[go: up one dir, main page]

CN103117850A - Cryptosystem based on random sequence database - Google Patents

Cryptosystem based on random sequence database Download PDF

Info

Publication number
CN103117850A
CN103117850A CN2011103640059A CN201110364005A CN103117850A CN 103117850 A CN103117850 A CN 103117850A CN 2011103640059 A CN2011103640059 A CN 2011103640059A CN 201110364005 A CN201110364005 A CN 201110364005A CN 103117850 A CN103117850 A CN 103117850A
Authority
CN
China
Prior art keywords
database
random sequence
decryption
random
updated
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN2011103640059A
Other languages
Chinese (zh)
Other versions
CN103117850B (en
Inventor
曾纪晴
张明永
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
South China Botanical Garden of CAS
Original Assignee
South China Botanical Garden of CAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by South China Botanical Garden of CAS filed Critical South China Botanical Garden of CAS
Priority to CN201110364005.9A priority Critical patent/CN103117850B/en
Publication of CN103117850A publication Critical patent/CN103117850A/en
Application granted granted Critical
Publication of CN103117850B publication Critical patent/CN103117850B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Storage Device Security (AREA)

Abstract

本发明提供一种基于随机序列数据库的密码系统。该密码系统通过一个由256条数据组成的8位二进制数及与其对应的随机序列数据库D将二进制位流转变为随机序列位流。随机序列数据库D对二进制位流的变换是通过字符串搜索而实现的。随机序列数据库D可以实现每次加密或解密一个字节而动态更新与同步。本密码系统是真正的“一次一密”的完善密码系统,完全不可破译。

Figure 201110364005

The invention provides a cryptographic system based on a random sequence database. The cryptographic system transforms the binary bit stream into a random sequence bit stream through an 8-bit binary number composed of 256 pieces of data and its corresponding random sequence database D. The conversion of the random sequence database D to the binary bit stream is realized by character string searching. The random sequence database D can be dynamically updated and synchronized by encrypting or decrypting one byte at a time. This password system is a real "one-time pad" perfect password system, which is completely undecipherable.

Figure 201110364005

Description

一种基于随机序列数据库的密码系统A Cryptosystem Based on Random Sequence Database

技术领域 technical field

本发明属于信息安全领域,特别是涉及一种基于随机序列数据库的密码系统。The invention belongs to the field of information security, in particular to a password system based on a random sequence database.

背景技术 Background technique

密码系统是信息安全的核心和关键技术。目前实际应用的密码系统尽管种类很多,但其密码体制可分为两类:对称密码体制和非对称密码体制。1949年,Shannon发表了“Communication theory of secrecy system”重要论文,证明了只有“一次一密”的密码系统才是理论上不可破译的、绝对安全的密码系统。但是由于“一次一密”的密码系统存在密匙产生、分配与管理极为困难的问题,使其应用受到限制。为了达到类似“一次一密”那样的安全性,仿效“一次一密”的密码系统如分组密码和流密码应用而生。目前,流密码是世界各国信息安全领域的主流密码。流密码有许多种设计方法,比如移位寄存器序列、非线性组合序列、非线性过滤序列和钟控序列以及混沌序列等方法。Cryptography system is the core and key technology of information security. Although there are many kinds of cryptographic systems in practical application at present, their cryptosystems can be divided into two categories: symmetric cryptosystems and asymmetric cryptosystems. In 1949, Shannon published an important paper on "Communication theory of secrecy system", proving that only the "one-time pad" cryptographic system is theoretically undecipherable and absolutely secure. However, due to the extremely difficult problems of key generation, distribution and management in the "one-time pad" cryptographic system, its application is limited. In order to achieve the security similar to "one-time pad", cryptosystems imitating "one-time pad" such as block cipher and stream cipher are applied. Currently, stream ciphers are the mainstream ciphers in the field of information security around the world. There are many design methods for stream ciphers, such as shift register sequence, nonlinear combination sequence, nonlinear filter sequence, clock control sequence and chaotic sequence.

流密码是指利用少量的密钥通过特定的复杂密码算法产生大量的伪随机位流,用于对明文位流的加密。解密是指用同样的密钥和密码算法及与加密相同的伪随机位流,用以还原明文位流。因此,流密码的关键是产生密匙序列的算法,其密码系统的安全性也主要取决于密匙序列,但由于密匙序列多是由一种子密匙k经某个特定的确定性算法产生的伪随机序列,因此流密码是基于数学计算的密码系统,它在理论上是可被计算机破译的。因此,本质上来讲,流密码并非是“一次一密”的密码系统。Stream cipher refers to the use of a small number of keys to generate a large number of pseudo-random bit streams through specific complex cryptographic algorithms, which are used to encrypt plaintext bit streams. Decryption refers to using the same key and cryptographic algorithm and the same pseudo-random bit stream as encryption to restore the plaintext bit stream. Therefore, the key of the stream cipher is the algorithm for generating the key sequence, and the security of the cryptographic system mainly depends on the key sequence, but since the key sequence is mostly generated by a certain seed key k through a specific deterministic algorithm Therefore, the stream cipher is a cryptographic system based on mathematical calculations, which can be deciphered by a computer in theory. Therefore, in essence, a stream cipher is not a "one-time pad" cryptographic system.

