[go: up one dir, main page]

CN116886298A - Method and equipment for enhancing FF3 format reserved encryption security - Google Patents

Method and equipment for enhancing FF3 format reserved encryption security Download PDF

Info

Publication number
CN116886298A
CN116886298A CN202310992351.4A CN202310992351A CN116886298A CN 116886298 A CN116886298 A CN 116886298A CN 202310992351 A CN202310992351 A CN 202310992351A CN 116886298 A CN116886298 A CN 116886298A
Authority
CN
China
Prior art keywords
key
data
revb
format
ciphertext
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310992351.4A
Other languages
Chinese (zh)
Inventor
罗俊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Telecom Quantum Technology Co ltd
Original Assignee
China Telecom Quantum Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Telecom Quantum Technology Co ltd filed Critical China Telecom Quantum Technology Co ltd
Priority to CN202310992351.4A priority Critical patent/CN116886298A/en
Publication of CN116886298A publication Critical patent/CN116886298A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0863Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/088Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a method and equipment for enhancing FF3 format reserved encryption security, wherein the method comprises the steps of randomly selecting a secret key, and transforming the secret key by utilizing a secret key derivation function to obtain a derived secret key; when each round of encryption operation is carried out on plaintext data by adopting a format preserving encryption FF3 algorithm, carrying out hash value calculation with the derivative key on the data B to obtain intermediate quantity P, wherein the plaintext data comprises data A and data B; processing the intermediate quantity P and the derivative key by adopting symmetric block cipher operation to generate an intermediate quantity S; generating ciphertext data based on the intermediate quantity S and the data A; the invention can improve the cracking difficulty of format reserved encryption.

