[go: up one dir, main page]

CN101383703B - Dynamic ciphering method based on broad sense information field - Google Patents

Dynamic ciphering method based on broad sense information field Download PDF

Info

Publication number
CN101383703B
CN101383703B CN200810198491XA CN200810198491A CN101383703B CN 101383703 B CN101383703 B CN 101383703B CN 200810198491X A CN200810198491X A CN 200810198491XA CN 200810198491 A CN200810198491 A CN 200810198491A CN 101383703 B CN101383703 B CN 101383703B
Authority
CN
China
Prior art keywords
key
module
encryption
round
decryption
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN200810198491XA
Other languages
Chinese (zh)
Other versions
CN101383703A (en
Inventor
张国基
刘清
黎凤鸣
许洁斌
丁卓
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
South China University of Technology SCUT
Original Assignee
South China University of Technology SCUT
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by South China University of Technology SCUT filed Critical South China University of Technology SCUT
Priority to CN200810198491XA priority Critical patent/CN101383703B/en
Publication of CN101383703A publication Critical patent/CN101383703A/en
Application granted granted Critical
Publication of CN101383703B publication Critical patent/CN101383703B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Storage Device Security (AREA)

Abstract

The invention provides a dynamic encryption and decryption method based on a generalized information field, its realization system comprises a pseudo-random code generator based on the generalized information field and an encryption and decryption subsystem, wherein the pseudo-random code generator is connected with the encryption and decryption subsystem, and the encryption and decryption subsystem comprises an encryption subsystem and a decryption subsystem. The pseudo-random code generator based on the generalized information field comprises an initial address message IV generating module, an IV normalized module, an m module, a constrained processing module and a key length judgment module which are connected in sequence, wherein the m module is connected with an activity background generating module, and the activity background generating module comprises a physical reconstruction module and a logical reconstruction module. The encryption subsystem and the decryption subsystem both comprise grouping coefficient and round key generating modules, grouping modules, position interchange modules and substitution operation modules. The invention introduces the generalized information field, and realizes the key safety to transfer towards the generalized information field safety; the cryptanalysis resistance is strong.

