user key. If you want to have different user keys for encrypted files for differ...

AI Technical Summary

Problems solved by technology

[0006] In view of the above-mentioned problems in the prior art, the object of the present invention is to provide a data security system and method suitable for sharing encrypted files and recovering the key, so as to solve the problem of using a single key in the prior art to encrypt multiple files. The problem of the key; also solve the danger that the manager key of the encrypted file is cracked by using two keys in the previous technology, and the problem of complicated encryption / decryption procedures caused by the replacement of the manager key

Images