Description

Method and equipment for enhancing FF3 format reserved encryption security
Technical Field
The invention relates to the technical field of password application, in particular to a method and equipment for enhancing FF3 format reserved encryption security.
Background
Format preserving encryption (Format Preserving Encryption, FPE) is a special symmetric encryption algorithm that ensures that the encrypted ciphertext format is identical to the plaintext format before encryption. It is commonly used in data desensitization projects, and can keep the encrypted data format unchanged, thereby having the advantages of no need of changing the database paradigm and transparency to upper layer applications. The FPE algorithm can ensure that the length of the encrypted data is unchanged, the encryption process is reversible, and the encrypted data can be decrypted through a secret key to restore the original data. Some FPE algorithm schemes were proposed and started to go to applications, such as us NIST once recommended that the reserved format encryption algorithms FF1 and FF3, derived from the FFX scheme, be established as AES standard operating mode in 2011.
Since the format-preserving encryption scheme allows the plaintext space to be smaller, after an attacker obtains a plurality of plaintext pairs, more messages may be revealed in plaintext due to the collision of ciphertext groups, and even the attacker conditionally tries some known plaintext attacks against the secret key.
In the related art, a data desensitization method based on identity format preserving encryption is proposed in patent application document with publication number CN110768797a, but in the scheme, a derivative key is generated by adopting a key dispersion mode performed by a symmetric block cipher algorithm, the derivative key is used for encrypting the whole course of data, and the keys adopted by each round of encryption operation are the same. Patent application publication No. CN111783112a proposes to perform an individual encryption operation on fixed data P that needs to be repeatedly encrypted using a round Key key_loop, but the Key used for each round of encryption operation is the same. It is proposed in the patent application publication CN115174039a to generate the intermediate quantity S by means of the method of HMACSM3/CMACSM4, which generates a sufficiently long intermediate quantity at a time, with each call taking in turn. However, the above schemes do not call the derivative key in each round of encryption and decryption iteration.
Disclosure of Invention
The invention aims to solve the technical problem of improving the cracking difficulty of format reserved encryption.
The invention solves the technical problems by the following technical means:
in a first aspect, the present invention proposes a method for enhancing FF3 format retention encryption security, the method comprising:
randomly selecting a key, and transforming the key by using a key derivation function to obtain a derived key;
when each round of encryption operation is carried out on plaintext data by adopting a format preserving encryption FF3 algorithm, carrying out hash value calculation with the derivative key on the data B to obtain intermediate quantity P, wherein the plaintext data comprises data A and data B;
processing the intermediate quantity P and the derivative key by adopting symmetric block cipher operation to generate an intermediate quantity S;
ciphertext data is generated based on the intermediate quantity S and the data A.
Further, the secret key is a plurality of fresh secret keys which are generated by a quantum key distribution network and are synchronized in quantum network nodes of the whole network, and the secret keys are shared among users in the same encryption and decryption domain.
Further, the key is identified with a key ID.
Further, the randomly selecting the key and transforming the key by using a key derivation function to obtain a derived key includes:
Randomly selecting a tag as ID k Key ID of (2) k _Key;
Transforming the key by using a key derivation function to obtain a derived key, wherein the formula is as follows:
pkey i =KF(ID k _Key,ID k ,salt i ,n`,i)
KF(ID k _Key,ID k ,salt i ,n`,i)=REVB(P 1 )REVB(P 2 )……REVB(P n` )
P 1 =HMAC_SM3(REVB(ID k _Key),REVB(ID k ||salt i ||i||“FF3 key derivation”))
P 2 =HMAC_SM3(REVB(ID k _Key),REVB(P 1 ))
……
P n` =HMAC_SM3(REVB(ID k _Key),REVB(P n`-1 ));
in pkey i To derive keys, salt i Is a salt value, n' is the iteration number of key derivation, KF () is a key derivation function, and P 1 ~P n` The intermediate quantity calculated for the key derivation function, "FF3 key derivative" is a fixed string, hmac_sm3 is a keyed cryptographic hash algorithm based on the SM3 algorithm, REVB(s) represents a string of bytes in byte reverse order of s strings, ||represents concatenation, represents an exclusive or operation, i=0, 1,2.
Further, let u=n/2, v=n-u, a=x1 … u, b=xu+1, n for plaintext data X of length n, where when each round of encryption operation is performed on plaintext data using the format-preserving encryption FF3 algorithm, a hash value calculation with the derivative key is performed on data B to obtain an intermediate quantity P, where the formula is expressed as:
P=SM3_HMAC(REVB(pkey i ),W)[i] 4 ||[NUM radix (REV(B))] 12
where SM3 (k, data) represents a hash value of the tape key k of the data calculated by SM3 algorithm, REV (a) represents an integer obtained by inversely arranging each number of integers a, I represents a concatenation, represents an exclusive OR operation, pkey i NUM for deriving keys radix () The representation is a radix-based numerical representation, [ s ] ] N S representing the representation of the N-degree byte string; w=t when i is even R W=t when i is odd L ,T R =T[32..55]||T[28..31]||0 4 ,T L =T[0..27]||0 4 T represents a bit string and i represents the number of iterations of the format-preserving encryption operation.
Further, the symmetric block cipher operation is adopted to process the intermediate quantity P and the derivative key to generate an intermediate quantity S, and the formula is expressed as follows:
S=REVB(SM4(REVB(pkey i ),REVB(P))
wherein REVB(s) represents a byte string obtained by arranging s byte strings in a byte reverse order, SM4 (k, data) represents symmetric block cipher operation with a secret key k by using SM4 algorithm to carry out data, and pkey i Is a derivative key.
Further, the generating ciphertext data based on the intermediate quantity S and the data a includes:
calculate c=rev (STR m radix (c) And c= (NUM) radix (REV(A))+y)mod radix m ,y=NUM(S),NUM radix () Representing a radix-based numerical representation, REV (a) representing an integer obtained by reverse arrangement of each number of integers a, NUM () representing the conversion of a byte string into an integer, STR radix m (a) Representing an integer a as a string based on radix and having a length of m, mod representing a modulo operator, m=u when i is even, m=v when i is odd, u=n/2, v=n-u, n being the length of the plaintext data;
let data a=b, data b=c, and obtain the ciphertext data y=a||b, where|represents concatenation.
In a second aspect, the present invention provides a data decryption method based on FF3 format retention algorithm, the method comprising:
acquiring ciphertext data, and selecting a key based on a key identifier carried in the ciphertext data;
transforming the key by using a key derivation function to obtain a derived key;
when each round of decryption operation is carried out on the ciphertext data by adopting a format preserving decryption FF3 algorithm, carrying out hash value calculation with the derivative key on the ciphertext A ' to obtain an intermediate quantity P, wherein the ciphertext data comprises ciphertext A ' and ciphertext B ';
processing the intermediate quantity P and the derivative key by adopting symmetric block cipher operation to generate an intermediate quantity S;
and generating plaintext data based on the intermediate quantity S and the ciphertext B'.
Further, the secret key is a plurality of fresh secret keys which are generated by a quantum key distribution network and are synchronized in quantum network nodes of the whole network, and the secret keys are shared among users in the same encryption and decryption domain.
Further, the transforming the key by using the key derivation function to obtain a derived key includes:
transforming the key by using a key derivation function to obtain a derived key, wherein the formula is as follows:
pkey i =KF(ID k _Key,ID k ,salt i ,n`,i)
KF(ID k _Key,ID k ,salt i ,n`,i)=REVB(P 1 )REVB(P 2 )……REVB(P n` )
P 1 =HMAC_SM3(REVB(ID k _Key),REVB(ID k ||salt i ||i||“FF3 key derivation”))
P 2 =HMAC_SM3(REVB(ID k _Key),REVB(P 1 ))
……
P n` =HMAC_SM3(REVB(ID k _Key),REVB(P n`-1 ));