Description

Dynamic encryption and decryption method based on broad sense information field
Technical field
The present invention relates to field of cryptography, be specifically related to dynamic encryption and decryption method based on broad sense information field.
Background technology
In recent years, computer network has obtained development rapidly, is widely used in every field such as politics, military affairs, economy and science, and increasing information has obtained effective transmission and storage.Because the opening of computer network makes information possible stolen in transmission and storing process, the confidentiality of information, integrality, availability and non-repudiation all need to adopt cryptographic technique to realize.Information transmitted can be analyzed and intercept and capture to the computer of modern high performance automatically, and per second can be searched for hundreds of ins and outs, thereby information security is constituted serious threat.Message area wishes to have safer, convenient, effective information protection means in a hurry.
Cause people's very big concern as the cryptography of one of network security basic theory, attracted increasing researcher to put in the middle of the research in password field; Owing to the development and change of real-life actual needs and computing technique, many new problems, new direction have all appearred in cryptographic each research field simultaneously.For example, the AES Collection Activities make international cryptography rise the climax of a block cipher research.Simultaneously, in the public key cryptography field, advantage has caused people's common concern to ECC because it is safe, computational speed is fast etc.
Encryption technology mainly is divided into symmetric cryptography and asymmetric cryptography, and wherein symmetric cryptography is divided into stream cipher and block cipher again.The representative of stream cipher is the RC4 algorithm, and the representative of block cipher is DES and AES.The scramble diffusion conversion that the legacy packets password is determined usually, the system that makes has some specific character, its result makes system be vulnerable to the attack of cryptanalysis methods such as linear analysis, difference analysis, algebraically attack to a certain extent, thereby influences its fail safe.As first and also be that the most serious weakness of most important modern symmetric encipherment algorithm DES is exactly that key length is shorter, this weakness seems more obvious in the nineties in 20th century.In July, 1998, cryptography research association, advanced wireless technological associations and EFF combined structure a cipher key search machine that is called Deep crack, searched for and successfully found DES challenge key after 56 hours, this shows the single key password of the computing technique in the later stage nineties 20th century for a former safety, uses the key of 56 bits too short.Thereafter improvement is the DES that takes turns that increases key length more.The AES that is symmetric cryptography equally is a kind of cryptographic algorithm that obviously relies on mathematical theory, relies on the related properties of finite field/finite ring to carry out encryption and decryption.What discussion was maximum at present is exactly that the algebraically of AES is attacked (XSL).Existing studies show that is the polynomial time of algorithm wheel number if XSL attacks, and then the fail safe of AES is along with the increase of wheel number is exponential increase.AES is because its grouping is determined, key length is determined and the scramble broadcast algorithm is determined, when having high correlation for big data quantity and data, its effect is unsatisfactory.Symmetric cryptosystem all relates to the key problem, uses pseudo noise code as key usually.
There is following problem in traditional cryptographic algorithm:
(1) traditional cryptographic algorithm, as AES etc., the generation of its key (being pseudo noise code) can be represented with two tuples usually
K=(m,IV)
Wherein, K is a key; M is that key produces algorithm, is difficult to usually maintain secrecy; IV is an initial value, i.e. the seed of algorithm requirement is maintained secrecy; M, IV are directly related with key, and key produces the mode that algorithm generally adopts iteration, begin iteration from initial value IV and produce key; The conventional cryptography algorithm has definite scramble and diffusion conversion, and enciphered message relies on key, and on the other hand, key need be encrypted keeping/encryption transmission/hidden passageway and transmit; Therefore, the key of the safety issue of traditional algorithm is key;
(2) decruption key needs to pass to deciphering side by cipher mode or hidden passageway ciphertext is decrypted, in transmission course, ciphertext and decruption key all may be intercepted and captured, so just might be by only ciphertext only attack or cryptanalysis crack ciphertext, thereby the information that makes transmits and has lost safety guarantee, and this also increases the complexity of key management greatly;
(3) the conventional cryptography algorithm is owing to the each side reason, and key key in actual use often is repeated repeatedly to use, and exists the safety issue that produces owing to repeatedly reusing.
Summary of the invention
Primary and foremost purpose of the present invention is to overcome the shortcoming and defect of above-mentioned prior art, a kind of dynamic encryption and decryption method based on broad sense information field is provided, the present invention introduces the broad sense information field notion, broken through the restriction of two tuples, it is expanded to the tlv triple structure, make the encryption and decryption both sides that the common activity context through broad sense information field conversion acquisition be arranged, from the side of encryption to deciphering side, the not explicit appearance of key, do not relate to the transmission of key yet, realize of the transfer of key safety problem to the broad sense information field safety issue; This system can obtain an activity context arbitrarily by broad sense information field being carried out physics reconstruct and logical reconstruction, has now to studies show that this conversion complexity is a np hard problem; Encrypt round, block length dynamically changeable, the scramble broadcast algorithm is determined by the alignment characteristics and the segmentation statistical property of key fully.
Can be expressed as binary-coded data arbitrarily in the computer, be referred to as broad sense information field (IF).
The object of the invention is achieved through the following technical solutions: based on the dynamic encryption and decryption method of broad sense information field, the dynamic encryption and decryption system based on broad sense information field that realizes this method comprises the pseudo-noise code generator based on broad sense information field, the encryption and decryption subsystem that is connected, and this encryption and decryption subsystem comprises encryption subsystem, decrypting subsystem;
Wherein encryption subsystem comprises successively the grouping coefficient that connects and round key generation module, grouping module, antithesis place-exchange module, in-place computation module; Decrypting subsystem comprises successively the grouping coefficient that connects and round key generation module, grouping module, in-place computation module, antithesis place-exchange module; And encryption subsystem, the shared same grouping coefficient of decrypting subsystem and round key generation module;
The pseudo-noise code generator based on broad sense information field wherein comprises that initial address message (IV) generation module, IV normalization module, the key that connect successively produce algorithm (m) module, about fasciculation processing module, key length judge module, and described m module also is connected with the activity context generation module simultaneously; Wherein, m is that key produces algorithm; IV is an initial address message, i.e. the seed of algorithm requirement;
Simultaneously, described pseudo-noise code generator based on broad sense information field respectively with encryption subsystem, decrypting subsystem in the grouping coefficient with round key generation module, antithesis place-exchange module, in-place computation module, be connected, the grouping coefficient also enters the mouth by a breakpoint with the round key generation module and links to each other with the m module.
Described activity context generation module is mainly connected to form by physics reconstructed module, logical reconstruction module.
The present invention is based on the dynamic encryption and decryption method of broad sense information field, comprise ciphering process and decrypting process, ciphering process is specific as follows:
(1) the activity context generation module becomes activity context to this subspace logical reconstruction then by the physics reconstruct of selected IF being obtained certain sub spaces of IF;
(2) the IV generation module produces initial address message (IV), and the IV normalization module becomes the binary address string of determining length to IV compression or stretching, and it is divided into the n piece:
X 1 X 2 ... ?X n
As the dimension of the n in activity context logical address;
(3) the m module is carried out the space tracking conversion to dimension logical bit address of the n in the activity context and physical space, and in each address transfer, separates out the long bit string in k position and incorporate in the key sequence from activity context.In order to obtain migration address, the about fasciculation of difference of the frequency of the maximum of k position bit string value and minimum value is handled before about fasciculation processing module basis, obtains a correction value.By the m module correction value is incorporated into address sequence then, obtain new n dimension migration address through translation;
(4) the key length judge module judges according to default parameter whether the length of key is enough, if not enough, then repeats step (3) operation, if enough, then exports key;
(5) generate grouping coefficient and round key Key r---to the selected encryption round number of user, system realizes whenever taking turns that the grouping coefficient is selected to be generated with round key automatically, and each wheel grouping coefficient of control is counted in the scope at a fixed wheel and do not repeated; Producing length by the pseudo-noise code generator based on broad sense information field is the bit string of a byte or word, and chooses the grouping coefficient n of r wheel in the grouping coefficient sets by the value of this bit string r, return step (3) then, continue to produce by pseudo-noise code generator based on broad sense information field
Figure GSB00000349554400041
Long round key Key rRepeating step (5) finishes up to all grouping coefficients and round key generation, at last the round key Key of each wheel rBe spliced into key K successively.This grouping coefficient is related to the operation of step (6), (7), (8), can increase the round of encryption according to the needs of scramble diffusion;
When many wheels are encrypted, note n '=max (n r), r=1,2 ..., R, wherein R is the encryption round number, choosing size successively is 2 N 'Piece be unit, (6), (7), (8) are carried out R wheel and are encrypted set by step;
(6) grouping scheme---key K is pressed grouping coefficient n rDivide into groups, the address space that the grouping coefficient has determined the clear packets displacement to encrypt is
Figure GSB00000349554400042
(7) antithesis place-exchange--the content k of-key K grouping iThe interior address of group of space grouping is encrypted in representative, to k iThe step-by-step negate obtains k ' i, k iAnd k ' iFormation is right to even address.Analyze each k iStatistical property after be shifted accordingly and the exchange of even address corresponding content handled; These processing are by the decision of the alignment characteristics of key, therefore use different keys, and it is different that displacement of taking during encryption and exchange are handled;
(8) in-place computation---note round key is Key r=(K 0, K 1..., K t), plain text encryption space grouping A=(A 0, A 1..., A t), corresponding ciphertext block be A '=(A ' 0, A ' 1..., A ' t).K wherein i, A i, A ' iAccount for 1bit, promptly be considered as the form of binary stream.After completing place exchange, calculate A ' value (A ' as the A use of r+1 wheel) as follows:
A 0 ′ = A 0 ⊕ K 0 ⊕ A t , i = 0 A i ′ = A i ⊕ K i ⊕ A i - 1 ′ , i ≠ 0 ;
Above-mentioned steps (6) to (8) is when the r that carries out for cryptographic algorithm wheel ciphering process, and one takes turns to encrypt and finishes, and encrypts and then do not repeat step (6) to (8) if finish the R wheel, otherwise change (9);
(9) if expressly unencryption finishes, return (6), otherwise, encrypt and finish, return ciphertext.
