[go: up one dir, main page]

CN101277194B - A sending/receiving method of covert communication - Google Patents

A sending/receiving method of covert communication Download PDF

Info

Publication number
CN101277194B
CN101277194B CN2008101007958A CN200810100795A CN101277194B CN 101277194 B CN101277194 B CN 101277194B CN 2008101007958 A CN2008101007958 A CN 2008101007958A CN 200810100795 A CN200810100795 A CN 200810100795A CN 101277194 B CN101277194 B CN 101277194B
Authority
CN
China
Prior art keywords
verification
information
protocol data
bit
transport layer
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN2008101007958A
Other languages
Chinese (zh)
Other versions
CN101277194A (en
Inventor
刘镇
钱萍
周亮
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jiangsu University of Science and Technology
Original Assignee
Jiangsu University of Science and Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jiangsu University of Science and Technology filed Critical Jiangsu University of Science and Technology
Priority to CN2008101007958A priority Critical patent/CN101277194B/en
Publication of CN101277194A publication Critical patent/CN101277194A/en
Application granted granted Critical
Publication of CN101277194B publication Critical patent/CN101277194B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Communication Control (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

本发明公开了一种隐秘通信的发送/接收方法,该方法在计算机网络环境中把要传递的重要信息隐藏到载体中,使其不易被察觉。发送方发送网络数据时,在网络协议数据单元(TCP段或UDP报)报头的校验域随机嵌入秘密信息,并在嵌入秘密信息后通过修正数据域以保证校验和仍然正确;接收方从网络上收到网络协议数据单元后,从校验域提取出秘密信息。该方法中利用协议数据单元的校验和隐藏信息,具有很好的隐秘性和抗攻击性,安全可靠,特别适用于数据量不大的重要信息的隐秘通信。The invention discloses a sending/receiving method of covert communication. The method hides important information to be transmitted in a carrier in a computer network environment, making it difficult to be noticed. When sending network data, the sender randomly embeds secret information in the check field of the header of the network protocol data unit (TCP segment or UDP packet), and after embedding the secret information, corrects the data field to ensure that the checksum is still correct; After the network protocol data unit is received on the network, the secret information is extracted from the check field. The method utilizes the checksum of the protocol data unit and hides the information, which has good secrecy and anti-attack performance, is safe and reliable, and is especially suitable for the secret communication of important information with a small amount of data.

Description

一种隐秘通信的发送/接收方法 A sending/receiving method of covert communication

技术领域technical field

本发明属于通信与信息安全技术领域,涉及一种通信的方法,更具体是涉及一种隐秘通信的发送/接收方法。The invention belongs to the technical field of communication and information security, relates to a communication method, and more particularly relates to a sending/receiving method of covert communication.

背景技术Background technique

隐秘通信是通信与信息安全技术的一个重要方面,而信息隐藏技术是实现隐秘通信的一种重要方法,即把要传递的重要信息隐藏到载体中,使其不易被察觉。信息隐藏技术的载体可以有很多,如文本、图像、音频、视频和TCP/IP的报头等。经检索发现,现有的基于TCP/IP协议的信息隐藏方法主要依靠以下域实现隐藏:(1)TCP或IP头部的选项域和传输数据时通常很少用的域;(2)传输数据时必须强制填充的域隐藏信息,如IP数据包头中的源地址域、目的地址域、标志域以及TCP数据包头中的源端口域、目的端口域、序列号域等。依靠这些域的信息隐藏技术,由于隐藏域已经被大家熟知,因此隐秘性不高;针对这些技术,已经出现了包过滤、chi平方分析等攻击方法,利用这些攻击方法可检测或提取出TCP或IP头部隐藏的信息,因此易于被攻击,安全性不高。Covert communication is an important aspect of communication and information security technology, and information hiding technology is an important method to realize covert communication, that is, to hide important information to be transmitted in the carrier so that it is not easy to be detected. There are many carriers of information hiding technology, such as text, image, audio, video, and TCP/IP headers. After searching, it is found that the existing information hiding methods based on the TCP/IP protocol mainly rely on the following domains to hide: (1) the option domain of the TCP or IP header and the domain that is rarely used when transmitting data; (2) the transmission data Fields that must be filled in to hide information, such as the source address field, destination address field, and flag field in the IP packet header, and the source port field, destination port field, and serial number field in the TCP packet header. Relying on the information hiding technology of these domains, since the hidden domains are well known, the secrecy is not high; for these technologies, attack methods such as packet filtering and chi square analysis have appeared, and these attack methods can be used to detect or extract TCP or The information hidden in the IP header is easy to be attacked and the security is not high.

发明内容Contents of the invention

本发明所要解决的技术问题是:针对以上介绍现有的基于TCP/IP协议的信息隐藏技术所存在的易被攻击和安全性不高的缺陷,提出一种在计算机网络环境中实现隐秘通信的发送/接收方法,使秘密信息具有更好的隐秘性和抗攻击性。The technical problem to be solved by the present invention is: aiming at the disadvantages of being easily attacked and having low security existing in the existing information hiding technology based on the TCP/IP protocol introduced above, a method for realizing secret communication in a computer network environment is proposed. Send/receive method to make secret information more confidential and anti-attack.