本发明提出了一个基于随机序列数据库的密码系统,该密码系统类似于流密码,都是每次加密一个字节,但流密码使用伪随机序列作为密匙序列,而本密码系统则使用随机序列数据库将明文流变换为随机序列。本发明提供了一个“一次一密”的完善密码系统,完全可不破译,同时还可自动检测密文信息的完整性,确保密文信息不被篡改、仿冒,可广泛应用于信息安全的各个领域。The present invention proposes a cryptographic system based on a random sequence database, which is similar to a stream cipher, which encrypts one byte at a time, but the stream cipher uses a pseudo-random sequence as the key sequence, while this cryptosystem uses a random sequence The database transforms the plaintext stream into a random sequence. The present invention provides a "one-time-one-pass" perfect password system, which can not be deciphered at all, and can also automatically detect the integrity of the ciphertext information to ensure that the ciphertext information is not tampered with or counterfeited, and can be widely used in various fields of information security .

发明内容 Contents of the invention

本发明所建立的一种基于随机序列数据库的密码系统,采取如下步骤和方法:A kind of password system based on random sequence database that the present invention establishes, take following steps and method:

(1)首先,建立一个8位二进制数据库D。(1) First, build an 8-bit binary database D.

该数据库的结构如图1所示,A为8位二进制数,B为每个二进制数对应的随机序列(比如是由0和1组成的随机序列)。用A(i)表示0-255的8位二进制数,B(i)表示与A(i)对应的随机序列。B(i)序列长度的设置以足够保证随机序列ki的唯一性以及序列搜索运算速度为依据。该数据库D共有256条数据。由于216=28*28=256*28=256*256,对应于256条二进制数据来说,每个8位二进制数据理论上可找到256个不同的16位二进制随机序列与之相对应。每个随机序列B(i)的长度设置在30-100个字符之间足以满足需要。The structure of the database is shown in Figure 1, A is an 8-bit binary number, and B is a random sequence corresponding to each binary number (such as a random sequence composed of 0 and 1). Use A(i) to represent the 8-bit binary number of 0-255, and B(i) to represent the random sequence corresponding to A(i). The setting of the sequence length of B(i) is based on the sufficient guarantee of the uniqueness of the random sequence ki and the operation speed of the sequence search. The database D has a total of 256 pieces of data. Since 2 16 =2 8 *2 8 =256*2 8 =256*256, corresponding to 256 pieces of binary data, each 8-bit binary data can theoretically find 256 different 16-bit binary random sequences corresponding to it correspond. It is sufficient to set the length of each random sequence B(i) between 30-100 characters.

(2)加密方法:(2) Encryption method:

首先将明文M转换为二进制,然后按每个字节即8位二进制数自动划分为若干单元,比如m1,m2,m3,……,mn。然后,依次在数据库D中检索,根据其检索到的8位二进制数A(i)找到其对应的随机序列B(i),然后在B(i)中再随机截取一段由16个字符组成的序列ki。当明文M所有字节完成上述变换后依次得到k1,k2,k3,……,kn,即构成密文。随机序列ki也可再经过加密变换Ci=E(ki)(i=1,2,3,……,n),则最终可得到密文C=c1c2c3…cnFirst convert the plaintext M into binary, and then automatically divide each byte, that is, an 8-bit binary number, into several units, such as m 1 , m 2 , m 3 ,..., m n . Then, search in the database D in turn, find the corresponding random sequence B(i) according to the retrieved 8-bit binary number A(i), and then randomly intercept a section of 16-character sequence in B(i) sequence ki. When all the bytes of the plaintext M are transformed above, k 1 , k 2 , k 3 , ..., k n are sequentially obtained, which constitutes the ciphertext. The random sequence ki can also undergo encryption transformation Ci=E(k i ) (i=1, 2, 3, ..., n), and finally the ciphertext C = c 1 c 2 c 3 ... c n can be obtained.

其中,k1,k2,k3,……,kn需满足唯一性条件,即在数据库D中,这些随机序列ki是唯一的,假如截取到的ki不能满足唯一性条件,则必须重新选取,直到满足唯一性条件为止。检验ki的唯一性,可使用字符串搜索算法,在数据库D中进行搜索,如果ki仅有一个搜索结果,则表明ki在数据库D中是唯一的,否则是不唯一的。Among them, k 1 , k 2 , k 3 ,..., k n need to meet the uniqueness condition, that is, in the database D, these random sequences ki are unique, if the intercepted ki cannot meet the uniqueness condition, it must be re- Select until the uniqueness condition is met. To check the uniqueness of ki, you can use a string search algorithm to search in database D. If ki has only one search result, it means that ki is unique in database D, otherwise it is not unique.