In the ID k the_Key is a Key, and the pkey i To derive keys, salt i Is a salt value, n' is the iteration number of key derivation, KF () is a key derivation function, and P 1 ~P n` The intermediate quantity calculated for the key derivation function, "FF3 key derivative" is a fixed string, hmac_sm3 is a keyed cryptographic hash algorithm based on the SM3 algorithm, REVB(s) represents a string of bytes in byte reverse order of s strings, ||represents concatenation, represents an exclusive or operation, i=0, 1,2.
Further, for ciphertext data Y with length n, let u=n/2, v=n-u, a=y [1 … u ], b=y [ u+1, n ], where when each round of decryption operation is performed on the ciphertext data by using the format preserving decryption FF3 algorithm, a hash value calculation with the derivative key is performed on ciphertext a', to obtain an intermediate quantity P, where the formula is expressed as:
P=SM3_HMAC(REVB(pkey i ),W)[i] 4 ||[NUM radix (REV(A`))] 12
where SM3 (k, data) represents a hash value of the tape key k of the data calculated by SM3 algorithm, REV (a) represents an integer obtained by inversely arranging each number of integers a, I represents a concatenation, represents an exclusive OR operation, pkey i NUM for deriving keys radix () The representation is a radix-based numerical representation, [ s ]] N S representing an N-byte string representation; w=t when i is even R W=t when i is odd L ,T R =T[32..55]||T[28..31]||0 4 ,T L =T[0..27]||0 4 T represents a bit string and i represents the number of iterations of the format-preserving decryption operation.
Further, the symmetric block cipher operation is adopted to process the intermediate quantity P and the derivative key to generate an intermediate quantity S, and the formula is expressed as follows:
S=REVB(SM4(REVB(pkey i ),REVB(P))
in the formula, REVB(s) represents a byte string obtained by arranging s byte strings in a byte reverse order, and SM4 (k, data) represents samplingSymmetric block cipher operation with key k and pkey is carried out on data by SM4 algorithm i Is a derivative key.
Further, the generating plaintext data based on the intermediate quantity S and the ciphertext B' includes:
calculate c=rev (STR m radix (c) And c= (NUM) radix (REV(B`))-y)mod radix m ,y=NUM(S),NUM radix () Representing a radix-based numerical representation, REV (a) representing an integer obtained by reverse arrangement of each number of integers a, NUM () representing the conversion of a byte string into an integer, STR radix m (a) Representing an integer a as a string based on radix and having a length of m, mod representing a modulo operator, m=u when i is even, m=v when i is odd, u=n/2, v=n-u, n being the length of the plaintext data;
let data b=a, data a=c, and obtain the plaintext data x=a||b, where|represents concatenation.
In a third aspect, the present invention proposes an apparatus for enhancing FF3 format retention encryption security, the apparatus comprising:
The key acquisition module is used for randomly selecting a key, and transforming the key by utilizing a key derivation function to obtain a derived key;
the first encryption module is used for carrying out hash value calculation with the derivative key on the data B to obtain intermediate quantity P when carrying out each round of encryption operation on the plaintext data by adopting a format preserving encryption FF3 algorithm, wherein the plaintext data comprises data A and data B;
the second encryption module is used for processing the intermediate quantity P and the derivative key by adopting symmetric block cipher operation to generate an intermediate quantity S;
and the ciphertext generating module is used for generating ciphertext data based on the intermediate quantity S and the data A.
In a fourth aspect, the present invention proposes a data decryption device based on FF3 format retention algorithm, the device comprising:
the ciphertext acquisition module is used for acquiring ciphertext data and selecting a key based on a key identifier carried in the ciphertext data;
the key transformation module is used for transforming the key by utilizing a key derivative function to obtain a derivative key;
the first decryption module is used for carrying out hash value calculation with the derivative key on the ciphertext A ' when each round of decryption operation is carried out on the ciphertext data by adopting a format preserving decryption FF3 algorithm, so as to obtain an intermediate quantity P, wherein the ciphertext data comprises ciphertext A ' and ciphertext B ';
The second decryption module is used for processing the intermediate quantity P and the derivative key by adopting symmetric block cipher operation to generate an intermediate quantity S;
and the plaintext generation module is used for generating plaintext data based on the intermediate quantity S and the ciphertext B'.
In a fifth aspect, the present invention provides a data encryption and decryption system based on an FF3 format reservation algorithm, where the system includes a first user node and a second user node, where the first user node and the second user node are both connected to a quantum key distribution network, where:
the quantum key distribution network is used for generating and synchronizing a plurality of keys at quantum network nodes of the whole network, and importing the keys into the first user node and the second user node through a secure storage medium;
the first user node is configured to encrypt plaintext data by using the method for enhancing the FF3 format and preserving encryption security as described above, obtain ciphertext data, and send the ciphertext data to the second user node;
and the second user node is used for decrypting the ciphertext data to obtain the plaintext data.
The invention has the advantages that:
(1) When the format of the plaintext is reserved and encrypted, the method carries out safe derivation on a certain key selected randomly to generate the derived key, and calls the derived key in each round of encryption operation of the format reserved and encrypted, so that the key space is expanded randomly, the complexity of the algorithm and the information redundancy are improved, and the cracking difficulty of the format reserved and encrypted is improved.
(2) A large capacity key can be securely shared by distributing a large number of pre-shared keys indexed by a uniform key identification number to user nodes through a quantum key distribution network (Quantum Key Distribution, QKD).
Additional aspects and advantages of the invention will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the invention.
Drawings
FIG. 1 is a flow chart of a method for enhancing FF3 format preserving encryption security according to an embodiment of the present invention;
FIG. 2 is a flow chart of a data decryption method based on FF3 format reservation algorithm according to an embodiment of the present invention;
FIG. 3 is a schematic diagram of an apparatus for enhancing the security of FF3 format reservation encryption according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a data decryption device based on FF3 format retention algorithm according to an embodiment of the present invention;
FIG. 5 is a schematic diagram of a data encryption and decryption system based on FF3 format reservation algorithm according to an embodiment of the present invention;
fig. 6 is a flowchart of a data encryption and decryption system based on FF3 format retention algorithm according to an embodiment of the present invention.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the technical solutions in the embodiments of the present invention will be clearly and completely described in the following in conjunction with the embodiments of the present invention, and it is apparent that the described embodiments are some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Example 1
As shown in fig. 1, a first embodiment of the present invention proposes a method for enhancing FF3 format retention encryption security, the method comprising the steps of:
s101, randomly selecting a key, and transforming the key by utilizing a key derivative function to obtain a derivative key;
s102, when each round of encryption operation is carried out on plaintext data by adopting a format preserving encryption FF3 algorithm, carrying out hash value calculation with the derivative key on the data B to obtain intermediate quantity P, wherein the plaintext data comprises data A and data B;
s103, processing the intermediate quantity P and the derivative key by adopting symmetric block cipher operation to generate an intermediate quantity S;
S104, generating ciphertext data based on the intermediate quantity S and the data A.
In the embodiment, when the format preservation encryption is carried out on the plaintext, a certain key selected randomly is safely derived to generate a plurality of derived keys which accord with forward and backward security, the derived keys are called in the encryption operation of each round of format preservation encryption, and besides the key derivation, the encryption hash function HMAC with the key is also used for carrying out the transformation and the derivation of related data in the format preservation encryption process, so that the key space is expanded randomly, the complexity and the information redundancy of the algorithm are improved, and the cracking difficulty of the format preservation encryption is improved.