为了实现上述目的,本发明解决上述问题的技术方案是一种隐秘通信的发送/接收方法,在网络环境中先把要传递的信息隐藏到载体中,发送方发送网络数据时,在网络协议数据单元报头的校验域随机嵌入信息,并将嵌入信息通过修正数据域校验;接收方从网络上收到网络协议数据单元后,从校验域提取信息。In order to achieve the above object, the technical solution of the present invention to solve the above problem is a sending/receiving method of covert communication. In the network environment, the information to be transmitted is first hidden in the carrier, and when the sender sends network data, the network protocol data The verification field of the unit header randomly embeds information, and the embedded information is verified through the correction data field; after receiving the network protocol data unit from the network, the receiver extracts the information from the verification field.

其中,所述的发送方法包括如下步骤:Wherein, the sending method includes the following steps:

步骤1:用共享密钥加密要发送的秘密信息,使用的密码算法是RC4;Step 1: Encrypt the secret information to be sent with the shared key, and the cryptographic algorithm used is RC4;

步骤2:把加密后的信息用二进制比特流表示,分成8个比特一组;设加密后信息的长度为l,则共有m=l/8组;如果加密后信息的长度不是8的整数倍,则在最后一组的后面填充“0”;把所有分组按信息的原始顺序排序;Step 2: represent the encrypted information with a binary bit stream, and divide it into a group of 8 bits; if the length of the encrypted information is l, then there are m=l/8 groups; if the length of the encrypted information is not an integer multiple of 8 , then fill "0" after the last group; sort all groups according to the original order of information;

步骤3:构造m个传输层协议数据单元,填充每个协议数据单元首部的各字段和数据域,并生成校验和,填入校验域中;Step 3: Construct m transport layer protocol data units, fill the fields and data fields of each protocol data unit header, and generate a checksum, and fill in the checksum field;

步骤4:把步骤2中得到的m组比特流分别嵌入到步骤3中得到的m个传输层协议数据单元的校验域中,每组的8个比特嵌入到一个协议数据单元中,并嵌入在双方约定好的随机位置上;Step 4: Embed the m groups of bit streams obtained in step 2 into the check fields of the m transport layer protocol data units obtained in step 3, embed each group of 8 bits into a protocol data unit, and embed In a random position agreed upon by both parties;

步骤5:对步骤4中得到的每个协议数据单元,根据其变化了的校验位修正数据单元中的数据域,使校验和仍然正确;Step 5: For each protocol data unit obtained in step 4, correct the data field in the data unit according to its changed check bit, so that the check sum is still correct;

步骤6:把步骤5中得到的所有m个协议数据单元,按照传输层的协议和每个分组的先后顺序依次发送给接收方。Step 6: Send all the m PDUs obtained in step 5 to the receiving party sequentially according to the protocol of the transport layer and the sequence of each packet.

上述的传输层协议数据单元指TCP报文段或UDP数据报,其报文格式见附图5,其中的伪头部仅仅是为了计算校验和,在计算校验和时把伪头部和TCP段或UDP报一起计算。The above-mentioned transport layer protocol data unit refers to a TCP segment or a UDP datagram, and its message format is shown in accompanying drawing 5, wherein the pseudo-header is only for calculating the checksum, and the pseudo-header and the TCP segments or UDP packets are calculated together.

上述的传输层协议数据单元的校验域的生成过程,按照TCP和UDP协议校验和的计算方法,即把TCP段或UDP报的头部、数据和伪头部一起计算校验和。计算时,先把要校验的部分划分为许多16位字的序列,并把校验和置零,用反码算术运算把所有16位字相加后,将得到的和的反码作为生成的校验和。校验和的生成过程见附图6。校验和的校验过程见附图7。The generation process of the check field of the above-mentioned transport layer protocol data unit, according to the calculation method of the checksum of the TCP and UDP protocols, promptly calculates the checksum together with the header, data and pseudo-header of the TCP segment or UDP report. When calculating, first divide the part to be checked into a sequence of many 16-bit words, and set the checksum to zero. After adding all the 16-bit words with one’s complement arithmetic operation, the inverse code of the obtained sum is used as the generated checksum. The generation process of the checksum is shown in Figure 6. See Figure 7 for the verification process of the checksum.

上述的随机位置指在校验域的16个比特位置中选出8个随机比特位置用于隐藏秘密信息。8个随机位置由双方约定而成。每个协议数据单元的8个随机位置应该各不相同,由双方事先设定。The aforementioned random position means that 8 random bit positions are selected from the 16 bit positions in the check field to hide the secret information. 8 random positions are agreed upon by both parties. The 8 random positions of each protocol data unit should be different and set in advance by both parties.