(3)密匙动态更新方法:(3) Key dynamic update method:

在加密过程中,密匙可随每次加密一个字节(8位二进制数mi)明文后而自动更新,其更新的方法是:mi对应的随机序列被截取一段子序列ki之后,即自动从原随机序列中删除,并经过一定变换(如0和1对换处理)后插入到删除ki后的随机序列中的第j个位置上。j可以是一个约定的常数,也可以是一个明文“字节”序数的函数。设字节序数为i,则当加密第i个字节时,j=F(i)。During the encryption process, the key can be automatically updated after encrypting one byte (8-bit binary number m i ) of plaintext each time. The update method is: after the random sequence corresponding to mi is intercepted by a subsequence ki, that is It is automatically deleted from the original random sequence, and inserted into the jth position in the random sequence after ki is deleted after a certain transformation (such as 0 and 1 exchange processing). j can be an agreed constant, or a function of the plaintext "byte" ordinal. Let the byte sequence number be i, then when encrypting the i-th byte, j=F(i).

(4)解密方法:(4) Decryption method:

密文C经过解密变换ki=D(ci)(i=1,2,3,......,n)后,依次得到随机序列字符串:k1,k2,k3,......,ki,......kn。如果密文本身由上述随机序列组成,则不必再进行解密变换,在数据库D中依次查找字符串k1,k2,k3,......,ki,......kn,得到其对应的8位二进制数m1,m2,m3,......,mn,即可转换成明文信息。在解密过程中,密匙可随每次解密得到一个字节明文后而自动更新,其更新的方法是:每次在随机数据库查找ki得到相应的mi之后,该字符串ki即自动从原随机序列中删除,并经过一定变换(如0和1对换处理)后插入到删除ki之后的随机序列中的第j个位置上。After the ciphertext C undergoes the decryption transformation ki=D(c i ) (i=1, 2, 3, ..., n), random sequence strings are obtained sequentially: k 1 , k 2 , k 3 ,. ..., ki, ...k n . If the ciphertext itself is composed of the above random sequences, it is not necessary to perform decryption transformation, and the strings k 1 , k 2 , k 3 , ..., ki, ... k are searched in sequence in the database D n , get its corresponding 8-bit binary number m 1 , m 2 , m 3 ,..., m n , and then convert it into plaintext information. During the decryption process, the key can be automatically updated each time a byte of plaintext is obtained through decryption. The update method is: each time the string ki is obtained from the random database to obtain the corresponding mi , the string ki is automatically changed from the original deleted from the random sequence, and inserted into the jth position in the random sequence after deleting ki after a certain transformation (such as 0 and 1 exchange processing).

(5)数据库D同步更新办法:(5) Synchronous update method of database D:

由于数据库D在加密和解密时处于动态更新状态,这种更新是对数据库D中的随机序列的重排,那么,任何影响到数据库中随机序列重排的主动攻击(比如对密文字符进行插入、删除或重放操作)均可能造成解密中断(只要密文解出的随机序列字符串唯一性条件被破坏,解密过程即自行终止)。设发送和接收双方原始共享的数据库为D0,经过加密后,发送方的数据库更新为D1,若接收方解密成功,则其数据库自动更新为D1,否则不更新,请求发送方重新发送,发送方加密的数据库返回到D0。也就是说,只要接收方解密不成功,则请求发送方按之前的数据库重新发送。Since database D is in a state of dynamic update during encryption and decryption, this update is a rearrangement of random sequences in database D, then any active attack that affects the rearrangement of random sequences in the database (such as inserting ciphertext characters , deletion or replay operation) may cause decryption interruption (as long as the uniqueness condition of the random sequence string obtained from the ciphertext is destroyed, the decryption process will automatically terminate). Suppose the original shared database between the sender and the receiver is D 0 , after encryption, the sender’s database is updated to D 1 , if the receiver’s decryption is successful, its database is automatically updated to D 1 , otherwise it is not updated, and the sender is requested to resend , the sender's encrypted database is returned to D 0 . That is to say, as long as the receiver fails to decrypt, the sender is requested to resend according to the previous database.

本发明的密码系统具有如下特点:The cryptographic system of the present invention has the following characteristics:

1,本密码系统中通讯双方拥有的数据库D是一个仅有256条数据的小型数据库,在加解密过程中运行速度很快。1. The database D owned by both communicating parties in this cryptographic system is a small database with only 256 pieces of data, which runs very fast during the encryption and decryption process.

2,双方共享一次数据库D之后,该数据库即可在加解密过程中实现自动更新,在更新过程中引入了随机化过程,从而实现了真正的“一次一密”。2. After the two parties share the database D once, the database can be automatically updated during the encryption and decryption process, and a randomization process is introduced in the update process, thus realizing the real "one-time encryption".

3,本密码系统完全克服了以往“一次一密”体制中要求密匙必须与明文长度相同的缺点,密匙的分配与管理不再是一个难题,只需构建一个小型的随机序列数据库,利用字符串搜索比对工具即可轻松实现对每个比特进行加密的密匙分配。3. This cryptographic system completely overcomes the shortcoming that the key must be the same length as the plaintext in the previous "one-time pad" system. The distribution and management of the key is no longer a difficult problem. It only needs to build a small random sequence database, use The key distribution that encrypts every bit can be easily realized by string search and comparison tool.