In one embodiment, the key is a plurality of fresh keys which are generated by a quantum key distribution network and are synchronized in quantum network nodes of the whole network, and the keys are shared among users in the same encryption and decryption domain.
In one embodiment, the key is identified with a key ID.
Specifically, the embodiment generates and synchronizes multiple 128-bit fresh keys marked by using a 32-bit key ID at quantum network nodes of the whole network through a quantum key distribution network QKD, and uses secure storage media such as a secure SIM card, a secure TF card or a secure U shield to carry out key filling and import the key filling into a local storage and operation space of a user node for the user node to call when carrying out plaintext encryption.
In one embodiment, the step S101: randomly selecting a key, and transforming the key by using a key derivation function to obtain a derived key, wherein the method specifically comprises the following steps:
s111, randomly selecting the identification as ID k Key ID of (2) k _Key;
S112, transforming the key by using a key derivation function to obtain a derived key, wherein the formula is expressed as follows:
pkey i =KF(ID k _Key,ID k ,salt i ,n`,i)
KF(ID k _Key,ID k ,salt i ,n`,i)=REVB(P 1 )REVB(P 2 )……REVB(P n` )
P 1 =HMAC_SM3(REVB(ID k _Key),REVB(ID k ||salt i ||i||“FF3 key derivation”))
P 2 =HMAC_SM3(REVB(ID k _Key),REVB(P 1 ))
……
P n` =HMAC_SM3(REVB(ID k _Key),REVB(P n`-1 ));
in pkey i To derive keys, salt i Is a salt value, n' is the iteration number of key derivation, KF () is a key derivation function, and P 1 ~P n` The intermediate quantity calculated for the key derivation function, "FF3 key derivative" is a fixed string, hmac_sm3 is a keyed cryptographic hash algorithm based on the SM3 algorithm, REVB(s) represents a string of bytes in byte reverse order of s strings, ||represents concatenation, represents an exclusive or operation, i=0, 1,2.
Note that, the number is the specifiable iteration number, salt 0 ~salt 9 The 512-bit salt value can be derived from random numbers or predefined character strings and is shared among users in the same encryption and decryption domain.
In one embodiment, for plaintext data X of length n, 2.ltoreq.n.ltoreq.2 32 And for basic radix ε [2,2 ] 16 ],log radix (2 96 ) Not less than n is not less than 2, let u=n/2, v=n-u, A=X [1 … u ]],B=X[u+1,n]Representing the rounding up, said step S102: using format preserving encryption FF3 algorithm pair When the plaintext data is subjected to each round of encryption operation, the data B is subjected to hash value calculation with the derivative key to obtain an intermediate quantity P, and the formula is expressed as follows:
P=SM3_HMAC(REVB(pkey i ),W)[i] 4 ||[NUM radix (REV(B))] 12
where SM3 (k, data) represents a hash value of the tape key k of the data calculated by SM3 algorithm, REV (a) represents an integer obtained by inversely arranging each number of integers a, I represents a concatenation, represents an exclusive OR operation, pkey i NUM for deriving keys radix () The representation is a radix-based numerical representation, [ s ]] N S representing an N-byte string representation; w=t when i is even R W=t when i is odd L ,T R =T[32..55]||T[28..31]||0 4 ,T L =T[0..27]||0 4 T represents a bit string and i represents the number of iterations of the format-preserving encryption algorithm operation.
In an embodiment, the step S103: and processing the intermediate quantity P and the derivative key by adopting symmetric block cipher operation to generate an intermediate quantity S, wherein the formula is expressed as follows:
S=REVB(SM4(REVB(pkey i ),REVB(P))
wherein REVB(s) represents a byte string obtained by arranging s byte strings in a byte reverse order, SM4 (k, data) represents symmetric block cipher operation with a secret key k by using SM4 algorithm to carry out data, and pkey i Is a derivative key.
In one embodiment, the step S104: the ciphertext data is generated based on the intermediate quantity S and the data A, and the method comprises the following steps of:
S141, calculating c=rev (STR m radix (c) And c= (NUM) radix (REV(A))+y)mod radix m ,y=NUM(S),
NUM radix () Representing a radix-based numerical representation, REV (a) representing an integer obtained by reverse arrangement of each number of integers a, NUM () representing the conversion of a byte string into an integer, STR radix m (a) Represents an integer a as a string of length m based on radix, mod representsModulo operator, m=u when i is even, m=v when i is odd, u=n/2, v=n-u, n is the length of the plaintext data;
s142, let data a=b, data b=c, and obtain the ciphertext data y=a||b, where|represents concatenation.
Example 2
As shown in fig. 2, a second embodiment of the present invention proposes a data decryption method based on FF3 format reservation algorithm, the method comprising the steps of:
s201, acquiring ciphertext data, and selecting a key based on a key identifier carried in the ciphertext data;
s202, transforming the key by using a key derivation function to obtain a derived key;
s203, when each round of decryption operation is carried out on the ciphertext data by adopting a format preserving decryption FF3 algorithm, carrying out hash value calculation with the derivative key on the ciphertext A ' to obtain intermediate quantity P, wherein the ciphertext data comprises ciphertext A ' and ciphertext B ';
S204, processing the intermediate quantity P and the derivative key by adopting symmetric block cipher operation to generate an intermediate quantity S;
and S205, generating plaintext data based on the intermediate quantity S and the ciphertext B'.
In one embodiment, the key is a plurality of fresh keys which are generated by a quantum key distribution network and are synchronized in quantum network nodes of the whole network, and the keys are shared among users in the same encryption and decryption domain.
In one embodiment, the step S202: transforming the key with a key derivation function to obtain a derived key, comprising:
transforming the key by using a key derivation function to obtain a derived key, wherein the formula is as follows:
pkey i =KF(ID k _Key,ID k ,salt i ,n`,i)
KF(ID k _Key,ID k ,salt i ,n`,i)=REVB(P 1 )REVB(P 2 )……REVB(P n` )
P 1 =HMAC_SM3(REVB(ID k _Key),REVB(ID k ||salt i ||i||“FF3 key derivation”))
P 2 =HMAC_SM3(REVB(ID k _Key),REVB(P 1 ))
……
P n` =HMAC_SM3(REVB(ID k _Key),REVB(P n`-1 ));
in the ID k the_Key is a Key, and the pkey i To derive keys, salt i Is a salt value, n' is the iteration number of key derivation, KF () is a key derivation function, and P 1 ~P n` The intermediate quantity calculated for the key derivation function, "FF3 key derivative" is a fixed string, hmac_sm3 is a keyed cryptographic hash algorithm based on the SM3 algorithm, REVB(s) represents a string of bytes in byte reverse order of s strings, ||represents concatenation, represents an exclusive or operation, i=0, 1,2.
In one embodiment, for ciphertext data Y of length n, let u=n/2, v=n-u, a '=y1 … u, B' =yu+1, n ], the step S203: when each round of decryption operation is carried out on the ciphertext data by adopting a format preserving decryption FF3 algorithm, carrying out hash value calculation with the derivative key on the ciphertext A' to obtain an intermediate quantity P, wherein the formula is expressed as follows:
P=SM3_HMAC(REVB(pkey i ),W)[i] 4 ||[NUM radix (REV(A`))] 12
Where SM3 (k, data) represents a hash value of the tape key k of the data calculated by SM3 algorithm, REV (a) represents an integer obtained by inversely arranging each number of integers a, I represents a concatenation, represents an exclusive OR operation, pkey i NUM for deriving keys radix () The representation is a radix-based numerical representation, [ s ]] N S representing an N-byte string representation; w=t when i is even R W=t when i is odd L ,T R =T[32..55]||T[28..31]||0 4 ,T L =T[0..27]||0 4 T represents a bit string and i represents the number of iterations of the format-preserving decryption algorithm operation.
In one embodiment, the step S204: and processing the intermediate quantity P and the derivative key by adopting symmetric block cipher operation to generate an intermediate quantity S, wherein the formula is expressed as follows:
S=REVB(SM4(REVB(pkey i ),REVB(P))
wherein REVB(s) represents a byte string obtained by arranging s byte strings in a byte reverse order, SM4 (k, data) represents symmetric block cipher operation with a secret key k by using SM4 algorithm to carry out data, and pkey i Is a derivative key.
In one embodiment, the step S205: based on the intermediate quantity S and the ciphertext B', generating plaintext data, comprising the following steps:
calculate c=rev (STR m radix (c) And c= (NUM) radix (REV(B`))-y)mod radix m ,y=NUM(S),NUM radix () Representing a radix-based numerical representation, REV (a) representing an integer obtained by reverse arrangement of each number of integers a, NUM () representing the conversion of a byte string into an integer, STR radix m (a) Representing an integer a as a string based on radix and having a length of m, mod representing a modulo operator, m=u when i is even, m=v when i is odd, u=n/2, v=n-u, n being the length of the plaintext data;
let data b=a, data a=c, and obtain the plaintext data x=a||b, where|represents concatenation.
It should be noted that, the symmetric decryption process proposed in this embodiment is the inverse process of the symmetric encryption proposed in the above embodiment 1, and by using different derivative keys in each round of decryption operation, the SM3 algorithm is used to transform the important parameters in each round of decryption operation, so that the key space is increased, and the overall algorithm complexity and security are enhanced.
Example 3
As shown in fig. 3, a third embodiment of the present invention proposes an apparatus for enhancing FF3 format retention encryption security, the apparatus comprising:
the key obtaining module 11 is configured to randomly select a key, and transform the key by using a key derivation function to obtain a derived key;
a first encryption module 12, configured to perform hash value calculation with the derivative key on data B to obtain an intermediate quantity P when performing each round of encryption operation on plaintext data by using a format preserving encryption FF3 algorithm, where the plaintext data includes data a and data B;
The second encryption module 13 is configured to process the intermediate quantity P and the derivative key by using symmetric block cipher operation, so as to generate an intermediate quantity S;
the ciphertext generating module 14 is configured to generate ciphertext data based on the intermediate quantity S and the data a.
In the embodiment, when the format preservation encryption is carried out on the plaintext, a certain key selected randomly is safely derived to generate a plurality of derived keys which accord with the forward-backward security, the derived keys are called in the encryption operation of each round of the format preservation encryption, and the key space is expanded randomly besides the key derivation, so that the complexity and the information redundancy of the algorithm are improved, and the cracking difficulty of the format preservation encryption is improved.
In one embodiment, the key is a plurality of fresh keys which are generated by a quantum key distribution network and are synchronized in quantum network nodes of the whole network, and the keys are shared among users in the same encryption and decryption domain.
In one embodiment, the key is identified with a key ID.
In one embodiment, the key obtaining module 11 specifically includes:
a key selection unit for randomly selecting the ID k Key ID of (2) k _Key;
The key deriving unit is used for transforming the key by using a key deriving function to obtain a derived key, and the formula is as follows:
pkey i =KF(ID k _Key,ID k ,salt i ,n`,i)
KF(ID k _Key,ID k ,salt i ,n`,i)=REVB(P 1 )REVB(P 2 )……REVB(P n` )
P 1 =HMAC_SM3(REVB(ID k _Key),REVB(ID k ||salt i ||i||“FF3 key derivation”))
P 2 =HMAC_SM3(REVB(ID k _Key),REVB(P 1 ))
……
P n` =HMAC_SM3(REVB(ID k _Key),REVB(P n`-1 ));
In pkey i To derive keys, salt i Is a salt value, n' is the iteration number of key derivation, KF () is a key derivation function, and P 1 ~P n` The intermediate quantity calculated for the key derivation function, "FF3 key derivative" is a fixed string, hmac_sm3 is a keyed cryptographic hash algorithm based on the SM3 algorithm, REVB(s) represents a string of bytes in byte reverse order of s strings, ||represents concatenation, represents an exclusive or operation, i=0, 1,2.
In one embodiment, for plaintext data X of length n, let u=n/2, v=n-u, a=x [1 … u ], b=x [ u+1, n ], the first encryption module 12 is specifically configured to: the hash value with the derivative key is performed on the data B as an intermediate quantity P, and the formula is expressed as follows:
P=SM3_HMAC(REVB(pkey i ),W)[i] 4 ||[NUM radix (REV(B))] 12
where SM3 (k, data) represents a hash value of the tape key k of the data calculated by SM3 algorithm, REV (a) represents an integer obtained by inversely arranging each number of integers a, I represents a concatenation, represents an exclusive OR operation, pkey i NUM for deriving keys radix () The representation is a radix-based numerical representation, [ s ]] N S representing an N-byte string representation; w=t when i is even R W=t when i is odd L ,T R =T[32..55]||T[28..31]||0 4 ,T L =T[0..27]||0 4 T represents a bit string and i represents the number of iterations of the format-preserving encryption algorithm.
In an embodiment, the second encryption module 13 is specifically configured to:
and processing the intermediate quantity P and the derivative key by adopting symmetric block cipher operation to generate an intermediate quantity S, wherein the formula is expressed as follows:
S=REVB(SM4(REVB(pkey i ),REVB(P))
wherein REVB(s) represents a byte string obtained by arranging s byte strings in a byte reverse order, SM4 (k, data) represents symmetric block cipher operation with a secret key k by using SM4 algorithm to carry out data, and pkey i Is a derivative key.
In one embodiment, the ciphertext generating module 14 is specifically configured to:
calculate c=rev (STR m radix (c) And c= (NUM) radix (REV(A))+y)mod radix m ,y=NUM(S),NUM radix () Representing a radix-based numerical representation, REV (a) representing an integer obtained by reverse arrangement of each number of integers a, NUM () representing the conversion of a byte string into an integer, STR radix m (a) Representing an integer a as a string based on radix and having a length of m, mod representing a modulo operator, m=u when i is even, m=v when i is odd, u=n/2, v=n-u, n being the length of the plaintext data;
let data a=b, data b=c, and obtain the ciphertext data y=a||b, where|represents concatenation.
Example 4
As shown in fig. 4, a fourth embodiment of the present invention proposes a data decryption device based on FF3 format reservation algorithm, the device comprising:
The ciphertext obtaining module 21 is configured to obtain ciphertext data, and select a key based on a key identifier carried in the ciphertext data;
a key transformation module 22, configured to transform the key by using a key derivation function to obtain a derived key;
a first decryption module 23, configured to perform hash value calculation with the derivative key on a ciphertext a ' when performing each round of decryption operation on the ciphertext data by using a format preserving decryption FF3 algorithm, to obtain an intermediate quantity P, where the ciphertext data includes a ciphertext a ' and a ciphertext B ';
a second decryption module 24, configured to process the intermediate quantity P and the derivative key by using symmetric block cipher operation, to generate an intermediate quantity S;
the plaintext generation module 25 is configured to generate plaintext data based on the intermediate quantity S and the ciphertext B'.
In one embodiment, the key is a plurality of fresh keys which are generated by a quantum key distribution network and are synchronized in quantum network nodes of the whole network, and the keys are shared among users in the same encryption and decryption domain.
In one embodiment, the key transformation module 22 is specifically configured to: transforming the key by using a key derivation function to obtain a derived key, wherein the formula is as follows:
pkey i =KF(ID k _Key,ID k ,salt i ,n`,i)
KF(ID k _Key,ID k ,salt i ,n`,i)=REVB(P 1 )REVB(P 2 )……REVB(P n` )
P 1 =HMAC_SM3(REVB(ID k _Key),REVB(ID k ||salt i ||i||“FF3 key derivation”))
P 2 =HMAC_SM3(REVB(ID k _Key),REVB(P 1 ))
……
P n` =HMAC_SM3(REVB(ID k _Key),REVB(P n`-1 ));
In the ID k the_Key is a Key, and the pkey i To derive keys, salt i Is a salt value, n' is the iteration number of key derivation, KF () is a key derivation function, and P 1 ~P n` The intermediate quantity calculated for the key derivation function, "FF3 key derivative" is a fixed string, hmac_sm3 is a keyed cryptographic hash algorithm based on the SM3 algorithm, REVB(s) represents a string of bytes in byte reverse order of s strings, ||represents concatenation, represents an exclusive or operation, i=0, 1,2.
In one embodiment, for ciphertext data Y of length n, let u=n/2, v=n-u, a '=y1 … u, B' =yu+1, n ], the first decryption module 23 is specifically configured to: and carrying out hash value with the derivative key on the ciphertext A' to serve as intermediate quantity P, wherein the formula is as follows:
P=SM3_HMAC(REVB(pkey i ),W)[i] 4 ||[NUM radix (REV(A`))] 12