In the said method, the described IV of step (2) is by one in system random number (SR), internal system time (ST), the given content (SC) or any multinomial composition, wherein SR, ST obtain by call function, realize randomness and the uniqueness of IV, given content is by the personalization of the given realization of user IV.
In the said method, the effect of the described physics reconstruct of step (1) is that selected broad sense information field (IF) is constructed with certain dispersion, visible physically subspace; Logical reconstruction then is that a spatial mappings that is obtained by physics reconstruct is the logical space of n dimension, has discreteness and randomness; Normalization IV is certain any address in this higher-dimension logical space, the initial address that carries out the space tracking conversion after also being.
In the said method, the described IF of step (1) can be the data of any type, is to be Binary Zero, 1 bit string of any length of unit with the byte in essence, has certain randomness and can think that it is end to end.IF can be produced by algorithm, generates as chaos/mixed chaos system, also one section code of image, text or internal memory etc.Can be to its label, so that use.When experiment, consider to use image, text as broad sense information field, or utilize the mixed chaos system, thereby produce different broad sense information fields according to given different initial value.
In the said method, the structure of the described activity context of step (1) under selected generalized information neck has as giving a definition:
ABG-code IF-code [S 1/L 1][,S 2/L 2]…[S i/L i]… D 1,D 2,D 3[,D 4[,…]]
Wherein:
ABG-code: activity context number, be convenient to quote by code name;
IF-code: broad sense information field number;
[S 1/ L 1] [, S 2/ L 2] ... [S i/ L i] ... be the physics reconstruction parameter, can select arbitrarily, consequently produce the activity context of determining.S wherein iBe skew, L iBe length, expression decimally.Unit during physics reconstruct is a byte;
D 1, D 2, D 3[, D i[... ]] be the logical reconstruction parameter, D iBe dimension definition, decimal representation provides this and ties up maximum subscript value, can choose wantonly in the bracket, and its unit is the position during logical reconstruction.
In the said method, the described physics reconstructed module of step (1) is carried out physics reconstruct to this selected IF, is realized by the physics reconstructed module that specifically its concrete operations are as follows:
If the physics reconstruction parameter is empty, then activity context and selected information field equivalence; If physics reconstruction parameter non-NULL is then chosen one group of physics reconstruction parameter [S successively i/ L i]], from the S of broad sense information field or intermediate object program iIt is L that byte plays intercepted length i0,1 string of byte long is as effective information.Physics reconstruct can be extended to the information of a broad sense information field physical message piece of a plurality of different activity contexts;
In physics reconstruct, introduce one group of discretization rule, algorithm, reach unidirectional and calculate, the target of high degree of isolation and discretization, therefore,, make physics reconstruct have following characteristics by definition rule:
A, a reconstruct might make certain byte value produce multiple variation, satisfy unidirectional computability;
B, reconstruct keep stochastic behaviour, the ratio as 0,1;
The physical structure that c, reconstruct produce intermediate object program or activity context satisfies unidirectional calculating, but does not have inverse function, can't reversely obtain the result on upper strata, has high degree of isolation.
In the said method, the described activity context generation module of step (1) carries out logical reconstruction to the IF through physics reconstruct and obtains activity context, is realized by the logical reconstruction module that specifically its concrete operations are as follows:
Is the linear space conversion of the byte of one dimension the position logical space of any multidimensional, and the one-dimensional data that is obtained by physics reconstruct is reconstructed into D 1* D 2* ... * D nBlock of information, then each corresponding address, and all available (y in each address 1, y 2..., y n) expression, and D 1, D 2..., D nIt is each maximum subscript value of tieing up of appointing in advance.
In the said method, the m ternary of step (1), (2), (3) described IF, IV, m module coordinates to be implemented in the migration of spatial context track, separates out k position key in transition process, revises traveling locus simultaneously, till the length that generates meets the demands.
The decrypting process of decrypting subsystem is the inverse process of the ciphering process of encryption subsystem basically, and its difference is: the grouping coefficient and the round key backward that generate are used; The execution sequence of grouping scheme, antithesis place-exchange, in-place computation, these three steps is followed successively by: grouping scheme, in-place computation, antithesis place-exchange.
Decrypting process is specific as follows:
(1) the activity context generation module becomes activity context to this subspace logical reconstruction then by the physics reconstruct of selected IF being obtained certain sub spaces of IF;
(2) the IV generation module produces initial address message (IV), and the IV normalization module becomes the binary address string of determining length to IV compression or stretching, and it is divided into the n piece:
X 1 X 2 ... ?X n
As the dimension of the n in activity context logical address;
(3) the m module is carried out the space tracking conversion to dimension logical bit address of the n in the activity context and physical space, and in each address transfer, separating out the long bit string in k position from activity context incorporates in the key sequence, in order to obtain migration address, the about fasciculation of difference of the frequency of the maximum of k position bit string value and minimum value is handled before about fasciculation processing module basis, obtains a correction value; By the m module correction value is incorporated into address sequence then, obtain new n dimension migration address through translation, and the reservation traveling locus is used for constructing in the future track ring transformation matrix;
(4) the key length judge module judges according to default parameter whether the length of key is enough, if not enough, then repeats step (3) operation, if enough, then exports key;
(5) generate grouping coefficient and round key Key r---to the decryption round number, system realizes whenever taking turns that the grouping coefficient is selected to be generated with round key automatically, and each wheel grouping coefficient of control is counted in the scope at a fixed wheel and do not repeated.Producing length by the pseudo-noise code generator based on broad sense information field is the bit string of a byte or word, and chooses the grouping coefficient n of r wheel in the grouping coefficient sets by the value of this bit string r, return step (3) then, continue to produce by pseudo-noise code generator based on broad sense information field
Figure GSB00000349554400061
Long round key Key rRepeating step (5) finishes up to all grouping coefficients and round key generation, at last the round key Key of each wheel rBe spliced into key K successively.This grouping coefficient is related to the operation of step (6), (7), (8);
When many wheels are deciphered, note n '=max (n r), r=1,2 ..., R, wherein R is the decryption round number, choosing size successively is 2 N 'Piece be unit, R wheel deciphering is carried out in (7), (8), (9) set by step;
(6) grouping scheme---key K is pressed grouping coefficient n R-r+1Divide into groups, the grouping coefficient has determined the address space of ciphertext block displacement deciphering to be
Figure GSB00000349554400062
(7) in-place computation---note round key is Key r=(K 0, K 1..., K t), be the Key that produces by step (5) R-r+1, decrypt ciphertext space grouping A=(A 0, A 1..., A t), corresponding clear packets be A '=(A ' 0, A ' 1..., A ' t).K wherein i, A i, A ' iAccount for 1bit, promptly be considered as the form of binary stream, after the exchange of completing place, calculate A ' value as follows, A ' uses as the A of r+1 wheel:
A i = A i - 1 ′ ⊕ K i ⊕ A i ′ , i ≠ 0 A 0 = A 0 ′ ⊕ K 0 ⊕ A t , i = 0 ;
(8) antithesis place-exchange--the content k of-key K grouping iThe interior address of group of space grouping is encrypted in representative, to k iThe step-by-step negate obtains k ' i, k iAnd k ' iFormation is right to even address; Analyze each k iStatistical property after be shifted accordingly and the exchange of even address corresponding content handled; These processing are by the decision of the alignment characteristics of key, therefore use different keys, and it is different that displacement of taking during deciphering and exchange are handled;
Above-mentioned steps (6) to (8) is when being the r wheel decrypting process that decipherment algorithm carried out, and one takes turns deciphering finishes, and does not then repeat step (6) to (8) if finish the deciphering of R wheel, otherwise changes (9);
(9) if ciphertext is not deciphered and finished, return (6), otherwise deciphering finishes, and returns expressly.
In the said method, the described IV of step (2) is by one in system random number (SR), internal system time (ST), the given content (SC) or any multinomial composition, wherein SR, ST obtain by call function, realize randomness and the uniqueness of IV, given content is by the personalization of the given realization of user IV.
In the said method, the effect of the described physics reconstruct of step (1) is that selected broad sense information field (IF) is constructed with certain dispersion, visible physically subspace; Logical reconstruction then is that a spatial mappings that is obtained by physics reconstruct is the logical space of n dimension, has discreteness and randomness; Normalization IV is certain any address in this higher-dimension logical space, the initial address that carries out the space tracking conversion after also being.
In the said method, the described IF of step (1) can be the data of any type, is to be Binary Zero, 1 bit string of any length of unit with the byte in essence, has certain randomness and can think that it is end to end.IF can be produced by algorithm, generates as chaos/mixed chaos system, also one section code of image, text or internal memory etc.Can be to its label, so that use.When experiment, consider to use image, text as broad sense information field, or utilize the mixed chaos system, thereby produce different broad sense information fields according to given different initial value.
In the said method, the structure of the described activity context of step (1) under selected broad sense information field has as giving a definition:
ABG-code IF-code [S 1/L 1][,S 2/L 2]…[S i/L i]… D 1,D 2,D 3[,D 4[,…]]
Wherein:
ABG-code: activity context number, be convenient to quote by code name;
IF-code: broad sense information field number;
[S 1/ L 1] [, S 2/ L 2] ... [S i/ L i] ... be the physics reconstruction parameter, can select arbitrarily, consequently produce the activity context of determining.S wherein iBe skew, L iBe length, expression decimally.Unit during physics reconstruct is a byte;
D 1, D 2, D 3[, D i[... ]] be the logical reconstruction parameter, D iBe dimension definition, decimal representation provides this and ties up maximum subscript value, can choose wantonly in the bracket, and its unit is the position during logical reconstruction.
In the said method, the described activity context generation module of step (1) carries out physics reconstruct to this selected IF, is realized by the physics reconstructed module that specifically its concrete operations are as follows:
If the physics reconstruction parameter is empty, then activity context and selected information field equivalence; If physics reconstruction parameter non-NULL is then chosen one group of physics reconstruction parameter [S successively i/ L i], from the S of broad sense information field or intermediate object program iIt is L that byte plays intercepted length i0,1 string of byte long is as effective information.Physics reconstruct can be extended to the information of a broad sense information field physical message piece of a plurality of different activity contexts;
In physics reconstruct, introduce one group of discretization rule, algorithm, reach unidirectional and calculate, the target of high degree of isolation and discretization, therefore,, make physics reconstruct have following characteristics by definition rule:
A, a reconstruct might make certain byte value produce multiple variation, satisfy unidirectional computability;
B, reconstruct keep stochastic behaviour, the ratio as 0,1;