4,本系统由于是“一次一密”不可破译系统,对本系统造成破坏的唯一途径就是对本系统进行主动攻击。当攻击者对密文字符进行插入、删除或者重放操作时,如果插入的字符经解密得到的ki不存在于数据库D中,那么插入的字符就不影响正确的解密。但是,进行删除或者重放操作时,对解密就可能造成影响。如果发生不能正确解密(比如解密过程中在数据库D中依次查找字符串ki时出现查找结果唯一性被破坏,或解密完成后发现乱码或其它无意义信息)的情况,则可判断密文已经被篡改。因此,本密码系统具有自动检测密文是否被窃取并篡改、破坏的特点,密文可做到完全保密、不可仿冒。4. Since this system is a "one-time pad" undecipherable system, the only way to cause damage to this system is to actively attack this system. When an attacker inserts, deletes, or replays ciphertext characters, if the ki obtained by decrypting the inserted characters does not exist in the database D, the inserted characters will not affect the correct decryption. However, when a delete or replay operation is performed, decryption may be affected. If it cannot be decrypted correctly (for example, the uniqueness of the search result is destroyed when the string ki is sequentially searched in the database D during the decryption process, or garbled characters or other meaningless information are found after the decryption is completed), it can be judged that the ciphertext has been encrypted. tamper. Therefore, this cryptographic system has the characteristics of automatically detecting whether the ciphertext has been stolen, tampered with or destroyed, and the ciphertext can be completely kept secret and cannot be counterfeited.

附图说明: Description of drawings:

图1:8位二进制数据库D,由256条数据组成,A为0-255的8位二进制数,B为与每个8位二进制对应的随机序列(由30-100个0和1组成)。Figure 1: 8-bit binary database D, consisting of 256 pieces of data, A is an 8-bit binary number of 0-255, and B is a random sequence corresponding to each 8-bit binary (composed of 30-100 0s and 1s).

图2:信息加密流程与方法Figure 2: Information encryption process and method

图3:信息解密流程与方法Figure 3: Information decryption process and method

图4:密匙更新的方法Figure 4: Method for key update

具体实施方式 Detailed ways

首先,构建8位二进制数据库D。如图1所示,A(i)表示从0到255的8位二进制数;B(i)表示与其对应的随机序列。随机序列B(i)可以由任何字符组成,图1中我们假设随机序列由0和1组成。序列长度的设置以足够保证随机序列ki的唯一性以及序列搜索运算速度为依据。由于216=65536,对应于256条二进制数据来说,每个二进制数据理论上可找到256个16位二进制随机序列与之相对应。每个随机序列的长度设置在30-100个字符之间足以满足需要。First, construct the 8-bit binary database D. As shown in Figure 1, A(i) represents an 8-bit binary number from 0 to 255; B(i) represents a random sequence corresponding to it. The random sequence B(i) can be composed of any characters. In Figure 1, we assume that the random sequence is composed of 0 and 1. The setting of the sequence length is based on sufficient guarantee of the uniqueness of the random sequence ki and the operation speed of the sequence search. Since 2 16 =65536, corresponding to 256 pieces of binary data, theoretically 256 16-bit binary random sequences can be found corresponding to each binary data. It is sufficient to set the length of each random sequence between 30-100 characters.

如需加密一个明文信息M,首先将其转换为二进制,然后按每个字节即8位二进制数自动划分为若干单元,比如m1,m2,m3,……,mn。然后,依次在数据库D中检索,,根据其检索到的8位二进制数A(i)找到其对应的随机序列B(i),然后在B(i)中再随机截取一段由16个字符组成的序列ki。当明文M所有字节完成上述变换后依次得到k1,k2,k3,……,kn,即构成密文。随机序列ki也可再经过加密变换Ci=E(ki)(i=1,2,3,……,n),则最终可得到密文C=c1c2c3…cn。加密变换可以是用一个16位的二进制数K对ki做异或处理。图2表示信息加密的流程与方法。To encrypt a plaintext message M, first convert it into binary, and then automatically divide each byte into several units, such as m 1 , m 2 , m 3 ,..., m n . Then, search in the database D in turn, find the corresponding random sequence B(i) according to the retrieved 8-bit binary number A(i), and then randomly intercept a segment consisting of 16 characters in B(i) The sequence ki. When all the bytes of the plaintext M are transformed above, k 1 , k 2 , k 3 , ..., k n are sequentially obtained, which constitutes the ciphertext. The random sequence ki can also undergo encryption transformation Ci=E(k i ) (i=1, 2, 3, ..., n), and finally the ciphertext C = c 1 c 2 c 3 ... c n can be obtained. The encryption transformation may be to use a 16-bit binary number K to perform XOR processing on ki . Figure 2 shows the flow and method of information encryption.