where SM3 (k, data) represents a hash value of the tape key k of the data calculated by SM3 algorithm, REV (a) represents an integer obtained by inversely arranging each number of integers a, I represents a concatenation, represents an exclusive OR operation, pkey i NUM for deriving keys radix () The representation is a radix-based numerical representation, [ s ]] N S representing an N-byte string representation; w=t when i is even R W=t when i is odd L ,T R =T[32..55]||T[28..31]||0 4 ,T L =T[0..27]||0 4 T represents a bit string and i represents the number of iterations of the format-preserving encryption algorithm operation.
In one embodiment, the second decryption module 24 is specifically configured to: and processing the intermediate quantity P and the derivative key by adopting symmetric block cipher operation to generate an intermediate quantity S, wherein the formula is expressed as follows:
S=REVB(SM4(REVB(pkey i ),REVB(P))
wherein REVB(s) represents a byte string obtained by arranging s byte strings in a byte reverse order, SM4 (k, data) represents symmetric block cipher operation with a secret key k by using SM4 algorithm to carry out data, and pkey i Is a derivative key.
In one embodiment, the plaintext generating module 25 is specifically configured to:
calculate c=rev (STR m radix (c) And c= (NUM) radix (REV(B`))-y)mod radix m ,y=NUM(S),NUM radix () Representing a radix-based numerical representation, REV (a) representing an integer obtained by reverse arrangement of each number of integers a, NUM () representing the conversion of a byte string into an integer, STR radix m (a) Representing an integer a as a string based on radix and having a length of m, mod representing a modulo operator, m=u when i is even, m=v when i is odd, u=n/2, v=n-u, n being the length of the plaintext data;
let data B ' =a ', data a ' =c, and obtain the plaintext data x=a ' ||b ', where||represents concatenation.
Example 5
As shown in fig. 5, a sixth embodiment of the present invention proposes a data encryption and decryption system based on FF3 format reservation algorithm, where the system includes a first user node 1 and a second user node 2, and the first user node 1 and the second user node 2 are both connected to a quantum key distribution network 3, where:
The quantum key distribution network 3 is used for generating and synchronizing a plurality of keys at quantum network nodes of the whole network, and importing the keys into the first user node 1 and the second user node 2 through a secure storage medium;
the first user node 1 is configured to encrypt plaintext data by using the method for enhancing FF3 format and preserving encryption security as described in embodiment 1, obtain ciphertext data, and send the ciphertext data to the second user node;
the second user node 2 is configured to decrypt the ciphertext data by using the decryption method described in embodiment 2, to obtain the plaintext data.
Specifically, the user node: the method is used for carrying out data encryption and decryption processing by using a key distributed by a quantum key distribution network and an FF3-SM4 format reservation algorithm, and carrying out key filling by using a secure storage medium such as a secure SIM card, a secure TF card or a secure U shield and importing the secure storage medium into a local storage and operation space.
Key agent: proxy functionality for providing key filling and key distribution in the event that a communication participant is unable to directly perform key filling and key distribution at a node of a quantum key distribution network.
The quantum key distribution network comprises quantum network nodes and a quantum network link control center, and realizes services such as quantum key generation and distribution, quantum key relay, quantum key provision and the like; the quantum network node is used for storing the generated quantum key, receiving the key application of the key agent, and providing the key for the key agent or directly providing the key filling and key distribution service; the quantum network link control center is used for establishing quantum key distribution and relay links among nodes according to the quantum network node ID.
As shown in fig. 6, the workflow of the data encryption and decryption system based on the FF3 format reservation algorithm provided in this embodiment is as follows:
(1) The method comprises the steps of generating a 128-bit fresh key by using a quantum key distribution network QKD, synchronizing multiple branches of 128-bit fresh keys identified by using a 32-bit key ID at quantum network nodes of the whole network, filling the key by using a secure storage medium such as a secure SIM card, a secure TF card or a secure U shield, and importing the key into a local storage and operation space of a user node.
(2) User node randomly selecting key identification as ID for encrypting certain data k And to ID k Identified key ID k the_Key is transformed as follows:
KF(ID k _Key,ID k ,salt i ,n`,i)=REVB(P 1 )REVB(P 2 )……REVB(P n` )
P 1 =HMAC_SM3(REVB(ID k _Key),REVB(ID k ||salt i ||i||“FF3 key derivation”));
P 2 =HMAC_SM3(REVB(ID k _Key),REVB(P 1 ));
……
P n` =HMAC_SM3(REVB(ID k _Key),REVB(P n`-1 ));
for i from 0 to 7:
pkey i =KF(ID k _Key,ID k ,salt i ,number,i)
where n' is the number of iterations of the key derivation that can be specified, salt 0 -salt 9 The 512-bit salt value can be derived from random numbers or predefined character strings and is shared among users in the same encryption and decryption domain. Hmac_sm3 is a keyed cryptographic Hash (HMAC) algorithm based on SM3 algorithm, and REVB(s) is a byte string obtained by arranging s byte strings in byte reverse order.
(3) For the plaintext data X with the length of n, n is more than or equal to 2 and less than or equal to 2 32 And for basic radix ε [2,2 ] 16 ],log radix (2 96 ) And the process of encrypting the plaintext data by the first user node is that:
Let u=n/2, v=n-u, a=x [1 … u],B=X[u+1,n]T is a bit string of length t=56,T L =T[0..27]||0 4 ,T R =T[32..55]||T[28..31]||0 4 In NUM radix () Representing radix-based numbers, NUM () representing the conversion of a byte string to an integer, STR radix m (N) represents an m-long string in which an integer N is represented as radix, SM3 (k, data) represents a hash value of a tape key k for calculating data using SM3, SM4 (k, data) represents symmetric block cipher operation on data using SM4 algorithm, REVB(s) is a byte string in which s byte strings are arranged in a byte inverted order, REV (N) is an integer in which each number of integers N is arranged in an inverted order, and then, for i from 0 to 7:
m=u,W=T R (i=even)/m=v, w=t L (i=odd number)
P=SM3_HMAC(REVB(pkey i ),W)[i] 4 ||[NUM radix (REV(B))] 12
S=REVB(SM4(REVB(pkey i ),REVB(P))
y=NUM(S)
c=(NUM radix (REV(A))+y)mod radix m
C=REV(STR m radix (c))
A=B
B=C
And returning an encryption result Y=A||B.
(4) For ciphertext data Y with length of n, the decryption process of the ciphertext data by the second user node is as follows:
let a '=y [1 … u ], B' =y [ u+1, n ], then for i from 7 to 0:
m=u,W=T R (i=even)/m=v, w=t L (i=odd number)
P=SM3_HMAC(REVB(pkey i ),W)[i] 4 ||[NUM radix (REV(A`))] 12
S=REVB(SM4(REVB(pkey i ),REVB(P))
y=NUM(S)
c=(NUM radix (REV(B`))-y)mod radix m
C=REV(STR m radix (c))
B`=A`
A`=C
And returning a decryption result X=A '||B'.
In the embodiment, a plurality of pre-shared keys with uniform key identification number indexes are distributed to the user nodes through the QKD quantum key distribution network, so that the large-capacity keys can be safely shared; the encryption and decryption operation of each round of FF3-SM4 format reserved encryption is carried out by generating a plurality of derivative keys which accord with forward and backward security by the SM 3-based hash algorithm with the key, the key space is expanded randomly, the complexity and the information redundancy of the algorithm are improved, and the cracking difficulty of the format reserved encryption is improved.
In the description of the present specification, a description referring to terms "one embodiment," "some embodiments," "examples," "specific examples," or "some examples," etc., means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the present invention. In this specification, schematic representations of the above terms do not necessarily refer to the same embodiments or examples. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
Furthermore, the terms "first," "second," and the like, are used for descriptive purposes only and are not to be construed as indicating or implying a relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defining "a first" or "a second" may explicitly or implicitly include at least one such feature. In the description of the present invention, the meaning of "plurality" means at least two, for example, two, three, etc., unless specifically defined otherwise.
While embodiments of the present invention have been shown and described above, it will be understood that the above embodiments are illustrative and not to be construed as limiting the invention, and that variations, modifications, alternatives and variations may be made to the above embodiments by one of ordinary skill in the art within the scope of the invention.