The physical structure that c, reconstruct produce intermediate object program or activity context satisfies unidirectional calculating, but does not have inverse function, can't reversely obtain the result on upper strata, has high degree of isolation.
In the said method, the described activity context generation module of step (1) carries out logical reconstruction to the IF through physics reconstruct and obtains activity context, is realized by the logical reconstruction module that specifically its concrete operations are as follows:
Is the linear space conversion of the byte of one dimension the position logical space of any multidimensional, and the one-dimensional data that is obtained by physics reconstruct is reconstructed into D 1* D 2* ... * D nBlock of information, then each corresponding address, and all available (y in each address 1, y 2..., y n) expression, and D 1, D 2..., D nIt is each maximum subscript value of tieing up of appointing in advance.
In the said method, the m ternary of step (1), (2), (3) described IF, IV, m module coordinates to be implemented in the migration of spatial context track, separates out k position key in transition process, revises traveling locus simultaneously, till the length that generates meets the demands.
The dynamic ciphering system that the present invention is based on broad sense information field has the following advantages with respect to prior art:
(1) introduce the broad sense information field notion, broken through the restriction of two tuples, (IF), encryption and decryption both sides can produce the key of any number, random length under the joint activity background for m, IV to expand to tlv triple under the broad sense information field conversion., only need to transmit IV to deciphering side from the side of encryption, the not explicit appearance of key does not relate to the transmission of key yet, and the key safety problem is just transferred on the broad sense information field safety issue like this, thereby has improved Information Security greatly.
(2) anti-conventional cryptanalysis.Broad sense information field can obtain any a plurality of activity context by physics reconstruct and logical reconstruction, and selectes and use one of them.The adjustability of parameter relates to permutation and combination (exhaustive attack space) problem in restructuring procedure, has now to studies show that this conversion complexity is a np hard problem.The selected Dynamic Packet of simultaneity factor, place-exchange etc. are nonlinear transformation, therefore along with the increase of round, the encryption time is linear increment, and scramble diffusion complexity is exponential increase, so conventional cryptanalysis methods such as linear analysis, difference analysis, algebraically attack are not suitable for native system.
Description of drawings
Fig. 1 is the structural representation of system of the present invention;
Fig. 2 is the workflow of system of the present invention.
Embodiment
Below in conjunction with embodiment and accompanying drawing, the present invention is described in further detail, but embodiments of the present invention are not limited thereto.
Embodiment
Figure 1 shows that the concrete structure of the dynamic ciphering system that the present invention is based on broad sense information field, comprise the pseudo-noise code generator that is connected, add the close system of Xie Zi that this encryption and decryption subsystem comprises encryption subsystem, decrypting subsystem based on broad sense information field;
Wherein encryption subsystem comprises successively the grouping coefficient that connects and round key generation module, grouping module, antithesis place-exchange module, in-place computation module; Decrypting subsystem comprises successively the grouping coefficient that connects and round key generation module, grouping module, in-place computation module, antithesis place-exchange module; And encryption subsystem, the shared same grouping coefficient of decrypting subsystem and round key generation module;
The pseudo-noise code generator based on broad sense information field wherein comprises IV generation module, IV normalization module, m module, about fasciculation processing module, the key length judge module that connects successively, described m module also is connected with the activity context generation module simultaneously, and described activity context generation module is mainly connected to form by physics reconstructed module, logical reconstruction module; Wherein, m is that key produces algorithm; IV is an initial address message, i.e. the seed of algorithm requirement;
Simultaneously, described pseudo-noise code generator based on broad sense information field respectively with encryption subsystem, decrypting subsystem in the grouping coefficient be connected with round key generation module, antithesis place-exchange module, in-place computation module, the grouping coefficient also enters the mouth by a breakpoint with the round key generation module and links to each other with the m module.
Can be expressed as binary-coded data arbitrarily in the computer, be referred to as IF.
Utilize above-mentioned dynamic ciphering system based on broad sense information field to realize the method for encryption and decryption, as shown in Figure 2, comprise ciphering process and decrypting process, ciphering process is specific as follows:
(1) the activity context generation module becomes activity context to this subspace logical reconstruction then by the physics reconstruct of selected IF being obtained certain sub spaces of IF;
(2) the IV generation module produces IV, and the IV normalization module becomes the binary address string of determining length to IV compression or stretching, and it is divided into the n piece:
X 1 X 2 ... ?X n
As the dimension of the n in activity context logical address;
(3) the m module is carried out the space tracking conversion to dimension logical bit address of the n in the activity context and physical space, and in each address transfer, separating out the long bit string in k position from activity context incorporates in the key sequence, in order to obtain migration address, the about fasciculation of difference of the frequency of the maximum of k position bit string value and minimum value is handled before about fasciculation processing module basis, obtains a correction value; By the m module correction value is incorporated into address sequence then, obtain new n dimension migration address through translation;
(4) the key length judge module judges according to default parameter whether the length of key is enough, if not enough, then repeats step (3) operation, if enough, then exports key;
(5) generate grouping coefficient and round key Key r---to the selected encryption round number of user, system realizes whenever taking turns that the grouping coefficient is selected to be generated with round key automatically, and each wheel grouping coefficient of control is counted in the scope at a fixed wheel and do not repeated.Producing length by the pseudo-noise code generator based on broad sense information field is the bit string of a byte or word, and chooses the grouping coefficient n of r wheel in the grouping coefficient sets by the value of this bit string r, return step (3) then, continue to produce by pseudo-noise code generator based on broad sense information field
Figure GSB00000349554400101
Long round key Key rRepeating step (5) finishes up to all grouping coefficients and round key generation, at last the round key Key of each wheel rBe spliced into key K successively.This grouping coefficient is related to the operation of step (6), (7), (8), can increase the round of encryption according to the needs of scramble diffusion;
When many wheels are encrypted, note n '=max (n r), r=1,2 ..., R, wherein R is the encryption round number, choosing size successively is 2 N 'Piece be unit, (6), (7), (8) are carried out R wheel and are encrypted set by step;
(6) grouping scheme---key K is pressed grouping coefficient n rDivide into groups, the address space that the grouping coefficient has determined the clear packets displacement to encrypt is
(7) antithesis place-exchange--the content k of-key K grouping iThe interior address of group of space grouping is encrypted in representative, to k iThe step-by-step negate obtains k ' i, k iAnd k ' iFormation is right to even address; Analyze each k iStatistical property after be shifted accordingly and the exchange of even address corresponding content handled; These processing are by the decision of the alignment characteristics of key, therefore use different keys, and it is different that displacement of taking during encryption and exchange are handled;
(8) in-place computation---note round key is Key r=(K 1, K 2..., K t), plain text encryption space grouping A=(A 0, A 1..., A t), corresponding ciphertext block be A '=(A ' 0, A ' 1..., A ' t).K wherein i, A i, A ' iAccount for 1bit, promptly be considered as the form of binary stream, after completing place exchange, calculate A ' value (A ' as the A use of r+1 wheel) as follows:
A 0 ′ = A 0 ⊕ K 0 ⊕ A t , i = 0 A i ′ = A i ⊕ K i ⊕ A i - 1 ′ , i ≠ 0 ;
Above-mentioned steps (6) to (8) is when the r that carries out for cryptographic algorithm wheel ciphering process, and one takes turns to encrypt and finishes, and encrypts and then do not repeat step (6) to (8) if finish the R wheel, otherwise change (9);
(9) if expressly unencryption finishes, return (6), otherwise, encrypt and finish, return ciphertext.
In the said method, the m ternary of step (1), (2), (3) described IF, IV, m module coordinates to be implemented in the migration of spatial context track, separates out k position key in transition process, revises traveling locus simultaneously, till the length that generates meets the demands.
In the said method, the described IV of step (2) is by one among SR, ST, the SC or any multinomial composition, and wherein SR, ST obtain by call function, realizes randomness and the uniqueness of IV, and given content is by the personalization of the given realization of user IV.
In the said method, the effect of the described physics reconstruct of step (1) is that selected IF is constructed with certain dispersion, visible physically subspace; Logical reconstruction then is that a spatial mappings that is obtained by physics reconstruct is the logical space of n dimension, has discreteness and randomness; Normalization IV is certain any address in this higher-dimension logical space, the initial address that carries out the space tracking conversion after also being.
In the said method, the described IF of step (1) can be the data of any type, is to be Binary Zero, 1 bit string of any length of unit with the byte in essence, has certain randomness and can think that it is end to end.IF can be produced by algorithm, generates as chaos/mixed chaos system, also one section code of image, text or internal memory etc.Can be to its label, so that use.When experiment, consider to use image, text as broad sense information field, or utilize the mixed chaos system, thereby produce different broad sense information fields according to given different initial value.
In the said method, the structure of the described activity context of step (1) under selected generalized information neck has as giving a definition:
ABG-code IF-code [S 1/L 1][,S 2/L 2]…[S i/L i]… D 1,D 2,D 3[,D 4[,…]]
Wherein:
ABG-code: activity context number, be convenient to quote by code name;
IF-code: broad sense information field number;
[S 1/ L 1] [, S 2/ L 2] ... [S i/ L i] ...: the physics reconstruction parameter, can select arbitrarily, consequently produce the activity context of determining.S wherein iBe skew, L iBe length, expression decimally.Unit during physics reconstruct is a byte;
D 1, D 2, D 3[, D i[... ]]: logical reconstruction parameter, D iBe dimension definition, decimal representation provides this and ties up maximum subscript value, can choose wantonly in the bracket, and its unit is the position during logical reconstruction.
In the said method, the described physics reconstructed module of step (1) is carried out physics reconstruct to this selected IF, and its concrete operations are as follows:
If the physics reconstruction parameter is empty, then activity context and selected information field equivalence; If physics reconstruction parameter non-NULL is then chosen one group of physics reconstruction parameter [S successively i/ L i], from the S of broad sense information field or intermediate object program iIt is L that byte plays intercepted length i0,1 string of byte long is as effective information.Physics reconstruct can be extended to the information of a broad sense information field physical message piece of a plurality of different activity contexts;
In physics reconstruct, introduce one group of discretization rule, algorithm, reach unidirectional and calculate, the target of high degree of isolation and discretization, therefore,, make physics reconstruct have following characteristics by definition rule:
A, a reconstruct might make certain byte value produce multiple variation, satisfy unidirectional computability;
B, reconstruct keep stochastic behaviour, the ratio as 0,1;