其中,k1,k2,k3,……,kn需满足唯一性条件,即在数据库D中,这些随机序列ki是唯一的,假如截取到的ki不能满足唯一性条件,则必须重新选取,直到满足唯一性条件为止。随机序列数据库D可以随着每加密一个字节而动态更新。图4表示加密一个二进制数据mi“10011010”的ki“0101011000010100”被选取之后,从原先的位置上删除,经过0和1对换处理之后,变成“1010100111101011”,再插入到删除ki之后的随机序列的第10个字符的位置上(j=10),从而改变了原先对应于二进制数据“10011010”的随机序列。Among them, k 1 , k 2 , k 3 ,..., k n need to meet the uniqueness condition, that is, in the database D, these random sequences ki are unique, if the intercepted ki cannot meet the uniqueness condition, it must be re- Select until the uniqueness condition is met. The random sequence database D can be dynamically updated every time a byte is encrypted. Figure 4 shows that after the ki "0101011000010100" that encrypts a binary data mi "10011010" is selected, it is deleted from the original position. The position of the 10th character of the sequence (j=10), thus changing the original random sequence corresponding to the binary data "10011010".

信息解密的方法是,密文C经过解密变换ki=D(ci)(i=1,2,3,......,n)后(解密变换可以是用一个16位的二进制数K对ci做异或处理),依次得到随机序列字符串:k1,k2,k3,......,ki,......kn。如果密文本身由上述随机序列ki组成,则不必再进行解密变换,在数据库D中依次查找字符串k1,k2,k3,......,ki,......kn,得到其对应的8位二进制数m1,m2,m3,......,mn,即可转换成明文信息。The method of information decryption is that after the ciphertext C undergoes decryption transformation ki=D(c i ) (i=1, 2, 3,..., n) (the decryption transformation can be a 16-bit binary number K performs XOR processing on c i ), and sequentially obtain random sequence strings: k 1 , k 2 , k 3 , ..., ki, ... k n . If the ciphertext itself is composed of the above random sequence ki, there is no need to perform decryption transformation, and the strings k 1 , k 2 , k 3 , ..., ki, ... are sequentially searched in the database D k n , obtain its corresponding 8-bit binary number m 1 , m 2 , m 3 ,..., m n , and convert it into plaintext information.

随机序列数据库D也可以随着每次解密一个字节而动态更新,从而保证随机序列数据库D与信息发送者同步一致。动态更新与加密一个字节后随机序列数据库D的动态更新方法相同。以图4为例,解密时在随机序列数据库D中查找字符串ki“0101011000010100”,得到其对应的二进制数据mi“10011010”,然后ki从原先的位置上删除,经过0和1对换处理之后,变成“1010100111101011”,再插入到删除ki之后的随机序列的第10个字符的位置上(j=10),这样动态更新后的随机序列数据库D与信息发送者就保持了同步。The random sequence database D can also be dynamically updated each time a byte is decrypted, so as to ensure that the random sequence database D is synchronized with the information sender. The dynamic update method is the same as the dynamic update method of the random sequence database D after encrypting one byte. Take Figure 4 as an example, when decrypting, look up the string ki "0101011000010100" in the random sequence database D, and get the corresponding binary data mi "10011010", then delete ki from the original position, and then process 0 and 1 swap Afterwards, it becomes "1010100111101011", and is inserted into the position of the 10th character of the random sequence after deleting ki (j=10), so that the dynamically updated random sequence database D and the information sender have kept synchronization.

假如明文有1000个字节,那么经过加密之后,随机序列数据库D就经历1000次数据更新。设加密前数据库为D0,加密后数据库为D1,那么加密的字节数越多,或者经过多轮信息加密之后,D1和D0将变得差异越大,以至于完全不同。If the plaintext has 1000 bytes, then after encryption, the random sequence database D will undergo 1000 data updates. Suppose the database before encryption is D 0 , and the database after encryption is D 1 , then the more encrypted bytes, or after multiple rounds of information encryption, the greater the difference between D 1 and D 0 , so that they are completely different.

本密码系统可以进行信息隐藏。可以在密文中添加一些在随机序列数据库D中是不存在的字符串,完全不影响解密结果。The cryptographic system can carry out information hiding. Some character strings that do not exist in the random sequence database D can be added to the ciphertext without affecting the decryption result at all.

由于随机序列数据库D有随机序列组成,同时截取的字符串ki也是随机截取的,每次加密一个字节后数据库D自动更新一次,因此本密码系统是真正的“一次一密”的完善密码系统,完全不可破译。Since the random sequence database D is composed of random sequences, and the intercepted character string ki is also randomly intercepted, the database D is automatically updated once each time a byte is encrypted, so this cryptographic system is a real "one-time pad" perfect cryptographic system , completely undecipherable.

当攻击者对密文字符进行插入、删除或者重放操作时,对解密可能造成影响(如果插入的字符经解密得到的ki不存在于数据库D中,那么插入的字符就不影响正确的解密)。解密过程中,如果查找字符串ki时发现其在数据库D中的唯一性被破坏,或解密完成后发现乱码或其它无意义信息的情况,则可判断密文已经被篡改。因此,本密码系统具有自动检测密文是否被窃取并篡改、破坏的特点,密文可做到完全保密、不可仿冒。When the attacker inserts, deletes, or replays the ciphertext characters, it may affect the decryption (if the ki obtained by decrypting the inserted characters does not exist in the database D, then the inserted characters will not affect the correct decryption) . During the decryption process, if it is found that its uniqueness in the database D is destroyed when searching for the string ki, or if garbled characters or other meaningless information are found after decryption, it can be judged that the ciphertext has been tampered with. Therefore, this cryptographic system has the characteristics of automatically detecting whether the ciphertext has been stolen, tampered with or destroyed, and the ciphertext can be completely kept secret and cannot be counterfeited.

Claims (9)

1.一种基于随机序列数据库的密码系统,其特征在于按如下步骤和方法进行:1. A cryptographic system based on a random sequence database, characterized in that it proceeds according to the following steps and methods: (1)首先,建立一个8位二进制数据库D。该数据库是由256条数据组成的,每条数据是8位二进制数A(i)及其对应的随机序列B(i)所构成的。(1) First, build an 8-bit binary database D. The database is composed of 256 pieces of data, and each piece of data is composed of an 8-bit binary number A(i) and its corresponding random sequence B(i). (2)加密方法:首先将明文M转换为二进制数,按每个字节即8位二进制数自动划分为若干单元m1,m2,m3,……,mn。然后,依次在数据库D中检索,根据其检索到的8位二进制数A(i)找到其对应的随机序列B(i),然后在B(i)中再随机截取一段由16个字符组成的序列ki。ki需满足唯一性条件,即在数据库D中,这些随机序列ki是唯一的,假如截取到的ki不能满足唯一性条件,则必须重新选取,直到满足唯一性条件为止。检验ki的唯一性,可使用字符串搜索算法,在数据库D中进行搜索,如果ki仅有一个搜索结果,则表明ki在数据库D中是唯一的,否则是不唯一的。当明文M所有字节完成上述变换后依次得到k1,k2,k3,……,kn,即构成密文。随机序列ki也可再经过加密变换C(i)=E(ki)(i=1,2,3,……,n),则最终可得到密文C=c1c2c3…cn(2) Encryption method: first convert the plaintext M into a binary number, and automatically divide each byte, that is, an 8-bit binary number, into several units m 1 , m 2 , m 3 ,..., m n . Then, search in the database D in turn, find the corresponding random sequence B(i) according to the retrieved 8-bit binary number A(i), and then randomly intercept a section of 16-character sequence in B(i) sequence ki. ki needs to meet the uniqueness condition, that is, in the database D, these random sequences ki are unique, if the intercepted ki cannot meet the uniqueness condition, it must be reselected until the uniqueness condition is met. To check the uniqueness of ki, you can use a string search algorithm to search in database D. If ki has only one search result, it means that ki is unique in database D, otherwise it is not unique. When all the bytes of the plaintext M are transformed above, k 1 , k 2 , k 3 , ..., k n are sequentially obtained, which constitutes the ciphertext. The random sequence ki can also undergo encryption transformation C(i)=E(k i ) (i=1, 2, 3,...,n), and finally the ciphertext C=c 1 c 2 c 3 ...c can be obtained n . (3)密匙动态更新方法:在加密过程中,密匙可随每次加密一个字节(8位二进制数mi)明文后而自动更新,其更新的方法是:mi对应的随机序列被截取一段子序列ki之后,即自动从原随机序列中删除,并经过一定变换(如0和1对换处理)后插入到删除ki后的随机序列中的第j个位置上。(3) Key dynamic update method: During the encryption process, the key can be automatically updated after encrypting one byte (8-bit binary number m i ) of plaintext each time. The update method is: the random sequence corresponding to m i After a section of subsequence ki is intercepted, it is automatically deleted from the original random sequence, and after a certain transformation (such as 0 and 1 exchange processing), it is inserted into the jth position in the random sequence after ki is deleted. (4)解密方法:密文C经过解密变换ki=D(ci)(i=1,2,3,......,n)后,依次得到随机序列字符串k1,k2,k3,......,kn。如果密文本身由上述随机序列组成,则不必再进行解密变换,在数据库D中依次查找字符串k1,k2,k3,......,ki,......kn,得到其对应的8位二进制数m1,m2,m3,......,mn,即可转换成明文信息。(4) Decryption method: After the ciphertext C undergoes decryption transformation ki=D(c i ) (i=1, 2, 3, ..., n), random sequence strings k 1 , k 2 are sequentially obtained , k 3 ,..., k n . If the ciphertext itself is composed of the above random sequences, it is not necessary to perform decryption transformation, and the strings k 1 , k 2 , k 3 , ..., ki, ... k are searched in sequence in the database D n , get its corresponding 8-bit binary number m 1 , m 2 , m 3 ,..., m n , and then convert it into plaintext information. (5)数据库D同步更新办法:设发送和接收双方原始共享的数据库为D0,经过加密后,发送方的数据库更新为D1,若接收方解密成功,则其数据库自动更新为D1,否则不更新,请求发送方重新发送。(5) Synchronous update method of database D: assume that the original shared database of the sender and receiver is D 0 , after encryption, the sender’s database is updated to D 1 , and if the receiver’s decryption succeeds, its database is automatically updated to D 1 , Otherwise, do not update and request the sender to resend. 2.根据权利要求1所述的一种基于随机序列数据库的密码系统,其特征在于其密匙是由随机序列数据库D组成的。2. A kind of cryptographic system based on random sequence database according to claim 1, characterized in that its secret key is composed of random sequence database D. 3.根据权利要求2所述的随机序列数据库D,其特征在于该数据库是由256条数据组成的,每条数据是8位二进制数A(i)及其对应的随机序列B(i)所构成的。B(i)可以是由0和1组成的字符串,也可以是其它任意字符串。