上述的嵌入采用比特替换的方式,即用步骤2中得到的每组8个比特替换每个传输层协议数据单元校验域中的8个随机位置的比特。The above-mentioned embedding adopts a bit replacement method, that is, each group of 8 bits obtained in step 2 is used to replace 8 bits at random positions in the check field of each transport layer protocol data unit.

上述的根据变化了的校验位修正数据单元中的数据域与传输层协议中校验的过程相似,即把要校验的部分(包括伪头部、头部和数据域)和嵌入了秘密信息的校验和一起用反码算术运算,按16位字相加。若校验域中未嵌入信息,相加得到的结果应该为1,表示校验和正确。因为嵌入8比特秘密信息后使校验和发生了变化,所以需要修改协议数据单元数据域使相加的结果仍然为1,以保证校验和仍然正确。其修正过程见附图8。The above-mentioned correction of the data field in the data unit based on the changed check digit is similar to the process of verification in the transport layer protocol, that is, the part to be verified (including the pseudo header, header and data field) and the embedded secret The checksum of the information is combined with one's complement arithmetic and added as 16-bit words. If no information is embedded in the check field, the result of the addition should be 1, indicating that the checksum is correct. Because the checksum is changed after embedding the 8-bit secret information, it is necessary to modify the data field of the protocol data unit so that the result of the addition is still 1, so as to ensure that the checksum is still correct. The correction process is shown in Figure 8.

上述的按照传输层的协议和每个分组的先后顺序依次发送,传输层协议可以是TCP协议,因为TCP协议头部有序号字段(见附图5),所以直接按序号字段发送所有报文段。Above-mentioned according to the protocol of transport layer and the sequence of each packet are sent successively, transport layer protocol can be TCP protocol, because TCP protocol header sequence number field (seeing accompanying drawing 5), so directly send all message segments by sequence number field .

上述的按照传输层的协议和每个分组的先后顺序依次发送,传输层协议可以是UDP协议,因为UDP协议头部没有序号字段,所以双方事先约定好选取UDP数据域的16个比特用作表示每个UDP数据报的序号,这16个比特的位置由双方事先约定好。The above is sent in sequence according to the protocol of the transport layer and the order of each packet. The protocol of the transport layer can be the UDP protocol. Because the UDP protocol header does not have a sequence number field, the two parties have agreed in advance to select 16 bits of the UDP data field as a representation The sequence number of each UDP datagram and the position of these 16 bits are agreed in advance by both parties.

所述的接收方法包括如下步骤:The receiving method includes the following steps:

步骤1:按照传输层协议接收所有m个传输层协议数据单元,并按照序号从小到大对所有协议数据单元排序;Step 1: Receive all m transport layer protocol data units according to the transport layer protocol, and sort all the protocol data units according to the sequence numbers from small to large;

步骤2:对步骤1中得到的m个传输层协议数据单元,根据双方约定的每个协议数据单元校验域中的8个随机位置,提取这8个位置的比特值,组成一组比特流;Step 2: For the m transport layer protocol data units obtained in step 1, according to 8 random positions in the check field of each protocol data unit agreed by both parties, extract the bit values of these 8 positions to form a set of bit streams ;

步骤3:将步骤2中得到的所有m组比特流,按照步骤1中的顺序组成完整信息;Step 3: Combine all m groups of bit streams obtained in step 2 into complete information according to the order in step 1;

步骤4:用共享密钥和RC4密码算法解密步骤3中得到的信息,获得要接收的秘密信息。Step 4: Use the shared key and the RC4 cryptographic algorithm to decrypt the information obtained in step 3 to obtain the secret information to be received.

上述的传输层协议数据单元指TCP报文段或UDP数据报,其报文头格式见附图5,UDP数据报的伪头部仅仅是为了计算校验和,在计算校验和时把伪头部和UDP用户数据报一起计算。The above-mentioned transport layer protocol data unit refers to a TCP segment or a UDP datagram, and its header format is shown in Figure 5. The pseudo-header of the UDP datagram is only for calculating the checksum, and the pseudo-header is used when calculating the checksum. Headers are computed together with UDP user datagrams.

上述的传输层协议可以是TCP协议,当发送方使用TCP协议时,因为TCP协议头部有序号字段(见附图5),所以接收方直接按序号字段的值对所有报文段排序。The above-mentioned transport layer protocol can be the TCP protocol. When the sender uses the TCP protocol, because the sequence number field of the TCP protocol header (seeing accompanying drawing 5), the receiver directly sorts all message segments by the value of the sequence number field.

上述的传输层协议可以是UDP协议,因为UDP协议头部没有序号字段,所以双方事先约定好选取UDP数据域的16个比特用作表示每个UDP数据报的序号,这16个比特的位置由双方事先约定好,按照这16个比特的值对所有数据报排序。The above-mentioned transport layer protocol can be the UDP protocol, because there is no sequence number field in the UDP protocol header, so the two parties have agreed in advance to select 16 bits of the UDP data field as the sequence number representing each UDP datagram, and the positions of these 16 bits are given by The two parties agreed in advance to sort all datagrams according to the value of these 16 bits.