The physical structure that c, reconstruct produce intermediate object program or activity context satisfies unidirectional calculating, but does not have inverse function, can't reversely obtain the result on upper strata, has high degree of isolation.
In the said method, the described logical reconstruction module of step (1) is carried out logical reconstruction to the IF through physics reconstruct and is obtained activity context, and its concrete operations are as follows:
Is the linear space conversion of the byte of one dimension the position logical space of any multidimensional, and the one-dimensional data that is obtained by physics reconstruct is reconstructed into D 1* D 2* ... * D nBlock of information, then each corresponding address, and all available (y in each address 1, y 2..., y n) expression, and D 1, D 2..., D nIt is each maximum subscript value of tieing up of appointing in advance.
For example definition:
4 Sample.txt [34/256],[568/512] 456,355,756
It is 4 activity context that code name is chosen in expression.Obtain this activity context, need carry out physics and logical reconstruction then with the file of file Sample.txt by name as broad sense information field.Physics reconstruction parameter [34/256], [568/512] are represented to choose the binary string of 256 and 512 byte longs respectively from the 34th byte and the 568th byte, and be merged into one long be 768 bytes (6144 s') binary string.Logical reconstruction is mapped to 3 spaces of tieing up to these 6144 long binary strings, and the maximum subscript value of every dimension is respectively 456,355 and 756.
Decrypting process is specific as follows:
(1) the activity context generation module becomes activity context to this subspace logical reconstruction then by the physics reconstruct of selected IF being obtained certain sub spaces of IF;
(2) the IV generation module produces IV, and the IV normalization module becomes the binary address string of determining length to IV compression or stretching, and it is divided into the n piece:
X 1 X 2 ... ?X n
As the dimension of the n in activity context logical address;
(3) the m module is carried out the space tracking conversion to dimension logical bit address of the n in the activity context and physical space, and in each address transfer, separating out the long bit string in k position from activity context incorporates in the key sequence, in order to obtain migration address, the about fasciculation of difference of the frequency of the maximum of k position bit string value and minimum value is handled before about fasciculation processing module basis, obtains a correction value; By the m module correction value is incorporated into address sequence then, obtain new n dimension migration address through translation, and the reservation traveling locus is used for constructing in the future track ring transformation matrix;
(4) the key length judge module judges according to default parameter whether the length of key is enough, if not enough, then repeats step (3) operation, if enough, then exports key;
(5) generate grouping coefficient and round key Key r---to the decryption round number, system realizes whenever taking turns that the grouping coefficient is selected to be generated with round key automatically, and each wheel grouping coefficient of control is counted in the scope at a fixed wheel and do not repeated.Producing length by the pseudo-noise code generator based on broad sense information field is the bit string of a byte or word, and chooses the grouping coefficient n of r wheel in the grouping coefficient sets by the value of this bit string r, return step (3) then, continue to produce by pseudo-noise code generator based on broad sense information field
Figure GSB00000349554400131
Long round key Key rRepeating step (5) finishes up to all grouping coefficients and round key generation, at last the round key Key of each wheel rBe spliced into key K successively.This grouping coefficient is related to the operation of step (6), (7), (8);
When many wheels are deciphered, note n '=max (n r), r=1,2 ..., R, wherein R is the decryption round number, choosing size successively is 2 N 'Piece be unit, R wheel deciphering is carried out in (7), (8), (9) set by step;
(6) grouping scheme---key K is pressed grouping coefficient n R-r+1Divide into groups, the grouping coefficient has determined the address space of ciphertext block displacement deciphering to be
Figure GSB00000349554400132
(7) in-place computation---note round key is Key ' r=(K 1, K 2..., K t), be the Key that produces by step (5) R-r+1, decrypt ciphertext space grouping A=(A 0, A 1..., A t), corresponding clear packets be A '=(A ' 0, A ' 1..., A ' t).K wherein i, A i, A ' iAccount for 1bit, promptly be considered as the form of binary stream, after completing place exchange, calculate A ' value (A ' as the A use of r+1 wheel) as follows:
A i = A i - 1 ′ ⊕ K i ⊕ A i ′ , i ≠ 0 A 0 = A 0 ′ ⊕ K 0 ⊕ A t , i = 0 ;
(8) antithesis place-exchange--the content k of-key K grouping iThe interior address of group of space grouping is encrypted in representative, to k iThe step-by-step negate obtains k ' i, k iAnd k ' iFormation is right to even address; Analyze each k iStatistical property after be shifted accordingly and the exchange of even address corresponding content handled; These processing are by the decision of the alignment characteristics of key, therefore use different keys, and it is different that displacement of taking during deciphering and exchange are handled;
Above-mentioned steps (6) to (8) is when being the r wheel decrypting process that decipherment algorithm carried out, and one takes turns deciphering finishes, and does not then repeat step (6) to (8) if finish the deciphering of R wheel, otherwise changes (9);
(9) if ciphertext is not deciphered and finished, return (6), otherwise deciphering finishes, and returns expressly.
In the said method, the m ternary in step (1), (2), (3) described IF, IV, the m module coordinates to be implemented in the migration of spatial context track, separates out k position key in transition process, revises traveling locus simultaneously, till the length that generates meets the demands.
In the said method, the described IV of step (2) is by one among SR, ST, the SC or any multinomial composition, wherein SR, ST obtain by call function, realize randomness and the uniqueness of IV, given content is given by the user, realizes the personalization of IV, as: " hello; I am * * ", IV does not use as the initial value of algorithm, and what comprise is the information of initial address in activity context.
In the said method, the effect of (1) described physics reconstruct is that selected IF is constructed with certain dispersion, visible physically subspace; Logical reconstruction then is that a spatial mappings that is obtained by physics reconstruct is the logical space of n dimension, has discreteness and randomness; Normalization IV is certain any address in this higher-dimension logical space, the initial address that carries out the space tracking conversion after also being.
In the said method, the described IF of step (1) can be the data of any type, is to be Binary Zero, 1 bit string of any length of unit with the byte in essence, has certain randomness and can think that it is end to end.IF can be produced by algorithm, generates as chaos/mixed chaos system, also one section code of image, text or internal memory etc.Can be to its label, so that use.When experiment, consider to use image, text as broad sense information field, or utilize the mixed chaos system, thereby produce different broad sense information fields according to given different initial value.
In the said method, the structure of the described activity context of step (1) under selected generalized information neck has as giving a definition:
ABG-code IF-code [S 1/L 1][,S 2/L 2]…[S i/L i]… D 1,D 2,D 3[,D 4[,…]]
Wherein:
ABG-code: activity context number, be convenient to quote by code name;
IF-code: broad sense information field number;
[S 1/ L 1] [, S 2/ L 2] ... [S i/ L i] ...: the physics reconstruction parameter, can select arbitrarily, consequently produce the activity context of determining.S wherein iBe skew, L iBe length, decimal representation.Unit during physics reconstruct is a byte;
D 1, D 2, D 3[, D i[... ]]: logical reconstruction parameter, D iBe dimension definition, decimal representation provides this and ties up maximum subscript value, can choose wantonly in the bracket, and its unit is the position during logical reconstruction.
In the said method, the described physics reconstructed module of step (1) is carried out physics reconstruct to this selected IF, and its concrete operations are as follows:
If the physics reconstruction parameter is empty, then activity context and selected information field equivalence; If physics reconstruction parameter non-NULL is then chosen one group of physics reconstruction parameter [S successively i/ L i], from the S of broad sense information field or intermediate object program iIt is L that byte plays intercepted length i0,1 string of byte long is as effective information.Physics reconstruct can be extended to the information of a broad sense information field physical message piece of a plurality of different activity contexts;
In physics reconstruct, introduce one group of discretization rule, algorithm, reach unidirectional and calculate, the target of high degree of isolation and discretization, therefore,, make physics reconstruct have following characteristics by definition rule:
A, a reconstruct might make certain byte value produce multiple variation, satisfy unidirectional computability;
B, reconstruct keep stochastic behaviour, the ratio as 0,1;
The physical structure that c, reconstruct produce intermediate object program or activity context satisfies unidirectional calculating, but does not have inverse function, can't reversely obtain the result on upper strata, has high degree of isolation.
In the said method, the described logical reconstruction module of step (1) is carried out logical reconstruction to the IF through physics reconstruct and is obtained activity context, and its concrete operations are as follows:
Is the linear space conversion of the byte of one dimension the position logical space of any multidimensional, and the one-dimensional data that is obtained by physics reconstruct is reconstructed into D 1* D 2* ... * D nBlock of information, then each corresponding address, and all available (y in each address 1, y 2..., y n) expression, and D 1, D 2..., D nIt is the maximum subscript value of appointing in advance of every dimension.
For example definition:
4 Sample.txt [34/256],[568/512] 456,355,756
It is 4 activity context that code name is chosen in expression.Obtain this activity context, need carry out physics and logical reconstruction then with the file of file Sample.txt by name as broad sense information field.Physics reconstruction parameter [34/256], [568/512] are represented to choose the binary string of 256 and 512 byte longs respectively from the 34th byte and the 568th byte, and be merged into one long be 768 bytes (6144 s') binary string.Logical reconstruction is mapped to 3 spaces of tieing up to these 6144 long binary strings, and the maximum subscript value of every dimension is respectively 456,355 and 756.
According to the tlv triple that is produced key by broad sense information field as can be known, trielement synergistic produces key, and is indispensable.The enciphering/deciphering both sides have identical broad sense information field, are to arrange in advance by both party, do not participate in the transmittance process of information.Dynamic encryption algorithm uses key under encapsulation state, encryption side produces key according to the information field of appointing in advance and encrypts, and afterwards ciphertext and information header (comprising ABG number and IV) is passed to deciphering side.The deciphering root is separated out real decruption key according to IV and is deciphered from the broad sense information field of agreement.To deciphering side, the not explicit appearance of key does not relate to the transmission of key yet from the side of encryption.If can guarantee broad sense information field safety, IV and m promptly expose does not influence fail safe yet.This moment, the key safety problem changed the broad sense information field safety issue into, the no longer explicit transmission of key and management, tightening security property greatly.Conventional cryptanalysis methods such as linear analysis, difference analysis, algebraically attack are not suitable for system of the present invention.
The key of at present a lot of encryption systems is repeatedly used, thereby reduces the fail safe of system.The present invention, thereby the fail safe that improves system greatly.
The foregoing description is a preferred implementation of the present invention; but embodiments of the present invention are not restricted to the described embodiments; other any do not deviate from change, the modification done under spirit of the present invention and the principle, substitutes, combination, simplify; all should be the substitute mode of equivalence, be included within protection scope of the present invention.

Claims (7)

1.基于广义信息域的动态加解密方法,其特征在于:实现该方法的基于广义信息域的动态加解密系统包括相连接的基于广义信息域的伪随机码发生器、加解密子系统,该加解密子系统包括加密子系统、解密子系统;1. The dynamic encryption and decryption method based on the generalized information domain is characterized in that: the dynamic encryption and decryption system based on the generalized information domain that realizes the method includes a connected pseudo-random code generator and an encryption and decryption subsystem based on the generalized information domain. Encryption and decryption subsystem includes encryption subsystem and decryption subsystem; 其中加密子系统包括依次连接的分组系数与轮密钥生成模块、分组模块、对偶位置交换模块、置换运算模块;解密子系统包括依次连接的分组系数与轮密钥生成模块、分组模块、置换运算模块、对偶位置交换模块;且加密子系统、解密子系统共用同一个分组系数与轮密钥生成模块;The encryption subsystem includes grouping coefficients and round key generation modules, grouping modules, dual position exchange modules, and permutation operation modules that are connected in sequence; the decryption subsystem includes grouping coefficients and round key generation modules, grouping modules, and permutation operations that are connected in sequence module, dual position exchange module; and the encryption subsystem and the decryption subsystem share the same grouping coefficient and round key generation module; 其中的基于广义信息域的伪随机码发生器包括依次连接的IV生成模块、IV规格化模块、m模块、约束化处理模块、密钥长度判断模块,所述m模块同时还与活动背景生成模块相连接;其中,m是密钥产生算法;IV是初始地址信息,即算法要求的种子值;Wherein the pseudo-random code generator based on the generalized information domain includes an IV generation module, an IV normalization module, an m module, a constraint processing module, and a key length judging module connected in sequence, and the m module is also connected with the active background generation module at the same time are connected; among them, m is the key generation algorithm; IV is the initial address information, that is, the seed value required by the algorithm; 同时,所述基于广义信息域的伪随机码发生器分别与加密子系统、解密子系统中的分组系数与轮密钥生成模块、对偶位置交换模块、置换运算模块相连接,分组系数与轮密钥生成模块还通过一个断点入口与m模块相连;At the same time, the pseudo-random code generator based on the generalized information domain is respectively connected with the grouping coefficient in the encryption subsystem and the decryption subsystem, the round key generation module, the dual position exchange module, and the permutation operation module. The key generation module is also connected to the m module through a breakpoint entry; 基于广义信息域的动态加解密方法,包括加密过程和解密过程,加密过程具体如下:The dynamic encryption and decryption method based on the generalized information domain includes the encryption process and the decryption process. The encryption process is as follows: (1)活动背景生成模块通过对选定IF的物理重构获得IF的某个子空间,然后把该子空间逻辑重构成活动背景;其中,IF标识广义信息域,即为任意可表示为二进制编码的数据;(1) The active background generation module obtains a certain subspace of the IF through the physical reconstruction of the selected IF, and then logically reconstructs the subspace into the active background; where, the IF identifies the generalized information domain, which is any The data; (2)IV生成模块产生IV,IV规格化模块把IV压缩或拉伸成为确定长度的二进制地址串,并将其划分为n块:(2) The IV generation module generates IV, and the IV normalization module compresses or stretches the IV into a binary address string of a certain length, and divides it into n blocks:   X1 x1   X2 x2 ......  Xn X n
作为活动背景中的n维逻辑地址;As an n-dimensional logical address in the active context; (3)m模块对活动背景中的n维逻辑位地址与物理空间进行空间轨迹变换,并在每次的地址迁移中,从活动背景中析出k位长的位串并入密钥序列中;为了获得迁移地址,约束化处理模块根据之前k位位串值的最大值与最小值的频数之差来进行约束化处理,得到一个修正值;然后由m模块把修正值并入地址序列,经过平移获取新的n维迁移地址;(3) The m module transforms the n-dimensional logical bit address and the physical space in the active background to the space trajectory, and in each address migration, extracts a k-bit long bit string from the active background and incorporates it into the key sequence; In order to obtain the migration address, the constraint processing module performs constraint processing according to the frequency difference between the maximum value and the minimum value of the previous k-bit bit string value to obtain a correction value; then the correction value is incorporated into the address sequence by the m module, through Translate to obtain a new n-dimensional migration address; (4)密钥长度判断模块根据预设的参数判断密钥的长度是否足够,若不足够,则重复进行步骤(3)操作,若足够,则输出密钥; (4) The key length judging module judges whether the length of the key is sufficient according to preset parameters, if not enough, then repeat step (3) operation, if enough, then output the key; (5)生成分组系数与轮密钥Keyr---对用户选定加密轮数,系统自动实现每轮分组系数选定与轮密钥生成,并控制各轮分组系数在一定轮数范围内不重复;由基于广义信息域的伪随机码发生器产生长度为一个字节或字的位串,并按该位串的值在分组系数集合中选取第r轮的分组系数nr,然后返回步骤(3),由基于广义信息域的伪随机码发生器继续产生 
Figure FSB00000349554500021
长的轮密钥Keyr;重复步骤(5) Generate grouping coefficient and round key Key r --- Select the number of encryption rounds for the user, the system automatically realizes the selection of each round of grouping coefficient and round key generation, and controls the grouping coefficient of each round within a certain range of rounds No repetition; the pseudo-random code generator based on the generalized information domain generates a bit string with a length of one byte or word, and selects the grouping coefficient n r of the r-th round in the grouping coefficient set according to the value of the bit string, and then returns Step (3), the pseudo-random code generator based on the generalized information domain continues to generate
Figure FSB00000349554500021
long round key Key r ; repeat steps (5),直到所有的分组系数及轮密钥生成完毕,最后把各轮的轮密钥Keyr依次拼接成密钥K;(5), until all the grouping coefficients and round keys are generated, finally the round key Key r of each round is sequentially spliced into a key K; 多轮加密时,记n′=max(nr),r=1,2,...,R,其中R是加密轮数,依次选取大小为2n′的块为单位,按步骤(6)、(7)、(8)进行R轮加密;During multiple rounds of encryption, remember n'=max(n r ), r=1, 2, ..., R, where R is the number of rounds of encryption, and the blocks with a size of 2 n' are selected successively as units, and according to step (6 ), (7), (8) carry out R round encryption; (6)分组方案---对密钥K按分组系数nr进行分组,分组系数决定了明文分组置换加密的地址空间为 
Figure FSB00000349554500022
(6) Grouping scheme --- Group the key K according to the grouping coefficient n r , and the grouping coefficient determines the address space of the plaintext group permutation encryption as
Figure FSB00000349554500022
 (7)对偶位置交换---密钥K分组的内容ki代表加密空间分组的组内地址,对ki按位取反得到k′i,ki和k′i形成对偶地址对,分析各个ki的统计特性后进行相应的移位和对偶地址对应内容的交换处理;这些处理是由密钥的排列特性决定的,因此使用不同的密钥,加密时采取的移位及交换处理是不同的;(7) Dual position exchange --- the content k i of the key K group represents the intra-group address of the encryption space group, and k i is obtained by inverting k i bit by bit, k i and k' i form a dual address pair, analysis After the statistical characteristics of each ki , the corresponding shift and exchange processing of the corresponding content of the dual address are performed; these processes are determined by the arrangement characteristics of the key, so different keys are used, and the shift and exchange processing adopted during encryption is different; (8)置换运算---记轮密钥为Keyr=(K0,k1,...,Kt),明文加密空间分组A=(A0,A1,...,At),相应的密文分组为A′=(A′0,A′1,...,A′t),其中Ki,Ai,A′i占1bit,即视为二进制流的形式,在完成位置交换后,按以下公式计算出A′值,该A′作为第r+1轮的A使用:(8) Permutation operation --- the round key is Key r = (K 0 , k 1 , ..., K t ), the plaintext encryption space group A = (A 0 , A 1 , ..., A t ), the corresponding ciphertext grouping is A′=(A′ 0 , A′ 1 ,...,A′ t ), where K i , A i , A′ i occupy 1 bit, which is regarded as the form of binary stream, After the position exchange is completed, the value of A' is calculated according to the following formula, and this A' is used as the A of the r+1 round:
Figure FSB00000349554500023
Figure FSB00000349554500023
 上述步骤(6)至(8)当为加密算法所进行的第r轮加密过程,一轮加密结束,若未完成R轮加密则重复进行步骤(6)至(8),否则转(9);When the above steps (6) to (8) are the rth round encryption process performed by the encryption algorithm, one round of encryption is over, if the R round of encryption is not completed, then repeat steps (6) to (8), otherwise go to (9) ; (9)若明文未加密完毕,返回(6),否则,加密结束,返回密文;解密过程具体如下:(9) If the plaintext is not encrypted, return to (6); otherwise, the encryption is completed and the ciphertext is returned; the decryption process is as follows: (10)活动背景生成模块通过对选定IF的物理重构获得IF的某个子空间,然后把该子空间逻辑重构成活动背景;(10) The active background generation module obtains a certain subspace of the IF through the physical reconstruction of the selected IF, and then logically reconstructs the subspace into the active background; (11)IV生成模块产生IV,IV规格化模块把IV压缩或拉伸成为确定长度的二进制地址串,并将其划分为n块:(11) IV generation module produces IV, and IV normalization module compresses or stretches IV into the binary address string of definite length, and it is divided into n blocks:   X1 x1   X2 x2 ......  Xn X n
作为活动背景中的n维逻辑地址;As an n-dimensional logical address in the active context; (12)m模块对活动背景中的n维逻辑位地址与物理空间进行空间轨迹变换,并在每次的地址迁移中,从活动背景中析出k位长的位串并入密钥序列中,为了获得迁移地址,约束化处理模块根据之前k位位串值的最大值与最小值的 频数之差来进行约束化处理,得到一个修正值;然后由m模块把修正值并入地址序列,经过平移获取新的n维迁移地址;(12) The m module transforms the n-dimensional logical bit address and the physical space in the active background to the space trajectory, and in each address migration, extracts a k-bit long bit string from the active background and incorporates it into the key sequence, In order to obtain the migration address, the constraint processing module performs constraint processing according to the frequency difference between the maximum value and the minimum value of the previous k-bit bit string value to obtain a correction value; then the correction value is incorporated into the address sequence by the m module, through Translate to obtain a new n-dimensional migration address; (13)密钥长度判断模块根据预设的参数判断密钥的长度是否足够,若不足够,则重复进行步骤(12)操作,若足够,则输出密钥;(13) The key length judging module judges whether the length of the key is sufficient according to preset parameters, if not enough, then repeat step (12) operation, if enough, then output the key; (14)生成分组系数与轮密钥Keyr---对解密轮数,系统自动实现每轮分组系数选定与轮密钥生成,并控制各轮分组系数在一定轮数范围内不重复,由基于广义信息域的伪随机码发生器产生长度为一个字节或字的位串,并按该位串的值在分组系数集合中选取第r轮的分组系数nr,然后返回步骤(12),由基于广义信息域的伪随机码发生器继续产生 长的轮密钥Keyr;重复步骤(14),直到所有的分组系数及轮密钥生成完毕,最后把各轮的轮密钥Keyr依次拼接成密钥K;(14) Generation of grouping coefficients and round key Key r --- For the number of decryption rounds, the system automatically realizes the selection of each round of grouping coefficients and the generation of round keys, and controls the grouping coefficients of each round to not repeat within a certain range of rounds. The pseudo-random code generator based on the generalized information domain generates a bit string with a length of one byte or word, and selects the grouping coefficient n r of the r-th round in the grouping coefficient set according to the value of the bit string, and then returns to step (12 ), continue to be generated by the pseudo-random code generator based on the generalized information domain Long round key Key r ; repeat step (14), until all grouping coefficients and round keys are generated, and finally the round key Key r of each round is spliced into key K in turn; 多轮解密时,记n′=max(nr),r=1,2,...,R,其中R是解密轮数,依次选取大小为2n′的块为单位,按步骤(15)、(16)、(17)进行R轮解密;During multiple rounds of decryption, remember n'=max(n r ), r=1, 2, ..., R, where R is the number of rounds of decryption, and the blocks with a size of 2 n' are selected successively as units, and according to step (15 ), (16), (17) carry out R round decryption; (15)分组方案---对密钥K按分组系数nR-r+1进行分组,分组系数决定了密文分组置换解密的地址空间为  (15) Grouping scheme --- Group the key K according to the grouping coefficient n R-r+1 , and the grouping coefficient determines the address space for ciphertext group replacement and decryption as (16)置换运算---记轮密钥为Key′r=(K0,K1,...,Kt),是由步骤(14)产生的KeyR-r+1,密文解密空间分组A=(A0,A1,...,At),相应的明文分组为A′=(A′0,A′1,...,A′t),其中Ki,Ai,A′i占1bit,即视为二进制流的形式,在完成位置交换后,按以下公式计算出A′值,A′作为第r+1轮的A使用:(16) Replacement operation --- the round key is Key' r = (K 0 , K 1 , ..., K t ), which is the Key R-r+1 generated by step (14), and the ciphertext is decrypted Space grouping A=(A 0 , A 1 ,...,A t ), the corresponding plaintext grouping is A'=(A' 0 , A' 1 ,...,A' t ), where K i , A i , A' i occupies 1 bit, which is regarded as the form of a binary stream. After the position exchange is completed, the value of A' is calculated according to the following formula, and A' is used as A of the r+1 round:
Figure FSB00000349554500033
Figure FSB00000349554500033
 (17)对偶位置交换---密钥K分组的内容ki代表加密空间分组的组内地址,对ki按位取反得到k′i,ki和k′i形成对偶地址对;分析各个ki的统计特性后进行相应的移位和对偶地址对应内容的交换处理;这些处理是由密钥的排列特性决定的,因此使用不同的密钥,解密时采取的移位及交换处理是不同的;(17) Dual position exchange---the content k i of the key K group represents the intra-group address of the encryption space group, and k i is obtained by inverting k i bit by bit, and k i and k' i form a dual address pair; analysis After the statistical characteristics of each ki , the corresponding shifting and the exchange processing of the corresponding content of the dual address are carried out; these processes are determined by the arrangement characteristics of the key, so different keys are used, and the shifting and exchange processing adopted during decryption is different; 上述步骤(15)至(17)当为解密算法所进行的第r轮解密过程,一轮解密结束,若未完成R轮解密则重复进行步骤(15)至(17),否则转(18);When the above steps (15) to (17) are the rth round of decryption process performed by the decryption algorithm, one round of decryption ends, if the R round of decryption is not completed, then repeat steps (15) to (17), otherwise go to (18) ; (18)若密文未解密完毕,返回(15),否则,解密结束,返回明文。(18) If the ciphertext has not been decrypted, return to (15), otherwise, the decryption is completed and the plaintext is returned. 2.根据权利要求1所述基于广义信息域的动态加解密方法,其特征在于:步骤(2)、(11)所述IV由系统随机数、系统内部时间、指定内容中的一项或任意多项组成,其中系统随机数、系统内部时间通过调用函数获得,实现IV的随机性和唯一性,指定内容由用户给定,实现IV的个性化。2. according to the described dynamic encryption and decryption method based on generalized information field of claim 1, it is characterized in that: step (2), described IV in (11) is by one or arbitrary in system random number, system internal time, specified content It is composed of multiple items, among which the system random number and the internal time of the system are obtained by calling functions to realize the randomness and uniqueness of the IV, and the specified content is given by the user to realize the personalization of the IV. 3.根据权利要求1所述基于广义信息域的动态加解密方法,其特征在于:步骤(1)、(10)所述的IF为任意类型的数据,本质上是以字节为单位的任意长的二进制0、1位串。 3. according to the described dynamic encryption and decryption method based on generalized information field of claim 1, it is characterized in that: the IF described in step (1), (10) is the data of arbitrary type, is the arbitrary data of byte as unit essentially. A long binary string of 0, 1 bits. the 4.根据权利要求3所述基于广义信息域的动态加解密方法,其特征在于:步骤(1)、(10)所述的IF由算法产生,或者为图像、文本文件或内存的一段代码。4. The dynamic encryption and decryption method based on the generalized information domain according to claim 3, characterized in that: the IF described in steps (1), (10) is generated by an algorithm, or is a section of code of an image, a text file or an internal memory. 5.根据权利要求1所述基于广义信息域的动态加解密方法,其特征在于:步骤(1)、(10)所述的活动背景在选定广义信息域下的结构具有如下定义:5. according to the described dynamic encryption and decryption method based on generalized information domain of claim 1, it is characterized in that: the structure of the activity background described in step (1), (10) has following definition under the selected generalized information domain:   ABG-codeABG-code   IF-codeIF-code   [S1/L1][,S2/L2]…[Si/Li]…[S 1 /L 1 ][,S 2 /L 2 ]…[S i /L i ]…   D1,D2,D3[,D4[,…]]D 1 , D 2 , D 3 [, D 4 [,…]]
其中,ABG-code为活动背景号;Among them, ABG-code is the activity background number; IF-code为广义信息域号;IF-code is the generalized information domain number; [S1/L1][,S2/L2]…[Si/Li]…为物理重构参数,其中Si是偏移,Li是长度,物理重构时的单位是字节;[S 1 /L 1 ][, S 2 /L 2 ]…[S i /L i ]… are physical reconstruction parameters, where S i is the offset, L i is the length, and the unit of physical reconstruction is word Festival; D1,D2,D3[,Di[,…]]为逻辑重构参数,Di为维定义。D 1 , D 2 , D 3 [, D i [, ...]] are logical reconstruction parameters, and D i is a dimension definition. 6.根据权利要求5所述基于广义信息域的动态加解密的方法,其特征在于:所述活动背景生成模块主要由物理重构模块、逻辑重构模块连接组成;6. The method for dynamic encryption and decryption based on the generalized information domain according to claim 5, characterized in that: the active background generation module is mainly composed of a physical reconstruction module and a logical reconstruction module; 步骤(1)、(10)所述的活动背景生成模块对该选定的IF进行物理重构,具体由物理重构模块来实现,其具体操作如下:The active background generating module described in steps (1) and (10) performs physical reconstruction on the selected IF, which is specifically implemented by the physical reconstruction module, and its specific operations are as follows: 若物理重构参数为空,则活动背景与选定信息域等价;若物理重构参数非空,则依次选取一组物理重构参数[Si/Li]],从广义信息域或中间结果的第Si字节起截取长度为Li字节长的0、1串作为有效信息;If the physical reconstruction parameters are empty, the active background is equivalent to the selected information domain; if the physical reconstruction parameters are not empty, then a set of physical reconstruction parameters [S i /L i ]] are selected in turn, from the generalized information domain or From the Si byte of the intermediate result, an interception length of 0 and 1 strings with a length of Li bytes is used as valid information; 步骤(1)、(10)所述的活动背景生成模块对该选定的IF进行逻辑重构获取活动背景,具体由逻辑重构模块来实现,其具体操作如下:The active background generation module described in steps (1) and (10) performs logical reconstruction on the selected IF to obtain the active background, which is specifically implemented by the logical reconstruction module, and its specific operations are as follows: 由物理重构得到的一维数据重构为D1×D2×…×Dn的信息块,D1,D2,…,Dn是事先约定好的各维的最大下标值。The one-dimensional data obtained by physical reconstruction is reconstructed into information blocks of D 1 ×D 2 ×…×D n , where D 1 , D 2 ,…, D n are the maximum subscript values of each dimension agreed in advance. 7.根据权利要求1所述基于广义信息域的动态加解密的方法,其特征在于:步骤(1)、(2)、(3)、(10)、(11)、(12)所述的IF、IV、m模块中的m三元协调来实现在背景空间轨迹迁移,在迁移过程中析出k位密钥,同时修改迁移轨迹,直至生成的长度满足要求为止。 7. the method for the dynamic encryption and decryption based on generalized information domain according to claim 1, is characterized in that: step (1), (2), (3), (10), (11), (12) described The m ternary coordination in the IF, IV, and m modules realizes the trajectory migration in the background space. During the migration process, the k-bit key is extracted, and the migration trajectory is modified at the same time until the generated length meets the requirements. the
CN200810198491XA 2008-09-12 2008-09-12 Dynamic ciphering method based on broad sense information field Expired - Fee Related CN101383703B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN200810198491XA CN101383703B (en) 2008-09-12 2008-09-12 Dynamic ciphering method based on broad sense information field

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN200810198491XA CN101383703B (en) 2008-09-12 2008-09-12 Dynamic ciphering method based on broad sense information field

Publications (2)

Publication Number Publication Date
CN101383703A CN101383703A (en) 2009-03-11
CN101383703B true CN101383703B (en) 2011-04-27

Family

ID=40463344

Family Applications (1)

Application Number Title Priority Date Filing Date
CN200810198491XA Expired - Fee Related CN101383703B (en) 2008-09-12 2008-09-12 Dynamic ciphering method based on broad sense information field

Country Status (1)

Country Link
CN (1) CN101383703B (en)

Families Citing this family (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101938350B (en) * 2010-07-16 2012-06-06 黑龙江大学 File encryption and decryption method based on combinatorial coding
CN101895389B (en) * 2010-07-16 2012-06-06 黑龙江大学 Methods for encrypting and decrypting combined coding based file by adopting proportion calculation
CN102075812B (en) * 2010-08-10 2013-06-19 深圳市九洲电器有限公司 Data receiving method and system of digital television
US8958550B2 (en) * 2011-09-13 2015-02-17 Combined Conditional Access Development & Support. LLC (CCAD) Encryption operation with real data rounds, dummy data rounds, and delay periods
CN103684761B (en) * 2013-12-25 2017-02-01 广西宝恒电子科技有限公司 Coding and decoding method
CN105049176B (en) * 2015-06-11 2017-12-29 湘潭大学 Decryption method for view data safe transmission
CN104868989B (en) * 2015-06-11 2017-11-17 湘潭大学 Encryption method for view data safe transmission
CN106817220A (en) * 2015-11-30 2017-06-09 北大方正集团有限公司 A kind of method of encryption of communicated data, device and encryption device
CN106921486A (en) * 2015-12-28 2017-07-04 航天信息股份有限公司 The method and apparatus of data encryption
CN105740721A (en) * 2016-01-21 2016-07-06 浪潮电子信息产业股份有限公司 Device, method and system for encrypting and decrypting data
CN107124273A (en) * 2017-05-10 2017-09-01 成都课迪科技有限公司 A kind of platform data encryption method and device based on dynamic authorization code
CN112184926B (en) * 2020-09-14 2022-11-04 南京通用电器有限公司 Method and device for preventing counter cheating based on dynamic change encryption data packet

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1398083A (en) * 1995-12-07 2003-02-19 富士通株式会社 High security data deciphering method and device

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1398083A (en) * 1995-12-07 2003-02-19 富士通株式会社 High security data deciphering method and device

Also Published As

Publication number Publication date
CN101383703A (en) 2009-03-11

Similar Documents

Publication Publication Date Title
CN101383703B (en) Dynamic ciphering method based on broad sense information field
Kumar et al. Development of modified AES algorithm for data security
CN101394268B (en) Advanced ciphering system and method based on broad sense information field
CN106411518B (en) A kind of unfixed symmetrical whitepack encryption method of key and device
CN107147487B (en) Symmetric key random block cipher
Gupta et al. An enhanced AES algorithm using cascading method on 400 bits key size used in enhancing the safety of next generation internet of things (IOT)
CN109861810A (en) A data encryption method and decryption method based on chaotic block encryption algorithm
Alemami et al. Advanced approach for encryption using advanced encryption standard with chaotic map
Mewada et al. Exploration of efficient symmetric AES algorithm
Achkoun et al. SPF-CA: A new cellular automata based block cipher using key-dependent S-boxes
Sharma et al. Analysis of AES Encryption with ECC
CN102946315A (en) Method and system for constructing MAC (Media Access Control) code by utilizing packet mode
CN101364868B (en) Pseudo-random code generator and its generation method based on generalized information domain
CN201252558Y (en) Advanced encryption system based on generalized information domain
CN104735652A (en) Chaotic encryption method suitable for wireless sensor network
Shoukat et al. Randomized substitution method for effectively secure block ciphers in IOT environment
CN101848079B (en) A word-oriented, memory-carrying sequence perturbation method and encryption method
CN112866288B (en) A Symmetric Data Encryption Method for Double Plaintext Transmission
CN112507357B (en) Multi-stage interface design method based on key generator
Bao et al. Quantum Multi-Collision Distinguishers.
Haryono Comparison encryption of how to work caesar cipher, hill cipher, Blowfish and Twofish
CN101777975A (en) Test data encryption method based on S box and chaotic map
CN114125801A (en) Bluetooth device data encryption structure and encryption and decryption method
CN201256392Y (en) Dynamic ciphering system based on broad sense information field
CN117411727B (en) Encryption method, device and storage medium for symmetric encryption of communication transmission

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20110427

Termination date: 20140912

EXPY Termination of patent right or utility model