3. random sequence database D according to claim 2, is characterized in that this database is made up of 256 pieces of data, and each piece of data is 8 binary numbers A (i) and its corresponding random sequence B (i) constituted. B(i) can be a string consisting of 0 and 1, or any other string. 4.根据权利要求1所述的一种基于随机序列数据库的密码系统,其特征在于加密过程中从随机序列B(i)截取的ki是随机截取的。4. A cryptographic system based on a random sequence database according to claim 1, wherein the ki intercepted from the random sequence B(i) in the encryption process is randomly intercepted. 5.根据权利要求4所述的ki,其特征在于其在随机序列数据库D中是唯一的,其唯一性的检验是采用字符串匹配算法在随机序列数据库D中检索ki。5. The ki according to claim 4, characterized in that it is unique in the random sequence database D, and the uniqueness check is to search for ki in the random sequence database D using a character string matching algorithm. 6.根据权利要求1所述的一种基于随机序列数据库的密码系统,其特征在于在加密过程中,密匙可随每次加密一个字节(8位二进制数mi)明文后而自动更新,其更新的方法是:mi对应的随机序列被截取一段子序列ki之后,即自动从原随机序列中删除,并经过一定变换后插入到删除ki后的随机序列中的第j个位置上。6. A kind of cryptographic system based on random sequence database according to claim 1, it is characterized in that in the encryption process, the secret key can be updated automatically after each encryption of a byte (8-bit binary number m i ) plaintext , the update method is: after the random sequence corresponding to m i is intercepted for a subsequence ki, it is automatically deleted from the original random sequence, and inserted into the jth position of the random sequence after deletion of ki after a certain transformation . 7.根据权利要求1所述的一种基于随机序列数据库的密码系统,其特征在于在解密过程中,密匙可随每次解密得到一个字节明文后而自动更新,其更新的方法是:每次解密得到字符串ki并在随机数据库查找得到相应的mi之后,该字符串ki即自动从原随机序列中删除,并经过一定变换后插入到删除ki之后的随机序列中的第j个位置上。7. A kind of cryptographic system based on random sequence database according to claim 1, it is characterized in that in the decryption process, the secret key can be updated automatically after each decryption obtains a byte plaintext, and the method for its update is: Each time the string ki is decrypted and the corresponding mi is searched in the random database, the string ki is automatically deleted from the original random sequence, and after a certain transformation, it is inserted into the jth random sequence after the deletion of ki position. 8.根据权利要求1所述的一种基于随机序列数据库的密码系统,其特征在于密文信息中可插入随机序列数据库D中不存在的序列ks,而不影响其正确解密。8. A cryptographic system based on a random sequence database according to claim 1, wherein a sequence ks that does not exist in the random sequence database D can be inserted into the ciphertext information without affecting its correct decryption. 9.根据权利要求1所述的一种基于随机序列数据库的密码系统,其特征在于信息发送和接受双方的随机序列数据库D可进行同步更新。若密文遭遇攻击篡改,导致ki唯一性被破坏,则解密自行中断,要求重新发送信息。设发送和接收双方共享的原始数据库为D0,经过加密后,发送方的数据库更新为D1,若接收方解密成功,则其数据库自动更新为D1,否则不更新,请求发送方重新发送,发送方加密的数据库返回到D09. A cryptographic system based on a random sequence database according to claim 1, characterized in that the random sequence database D of both information sending and receiving parties can be updated synchronously. If the ciphertext is attacked and tampered with, causing the uniqueness of ki to be destroyed, the decryption will be interrupted by itself and the information will be resent. Let the original database shared by both the sender and the receiver be D 0 , after encryption, the sender’s database is updated to D 1 , if the receiver’s decryption is successful, its database is automatically updated to D 1 , otherwise it is not updated, and the sender is requested to resend , the sender's encrypted database is returned to D 0 .
CN201110364005.9A 2011-11-16 2011-11-16 A kind of method for building up of the cryptographic system based on random sequence database Expired - Fee Related CN103117850B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201110364005.9A CN103117850B (en) 2011-11-16 2011-11-16 A kind of method for building up of the cryptographic system based on random sequence database

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201110364005.9A CN103117850B (en) 2011-11-16 2011-11-16 A kind of method for building up of the cryptographic system based on random sequence database

Publications (2)

Publication Number Publication Date
CN103117850A true CN103117850A (en) 2013-05-22
CN103117850B CN103117850B (en) 2016-01-20