上述的随机位置指在校验域的16个比特位置中随机选出8个比特位置。8个随机位置由双方约定而成。每个协议数据单元的8个随机位置应该各不相同,由双方事先设定。The aforementioned random position refers to randomly selecting 8 bit positions from the 16 bit positions in the check field. 8 random positions are agreed upon by both parties. The 8 random positions of each protocol data unit should be different and set in advance by both parties.

本发明的一种隐秘通信的发送/接收方法,具有的特点和有益效果是:A sending/receiving method for covert communication of the present invention has the characteristics and beneficial effects as follows:

1、本发明中依靠的隐藏域是协议数据单元报头的校验域,这一字段还没有被其他信息隐藏技术使用,因此具有更好的隐蔽性;1. The hidden field relied on in the present invention is the check field of the protocol data unit header, and this field has not been used by other information hiding technologies, so it has better concealment;

2、本发明中依靠校验域进行隐藏,再反过来通过修正数据域使校验和仍然正确,这是一种全新的逆向应用校验域的方法,具有很好的隐藏效果;2. In the present invention, the verification field is relied on to hide, and then the checksum is still correct by correcting the data field. This is a brand-new method of reversely applying the verification field, which has a good hiding effect;

3、本发明中的秘密信息在被隐藏之前,先用RC4密码算法进行了加密,使其具有了更好的秘密性,即使攻击者发现隐写的存在,也很难解密信息;3. Before being hidden, the secret information in the present invention is encrypted with the RC4 cryptographic algorithm, so that it has better secrecy. Even if the attacker finds the existence of steganography, it is difficult to decrypt the information;

4、本发明中将待嵌入信息分成8比特一组进行嵌入,嵌入时只用到校验域16位比特中的8位,使得校验域的统计特征改变较少,可以抵抗基于统计分析的攻击方法;4. In the present invention, the information to be embedded is divided into groups of 8 bits for embedding, and only 8 bits of the 16 bits of the check field are used when embedding, so that the statistical characteristics of the check field change less, and can resist statistical analysis-based attack method;

5、本发明在嵌入信息时采用随机嵌入的方法,即嵌入在每个协议数据单元16位校验域的8个随机位置,且每个协议数据单元的随机位置都不相同,使攻击者很难发现规律进行攻击,具有很好的安全性。5. The present invention adopts a method of random embedding when embedding information, that is, embedding in 8 random positions of the 16-bit check field of each protocol data unit, and the random positions of each protocol data unit are different, making it difficult for an attacker to It is difficult to find the law to attack, and it has very good security.

附图说明Description of drawings

图1为本发明中基于TCP协议的秘密信息发送流程图;Fig. 1 is the flowchart of sending secret information based on TCP protocol among the present invention;

图2为本发明中基于TCP协议的秘密信息接收流程图;Fig. 2 is the flow chart of receiving secret information based on TCP protocol among the present invention;

图3为本发明中基于UDP协议的秘密信息发送流程图;Fig. 3 is the flowchart of sending secret information based on UDP protocol among the present invention;

图4为本发明中基于UDP协议的秘密信息接收流程图;Fig. 4 is the flow chart of receiving secret information based on UDP protocol in the present invention;

图5(a)是TCP协议中TCP报文段头格式,(b)是UDP协议中UDP数据报头格式,(c)是伪头部格式;Fig. 5 (a) is the format of the TCP segment header in the TCP protocol, (b) is the format of the UDP data header in the UDP protocol, and (c) is the format of the pseudo-header;

图6为TCP协议和UDP协议中校验和的生成流程图;Fig. 6 is the generation flowchart of checksum in TCP agreement and UDP agreement;

图7为TCP协议和UDP协议中的校验流程图;Fig. 7 is the verification flowchart in TCP agreement and UDP agreement;

图8为本发明中根据变化了的校验和修正数据域,使校验和仍然正确的流程图。Fig. 8 is a flow chart of correcting the data field according to the changed checksum in the present invention so that the checksum is still correct.

具体实施方式Detailed ways

下面结合附图对本发明的内容作进一步的详细介绍。The content of the present invention will be further described in detail below in conjunction with the accompanying drawings.

1、使用TCP协议的数据单元作为隐匿载体(参见附图1和附图2)的方法步骤是:1. The method steps of using the data unit of the TCP protocol as a concealed carrier (referring to accompanying drawing 1 and accompanying drawing 2) are:

(1)加密秘密消息。密钥由发送方和接收方共享,密码算法使用RC4,加密后的信息分成8比特一组,共m组。(1) Encrypt the secret message. The key is shared by the sender and the receiver, the cryptographic algorithm uses RC4, and the encrypted information is divided into 8-bit groups, a total of m groups.

(2)构造m个TCP报文段。每个TCP段的源端口、目的端口和序列号等头部字段和数据域都填入相应的正确值,并生成16位校验和。校验和的生成过程是把TCP段的头部、数据和伪头部一起计算校验和,计算时,先把要校验的部分划分为许多16位字的序列,并把校验和置零,用反码算术运算把所有16位字相加后,将得到的和的反码作为生成的校验和。TCP段头部格式参见附图5,校验和的生成过程参见附图6。(2) Construct m TCP segments. The source port, destination port, serial number and other header fields and data fields of each TCP segment are filled with corresponding correct values, and a 16-bit checksum is generated. The checksum generation process is to calculate the checksum with the header, data and pseudo-header of the TCP segment. When calculating, first divide the part to be checked into a sequence of 16-bit words, and set the checksum to Zero, after adding all 16-bit words using one's complement arithmetic, takes the one's complement of the resulting sum as the generated checksum. Refer to Figure 5 for the format of the TCP segment header, and Figure 6 for the generation process of the checksum.

(3)根据双方事先约定好的16个比特位置中的8个随机比特位置,从步骤(2)得到的每个TCP段头部16位校验和中提取出8位。(3) According to 8 random bit positions among the 16 bit positions agreed by both parties in advance, 8 bits are extracted from the 16-bit checksum of each TCP segment header obtained in step (2).

(4)将步骤(1)中得到的每组8比特的加密后信息依次替换步骤(3)中提取出的每组8比特数据。(4) Replace each group of 8-bit data extracted in step (3) with each group of 8-bit encrypted information obtained in step (1).

(5)再根据步骤(3)中同样的随机比特位置,把步骤(4)得到的每组8比特数据放回到校验域中。(5) Put each group of 8-bit data obtained in step (4) back into the check field according to the same random bit position in step (3).

(6)根据步骤(5)中变化了的校验域,修正报文段的数据域,以保证校验和验证正确。TCP协议校验和的验证过程是把要校验的部分(包括伪头部、头部和数据域)和校验和一起用反码算术运算,按16位字相加,若相加得到的结果为1,表示校验和正确,反之则校验不正确,校验和的验证过程参见附图7。校验和的修正过程与验证过程相似,即把要校验的部分(包括伪头部、头部和数据域)和嵌入了秘密信息的校验和一起用反码算术运算,按16位字相加,修改TCP段的数据域使相加的结果仍然为1,以保证校验正确,校验和的修正过程参见附图8。(6) According to the check field changed in step (5), the data field of the message segment is corrected to ensure that the checksum verification is correct. The verification process of the TCP protocol checksum is to use the one's complement arithmetic operation with the part to be verified (including the pseudo header, header and data field) and the checksum, and add them according to 16-bit words. If the addition is obtained If the result is 1, it means that the checksum is correct; otherwise, the checksum is incorrect. For the verification process of the checksum, see Figure 7. The correction process of the checksum is similar to the verification process, that is, the part to be verified (including the pseudo header, the header and the data field) and the checksum embedded with the secret information are used together to perform an inverse code arithmetic operation, according to the 16-bit word Add, modify the data field of the TCP segment so that the result of the addition is still 1, so as to ensure the correctness of the checksum, see Figure 8 for the correction process of the checksum.

(7)发送方将所有TCP报文段按先后顺序发送给接收方。(7) The sender sends all TCP segments to the receiver in sequence.

(8)接收方接收所有m个TCP报文段。(8) The receiver receives all m TCP segments.

(9)提取每个TCP报文段头部的16位校验和。(9) Extract the 16-bit checksum of each TCP segment header.

(10)根据事先约定的16个比特位置中的8个随机位置,从步骤(9)得到的每个16位校验和中提取出8位。(10) Extract 8 bits from each 16-bit checksum obtained in step (9) according to 8 random positions among the 16 bit positions agreed in advance.

(11)将步骤(10)提取出的所有比特按序组成信息。(11) Composing all the bits extracted in step (10) into information in sequence.

(12)用共享密钥,根据RC4密码算法解密信息,从而得到要接收的秘密信息。(12) Use the shared key to decrypt the information according to the RC4 cryptographic algorithm, so as to obtain the secret information to be received.

2、使用UDP协议的数据单元作为隐匿载体(参见附图3和附图4)的方法步骤是:2. The method steps of using the data unit of the UDP protocol as a concealed carrier (referring to accompanying drawing 3 and accompanying drawing 4) are:

(1)加密秘密消息。密钥由发送方和接收方共享,密码算法使用RC4,加密后的信息分成8比特一组,共m组。(1) Encrypt the secret message. The key is shared by the sender and the receiver, the cryptographic algorithm uses RC4, and the encrypted information is divided into 8-bit groups, a total of m groups.

(2)构造UDP数据报。每个UDP数据报中,源端口、目的端口和长度等头部字段和数据域都填入相应的正确值。选取UDP报中数据域的16个比特位,16个比特位置由双方事先约定好。把每个UDP报的序号分别填入这16个比特位中,使接收方能确认所有UDP数据报的顺序。生成校验和的过程是把UDP报的头部、数据和伪头部一起计算校验和,计算时,先把要校验的部分划分为许多16位字的序列,并把校验和置零,用反码算术运算把所有16位字相加后,将得到的和的反码作为生成的校验和。UDP数据报头部格式参见附图5,校验和的生成过程参见附图6。(2) Construct UDP datagram. In each UDP datagram, the header fields and data fields such as source port, destination port and length are filled with corresponding correct values. Select 16 bits of the data field in the UDP message, and the 16 bit positions are agreed upon by both parties in advance. Fill the sequence number of each UDP packet into these 16 bits, so that the receiver can confirm the sequence of all UDP datagrams. The process of generating the checksum is to calculate the checksum together with the header, data and pseudo-header of the UDP message. When calculating, first divide the part to be checked into a sequence of 16-bit words, and set the checksum to Zero, after adding all 16-bit words using one's complement arithmetic, takes the one's complement of the resulting sum as the generated checksum. For the format of the UDP datagram header, see Figure 5, and for the generation process of the checksum, see Figure 6.

(3)根据双方事先约定好的16个比特位置中的8个随机比特位置,从每个UDP报头部16位校验和中提取出8位。(3) According to 8 random bit positions among the 16 bit positions agreed by both parties in advance, 8 bits are extracted from the 16-bit checksum of each UDP header.

(4)将步骤(1)中得到的每组8比特的加密后信息依次替换步骤(3)中提取出的每组8比特数据。(4) Replace each group of 8-bit data extracted in step (3) with each group of 8-bit encrypted information obtained in step (1).

(5)再根据步骤(3)中同样的随机比特位置,把步骤(4)得到的每组8比特数据放回到校验域中。(5) Put each group of 8-bit data obtained in step (4) back into the check field according to the same random bit position in step (3).

(6)根据步骤(5)中变化了的校验域,修正数据报的数据域,以保证校验和验证正确。UDP协议校验和的验证过程是把要校验的部分(包括伪头部、头部和数据域)和校验和一起用反码算术运算,按16位字相加,若相加得到的结果为1,表示校验和正确,反之则校验不正确,校验和的验证过程参见附图7。校验和的修正过程与验证过程相似,即把要校验的部分(包括伪头部、头部和数据域)和嵌入了秘密信息的校验和一起用反码算术运算,按16位字相加,修改UDP报的数据域使相加的结果仍然为1,以保证校验正确,校验和的修正过程参见附图8。(6) Correct the data field of the datagram according to the changed check field in step (5), so as to ensure that the checksum verification is correct. The verification process of the UDP protocol checksum is to use the one’s complement arithmetic operation with the part to be verified (including the pseudo header, header and data field) and the checksum, and add them according to 16-bit words. If the addition is obtained If the result is 1, it means that the checksum is correct; otherwise, the checksum is incorrect. For the verification process of the checksum, see Figure 7. The correction process of the checksum is similar to the verification process, that is, the part to be verified (including the pseudo header, the header and the data field) and the checksum embedded with the secret information are used together to perform an inverse code arithmetic operation, according to the 16-bit word To add, modify the data field of the UDP message so that the result of the addition is still 1, so as to ensure that the checksum is correct. For the correction process of the checksum, refer to Figure 8.

(7)发送方将所有UDP数据报发送给接收方。(7) The sender sends all UDP datagrams to the receiver.

(8)接收方接收所有UDP报。并根据每一个数据报的数据域中约定的16个比特位置,提取出每个数据报的序号,对数据报排序。(8) The receiver receives all UDP packets. And according to the agreed 16 bit positions in the data field of each datagram, the serial number of each datagram is extracted, and the datagrams are sorted.

(9)提取每个UDP数据报头部的16位校验和(9) Extract the 16-bit checksum of each UDP datagram header

(10)根据事先约定的16个比特位置中的8个随机位置,从步骤(9)得到的每个16位校验和中提取出8位。(10) Extract 8 bits from each 16-bit checksum obtained in step (9) according to 8 random positions among the 16 bit positions agreed in advance.

(11)将步骤(10)提取出的所有比特按序组成信息。(11) Composing all the bits extracted in step (10) into information in sequence.

(12)用共享密钥,根据RC4密码算法解密信息,从而得到要接收的秘密信息。(12) Use the shared key to decrypt the information according to the RC4 cryptographic algorithm, so as to obtain the secret information to be received.

Claims (7)

1. transmission/the method for reseptance of a secret communication, in network environment the Information hiding that will transmit in carrier, it is characterized in that: this sending method comprises the steps:
Step 1: with sharing the secret information that secret key encryption will send, the cryptographic algorithm of use is RC4;
Step 2: the information after encrypting is represented with binary bit stream, be divided into one group of 8 bit, if encrypting the length of back information is l, then total m=l/8 group, if the length of encrypting back information is not 8 integral multiple, then in the end " 0 " is filled in one group back, the original order ordering of all groupings by information;
Step 3: construct m transport layer protocol data cell, fill each field and the data field of each protocol Data Unit stem, and generate verification and, insert in the verification territory;
Step 4: the m that obtains in the step 2 group bit stream is embedded into respectively in the verification territory of m the transport layer protocol data cell that obtains in the step 3, and 8 bits of every group are embedded in the protocol Data Unit, and are embedded on the random site that both sides appoint;
Step 5: to each protocol Data Unit that obtains in the step 4, revise data field in the data cell, make verification and still correct according to its verification territory that has changed; Wherein, the similar process of verification in the process of revising data field according to the verification territory and the transport layer protocol, promptly the part of wanting verification, the radix-minus-one complement arithmetical operation is reinstated in the verification and that comprises pseudo-head, head and data field and embedded secret information, presses 16 word additions; If do not embed secret information in the verification territory, the result that addition obtains should be 1, expression verification and correct; Because make verification and variation has taken place after embedding 8 bit secret informations, still be 1 so need modification protocol Data Unit data field to make the result of addition, to guarantee verification and still correct;
Step 6:, send to the recipient successively according to the agreement of transport layer and the sequencing of each grouping all m protocol Data Unit that obtains in the step 5;
This method of reseptance is, after the recipient receives network protocol data unit from network, from the information extraction of verification territory.
2. transmission/the method for reseptance of a kind of secret communication according to claim 1, it is characterized in that: described protocol Data Unit refers to TCP message segment or UDP datagram.
3. transmission/the method for reseptance of secret communication according to claim 1, it is characterized in that: the generative process in the verification territory of the transport layer protocol data cell in the described sending method step 3, according to TCP and udp checksum and computational methods, promptly head, data and the pseudo-head of TCP section or UDP newspaper calculation check together and; During calculating, earlier part to be verified is divided into the sequence of many 16 words, and verification and zero setting, with the radix-minus-one complement arithmetical operation all 16 word additions after, with obtain and radix-minus-one complement as the verification that generates with.
4. transmission/the method for reseptance of secret communication according to claim 1, it is characterized in that: telescopiny adopts the mode that bit is replaced in the described sending method step 4, promptly replaces the bit of 8 random sites of the both sides' agreement in each transport layer protocol data cell verification territory with every group that obtains in the step 28 bits.
5. transmission/the method for reseptance of a kind of secret communication according to claim 1, it is characterized in that: described method of reseptance comprises the steps:
Step (1): receive all m transport layer protocol data cells according to transport layer protocol, and from small to large all protocol Data Units are sorted according to sequence number;
Step (2): to m the transport layer protocol data cell that obtains in the step (1), 8 random sites according in each protocol Data Unit verification territory of both sides' agreement extract the bit value of these 8 positions, form one group of bit stream;
Step (3):, form complete information according to the order in the step (1) with all m group bit streams that obtain in the step (2);
Step (4): with sharing the information that obtains in key and the RC4 cryptographic algorithm decryption step (3), the secret information that acquisition will receive.
6. transmission/the method for reseptance of secret communication according to claim 1 or 5, it is characterized in that: described 8 random sites, finger is selected 8 random bit positions and is used for hiding secret information in 16 bit positions in the verification territory of transport layer protocol data cell, 8 random sites arrange to form by both party, 8 random sites of each protocol Data Unit should have nothing in common with each other, and set in advance by both party.
7. transmission/the method for reseptance of secret communication according to claim 1 or 5, it is characterized in that: described transport layer protocol is Transmission Control Protocol or udp protocol, directly sends, receives all message segments by the sequence number field during for Transmission Control Protocol; Appoint in advance by both party during for udp protocol that 16 bits choosing the UDP message territory are as the sequence number of representing each UDP datagram.
CN2008101007958A 2008-05-13 2008-05-13 A sending/receiving method of covert communication Expired - Fee Related CN101277194B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2008101007958A CN101277194B (en) 2008-05-13 2008-05-13 A sending/receiving method of covert communication

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2008101007958A CN101277194B (en) 2008-05-13 2008-05-13 A sending/receiving method of covert communication

Publications (2)

Publication Number Publication Date
CN101277194A CN101277194A (en) 2008-10-01
CN101277194B true CN101277194B (en) 2010-06-09

Family

ID=39996234

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2008101007958A Expired - Fee Related CN101277194B (en) 2008-05-13 2008-05-13 A sending/receiving method of covert communication

Country Status (1)

Country Link
CN (1) CN101277194B (en)

Families Citing this family (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101431578B (en) * 2008-10-30 2010-12-08 南京大学 An Information Hiding Method Based on G.723.1 Silence Detection Technology
CN101488852B (en) * 2009-01-13 2010-12-29 华中科技大学 Method of IP voice covert communication based on m-sequence
CN101478391B (en) * 2009-01-13 2010-12-29 华中科技大学 IP voice hidden communication method based on stream encryption
GB201010735D0 (en) 2010-06-25 2010-08-11 Omar Ralph M Security improvements for flexible substrates
CN102143155B (en) * 2010-12-30 2014-01-08 南京理工大学 Stealth Communication Method Based on IPID Bit Incremental Modulation
CN102137096A (en) 2011-01-13 2011-07-27 华为技术有限公司 Method and equipment for data transmission
CN102523205A (en) * 2011-12-05 2012-06-27 中兴通讯股份有限公司 Determination method and device for content checksum
CN103546475A (en) * 2013-10-29 2014-01-29 冯丽娟 Network communication subject confirmation method and system
CN103581192A (en) * 2013-11-08 2014-02-12 冯丽娟 Method and system for confirming network communication object
CN104917747B (en) * 2015-03-27 2018-07-10 中国科学技术大学苏州研究院 A kind of secret communication method
CN106453225B (en) * 2016-07-18 2019-07-05 北龙中网(北京)科技有限责任公司 Realize the method and client, server of secret communication
CN107612678B (en) * 2017-08-18 2020-05-05 华侨大学 Steganography method based on network topology structure diagram
CN109842597A (en) * 2017-11-28 2019-06-04 中天安泰(北京)信息技术有限公司 Communication uplink data reconstruction method and component
CN108390860B (en) * 2018-01-24 2021-09-14 北京奇艺世纪科技有限公司 Data packet encryption and decryption method and device
CN108268178B (en) * 2018-02-27 2021-07-13 Tcl移动通信科技(宁波)有限公司 Mobile terminal touch screen coordinate output control, mobile terminal and storage medium
CN111970124B (en) * 2020-08-12 2024-07-09 曙光信息产业(北京)有限公司 Computer factory mode control method, device, computer equipment and storage medium
CN112804365B (en) * 2021-04-14 2021-07-13 浙江数秦科技有限公司 A privacy data distribution method for secure multi-party computation

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6108812A (en) * 1996-06-20 2000-08-22 Lsi Logic Corporation Target device XOR engine
CN1643841A (en) * 2002-03-20 2005-07-20 皇家飞利浦电子股份有限公司 Encryption key hiding and recovering method and system
CN1898624A (en) * 2003-12-24 2007-01-17 皇家飞利浦电子股份有限公司 Preserving privacy while using authorization certificates

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6108812A (en) * 1996-06-20 2000-08-22 Lsi Logic Corporation Target device XOR engine
CN1643841A (en) * 2002-03-20 2005-07-20 皇家飞利浦电子股份有限公司 Encryption key hiding and recovering method and system
CN1898624A (en) * 2003-12-24 2007-01-17 皇家飞利浦电子股份有限公司 Preserving privacy while using authorization certificates

Also Published As

Publication number Publication date
CN101277194A (en) 2008-10-01

Similar Documents

Publication Publication Date Title
CN101277194B (en) A sending/receiving method of covert communication
US8503681B1 (en) Method and system to securely transport data encryption keys
US8687800B2 (en) Encryption method for message authentication
Mare et al. Secret data communication system using Steganography, AES and RSA
CN101459510B (en) Implementation method and device for real-time transmission data encryption algorithm
US20070237144A1 (en) Transporting authentication information in RTP
WO2016135726A1 (en) Method and system for authenticating and preserving the integrity of communication, secured by secret sharing
Amine Diffie-Hellman key exchange through Steganographied images
CN115632765B (en) Encryption method, decryption method, device, electronic device and storage medium
CN104780051A (en) Side channel attack method for SM2 public key cryptography encryption algorithm
Hwang et al. Robust stream‐cipher mode of authenticated encryption for secure communication in wireless sensor network
CN110098937A (en) A kind of data block associated Encryption Algorithm based on timestamp
Negi et al. Hybrid approach for data security using coverless image steganography with AES
Goudar et al. Secure data transmission using steganography based data hiding in TCP/IP
CN117314427A (en) Efficient hidden communication method and communication system based on blockchain remarks
CN103634113B (en) Encryption and decryption method and device with user/equipment identity authentication
US20130058483A1 (en) Public key cryptosystem and technique
JP2005114870A (en) Cryptographic communication system
CN112866288A (en) Data symmetric encryption method for double-plaintext transmission
CN108270771A (en) A kind of shellcode encoding and decoding deformation method
CN112637442A (en) Method and device for encrypting circulating image by cloud server and local end
JP5436257B2 (en) Distribution system, distribution / reception method, distribution apparatus, reception apparatus, distribution program, and reception program
CN108200108B (en) Asymmetric encryption algorithm and application thereof
US20050152550A1 (en) System for transmitting encrypted data
Eltaief et al. MLCC: A new hash‐chained mechanism for multicast source authentication

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
C17 Cessation of patent right
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20100609

Termination date: 20130513

EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20081001

Assignee: Jiangsu Xiangjiang Science & Technology Co.,Ltd.

Assignor: Jiangsu University of Science and Technology

Contract record no.: 2011320000757

Denomination of invention: Transmitting/receiving method for secret communication

Granted publication date: 20100609

License type: Exclusive License

Record date: 20110527

LICC Enforcement, change and cancellation of record of contracts on the licence for exploitation of a patent or utility model