Claims (16)

1. A method of enhancing FF3 format retention encryption security, the method comprising:
randomly selecting a key, and transforming the key by using a key derivation function to obtain a derived key;
when each round of encryption operation is carried out on plaintext data by adopting a format preserving encryption FF3 algorithm, carrying out hash value calculation with the derivative key on the data B to obtain intermediate quantity P, wherein the plaintext data comprises data A and data B;
processing the intermediate quantity P and the derivative key by adopting symmetric block cipher operation to generate an intermediate quantity S;
ciphertext data is generated based on the intermediate quantity S and the data A.
2. The method for enhancing the FF3 format to preserve encryption security of claim 1, characterized in that the key is a plurality of fresh keys generated via a quantum key distribution network and synchronized at quantum network nodes of the whole network, and shared among users in the same encryption and decryption domain.
3. The method of enhancing the FF3 format preserving encryption security of claim 1, wherein the key is identified with a key ID.
4. The method for enhancing the security of the FF3 format reserved encryption of claim 1 wherein said randomly selecting a key and transforming said key using a key derivation function to obtain a derived key comprises:
Randomly selecting a tag as ID k Key ID of (2) k _Key;
Transforming the key by using a key derivation function to obtain a derived key, wherein the formula is as follows:
pkey i =KF(ID k _Key,ID k ,salt i ,n`,i)
KF(ID k _Key,ID k ,salt i ,n`,i)=REVB(P 1 )REVB(P 2 )……REVB(P n` )
P 1 =HMAC_SM3(REVB(ID k _Key),REVB(ID k ||salt i ||i||“FF3 key derivation”))
P 2 =HMAC_SM3(REVB(ID k _Key),REVB(P 1 ))
……
P n` =HMAC_SM3(REVB(ID k _Key),REVB(P n`-1 ));
in pkey i To derive keys, salt i Is a salt value, n' is the iteration number of key derivation, KF () is a key derivation function, and P 1 ~P n` The intermediate quantity calculated for the key derivation function, "FF3 key derivative" is a fixed string, hmac_sm3 is a keyed cryptographic hash algorithm based on the SM3 algorithm, REVB(s) represents a string of bytes in byte reverse order of s strings, ||represents concatenation, represents an exclusive or operation, i=0, 1,2.
5. The method for enhancing FF3 format preservation encryption security according to claim 1, wherein, for plaintext data X of length n, let u=n/2, v=n-u, a=x [1 … u ], b=x [ u+1, n ], said calculating a hash value with said derivative key for data B during each round of encryption operation of plaintext data using the format preservation encryption FF3 algorithm, gives an intermediate value P, expressed by the formula:
P=SM3_HMAC(REVB(pkey i ),W)[i] 4 ||[NUM radix (REV(B))] 12
where SM3 (k, data) represents a hash value of the tape key k of the data calculated by SM3 algorithm, REV (a) represents an integer obtained by inversely arranging each number of integers a, I represents a concatenation, represents an exclusive OR operation, pkey i NUM for deriving keys radix () The representation is a radix-based numerical representation, [ s ]] N S representing an N-byte string representation; w=t when i is even R W=t when i is odd L ,T R =T[32..55]||T[28..31]||0 4 ,T L =T[0..27]||0 4 T represents a bit string, i represents the number of iterations of the format-preserving encryption algorithm operation, and i represents the round-up.
6. The method for enhancing the security of the FF3 format reserved encryption of claim 1 wherein said processing of said intermediate quantity P and said derivative key using symmetric block cipher operation generates an intermediate quantity S expressed as:
S=REVB(SM4(REVB(pkey i ),REVB(P))
wherein REVB(s) represents a byte string obtained by arranging s byte strings in a byte reverse order, SM4 (k, data) represents symmetric block cipher operation with a secret key k by using SM4 algorithm to carry out data, and pkey i Is a derivative key.
7. The method of enhancing FF3 format retention encryption security of claim 1, wherein the generating ciphertext data based on the intermediate quantity S and data a comprises:
calculate c=rev (STR m radix (c) And c= (NUM) radix (REV(A))+y)mod radix m ,y=NUM(S),NUM radix () Representing a radix-based numerical representation, REV (a) representing an integer obtained by reverse arrangement of each number of integers a, NUM () representing the conversion of a byte string into an integer, STR radix m (a) Representing an integer a as a string with a length m based on radix, mod representing a modulo operator, m=u when i is even, m=v when i is odd, u=n/2, v=n-u, n being the length of the plaintext data, representing an upward rounding;
Let data a=b, data b=c, and obtain the ciphertext data y=a||b, where|represents concatenation.
8. A data decryption method based on FF3 format retention algorithm, the method comprising:
acquiring ciphertext data, and selecting a key based on a key identifier carried in the ciphertext data;
transforming the key by using a key derivation function to obtain a derived key;
when each round of decryption operation is carried out on the ciphertext data by adopting a format preserving decryption FF3 algorithm, carrying out hash value calculation with the derivative key on ciphertext A ' to obtain intermediate quantity P, wherein the ciphertext data comprises ciphertext A ' and ciphertext B ';
processing the intermediate quantity P and the derivative key by adopting symmetric block cipher operation to generate an intermediate quantity S;
and generating plaintext data based on the intermediate quantity S and the ciphertext B.
9. The FF3 format-reservation algorithm-based data decryption method of claim 8, wherein the key is a plurality of fresh keys generated via a quantum key distribution network and synchronized at quantum network nodes of the whole network, and shared among users in the same encryption and decryption domain.
10. The FF3 format-preserving algorithm-based data decrypting method of claim 8, wherein said transforming said key with a key derivation function to obtain a derived key, comprises:
Transforming the key by using a key derivation function to obtain a derived key, wherein the formula is as follows:
pkey i =KF(ID k _Key,ID k ,salt i ,n`,i)
KF(ID k _Key,ID k ,salt i ,n`,i)=REVB(P 1 )REVB(P 2 )……REVB(P n` )
P 1 =HMAC_SM3(REVB(ID k _Key),REVB(ID k ||salt i ||i||“FF3 key derivation”))
P 2 =HMAC_SM3(REVB(ID k _Key),REVB(P 1 ))
……
P n` =HMAC_SM3(REVB(ID k _Key),REVB(P n`-1 ));
in the ID k the_Key is a Key, and the pkey i Deriving key, salt, as key derivative i Is a salt value, n' is the iteration number, KF () is a key derivative function, P 1 ~P n` The intermediate quantity calculated for the key derivation function, "FF3 key derivative" is a fixed string, hmac_sm3 is a keyed cryptographic hash algorithm based on the SM3 algorithm, REVB(s) represents a string of bytes in byte reverse order of s strings, ||represents concatenation, represents an exclusive or operation, i=0, 1,2.
11. The FF3 format-preserving algorithm-based data decrypting method as claimed in claim 8, wherein for ciphertext data Y of length n, let u=n/2, v=n-u, a ' =y1 … u, B ' =yu+1, n ], said calculating a hash value with said derivative key for ciphertext a ' at each round of decrypting operation of said ciphertext data using the format-preserving decrypting FF3 algorithm, to obtain an intermediate quantity P, the formula is:
P=SM3_HMAC(REVB(pkey i ),W)[i] 4 ||[NUM radix (REV(A`))] 12
where SM3 (k, data) represents a hash value of the tape key k of the data calculated by SM3 algorithm, REV (a) represents an integer obtained by inversely arranging each number of integers a, I represents a concatenation, represents an exclusive OR operation, pkey i NUM for deriving keys radix () The representation is a radix-based numerical representation, [ s ]] N S representing an N-byte string representation; w=t when i is even R W=t when i is odd L ,T R =T[32..55]||T[28..31]||0 4 ,T L =T[0..27]||0 4 T represents a bit string, i represents the number of iterations of the format-preserving encryption algorithm operation, and i represents the round-up.
12. The FF 3-format-reservation-algorithm-based data decryption method of claim 8, wherein the processing of the intermediate quantity P and the derivative key using symmetric block cipher operation generates an intermediate quantity S, expressed as:
S=REVB(SM4(REVB(pkey i ),REVB(P))
wherein REVB(s) represents a byte string obtained by arranging s byte strings in a byte reverse order, and SM4 (k, data) represents a byte string obtained by adopting an SM4 algorithmThe data carries out symmetric block cipher operation with key k and pkey i Is a derivative key.
13. The FF3 format-preserving algorithm-based data decrypting method as claimed in claim 8, wherein said generating plaintext data based on said intermediate quantity S and ciphertext B' comprises:
calculate c=rev (STR m radix (c) And c= (NUM) radix (REV(Bˋ))-y)mod radix m ,y=NUM(S),NUM radix () Representing a radix-based numerical representation, REV (a) representing an integer obtained by reverse arrangement of each number of integers a, NUM () representing the conversion of a byte string into an integer, STR radix m (a) Representing an integer a as a string with a length m based on radix, mod representing a modulo operator, m=u when i is even, m=v when i is odd, u=n/2, v=n-u, n being the length of the plaintext data, representing an upward rounding;
let data B '=a' and data a '=c, and obtain the plaintext data x=a' B 'and' represents a concatenation.
14. An apparatus for enhancing FF3 format retention encryption security, the apparatus comprising:
the key acquisition module is used for randomly selecting a key, and transforming the key by utilizing a key derivation function to obtain a derived key;
the first encryption module is used for carrying out hash value calculation with the derivative key on the data B to obtain intermediate quantity P when carrying out each round of encryption operation on the plaintext data by adopting a format preserving encryption FF3 algorithm, wherein the plaintext data comprises data A and data B;
the second encryption module is used for processing the intermediate quantity P and the derivative key by adopting symmetric block cipher operation to generate an intermediate quantity S;
and the ciphertext generating module is used for generating ciphertext data based on the intermediate quantity S and the data A.
15. A FF3 format reservation algorithm-based data decryption device, the device comprising:
The ciphertext acquisition module is used for acquiring ciphertext data and selecting a key based on a key identifier carried in the ciphertext data;
the key transformation module is used for transforming the key by utilizing a key derivative function to obtain a derivative key;
the first decryption module is used for carrying out hash value calculation with the derivative key on ciphertext A ' when each round of decryption operation is carried out on the ciphertext data by adopting a format preserving decryption FF3 algorithm to obtain intermediate quantity P, wherein the ciphertext data comprises ciphertext A ' and ciphertext B ';
the second decryption module is used for processing the intermediate quantity P and the derivative key by adopting symmetric block cipher operation to generate an intermediate quantity S;
and the plaintext generation module is used for generating plaintext data based on the intermediate quantity S and the ciphertext B'.
16. The data encryption and decryption system based on the FF3 format reservation algorithm is characterized by comprising a first user node and a second user node, wherein the first user node and the second user node are connected with a quantum key distribution network, and the quantum key distribution network comprises the following components:
the quantum key distribution network is used for generating and synchronizing a plurality of keys at quantum network nodes of the whole network, and importing the keys into the first user node and the second user node through a secure storage medium;
The first user node is configured to encrypt plaintext data by using the method for enhancing FF3 format retention encryption security according to any one of claims 1 to 7, obtain ciphertext data, and send the ciphertext data to the second user node;
and the second user node is used for decrypting the ciphertext data to obtain the plaintext data.
CN202310992351.4A 2023-08-07 2023-08-07 Method and equipment for enhancing FF3 format reserved encryption security Pending CN116886298A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310992351.4A CN116886298A (en) 2023-08-07 2023-08-07 Method and equipment for enhancing FF3 format reserved encryption security