Family

ID=48416131

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201110364005.9A Expired - Fee Related CN103117850B (en) 2011-11-16 2011-11-16 A kind of method for building up of the cryptographic system based on random sequence database

Country Status (1)

Country Link
CN (1) CN103117850B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105024807A (en) * 2014-04-30 2015-11-04 宇龙计算机通信科技(深圳)有限公司 Data processing method and system
CN107209787A (en) * 2015-02-11 2017-09-26 维萨国际服务协会 Improve the search capability of dedicated encrypted data
CN108304141A (en) * 2017-01-12 2018-07-20 爱思开海力士有限公司 Storage system and its operating method
WO2018192399A1 (en) * 2017-04-17 2018-10-25 徐智能 Sequence encryption method accompanying adjustable random reconfiguration of key
CN109923516A (en) * 2014-05-14 2019-06-21 卡拉公司 Reinforce computer security, variable word length coding and the decoded technology of variable length code
US20210351910A1 (en) * 2020-05-06 2021-11-11 King Saud University System to secure encoding and mapping on elliptic curve cryptography (ecc)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1769637A (en) * 2004-11-01 2006-05-10 华为技术有限公司 An electronic key and electronic lock device and its realization method
CN102025482A (en) * 2009-09-10 2011-04-20 中国科学院华南植物园 Virtual genome-based cryptosystem (VGC)
US8031875B1 (en) * 2007-08-09 2011-10-04 Emc Corporation Key distribution in unidirectional channels with applications to RFID

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1769637A (en) * 2004-11-01 2006-05-10 华为技术有限公司 An electronic key and electronic lock device and its realization method
US8031875B1 (en) * 2007-08-09 2011-10-04 Emc Corporation Key distribution in unidirectional channels with applications to RFID
CN102025482A (en) * 2009-09-10 2011-04-20 中国科学院华南植物园 Virtual genome-based cryptosystem (VGC)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105024807A (en) * 2014-04-30 2015-11-04 宇龙计算机通信科技(深圳)有限公司 Data processing method and system
CN109923516A (en) * 2014-05-14 2019-06-21 卡拉公司 Reinforce computer security, variable word length coding and the decoded technology of variable length code
CN107209787A (en) * 2015-02-11 2017-09-26 维萨国际服务协会 Improve the search capability of dedicated encrypted data
CN108304141A (en) * 2017-01-12 2018-07-20 爱思开海力士有限公司 Storage system and its operating method
WO2018192399A1 (en) * 2017-04-17 2018-10-25 徐智能 Sequence encryption method accompanying adjustable random reconfiguration of key
US10855458B2 (en) 2017-04-17 2020-12-01 Zhineng Xu Sequence encryption method accompanying adjustable random reconfiguration of key
US20210351910A1 (en) * 2020-05-06 2021-11-11 King Saud University System to secure encoding and mapping on elliptic curve cryptography (ecc)
US11502818B2 (en) * 2020-05-06 2022-11-15 King Saud University System to secure encoding and mapping on elliptic curve cryptography (ECC)

Also Published As

Publication number Publication date
CN103117850B (en) 2016-01-20

Similar Documents

Publication Publication Date Title
AU2010266760B2 (en) Method for generating an encryption/decryption key
US6640303B1 (en) System and method for encryption using transparent keys
US20120023336A1 (en) System and method for designing secure client-server communication protocols based on certificateless public key infrastructure
CN102710414B (en) Randomized document block encryption method
CN101262341A (en) A Hybrid Encryption Method in Conference System
CN102138300A (en) Message authentication code pre-computation with applications to secure memory
US20040179682A1 (en) Computer system security via dynamic encryption
CN104660590B (en) A file encryption secure cloud storage scheme
CN103117850B (en) A kind of method for building up of the cryptographic system based on random sequence database
CN113711564A (en) Computer-implemented method and system for encrypting data
CN112039883B (en) A blockchain data sharing method and device
JP2020532177A (en) Computer-implemented systems and methods for advanced data security, high-speed encryption, and transmission
CN111698084A (en) Block chain-based concealed communication method
CN103346875A (en) Method for generating digital chaos code in chaotic secure communication system
CN116830523A (en) threshold key exchange
US20190166105A1 (en) Method and system for encrypting/decrypting data with ultra-low latency for secure data storage and/or communication
CN210955077U (en) A bus encryption and decryption device based on national secret algorithm and PUF
Booher et al. Dynamic key generation for polymorphic encryption
CN114499857A (en) Method for realizing data correctness and consistency in big data quantum encryption and decryption
CN114448596A (en) Lightweight Authentication Protocol for LFSR-APUF and Private Cover Functions
CN103220130B (en) Encryption and Decryption Method of Digital Chaos Security Communication
Siva et al. Hybrid cryptography security in public cloud using TwoFish and ECC algorithm
Pushpa Enhancing Data Security by Adapting Network Security and Cryptographic Paradigms
JP5586758B1 (en) Dynamic encryption key generation system
KR20220137024A (en) Symmetric Asynchronous Generation Encryption Method

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20160120

Termination date: 20171116