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310992351.4A CN116886298A (en) 2023-08-07 2023-08-07 Method and equipment for enhancing FF3 format reserved encryption security

Publications (1)

Publication Number Publication Date
CN116886298A true CN116886298A (en) 2023-10-13

Family

ID=88268253

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310992351.4A Pending CN116886298A (en) 2023-08-07 2023-08-07 Method and equipment for enhancing FF3 format reserved encryption security

Country Status (1)

Country Link
CN (1) CN116886298A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117978365A (en) * 2024-03-12 2024-05-03 青岛青软晶尊微电子科技有限公司 A DES encryption method

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117978365A (en) * 2024-03-12 2024-05-03 青岛青软晶尊微电子科技有限公司 A DES encryption method

Similar Documents

Publication Publication Date Title
CN111740828B (en) Key generation method, device and equipment and encryption and decryption method
US20170244687A1 (en) Techniques for confidential delivery of random data over a network
CN116707804B (en) Method and equipment for enhancing FF1 format reserved encryption security
CN109150923A (en) Transmitted data on network security processing based on Hybrid Encryption
KR20210139344A (en) Methods and devices for performing data-driven activities
CN117318943B (en) Quantum distributed data storage and recovery method
CN111314050A (en) Encryption and decryption method and device
CN114760047A (en) Quantum key management method, device and system
CN116886298A (en) Method and equipment for enhancing FF3 format reserved encryption security
EP3883178A1 (en) Encryption system and method employing permutation group-based encryption technology
CN118540163B (en) Anti-quantum security enhancement method for national secret SSL VPN protocol
CN118555133B (en) Quantum-resistant security enhancement method of transport layer security protocol
CN114697039B (en) Identity authentication method and system for quantum cryptography network expansion network equipment
CN118018187B (en) Agent re-encryption method based on SM9 cooperative algorithm
CN116074839B (en) Authentication method for accessing quantum security terminal into quantum security network
CN114978496B (en) A secure data deduplication method based on lightweight encryption
CN114697001B (en) Information encryption transmission method, equipment and medium based on blockchain
Hussein et al. An enhanced ElGamal cryptosystem for image encryption and decryption
CN115834038A (en) Encryption method and device based on national commercial cryptographic algorithm
Nagamani et al. Physical layer security using cross layer authentication for aes-ecdsa algorithm
US20200169541A1 (en) Systems and methods for encryption
CN111431721A (en) IBE-based Internet of things equipment encryption method in intelligent medical environment
CN118659923B (en) A quantum-resistant security enhancement method for the Simple Authentication and Security Layer protocol
CN118659881B (en) Quantum-resistant security enhancement method for secure shell protocol
CN118694529B (en) Quantum-resistant security enhancement method for secure channel protocol of password equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination