CN101488848A - Ciphering method for generating cipher code recognition information - Google Patents

Ciphering method for generating cipher code recognition information Download PDF

Info

Publication number
CN101488848A
CN101488848A CNA2009100042268A CN200910004226A CN101488848A CN 101488848 A CN101488848 A CN 101488848A CN A2009100042268 A CNA2009100042268 A CN A2009100042268A CN 200910004226 A CN200910004226 A CN 200910004226A CN 101488848 A CN101488848 A CN 101488848A
Authority
CN
China
Prior art keywords
random
numbers
ordered series
random key
identity information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CNA2009100042268A
Other languages
Chinese (zh)
Inventor
刘海云
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CNA2009100042268A priority Critical patent/CN101488848A/en
Publication of CN101488848A publication Critical patent/CN101488848A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)
  • Computer And Data Communications (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention provide a ciphering method for generating cipher recognition information, the ciphering method is designed based on increasing the user identification information and ciphering strength of the random cipher key, the ciphering method is mainly used for adjusting the ciphering strength of the cipher recognition information composed of the user identification information and the random cipher key after being ciphered. The ciphering process flow comprises: inputting the user identification information and the ciphering strength; calculating the length of the random cipher key and generating the random cipher key of the length, according to the relationships among the length of the random cipher key, the ciphering strength and the prescribed deciphering program speed; obtaining the cipher recognition information composed of the user identification information and the random cipher key after being ciphered according to the ciphering algorithm user identification information and the random cipher key determined by the program by utilizing the user identification information and the random cipher key. According to the backup generated by the ciphering method, anyhow the deciphering program is written, even the user identification information is inputted correctly, the deciphering is performed by using the exhaustion method, not only the identification information are compared, but also the random cipher keys are also compared.

Description

Generate the encryption method of cipher code recognition information
Technical field
The present invention relates to a kind of random encrypting method, how writing with the ciphertext decrypted program of this encryption method encryption generation all needs to be decrypted with the method for exhaustion.
Background technology
Though the accidental enciphering algorithm is varied in the current computer, but subscriber identity information in all these cryptographic algorithm and random key all are the higher level's key in the key chain and the relation of subordinate's key, both do not occur existing together phenomenons of one-level, just can utilize the disposable random key of from ciphertext, calculating of this information as long as obtained subscriber identity information, and deciphering amount of calculation and encryption quanta can not differ greatly.This encryption method to subscriber identity information and random key often is unable to undergo to attack.
Summary of the invention
The present invention is based on increase to the Cipher Strength of subscriber identity information and random key and design, and prevents that the cracker from utilizing cipher code recognition information to crack.
According to an aspect of the present invention, provide a kind of encrypting user identity information and random key method, its encryption flow is as follows:
[1], the random data of 384 bytes is sent on preceding 384 bytes of ordered series of numbers ID, and with preceding 128 byte information of ordered series of numbers ID as a big integer x, be added on ordered series of numbers ID back with a cycle calculations (x/K[i]) %256 and with result of calculation,
/ * ... after the interpolation, ID has 512 data, K[i] be prime number greater than 65536,0≤i<128, this is because the position number code that the back will adopt ordering to produce is encrypted, when handling cipher code recognition information with this encryption method, may there be the situation of mistake by comparing, in order to prevent the appearance of this situation, by calculating (x/K[i]) %256 and the result being kept at ordered series of numbers ID back, write down some features of big integer x, so that by after subscriber identity information UserID and random key Random are verified, some features with big integer x are further verified, to guarantee the reliability of password authentification..........*/
[2], producing length is the random number series P of 256 bytes, utilize private key KeyText to produce ordered series of numbers S with 256 byte datas, with ordered series of numbers S according to from small to large sequence arrangement, and the position number of the byte data among the ordered series of numbers S after ordering recorded by r[0], r[1], r[2], r[3], r[4] ..., r[i] ... among the integer ordered series of numbers R of formation.With a cycle calculations,
d[i+128]=d[i+128]^p[r[i]]
/ * ... here random data is handled, be in order to destroy pseudorandom periodicity, so that the back is used as random key with these data, r[i wherein] expression ordered series of numbers S Central Plains position number is that the integer of i is after ordering, being placed in sequence number is r[i] the position, d[i], p[i] represent i data among ordered series of numbers ID, the P respectively, 0≤i<256...*/
The byte location sequence number is that 128 position begins from ordered series of numbers ID, UserID inserts in order with subscriber identity information, Cipher Strength according to user's input, calculate the length L ong of random key, in ordered series of numbers ID from back, position that subscriber identity information UserID finishes, the data that read the Long position are as random key Random
/ * ... require subscriber identity information UserID and random key Random total length to be no more than 256 * 8 bits here,, adjust the length of ordered series of numbers ID if surpass ... */
[3], sequence number is that 256 byte begins from ordered series of numbers ID, duplicate 128 bytes in ordered series of numbers P, ordered series of numbers P is copied to ordered series of numbers S, according to each byte data among the sequence arrangement ordered series of numbers S from big to small, and the position number of the byte data among the ordered series of numbers S after ordering recorded by r[0], r[1], r[2], r[3], r[4], ..., r[i] ... among the integer ordered series of numbers R of formation.
/ * ... r[i wherein] expression ordered series of numbers S Central Plains position number be the integer of i after ordering, being placed in sequence number is r[i] the position ... */
With a circulation,
With p[r[i]] be sent to s[i]
Calculate d[i]=d[i] ^s[i]
/ * ... promptly use the data of data encryption ordered series of numbers ID stem among the ordered series of numbers S,, s[i], d[i], p[i] represent i data among ordered series of numbers S, ID, the P respectively, 0≤i<128............*/
[4], ordered series of numbers S is copied to ordered series of numbers P,, and the position number of the byte data among the ordered series of numbers S after ordering recorded by r[0 according to each byte data among the sequence arrangement ordered series of numbers S from big to small], r[1], r[2], r[3], r[4], ..., r[i] ... among the integer ordered series of numbers R of formation.
/ * ... r[i wherein] expression ordered series of numbers S Central Plains position number be the integer of i after ordering, being placed in sequence number is r[i] the position ... */
With a circulation,
With p[r[i]] be sent to s[i]
Calculate d[i+128]=d[i+128] ^s[i]
/ * ... promptly use the information data at the middle part of data encryption ordered series of numbers ID among the ordered series of numbers S,, s[i], d[i], p[i] represent i data among ordered series of numbers S, ID, the P respectively, 0≤i<128......*/
[5], last 128 byte information with ID copy among the ordered series of numbers P, ordered series of numbers P is duplicated ordered series of numbers S, according to each byte data among the sequence arrangement ordered series of numbers S from big to small, and the position number of the byte data among the ordered series of numbers S after ordering recorded by r[0], r[1], r[2], r[3], r[4] ..., r[i] ... among the integer ordered series of numbers R of formation.
/ * ... r[i wherein] expression ordered series of numbers S Central Plains position number be the integer of i after ordering, being placed in sequence number is r[i] the position ... */
With a circulation,
With p[r[i]] be sent to s[i]
Calculate d[i]=d[i] ^s[i]
/ * ... promptly use data encryption ordered series of numbers ID header data among the ordered series of numbers S, s[i], d[i], p[i] represent i data among ordered series of numbers S, ID, the P respectively, 0≤i<128......*/
[6], ordered series of numbers S is copied to ordered series of numbers P,, and the position number of the byte data among the ordered series of numbers S after ordering recorded by r[0 according to each byte data among the sequence arrangement ordered series of numbers S from big to small], r[1], r[2], r[3], r[4] and ..., r[i] ... among the integer ordered series of numbers R of formation
/ * ... r[i wherein] expression ordered series of numbers S Central Plains position number be the integer of i after ordering, being placed in sequence number is r[i] the position ... */
With a circulation,
With p[r[i]] be sent to s[i]
Calculate d[i+256]=d[i+256] ^s[i]
/ * ... promptly use the information data at the middle part of data encryption ordered series of numbers ID among the ordered series of numbers S, s[i], d[i], p[i] represent i data among ordered series of numbers S, ID, the P respectively, 0≤i<128......*/
[7], with the locational data of odd bytes among the ordered series of numbers ID all to two of reaches, and add the information that shifts out the afterbody of previous odd positions byte data to, the information that first byte data is shifted out is added on the afterbody of penult byte data,
The locational number of even bytes among the ordered series of numbers ID is all moved one backward, and adds the information that shifts out the stem of a back even number position byte data to, send last byte number the stem of second byte data to according to the information that shifts out,
Preceding 256 bytes of ordered series of numbers ID are copied to before the ordered series of numbers Q in 256 bytes, back 256 byte datas of ordered series of numbers ID are copied to according to the order of sequence position number is on the byte of odd number among the ordered series of numbers ID, preceding 256 byte datas among the ordered series of numbers Q are copied to position number is on the byte of even number among the ID
[8], produce a random number series that constitutes by 516 bytes, and this ordered series of numbers copied among the ordered series of numbers P, adopt certain algorithm to utilize random key Random and subscriber identity information UserID to derive from an ordered series of numbers that constitutes by 516 bytes, and this ordered series of numbers is copied to ordered series of numbers S, with a cycle calculations
p[i]=p[i]^s[i]
/ * ... s[i], p[i] represent that respectively the pseudo-random data that i data among ordered series of numbers S, the P, 0≤i<516, this step are used for anti-locking system and provide has periodically, handles that by this step the stream cipher analytic approach was lost efficacy ... */
[9], preceding 512 bytes of ordered series of numbers P are duplicated ordered series of numbers S,, and the position number of the byte data among the ordered series of numbers S after ordering recorded by r[0 according to each byte data among the sequence arrangement ordered series of numbers S from big to small], r[1], r[2], r[3], r[4] and ..., r[i] ... among the integer ordered series of numbers R of formation
/ * ... r[i wherein] expression ordered series of numbers S Central Plains position number be the data of i after ordering, being placed in sequence number is r[i] the position.......*/
With a circulation, with d[r[i]] be sent to q[i]
/*...(0≤i<512)......*/
【10】、v=0
Encrypt ordered series of numbers ID with a circulation:
v=((i+5)(p[i/2]) (i+5)+(i+4)(p[i/2+1]) (i+4)+(i+3)(p[i/2+2]) (i+3)
+......+(i/2+1)(p[i+4]) (i/2+1))%(256 3)+v/256
d[i]=q[i]^(v%256)
/ * ... ... wherein v is the variable of definition, and 0≤i<512, the information in the byte of getting behind the variable v is given the information encryption among the ordered series of numbers ID, q[i], d[i], p[i] represent i data among ordered series of numbers Q, ID, the P respectively ... */
[11], add ordered series of numbers ID to ordered series of numbers P back,
/ * ... so that the back continue to encrypt, the length of adding back ordered series of numbers ID be 1028......*/
Random key Random preceding, subscriber identity information UserID after, both are linked together, constitute one long be the binary system ordered series of numbers RU of n position, add the information reproduction of the odd bits in (n/4-11) byte before among the ordered series of numbers P afterbody of ordered series of numbers RU to,
Since (n/4-10) individual byte, add byte data among the ordered series of numbers P afterbody of ordered series of numbers RU to, be 1032 * 8 up to the length of ordered series of numbers RU,
v=0
With a circulation encrypted random number row P:
v=((i+5)(u[i/2]) (i+5)+(i+4)(u[i/2+1]) (i+4)+(i+3)(u[i/2+2]) (i+3)
+......+(i/2+1)(u[i+4]) (i/2+1))%(256 3)+v/256
d[i]=p[i]^(v%256)
/ * ... ... u[i], d[i], p[i] data in i byte among the expression ordered series of numbers RU, ID, P, 0≤i<1028, n〉8 * 8......*/
[12], the long Long in position of random key Random is added on ordered series of numbers ID end, so just constituted when being used to decipher the cipher code recognition information PassID that discerns subscriber identity information UserID and random key Random.
In the process that generates cipher code recognition information PassID, the serial number code that repeatedly having used sorts is produced comes the method to some ordered series of numbers adjustment position above, and this paper is called order code with this method and encrypts.Order code is encrypted can prevent existing various cryptanalysis method.In superincumbent [10] and [11], in the algorithm that produces stream cipher, all adopted the item number that increases in the multinomial, the inferior non-linear method of encrypting of the highest power that increases in the multinomial is encrypted, this encryption method can make linear analysis, difference analysis method lose efficacy, because of the present invention random key is locked in the cipher code recognition information again, need seek with the method for exhaustion during deciphering, make amount of calculation exceed cracker's ability to bear fully, institute only ciphertext only attack also lost efficacy.In actual applications, the method that produces stream cipher also can utilize item number along with crypto process increases, and the highest power is inferior constant, but minimum power is realized along with crypto process increases the multinomial that changes.The power that promptly produces in the stream cipher multinomial can be adjusted as required.
Decryption method is not an emphasis of the present invention, but for the ease of understanding, here provide above-mentioned encryption method pairing decryption method, the concise and to the point flow process of this method is as follows: behind input subscriber identity information UserID, enter an exhaustive circulation, this exhaustive circulation, enumerate a possible random key TryRand, utilize usefulness subscriber identity information UserID and random key TryRand inverse process then according to above-mentioned encryption flow, be decrypted, up to [2], compare subscriber identity information UserID then, random key TryRand, if comparison result is all consistent, then utilize in the encryption flow [1], the condition code that produces at big integer x continues checking, if condition code unanimity, can confirm that then UserID and the random key TryRand that enumerates are correct, if on the contrary at comparison subscriber identity information UserID, the inconsistent random key TryRand that then enumerates again appears during random key TryRand or when the condition code that the big integer x of checking produces, continue deciphering according to top process, up to finding correct random key TryRand or exhaustive finishing.
The pairing decryption method of above-mentioned encryption method relates to this of exhaust algorithm decipher and is different from the feature of other encryption methods fully.The ciphertext that encryption method produced among the present invention all needs with the method for exhaustion or adopts the method for exhaustion and method that cryptanalysis combines is sought random key, and the content among the present invention all is based on this and puts the encryption method that designs at subscriber identity information and random key.
According to an aspect of the present invention, provide the method for a kind of encrypting user identity information and random key, omitting under the condition that the plaintext Text that will maintain secrecy is encrypted, its encryption flow is as follows:
[A] input Cipher Strength and subscriber identity information UserID,
[B] calculates the length L ong of random key according to the relation between length, Cipher Strength and the predetermined decrypted program speed three of random key, and producing length is the random key Random of Long,
[C] utilizes subscriber identity information UserID and random key Random to derive from a key K,
[D] utilizes derivative key K according to pre-defined algorithm, to encrypting, be used for when deciphering, discerning the cipher code recognition information PassID of subscriber identity information UserID and random key Random with generation by subscriber identity information UserID and the two code string that constitutes jointly of random key Random.
According to an aspect of the present invention, provide the method for a kind of encrypting user identity information and random key, omitting under the condition that the plaintext Text that will maintain secrecy is encrypted, its encryption flow is as follows:
[A] input Cipher Strength and subscriber identity information UserID,
[B] calculates the length L ong of random key according to the relation between length, Cipher Strength and the predetermined decrypted program speed three of random key, and producing length is the random key Random of Long,
[C] utilizes subscriber identity information UserID and random key Random to derive from a key K,
[D] utilizes derivative key K according to pre-defined algorithm, earlier to a subscriber identity information UserID and random key Random encryption in the two, the back is to another encryption, and the cipher code recognition information PassID of subscriber identity information UserID and random key Random is discerned in the result of twice encryption successively conduct when deciphering.
According to an aspect of the present invention, provide the method for a kind of encrypting user identity information and random key, omitting under the condition that the plaintext Text that will maintain secrecy is encrypted, its encryption flow is as follows:
[A] input Cipher Strength and subscriber identity information UserID,
[B] calculates the length L ong of random key according to the relation between length, Cipher Strength and the predetermined decrypted program speed three of random key, and producing length is the random key Random of Long,
[C] utilizes subscriber identity information UserID and random key Random to derive from a code string CUR,
[D] according to pre-defined algorithm utilize subscriber identity information UserID and random key Random the two one of encrypted code string CUR, on original basis of encrypting, continue encrypted code string CUR with another then, be used for when deciphering, discerning the cipher code recognition information PassID of subscriber identity information UserID and random key Random with generation.
According to an aspect of the present invention, provide the method for a kind of encrypting user identity information and random key, omitting under the condition that the plaintext Text that will maintain secrecy is encrypted, its encryption flow is as follows:
[A] input Cipher Strength and subscriber identity information UserID,
[B] calculates the length L ong of random key according to the relation between length, Cipher Strength and the predetermined decrypted program speed three of random key, and producing length is the random key Random of Long,
[C] is according to pre-defined algorithm utilization expressly Text or the code that produces in encrypting plaintext Text process, the code string that is made of subscriber identity information UserID and random key Random is encrypted, the cipher code recognition information PassID that is used for when deciphering, discerning subscriber identity information UserID and random key Random with generation
According to an aspect of the present invention, provide the method for a kind of encrypting user identity information and random key, omitting under the condition that the plaintext Text that will maintain secrecy is encrypted, its encryption flow is as follows:
[A] input Cipher Strength and subscriber identity information UserID,
[B] calculates the length L ong of random key according to the relation between length, Cipher Strength and the predetermined decrypted program speed three of random key, and producing length is the random key Random of Long,
[C] according to pre-defined algorithm utilize subscriber identity information UserID, random key Random the two one of, the code string that is made of subscriber identity information UserID and random key Random is encrypted, generating intermediate ciphertext PID,
[D] according to the pre-defined algorithm utilization expressly Text middle ciphertext PID is encrypted, be used for discerning when the deciphering cipher code recognition information PassID of subscriber identity information UserID and random key Random with generation,
According to an aspect of the present invention, provide the method for a kind of encrypting user identity information and random key, omitting under the condition that the plaintext Text that will maintain secrecy is encrypted, its encryption flow is as follows:
[A] input Cipher Strength and subscriber identity information UserID,
[B] calculates the length L ong of random key according to the relation between length, Cipher Strength and the predetermined decrypted program speed three of random key, and producing length is the random key Random of Long,
[C] encrypts the code string that is made of subscriber identity information UserID and random key Random according to pre-defined algorithm utilization plaintext Text, with generation intermediate ciphertext PID,
[D] according to pre-defined algorithm utilize subscriber identity information UserID, random key Random the two one of, middle ciphertext PID is encrypted, be used for the cipher code recognition information PassID of identification subscriber identity information UserID and random key Random when the deciphering with generation,
According to an aspect of the present invention, provide the method for a kind of encrypting user identity information and random key, omitting under the condition that the plaintext Text that will maintain secrecy is encrypted, its encryption flow is as follows:
[A] input Cipher Strength and subscriber identity information UserID,
[B] calculates the length L ong of random key according to the relation between length, Cipher Strength and the predetermined decrypted program speed three of random key, and producing length is the random key Random of Long,
[C] utilizes subscriber identity information UserID and random key Random to derive from a code string CUR,
[D] utilizes subscriber identity information UserID, random key Random and this thrin encrypted code string of plaintext Text CUR according to pre-defined algorithm, then with in addition both one of on the basis of aforementioned encryption, continue encrypted code string CUR, then with still having neither part nor lot in this information that code string CUR is encrypted among the aforementioned three, on the basis of aforementioned encryption, continue encrypted code string CUR, be used for when deciphering, discerning the cipher code recognition information PassID of subscriber identity information UserID and random key Random with generation.
According to an aspect of the present invention, provide the method for a kind of encrypting user identity information and random key, omitting under the condition that the plaintext Text that will maintain secrecy is encrypted, its encryption flow is as follows:
[A] input Cipher Strength and subscriber identity information UserID,
[B] calculates the length L ong of random key according to the relation between length, Cipher Strength and the predetermined decrypted program speed three of random key, and producing length is the random key Random of Long,
[C] utilizes subscriber identity information UserID and random key Random to derive from a code string CUR,
Both derived from a key K among [D] utilized subscriber identity information UserID, random key Random and this three of plaintext Text, and utilize this key K encrypted code string CUR with pre-defined algorithm, then with this information that has neither part nor lot in derivative key K among the aforementioned three, on the basis of aforementioned encryption, continue encrypted code string CUR, be used for when deciphering, discerning the cipher code recognition information PassID of subscriber identity information UserID and random key Random with generation.
According to an aspect of the present invention, provide the method for a kind of encrypting user identity information and random key, omitting under the condition that the plaintext Text that will maintain secrecy is encrypted, its encryption flow is as follows:
[A] input Cipher Strength and subscriber identity information UserID,
[B] calculates the length L ong of random key according to the relation between length, Cipher Strength and the predetermined decrypted program speed three of random key, and producing length is the random key Random of Long,
[C] utilizes subscriber identity information UserID and random key Random to derive from a code string CUR,
[D] utilizes subscriber identity information UserID, random key Random and this thrin encrypted code string of plaintext Text CUR according to pre-defined algorithm, use other both the derivative key K among the aforementioned three then, on the basis of aforementioned encryption, continue encrypted code string CUR according to pre-defined algorithm with key K, be used for when deciphering, discerning the cipher code recognition information PassID of subscriber identity information UserID and random key Random with generation.
According to an aspect of the present invention, provide the method for a kind of encrypting user identity information and random key, omitting under the condition that the plaintext Text that will maintain secrecy is encrypted, its encryption flow is as follows:
[A] input Cipher Strength and subscriber identity information UserID,
[B] calculates the length L ong of random key according to the relation between length, Cipher Strength and the predetermined decrypted program speed three of random key, and producing length is the random key Random of Long,
[C] utilizes subscriber identity information UserID, random key Random and key K of the common derivation of this three of plaintext Text,
[D] utilizes derivative key K according to pre-defined algorithm, the code string that is made of subscriber identity information UserID and random key Random is encrypted, be used for when deciphering, discerning the cipher code recognition information PassID of subscriber identity information UserID and random key Random with generation.
According to an aspect of the present invention, provide the method for a kind of encrypting user identity information and random key, omitting under the condition that the plaintext Text that will maintain secrecy is encrypted, its encryption flow is as follows:
[A] input Cipher Strength and subscriber identity information UserID,
[B] calculates the length L ong of random key according to the relation between length, Cipher Strength and the predetermined decrypted program speed three of random key, and producing length is the random key Random of Long,
[C] utilizes subscriber identity information UserID, random key Random to derive from a code string UR,
[D] utilizes random data Rand encrypted code string UR according to pre-defined algorithm, with generation ciphertext BeUR,
[E] utilizes subscriber identity information UserID, random key Random encrypted random number according to Rand according to pre-defined algorithm, generating ciphertext BeRand, with ciphertext BeUR and ciphertext BeRand as the cipher code recognition information PassID that discerns subscriber identity information UserID and random key Random when the deciphering.
According to an aspect of the present invention, provide the method for a kind of encrypting user identity information and random key, omitting under the condition that the plaintext Text that will maintain secrecy is encrypted, its encryption flow is as follows:
[A] input Cipher Strength and subscriber identity information UserID,
[B] calculates the length L ong of random key according to the relation between length, Cipher Strength and the predetermined decrypted program speed three of random key, and producing length is the random key Random of Long,
[C] utilizes subscriber identity information UserID, random key Random to derive from a code string UR,
[D] utilizes random data Rand encrypted code string UR according to pre-defined algorithm, with generation ciphertext BeUR,
[E] utilizes random data Rand and ciphertext BeUR to derive from a code string RB
[F] utilizes subscriber identity information UserID, random key Random encrypted code string RB according to pre-defined algorithm, is used for cipher code recognition information PassID at when deciphering identification subscriber identity information UserID and random key Random with generation,
According to an aspect of the present invention, provide the method for a kind of encrypting user identity information and random key, omitting under the condition that the plaintext Text that will maintain secrecy is encrypted, its encryption flow is as follows:
[A] input Cipher Strength and subscriber identity information UserID,
[B] calculates the length L ong of random key according to the relation between length, Cipher Strength and the predetermined decrypted program speed three of random key, and producing length is the random key Random of Long,
[C] utilizes subscriber identity information UserID, random key Random to derive from a code string UR,
The position that the serial number code that [D] utilizes ordering to produce is reset each code among the code string UR, utilization is used for discerning the cipher code recognition information PassID of subscriber identity information UserID and random key Random along with the stream cipher that the crypto process increase item number multinomial inferior with adjusting power produces comes encrypted code string UR when deciphering with generation.
According to an aspect of the present invention, provide the method for a kind of encrypting user identity information and random key, omitting under the condition that the plaintext Text that will maintain secrecy is encrypted, its encryption flow is as follows:
[A] input Cipher Strength and subscriber identity information UserID,
[B] calculates the length L ong of random key according to the relation between length, Cipher Strength and the predetermined decrypted program speed three of random key, and producing length is the random key Random of Long,
[C] utilizes subscriber identity information UserID, random key Random to derive from a code string UR,
[D] utilizes random data Rand encrypted code string UR according to pre-defined algorithm, with generation ciphertext BeUR,
[E] utilizes random data Rand and ciphertext BeUR to derive from a code string RB,
The position that the serial number code that [F] utilizes ordering to produce is reset each code among the code string RB, utilization is used for discerning the cipher code recognition information PassID of subscriber identity information UserID and random key Random along with the stream cipher that the crypto process increase item number multinomial inferior with adjusting power produces comes encrypted code string RB when deciphering with generation.
According in the claim 2 to 15 any one, it is characterized in that: wherein, the method that any decrypted program at this encryption method all needs to adopt the method for exhaustion or adopts the method for exhaustion to combine with the cryptanalysis technology is sought random key, the subscriber identity information that discharges in the subscriber identity information of input and the decrypting process when not only needing deciphering is compared, the random key that also needs to discharge in random key that exhaustive circulation is enumerated and the decrypting process is compared, only in the comparison of aforementioned two kinds of keys all after the unanimity, just can guarantee correct decrypting ciphertext, to discharge expressly, subscriber identity information UserID and random key Random participate in the plain text encryption to maintaining secrecy, described pre-defined algorithm is meant one or more in the following cryptographic algorithm: mathematical relationship is encrypted, displacement is encrypted, logical encrypt, arithmetic is encrypted, block encryption, stream cipher encrypting, linear encryption, non-linear encryption, statistics is encrypted, pseudorandom is encrypted, utilization increases item number along with crypto process and adjusts the algorithm of the stream cipher encrypting of the inferior multinomial generation of power, the serial number code that is produced according to sorting is adjusted the cryptographic algorithm of code position, described Cipher Strength depends on the cipher code recognition information PassID that is used for discerning subscriber identity information UserID and random key Random when deciphering that is generated behind encrypting user identity information UserID and the random key Random, during deciphering, has only the deciphering of finishing earlier cipher code recognition information PassID, could guarantee ciphertext is expressly correctly deciphered, to discharge expressly, and during deciphering, after confirming that subscriber identity information UserID and random key Random are correct, the relative the amount of calculation of amount of calculation that solves plaintext from ciphertext expressly is often very little.Therefore, described Cipher Strength also equal to the Cipher Strength of expressly encrypting and be following one of them: the average computation amount of deciphering, the max calculation amount of deciphering, the multiplication factor of amount of calculation when the average computation amount of deciphering is encrypted relatively, the multiplication factor of amount of calculation when the max calculation amount of deciphering is encrypted relatively, the multiplication factor of amount of calculation when the relative single of the average computation amount of deciphering is deciphered, the multiplication factor of amount of calculation when the relative single of the max calculation amount of deciphering is deciphered, the average deciphering time on the predetermined speed machine, the longest deciphering time on the predetermined speed machine, described random key is to be made of following wherein one or more information: the random information that system produces, the information that the random data that the serial number code system for rearranging that utilizes ordering to produce produces obtains, the information that the random data that utilization produces system the statistics in internal memory or the external memory obtains after with certain algorithm intervention, the information that obtains after utilizing random data that data in internal memory or the external memory produce system with certain algorithm intervention, utilize the information that obtains after the random data intervention of clock number to system's generation.
Even the encryption method among the present invention is utilized identical subscriber identity information, to same information encryption, Cipher Strength also is variable, and the encryption method among the present invention can Cipher Strength that random key length makes this encryption method improves along with the raising of encryption machine speed or user's demand changes by adjusting.Therefore, the encryption method among the present invention can be tackled the development of the equipment that cracks in the future, guarantees effectively by the encryption method information encrypted safety among the present invention.
Embodiment
The present invention utilizes subscriber identity information and random key to encrypt jointly, random key and subscriber identity information is locked in the cipher code recognition information, and adopts the measure of anticode analytical method when generating cipher code recognition information.The encrypted ciphertext according to the present invention, no matter how the cracker writes decrypted program, except using the method for exhaustion or adopting the method for exhaustion and the method that the cryptanalysis technology combines, can't effectively utilize other cryptanalysis method that ciphertext is cracked, even under the correct situation of the subscriber identity information that provides, any method searching random key that still needs to adopt the method for exhaustion or adopt the method for exhaustion to combine at decrypted program of the present invention with the cryptanalysis technology, could guarantee successfully with decrypt ciphertext.Encryption method among the present invention is to same information, use identical subscriber identity information, the Cipher Strength that is obtained is variable, and the encryption method among the present invention can Cipher Strength that random key length makes this encryption method improves along with the raising of encryption machine speed or user's demand changes by adjusting.Therefore, the encryption method among the present invention can be tackled the development of the equipment that cracks in the future, guarantees effectively by the encryption method information encrypted safety among the present invention.
Essential characteristic according to encryption method of the present invention is: input subscriber identity information and Cipher Strength, according to the relation between length, Cipher Strength and the predetermined decrypted program speed three of random key, calculate the length of random key, and producing the random key of this length, this is the random key that can not calculate according to any plaintext, subscriber identity information; Utilize the common encrypting plaintext of subscriber identity information and random key; And in ciphering process, random key and subscriber identity information are locked in the cipher code recognition information.Even under the correct situation of the subscriber identity information that provides, any method searching random key that still needs to adopt the method for exhaustion or adopt the method for exhaustion to combine at decrypted program of the present invention with the cryptanalysis technology, could guarantee successfully with decrypt ciphertext.
At decrypted program of the present invention, use the method for exhaustion to decipher and do not refer to only decipher with the method for exhaustion, also can adopt other advanced person's cryptanalysis technology to come the impossible random key of exclusive segment, seek the speed of random key to accelerate the method for exhaustion.The described method of exhaustion of preceding sentence is meant under the prerequisite of input subscriber identity information, and in the random key mobility scale, decrypted program is listed the random key that is not excluded as yet one by one with certain algorithm, and with certain algorithm the current random key of listing, subscriber identity information and cipher code recognition information is compared to verify the current random key of listing.Found or attempted all possible random key until correct random key.
This cryptographic system of the present invention is being encrypted, is all being needed user or system that the subscriber identity information of encrypted information is provided when deciphering.Said herein subscriber identity information is meant can be by user's key on top of, all can import during encryption and decryption, comprise the various information that are used to discern also participation encryption of user identity, deciphering by user, software set such as user name, user cipher, user fingerprints, DNA, hobby, social relationships, special experience, ID card No., software sequence number by the user.
For ease of statement, at first under the condition that all cryptanalysis methods all lost efficacy, describe below.For ease of the average computation amount of control deciphering, the random key among the present invention adopts symmetric key.When hypothesis was encrypted here, the subscriber identity information of user's input was the user cipher that contains x character, and each character is any one element that contains in U the element set in the user cipher.Encrypting the used time is T, need be made up of y unit with the random key that the method for exhaustion is sought during deciphering, and each unit is any one element that contains in R the element set, and hypothesis is encrypted, decrypting process is all finished on the computer that speed equates.When subscriber identity information was correct, the encrypted required time of information of decryption computer was t=k * T * S (k is correction factor and k in the formula〉0, S is the number of times of attempting with the method for exhaustion).Usually along with the increase of S, k can move closer to a certain constant, therefore k can be considered as a constant below.Under afore-mentioned, the required maximum duration of validated user deciphering is k * T * R y, on average decipher time t1=0.5 * k * T * (R y+ 1), the cracker is not because of knowing subscriber identity information, thus all to sound out subscriber identity information and random key, so it on average successfully cracks the time:
t2=0.5×k×T×(U x×R y+1)
=0.5×k×T×(R y+1)(U x+1÷R y)÷(1+1÷R y)
≈t1×(U x+0)÷(1+0)
=t1×U x
The cracker at the probability that h successfully cracked in the time is:
P=h÷(k×T×U x×R y)
=h(R y+1)÷(2×0.5×k×T×(R y+1)×U x×R y)
=h(1+1÷R y)÷(2×t1×U x)
≈h÷(2×t1×U x) ②
In view of the above, we can release at average deciphering time t1 is 1 minute, is 8 at user cipher length x, and character only is under the situation of numeral and big or small English alphabet in the password, and this moment, U was 62, and the probability that the cracker successfully cracked within a year is 1.20445119 * 10 -9Even the speed that cracks computer is 10000 times of computations motor speed, the probability that the cracker successfully cracked within a year also has only 1.20445119 * 10 -5This probability safe enough still concerning most users, moreover importing the length x that multiple information makes subscriber identity information by the user in actual applications is easy to greater than 8, the element number U that constitutes subscriber identity information also can increase, need can further increase with the random key length y that the method for exhaustion is sought, promptly be easy to further reduce the probability that the cracker successfully cracks.Information encrypted of the present invention is sought random key because of needs with the method for exhaustion, increased average deciphering amount of calculation, thereby cause that the average deciphering time increases, greatly reduce the probability that successfully cracks in the unit interval, and on average the time of deciphering can be controlled within the scope that validated user can accept, but because of not grasping the right user identity information, this time is further increased to U by subscriber identity information for the cracker xDoubly, make the time of cracking exceed cracker's ability to bear, force the cracker to abandon cracking by force, thereby reach the purpose that ensures information security.
Cipher Strength depends on the cipher code recognition information that is generated behind encrypting user identity information and the random key among the present invention, during deciphering, has only the deciphering of finishing earlier cipher code recognition information, could guarantee other ciphertexts are correctly deciphered, to discharge expressly, and during deciphering, after confirming that subscriber identity information and random key are all correct, the relative the amount of calculation of amount of calculation that solves plaintext from ciphertext is often very little.Therefore, described Cipher Strength also can be considered to just to equal the Cipher Strength of encrypting expressly.Cipher Strength is meant the average computation amount of deciphering among the present invention, or refer to the max calculation amount of deciphering, or the multiplication factor of amount of calculation when referring to that the average computation amount of deciphering is encrypted relatively, or the multiplication factor of amount of calculation when referring to that the max calculation amount of deciphering is encrypted relatively, or the multiplication factor of amount of calculation when referring to the deciphering of the relative single of the average computation amount of deciphering, or the multiplication factor of amount of calculation when referring to the deciphering of the relative single of the max calculation amount of deciphering, or refer to average deciphering time on the predetermined speed machine, or refer to the longest deciphering time on the predetermined speed machine.The Cipher Strength of user or system's input requires and can realize by the length that random key is set.
Can insert counters count in decrypted program obtains: decrypted program is enumerated a possible random key, and finish once the amount of calculation function f (x that attempts deciphering with this random key, y, z), x is the length of subscriber identity information in the formula, y is the length of random key, and z is the length of ciphertext, and random key length bitwise.Do not considering under the condition that cryptanalysis threatens,
When the Cipher Strength of user or system input is: during the average computation amount j of deciphering, can by to equation: j * 2=f (x, y, z) * 2 y3.
Find the solution, calculate the length y of the random key that should use when encrypting.
When the Cipher Strength of user or system input is: when predetermined speed is the average deciphering time t1 that deciphers on the computer of v, can by to equation: v * t1 * 2=f (x, y, z) * 2 y4.
Find the solution, calculate the length y of the random key that should use when encrypting.
Can insert counters count in encipheror obtains: (z), wherein x is the length of subscriber identity information to the amount of calculation function g that encipheror is encrypted for x, y, and y is the length of random key, and z is the length of ciphertext, and random key length bitwise.Do not considering under the condition that cryptanalysis threatens,
When the Cipher Strength of user or system input is: when the average computation amount of deciphering is encrypted relatively during the multiplication factor w of amount of calculation, can be by to equation:
g(x,y,z)×w×2=f(x,y,z)×2 y
Find the solution, calculate the length y of the random key that should use when encrypting.
Below all be to utilize amount of calculation to establish an equation, when the Cipher Strength of user or system input be other type parameter also can by to top similar mode, the length y of the random key that should use when from equation, calculating encryption.
Top equation all is to obtain under the condition that the cryptanalysis method lost efficacy, when encrypting, generate the cryptographic algorithm of the cipher code recognition information that is used to discern subscriber identity information and random key, when can the person of being cracked adopting the cryptanalysis method to analyze, for preventing that the disabled user from cracking, when the present invention calculated random key length before encrypting, the subprogram that is used to calculate acceleration capacity according to the cryptographic system operation, the up-to-date cryptanalysis method that obtains grasping in the system is to the acceleration capacity of decryption process, suitably the length of lengthening random key reaches to stop and utilizes this cryptanalysis method to crack effect of the present invention, can guarantee that like this present invention can catch up with the development of cryptanalysis method, and the encipheror that adopts the present invention to write, can accomplish not upgrade encryption method, the subprogram that is used to calculate acceleration capacity as long as upgrade in time, sometimes this subprogram may not need to upgrade yet, only need to upgrade the parameter relevant with acceleration capacity, behind this subprogram or the parameter update, encipheror just can improve Cipher Strength automatically, and the current up-to-date technology that cracks was lost efficacy immediately.When hereinafter calculating, acceleration capacity with old crack method the average computation amount during at certain length decrypt ciphertext with new crack method the average computation amount ratio during at same length decrypt ciphertext represent, also but other form is represented certainly, certainly in actual applications, available above-mentioned ratio subtracts 1 and represents, also the inverse of available above-mentioned ratio is represented, also subtracting this inverse with 1 represents, for after improving Cipher Strength automatically, the user to average deciphering time of ciphertext within the acceptable scope, implementer of the present invention should in time be applied to the fastest current cryptanalysis method in the decrypted program of the present invention, reduce the cycle-index of exhaustive program as far as possible, promptly to make full use of on the cryptanalytic basis, use exhaustive circulation to be decrypted, for validated user provides convenient.
Suppose the encryption method that produces according to the present invention, adopt certain algorithm that subscriber identity information and random key are encrypted, the cipher code recognition information that is used to discern subscriber identity information and random key with generation, this algorithm that generates cipher code recognition information is before announcing, except cracking with the method for exhaustion, the effective crack method that does not have other, after this algorithm that generates cipher code recognition information is announced, new cryptanalysis method has appearred, energy quickens cracking the ciphertext of this algorithm generation, through statistics or calculating, new cryptanalysis method can be expressed as function: m (x, y to the acceleration capacity of decryption process, z), wherein x is the length of known subscriber identity information, and y is the length of random key, and z is the length of ciphertext, random key length bitwise, function m (x, y, z) expression with old crack method the average computation amount during at certain length decrypt ciphertext and with new crack method the average computation amount ratio during at same length decrypt ciphertext.Implementer of the present invention, after knowing this crack method, immediately this crack method is applied in the decryption method of validated user, to improve the operating efficiency of validated user decrypted program, and will comprise the acceleration capacity function m (x of this method simultaneously, y, z) subprogram of computing function is submitted to encipheror.At this moment:
When the Cipher Strength of user or system input is: when predetermined speed is the average deciphering time t1 that deciphers on the computer of v, validated user known users identity information, the relevant equation in the time of can getting the validated user deciphering:
v×t1×2×m(x,y,z)=f(x,y,z)×2 y
Find the solution, calculate the length y of the random key that should use when encrypting.When the Cipher Strength of user or system's input was other type parameter, (x, y z) took into account also will to will speed up ability m in the process of the length y of the random key that calculating should be used before encrypting.
When the cracker does not grasp subscriber identity information, can crack the relevant equation when close:
v×t2×2×m(0,xLog 2U+y,z)=f(x,y,z)×2 y×U x
Wherein x is the length of subscriber identity information, and y is the length of random key, and z is the length of ciphertext, and random key length bitwise.By equation 6., 7. obtain:
v×t2×2×m(0,y+xLog 2U,z)=v×t1×2×m(x,y,z)×U x
8. obtaining cracking time t2 by equation is:
t2=t1×U x×m(x,y,z)÷m(0,y+xLog 2U,z) ⑨
Find the solution, calculate the length y of the random key that should use when encrypting.
(z) x in is the length of known subscriber identity information for x, y because acceleration capacity function: m, y is unknown random key length, and z is the length of ciphertext, is under the existing non-linear cryptographic algorithm condition in analyzed cryptographic algorithm, constant as z, x diminishes, when y becomes big, (x, y z) reduce acceleration capacity m, in view of the above, as can be known, as x〉0 the time
m(x,y,z)>m(0,m(0,y+xLog 2U,z),z),
Again because of m (x, y, z)〉0
So m (x, y, z) ÷ m (0, m (0, y+xLog 2U, z), z)〉1
So, can be by 9. obtaining:
t2>t1×U x
More 1. formula with 10. will find; when adopting non-linear cryptographic algorithm to come the encipherment protection cipher code recognition information according to the present invention; subprogram in update calculation new password analytical method acceleration capacity; and after utilizing the new password analytical method to upgrade decrypted program; under constant situation of the average deciphering time of validated user; cracker's the time of on average cracking will be longer; cracking probability of successful in unit interval will be lower; the encryption method that the present invention just produced will make encrypted cipher code recognition information become safer, also make the ciphertext that is generated after the plain text encryption also safer certainly.Therefore, the present invention advocates with non-linear encryption method subscriber identity information and random key to be encrypted, and to generate cipher code recognition information, uses the linear encryption method in the ciphering process but be not precluded within.
If the existing cryptanalysis method of the method encrypting user identity information among the present invention and the algorithm of random key, when writing decrypted program, the cryptanalysis method and the method for exhaustion can be combined, in the time that is provided with the user, handle longer random key with the method for exhaustion.This paper is referred to as random-length with length, the mobility scale of unit in length, mobility scale and the random key of random key.User or system are provided with Cipher Strength and realize by regulating random-length.The random key that adopts in order to guarantee among the present invention has the randomness of height, the information that the random data that the serial number code system for rearranging that cryptographic system can produce ordering produces obtains is as random key, also the information that obtains after with certain algorithm intervention of the random data that the statistics of utilizing in internal memory or the external memory can be produced system is as random key, also the information that the random data that utilizes data in internal memory or the external memory that system is produced can be obtained after with certain algorithm intervention is as random key, also can utilize the information that obtains after the random data intervention of clock number to system's generation as random key, or even constitute jointly by above two or more data.
The present invention in to the cryptographic calculation of information, can adopt XOR, non-, with or etc. logical operation encrypt; Also can adopt add, subtract, arithmetical operation such as multiplication and division, power, evolution, delivery and function encrypts; Also can adopt the mathematical relationship computing to encrypt.Preceding sentence said " mathematical relationship " has: magnitude relationship, set relations etc., wherein magnitude relationship comprise greater than, more than or equal to, equal, be less than or equal to, less than, be not equal to, set relations comprise that the relation between element and the set (belongs to, do not belong to), comprising between set and the set, mapping relations etc., adopt the mathematical relationship computing to encrypt and be meant the cryptographic algorithm of setting up according to mathematical relationship, for example select password or cryptographic algorithm etc. according to the code of cryptographic object and the magnitude relationship of a certain data, select password or cryptographic algorithm etc. according to element (this paper middle finger cryptographic object or by the code of generations such as cryptographic object) with the relation of certain set, the password table encryption that (mapping or non-mapping one by one one by one) sets up according to mapping relations etc.For for simplicity, this paper will abbreviate logical encrypt as with the encryption that logical operation realizes, will abbreviate arithmetic with the encryption that arithmetical operation realizes as and encrypt, and abbreviate the encryption of adopting the mathematical relationship computing to realize as mathematical relationship and encrypt.The present invention both can adopt in to the encryption of information and move forward (the code filling that the back is moved empty both available front, position or shifted out later of message code position, also available random sign indicating number or nonrandom sign indicating number are filled), can adopt mobile message code position (the code filling that the front is moved empty both available front, position or shifted out later backward again, also available random sign indicating number or nonrandom sign indicating number are filled), also can adopt the exchange message code position, also can adopt and rearrange the message code position by a certain rule, also can adopt and in message code, insert nonrandom code, even random code is inserted in employing in message code (this random code may not need to seek with the method for exhaustion when deciphering, also may need to seek with the method for exhaustion) etc. cause the mode enciphered message of message code change in location, this paper is called displacement with this cryptographic algorithm that can cause the message code change in location and encrypts.The present invention both can adopt stream cipher encrypting, linear encryption algorithm, symmetric encipherment algorithm, can adopt block encryption algorithm, non-linear cryptographic algorithm, asymmetrical encryption algorithm again, also can utilize statistics to encrypt, even use the accidental enciphering algorithm outside pseudorandom encryption and the present invention.
The flow process that embodiment encrypting user identity information among the present invention and random key generate cipher code recognition information is as follows:
[1], the random data of 384 bytes is sent on preceding 384 bytes of ordered series of numbers ID, and with preceding 128 byte information of ordered series of numbers ID as a big integer x, be added on ordered series of numbers ID back with a cycle calculations (x/K[i]) %256 and with result of calculation,
/ * ... after the interpolation, ID has 512 data, K[i] be prime number greater than 65536,0≤i<128, this is because the position number code that the back will adopt ordering to produce is encrypted, when handling cipher code recognition information with this encryption method, may there be the situation of mistake by comparing, in order to prevent the appearance of this situation, by calculating (x/K[i]) %256 and the result being kept at ordered series of numbers ID back, write down some features of big integer x, so that by after subscriber identity information UserID and random key Random are verified, some features with big integer x are further verified, to guarantee the reliability of password authentification..........*/
[2], producing length is the random number series P of 256 bytes, utilize private key KeyText to produce ordered series of numbers S with 256 byte datas, with ordered series of numbers S according to from small to large sequence arrangement, and the position number of the byte data among the ordered series of numbers S after ordering recorded by r[0], r[1], r[2], r[3], r[4] ..., r[i] ... among the integer ordered series of numbers R of formation.With a cycle calculations,
d[i+128]=d[i+128]^p[r[i]]
/ * ... here random data is handled, be in order to destroy pseudorandom periodicity, so that the back is used as random key with these data, r[i wherein] expression ordered series of numbers S Central Plains position number is that the integer of i is after ordering, being placed in sequence number is r[i] the position, d[i], p[i] represent i data among ordered series of numbers ID, the P respectively, 0≤i<256...*/
The byte location sequence number is that 128 position begins from ordered series of numbers ID, UserID inserts in order with subscriber identity information, Cipher Strength according to user's input, calculate the length L ong of random key, in ordered series of numbers ID from back, position that subscriber identity information UserID finishes, the data that read the Long position are as random key Random
/ * ... require subscriber identity information UserID and random key Random total length to be no more than 256 * 8 bits here,, adjust the length of ordered series of numbers ID if surpass ... */
[3], sequence number is that 256 byte begins from ordered series of numbers ID, duplicate 128 bytes in ordered series of numbers P, ordered series of numbers P is copied to ordered series of numbers S, according to each byte data among the sequence arrangement ordered series of numbers S from big to small, and the position number of the byte data among the ordered series of numbers S after ordering recorded by r[0], r[1], r[2], r[3], r[4], ..., r[i] ... among the integer ordered series of numbers R of formation.
/ * ... r[i wherein] expression ordered series of numbers S Central Plains position number be the integer of i after ordering, being placed in sequence number is r[i] the position ... */
With a circulation,
With p[r[i]] be sent to s[i]
Calculate d[i]=d[i] ^s[i]
/ * ... promptly use the data of data encryption ordered series of numbers ID stem among the ordered series of numbers S,, s[i], d[i], p[i] represent i data among ordered series of numbers S, ID, the P respectively, 0≤i<128............*/
[4], ordered series of numbers S is copied to ordered series of numbers P,, and the position number of the byte data among the ordered series of numbers S after ordering recorded by r[0 according to each byte data among the sequence arrangement ordered series of numbers S from big to small], r[1], r[2], r[3], r[4], ..., r[i] ... among the integer ordered series of numbers R of formation.
/ * ... r[i wherein] expression ordered series of numbers S Central Plains position number be the integer of i after ordering, being placed in sequence number is r[i] the position ... */
With a circulation,
With p[r[i]] be sent to s[i]
Calculate d[i+128]=d[i+128] ^s[i]
/ * ... promptly use the information data at the middle part of data encryption ordered series of numbers ID among the ordered series of numbers S,, s[i], d[i], p[i] represent i data among ordered series of numbers S, ID, the P respectively, 0≤i<128......*/
[5], last 128 byte information with ID copy among the ordered series of numbers P, ordered series of numbers P is duplicated ordered series of numbers S, according to each byte data among the sequence arrangement ordered series of numbers S from big to small, and the position number of the byte data among the ordered series of numbers S after ordering recorded by r[0], r[1], r[2], r[3], r[4] ..., r[i] ... among the integer ordered series of numbers R of formation.
/ * ... r[i wherein] expression ordered series of numbers S Central Plains position number be the integer of i after ordering, being placed in sequence number is r[i] the position ... */
With a circulation,
With p[r[i]] be sent to s[i]
Calculate d[i]=d[i] ^s[i]
/ * ... promptly use data encryption ordered series of numbers ID header data among the ordered series of numbers S, s[i], d[i], p[i] represent i data among ordered series of numbers S, ID, the P respectively, 0≤i<128......*/
[6], ordered series of numbers S is copied to ordered series of numbers P,, and the position number of the byte data among the ordered series of numbers S after ordering recorded by r[0 according to each byte data among the sequence arrangement ordered series of numbers S from big to small], r[1], r[2], r[3], r[4] and ..., r[i] ... among the integer ordered series of numbers R of formation
/ * ... r[i wherein] expression ordered series of numbers S Central Plains position number be the integer of i after ordering, being placed in sequence number is r[i] the position ... */
With a circulation,
With p[r[i]] be sent to s[i]
Calculate d[i+256]=d[i+256] ^s[i]
/ * ... promptly use the information data at the middle part of data encryption ordered series of numbers ID among the ordered series of numbers S, s[i], d[i], p[i] represent i data among ordered series of numbers S, ID, the P respectively, 0≤i<128......*/
[7], with the locational data of odd bytes among the ordered series of numbers ID all to two of reaches, and add the information that shifts out the afterbody of previous odd positions byte data to, the information that first byte data is shifted out is added on the afterbody of penult byte data,
The locational number of even bytes among the ordered series of numbers ID is all moved one backward, and adds the information that shifts out the stem of a back even number position byte data to, send last byte number the stem of second byte data to according to the information that shifts out,
Preceding 256 bytes of ordered series of numbers ID are copied to before the ordered series of numbers Q in 256 bytes, back 256 byte datas of ordered series of numbers ID are copied to according to the order of sequence position number is on the byte of odd number among the ordered series of numbers ID, preceding 256 byte datas among the ordered series of numbers Q are copied to position number is on the byte of even number among the ID
[8], produce a random number series that constitutes by 516 bytes, and this ordered series of numbers copied among the ordered series of numbers P, adopt certain algorithm to utilize random key Random and subscriber identity information UserID to derive from an ordered series of numbers that constitutes by 516 bytes, and this ordered series of numbers is copied to ordered series of numbers S, with a cycle calculations
p[i]=p[i]^s[i]
/ * ... s[i], p[i] represent that respectively the pseudo-random data that i data among ordered series of numbers S, the P, 0≤i<516, this step are used for anti-locking system and provide has periodically, handles that by this step the stream cipher analytic approach was lost efficacy ... */
[9], preceding 512 bytes of ordered series of numbers P are duplicated ordered series of numbers S,, and the position number of the byte data among the ordered series of numbers S after ordering recorded by r[0 according to each byte data among the sequence arrangement ordered series of numbers S from big to small], r[1], r[2], r[3], r[4] and ..., r[i] ... among the integer ordered series of numbers R of formation
/ * ... r[i wherein] expression ordered series of numbers S Central Plains position number be the data of i after ordering, being placed in sequence number is r[i] the position.......*/
With a circulation, with d[r[i]] be sent to q[i]
/*...(0≤i<512)......*/
【10】、v=0
Encrypt ordered series of numbers ID with a circulation:
v=((i+5)(p[i/2]) (i+5)+(i+4)(p[i/2+1]) (i+4)+(i+3)(p[i/2+2]) (i+3)
+......+(i/2+1)(p[i+4]) (i/2+1))%(256 3)+v/256
d[i]=q[i]^(v%256)
/ * ... ... wherein v is the variable of definition, 0≤i<512; information in the byte of getting behind the variable v is given the information encryption among the ordered series of numbers ID; q[i], d[i], p[i] represent i data among ordered series of numbers Q, ID, the P respectively; use the item number that increases in the multinomial here, the inferior non-linear method of encrypting of the highest power that increases in the multinomial is encrypted ... */
[11], add ordered series of numbers ID to ordered series of numbers P back,
/ * ... so that the back continue to encrypt, the length of adding back ordered series of numbers ID be 1028......*/
Random key Random preceding, subscriber identity information UserID after, both are linked together, constitute one long be the binary system ordered series of numbers RU of n position, add the information reproduction of the odd bits in (n/4-11) byte before among the ordered series of numbers P afterbody of ordered series of numbers RU to,
Since (n/4-10) individual byte, add byte data among the ordered series of numbers P afterbody of ordered series of numbers RU to, be 1032 * 8 up to the length of ordered series of numbers RU,
v=0
With a circulation encrypted random number row P:
v=((i+5)(u[i/2]) (i+5)+(i+4)(u[i/2+1]) (i+4)+(i+3)(u[i/2+2]) (i+3)
+......+(i/2+1)(u[i+4]) (i/2+1))%(256 3)+v/256
d[i]=p[i]^(v%256)
/ * ... ... u[i], d[i], p[i] data in i byte among the expression ordered series of numbers RU, ID, P, 0≤i<1028, n〉8 * 8......*/
[12], the long Long in position of random key Random is added on ordered series of numbers ID end, so just constituted when being used to decipher the cipher code recognition information PassID that discerns subscriber identity information UserID and random key Random.
The deciphering process description is as follows: behind input subscriber identity information UserID, enter an exhaustive circulation, this exhaustive circulation, enumerate a possible random key TryRand, utilize usefulness subscriber identity information UserID and random key TryRand inverse process then according to above-mentioned encryption flow, be decrypted, up to [2], compare subscriber identity information UserID then, random key TryRand, if comparison result is all consistent, then utilize in the encryption flow [1], the condition code that produces at big integer x continues checking, if condition code unanimity, can confirm that then UserID and the random key TryRand that enumerates are correct, if on the contrary at comparison subscriber identity information UserID, the inconsistent random key TryRand that then enumerates again occurs during random key TryRand or when the condition code that the big integer x of checking produces, continue deciphering according to top process, up to finding correct random key TryRand or exhaustive finishing.
The pairing decryption method of above-mentioned encryption method relates to this of exhaust algorithm decipher and is different from the feature of other encryption methods fully.The ciphertext that encryption method produced among the present invention all needs with the method for exhaustion or adopts the method for exhaustion and method that cryptanalysis combines is sought random key, and the content among the present invention all is based on this and puts the encryption method that designs at subscriber identity information and random key.
Cipher code recognition information PassID is encrypted the information that generates by the encryption method among the present invention in the above-described embodiments; amount of calculation is very big when deciphering; the present invention is applicable to the cipher code recognition information in the backup of the important information that exists with the ciphertext form of less use; the for example backup of important information such as password, certificate also can be used to protect ordinary file or information certainly.Because the frequencies that this ciphertext needs all deciphering to use are very low, so we can make under the correct situation of subscriber identity information by adjusting random-length, and the amount of calculation when all the average computation amounts of deciphering are encrypted relatively with the backup ciphertext is amplified doubly a lot.Certainly when random-length is set, speed that can encryption machine is foundation, under the correct situation of subscriber identity information, the average deciphering time that the backup ciphertext is all deciphered is made as 1 minute, 1 hour, 1 day, 1 week even longer, does not get rid of certainly and uses other set-up modes.
Can realize embodiments of the invention with several different methods, comprise the computer-readable code that writes on the computer readable recording medium storing program for performing.Computer readable recording medium storing program for performing can be the recording equipment of any type, and data are stored with computer-reader form therein.Computer readable recording medium storing program for performing includes, but are not limited to ROM, RAM, CD-ROM, tape, floppy disk, hard disk, mobile storage dish, light storage and the carrier wave transfer of data of internet (for example, by).Computer readable recording medium storing program for performing can be distributed on a plurality of computer systems that are connected to network, so that computer-readable code can be write on it and carries out from it with distribution mode.In addition, the needed function program of realization embodiments of the invention, code or code segment can be explained by those of ordinary skill in the art.
Although illustrate and described the present invention with reference to given preferred embodiment of the present invention, but those skilled in the art is to be understood that, not breaking away under the condition of the spirit and scope of the present invention as defined by the appended claims, can carry out the various variations on form and the details here.
Utilizability on the industry
Can be automatically or adjust as required and encrypt intensity according to encryption method of the present invention. According to of the present invention Encryption method can be used for the ciphertext of the backup generation high safety of the vital document information such as encryption key, certificate. The ciphertext that generates according to encryption method of the present invention can tackle the various high performance machines that crack.

Claims (16)

1, a kind of encrypting user identity information and random key generate the method for cipher code recognition information
[1], the random data of 384 bytes is sent on preceding 384 bytes of ordered series of numbers ID, and with preceding 128 byte information of ordered series of numbers ID as a big integer x, be added on ordered series of numbers ID back with a cycle calculations (x/K[i]) %256 and with result of calculation,
/ * ... after the interpolation, ID has 512 data, K[i] be prime number greater than 65536,0≤i<128, this is because the position number code that the back will adopt ordering to produce is encrypted, when handling cipher code recognition information with this encryption method, may there be the situation of mistake by comparing, in order to prevent the appearance of this situation, by calculating (x/K[i]) %256 and the result being kept at ordered series of numbers ID back, write down some features of big integer x, so that by after subscriber identity information UserID and random key Random are verified, some features with big integer x are further verified, to guarantee the reliability of password authentification..........*/
[2], producing length is the random number series P of 256 bytes, utilize private key KeyText to produce ordered series of numbers S with 256 byte datas, with ordered series of numbers S according to from small to large sequence arrangement, and the position number of the byte data among the ordered series of numbers S after ordering recorded by r[0], r[1], r[2], r[3], r[4] ..., r[i] ... among the integer ordered series of numbers R of formation.With a cycle calculations,
d[i+128]=d[i+128]^p[r[i]]
/ * ... here random data is handled, be in order to destroy pseudorandom periodicity, so that the back is used as random key with these data, r[i wherein] expression ordered series of numbers S Central Plains position number is that the integer of i is after ordering, being placed in sequence number is r[i] the position, d[i], p[i] represent i data among ordered series of numbers ID, the P respectively, 0≤i<256...*/
The byte location sequence number is that 128 position begins from ordered series of numbers ID, UserID inserts in order with subscriber identity information, Cipher Strength according to user's input, calculate the length L ong of random key, in ordered series of numbers ID from back, position that subscriber identity information UserID finishes, the data that read the Long position are as random key Random
/ * ... require subscriber identity information UserID and random key Random total length to be no more than 256 * 8 bits here,, adjust the length of ordered series of numbers ID if surpass ... */
[3], sequence number is that 256 byte begins from ordered series of numbers ID, duplicate 128 bytes in ordered series of numbers P, ordered series of numbers P is copied to ordered series of numbers S, according to each byte data among the sequence arrangement ordered series of numbers S from big to small, and the position number of the byte data among the ordered series of numbers S after ordering recorded by r[0], r[1], r[2], r[3], r[4], ..., r[i] ... among the integer ordered series of numbers R of formation.
/ * ... r[i wherein] expression ordered series of numbers S Central Plains position number be the integer of i after ordering, being placed in sequence number is r[i] the position ... */
With a circulation,
With p[r[i]] be sent to s[i]
Calculate d[i]=d[i] ^s[i]
/ * ... promptly use the data of data encryption ordered series of numbers ID stem among the ordered series of numbers S,, s[i], d[i], p[i] represent i data among ordered series of numbers S, ID, the P respectively, 0≤i<128............*/
[4], ordered series of numbers S is copied to ordered series of numbers P,, and the position number of the byte data among the ordered series of numbers S after ordering recorded by r[0 according to each byte data among the sequence arrangement ordered series of numbers S from big to small], r[1], r[2], r[3], r[4], ..., r[i] ... among the integer ordered series of numbers R of formation.
/ * ... r[i wherein] expression ordered series of numbers S Central Plains position number be the integer of i after ordering, being placed in sequence number is r[i] the position ... */
With a circulation,
With p[r[i]] be sent to s[i]
Calculate d[i+128]=d[i+128] ^s[i]
/ * ... promptly use the information data at the middle part of data encryption ordered series of numbers ID among the ordered series of numbers S,, s[i], d[i], p[i] represent i data among ordered series of numbers S, ID, the P respectively, 0≤i<128......*/
[5], last 128 byte information with ID copy among the ordered series of numbers P, ordered series of numbers P is duplicated ordered series of numbers S, according to each byte data among the sequence arrangement ordered series of numbers S from big to small, and the position number of the byte data among the ordered series of numbers S after ordering recorded by r[0], r[1], r[2], r[3], r[4] ..., r[i] ... among the integer ordered series of numbers R of formation.
/ * ... r[i wherein] expression ordered series of numbers S Central Plains position number be the integer of i after ordering, being placed in sequence number is r[i] the position ... */
With a circulation,
With p[r[i]] be sent to s[i]
Calculate d[i]=d[i] ^s[i]
/ * ... promptly use data encryption ordered series of numbers ID header data among the ordered series of numbers S, s[i], d[i], p[i] represent i data among ordered series of numbers S, ID, the P respectively, 0≤i<128......*/
[6], ordered series of numbers S is copied to ordered series of numbers P,, and the position number of the byte data among the ordered series of numbers S after ordering recorded by r[0 according to each byte data among the sequence arrangement ordered series of numbers S from big to small], r[1], r[2], r[3], r[4] and ..., r[i] ... among the integer ordered series of numbers R of formation
/ * ... r[i wherein] expression ordered series of numbers S Central Plains position number be the integer of i after ordering, being placed in sequence number is r[i] the position ... */
With a circulation,
With p[r[i]] be sent to s[i]
Calculate d[i+256]=d[i+256] ^s[i]
/ * ... promptly use the information data at the middle part of data encryption ordered series of numbers ID among the ordered series of numbers S, s[i], d[i], p[i] represent i data among ordered series of numbers S, ID, the P respectively, 0≤i<128......*/
[7], with the locational data of odd bytes among the ordered series of numbers ID all to two of reaches, and add the information that shifts out the afterbody of previous odd positions byte data to, the information that first byte data is shifted out is added on the afterbody of penult byte data,
The locational number of even bytes among the ordered series of numbers ID is all moved one backward, and adds the information that shifts out the stem of a back even number position byte data to, send last byte number the stem of second byte data to according to the information that shifts out,
Preceding 256 bytes of ordered series of numbers ID are copied to before the ordered series of numbers Q in 256 bytes, back 256 byte datas of ordered series of numbers ID are copied to according to the order of sequence position number is on the byte of odd number among the ordered series of numbers ID, preceding 256 byte datas among the ordered series of numbers Q are copied to position number is on the byte of even number among the ID
[8], produce a random number series that constitutes by 516 bytes, and this ordered series of numbers copied among the ordered series of numbers P, adopt certain algorithm to utilize random key Random and subscriber identity information UserID to derive from an ordered series of numbers that constitutes by 516 bytes, and this ordered series of numbers is copied to ordered series of numbers S, with a cycle calculations
p[i]=p[i]^s[i]
/ * ... s[i], p[i] represent that respectively the pseudo-random data that i data among ordered series of numbers S, the P, 0≤i<516, this step are used for anti-locking system and provide has periodically, handles that by this step the stream cipher analytic approach was lost efficacy ... */
[9], preceding 512 bytes of ordered series of numbers P are duplicated ordered series of numbers S,, and the position number of the byte data among the ordered series of numbers S after ordering recorded by r[0 according to each byte data among the sequence arrangement ordered series of numbers S from big to small], r[1], r[2], r[3], r[4] and ..., r[i] ... among the integer ordered series of numbers R of formation
/ * ... r[i wherein] expression ordered series of numbers S Central Plains position number be the data of i after ordering, being placed in sequence number is r[i] the position.......*/
With a circulation, with d[r[i]] be sent to q[i]
/*...(0≤i<512)......*/
【10】、v=0
Encrypt ordered series of numbers ID with a circulation:
v=((i+5)(p[i/2]) (i+5)+(i+4)(p[i/2+1]) (i+4)+(i+3)(p[i/2+2]) (i+3)+......+(i/2+1)(p[i+4]) (i/2+1))%(256 3)+v/256
d[i]=q[i]^(v%256)
/ * ... ... wherein v is the variable of definition, and 0≤i<512, the information in the byte of getting behind the variable v is given the information encryption among the ordered series of numbers ID, q[i], d[i], p[i] represent i data among ordered series of numbers Q, ID, the P respectively ... */
[11], add ordered series of numbers ID to ordered series of numbers P back,
/ * ... so that the back continue to encrypt, the length of adding back ordered series of numbers ID be 1028......*/
Random key Random preceding, subscriber identity information UserID after, both are linked together, constitute one long be the binary system ordered series of numbers RU of n position, add the information reproduction of the odd bits in (n/4-11) byte before among the ordered series of numbers P afterbody of ordered series of numbers RU to,
Since (n/4-10) individual byte, add byte data among the ordered series of numbers P afterbody of ordered series of numbers RU to, be 1032 * 8 up to the length of ordered series of numbers RU,
v=0
With a circulation encrypted random number row P:
v=((i+5)(u[i/2]) (i+5)+(i+4)(u[i/2+1]) (i+4)+(i+3)(u[i/2+2]) (i+3)
+......+(i/2+1)(u[i+4]) (i/2+1))%(256 3)+v/256
d[i]=p[i]^(v%256)
/ * ... ... u[i], d[i], p[i] data in i byte among the expression ordered series of numbers RU, ID, P, 0≤i<1028, n〉8 * 8......*/
[12], the long Long in position of random key Random is added on ordered series of numbers ID end, so just constituted the cipher code recognition information PassID that is used for discerning subscriber identity information UserID and random key Random in when deciphering.
Described Cipher Strength depends on the cipher code recognition information PassID that is generated behind encrypting user identity information UserID and the random key Random, during deciphering, has only the deciphering of finishing earlier cipher code recognition information PassID, could guarantee ciphertext is expressly correctly deciphered, to discharge expressly, and during deciphering, after confirming that subscriber identity information UserID and random key Random are correct, the relative the amount of calculation of amount of calculation that solves plaintext from ciphertext expressly is often very little.Therefore, described Cipher Strength also equal to the Cipher Strength of expressly encrypting and be following one of them: the average computation amount of deciphering, the max calculation amount of deciphering, the multiplication factor of amount of calculation when the average computation amount of deciphering is encrypted relatively, the multiplication factor of amount of calculation when the max calculation amount of deciphering is encrypted relatively, the multiplication factor of amount of calculation when the relative single of the average computation amount of deciphering is deciphered, the multiplication factor of amount of calculation when the relative single of the max calculation amount of deciphering is deciphered, the average deciphering time on the predetermined speed machine, the longest deciphering time on the predetermined speed machine
2, a kind of encrypting user identity information and random key generate the method for cipher code recognition information
[A] input Cipher Strength and subscriber identity information UserID,
[B] calculates the length L ong of random key according to the relation between length, Cipher Strength and the predetermined decrypted program speed three of random key, and producing length is the random key Random of Long,
[C] utilizes subscriber identity information UserID and random key Random to derive from a key K,
[D] utilizes derivative key K according to pre-defined algorithm, to encrypting, be used for when deciphering, discerning the cipher code recognition information PassID of subscriber identity information UserID and random key Random with generation by subscriber identity information UserID and the two code string that constitutes jointly of random key Random.
3, a kind of encrypting user identity information and random key generate the method for cipher code recognition information
[A] input Cipher Strength and subscriber identity information UserID,
[B] calculates the length L ong of random key according to the relation between length, Cipher Strength and the predetermined decrypted program speed three of random key, and producing length is the random key Random of Long,
[C] utilizes subscriber identity information UserID and random key Random to derive from a key K,
[D] utilizes derivative key K according to pre-defined algorithm, earlier to a subscriber identity information UserID and random key Random encryption in the two, the back is to another encryption, and the cipher code recognition information PassID of subscriber identity information UserID and random key Random is discerned in the result of twice encryption successively conduct when deciphering.
4, a kind of encrypting user identity information and random key generate the method for cipher code recognition information
[A] input Cipher Strength and subscriber identity information UserID,
[B] calculates the length L ong of random key according to the relation between length, Cipher Strength and the predetermined decrypted program speed three of random key, and producing length is the random key Random of Long,
[C] utilizes subscriber identity information UserID and random key Random to derive from a code string CUR,
[D] according to pre-defined algorithm utilize subscriber identity information UserID and random key Random the two one of encrypted code string CUR, on original basis of encrypting, continue encrypted code string CUR with another then, be used for when deciphering, discerning the cipher code recognition information PassID of subscriber identity information UserID and random key Random with generation.
5, a kind of encrypting user identity information and random key generate the method for cipher code recognition information
[A] input Cipher Strength and subscriber identity information UserID,
[B] calculates the length L ong of random key according to the relation between length, Cipher Strength and the predetermined decrypted program speed three of random key, and producing length is the random key Random of Long,
[C] is according to pre-defined algorithm utilization expressly Text or the code that produces in encrypting plaintext Text process, the code string that is made of subscriber identity information UserID and random key Random is encrypted, the cipher code recognition information PassID that is used for when deciphering, discerning subscriber identity information UserID and random key Random with generation
6, a kind of encrypting user identity information and random key generate the method for cipher code recognition information
[A] input Cipher Strength and subscriber identity information UserID,
[B] calculates the length L ong of random key according to the relation between length, Cipher Strength and the predetermined decrypted program speed three of random key, and producing length is the random key Random of Long,
[C] according to pre-defined algorithm utilize subscriber identity information UserID, random key Random the two one of, the code string that is made of subscriber identity information UserID and random key Random is encrypted, generating intermediate ciphertext PID,
[D] according to the pre-defined algorithm utilization expressly Text middle ciphertext PID is encrypted, be used for discerning when the deciphering cipher code recognition information PassID of subscriber identity information UserID and random key Random with generation,
7, a kind of encrypting user identity information and random key generate the method for cipher code recognition information
[A] input Cipher Strength and subscriber identity information UserID,
[B] calculates the length L ong of random key according to the relation between length, Cipher Strength and the predetermined decrypted program speed three of random key, and producing length is the random key Random of Long,
[C] encrypts the code string that is made of subscriber identity information UserID and random key Random according to pre-defined algorithm utilization plaintext Text, with generation intermediate ciphertext PID,
[D] according to pre-defined algorithm utilize subscriber identity information UserID, random key Random the two one of, middle ciphertext PID is encrypted, be used for the cipher code recognition information PassID of identification subscriber identity information UserID and random key Random when the deciphering with generation,
8, a kind of encrypting user identity information and random key generate the method for cipher code recognition information
[A] input Cipher Strength and subscriber identity information UserID,
[B] calculates the length L ong of random key according to the relation between length, Cipher Strength and the predetermined decrypted program speed three of random key, and producing length is the random key Random of Long,
[C] utilizes subscriber identity information UserID and random key Random to derive from a code string CUR,
[D] utilizes subscriber identity information UserID, random key Random and this thrin encrypted code string of plaintext Text CUR according to pre-defined algorithm, then with in addition both one of on the basis of aforementioned encryption, continue encrypted code string CUR, then with still having neither part nor lot in this information that code string CUR is encrypted among the aforementioned three, on the basis of aforementioned encryption, continue encrypted code string CUR, be used for when deciphering, discerning the cipher code recognition information PassID of subscriber identity information UserID and random key Random with generation.
9, a kind of encrypting user identity information and random key generate the method for cipher code recognition information
[A] input Cipher Strength and subscriber identity information UserID,
[B] calculates the length L ong of random key according to the relation between length, Cipher Strength and the predetermined decrypted program speed three of random key, and producing length is the random key Random of Long,
[C] utilizes subscriber identity information UserID and random key Random to derive from a code string CUR,
Both derived from a key K among [D] utilized subscriber identity information UserID, random key Random and this three of plaintext Text, and utilize this key K encrypted code string CUR with pre-defined algorithm, then with this information that has neither part nor lot in derivative key K among the aforementioned three, on the basis of aforementioned encryption, continue encrypted code string CUR, be used for when deciphering, discerning the cipher code recognition information PassID of subscriber identity information UserID and random key Random with generation.
10, a kind of encrypting user identity information and random key generate the method for cipher code recognition information
[A] input Cipher Strength and subscriber identity information UserID,
[B] calculates the length L ong of random key according to the relation between length, Cipher Strength and the predetermined decrypted program speed three of random key, and producing length is the random key Random of Long,
[C] utilizes subscriber identity information UserID and random key Random to derive from a code string CUR,
[D] utilizes subscriber identity information UserID, random key Random and this thrin encrypted code string of plaintext Text CUR according to pre-defined algorithm, use other both the derivative key K among the aforementioned three then, on the basis of aforementioned encryption, continue encrypted code string CUR according to pre-defined algorithm with key K, be used for when deciphering, discerning the cipher code recognition information PassID of subscriber identity information UserID and random key Random with generation.
11, a kind of encrypting user identity information and random key generate the method for cipher code recognition information
[A] input Cipher Strength and subscriber identity information UserID,
[B] calculates the length L ong of random key according to the relation between length, Cipher Strength and the predetermined decrypted program speed three of random key, and producing length is the random key Random of Long,
[C] utilizes subscriber identity information UserID, random key Random and key K of the common derivation of this three of plaintext Text,
[D] utilizes derivative key K according to pre-defined algorithm, the code string that is made of subscriber identity information UserID and random key Random is encrypted, be used for when deciphering, discerning the cipher code recognition information PassID of subscriber identity information UserID and random key Random with generation.
12, a kind of encrypting user identity information and random key generate the method for cipher code recognition information
[A] input Cipher Strength and subscriber identity information UserID,
[B] calculates the length L ong of random key according to the relation between length, Cipher Strength and the predetermined decrypted program speed three of random key, and producing length is the random key Random of Long,
[C] utilizes subscriber identity information UserID, random key Random to derive from a code string UR,
[D] utilizes random data Rand encrypted code string UR according to pre-defined algorithm, with generation ciphertext BeUR,
[E] utilizes subscriber identity information UserID, random key Random encrypted random number according to Rand according to pre-defined algorithm, generating ciphertext BeRand, with ciphertext BeUR and ciphertext BeRand as the cipher code recognition information PassID that discerns subscriber identity information UserID and random key Random when the deciphering.
13, a kind of encrypting user identity information and random key generate the method for cipher code recognition information
[A] input Cipher Strength and subscriber identity information UserID,
[B] calculates the length L ong of random key according to the relation between length, Cipher Strength and the predetermined decrypted program speed three of random key, and producing length is the random key Random of Long,
[C] utilizes subscriber identity information UserID, random key Random to derive from a code string UR,
[D] utilizes random data Rand encrypted code string UR according to pre-defined algorithm, with generation ciphertext BeUR,
[E] utilizes random data Rand and ciphertext BeUR to derive from a code string RB
[F] utilizes subscriber identity information UserID, random key Random encrypted code string RB according to pre-defined algorithm, is used for cipher code recognition information PassID at when deciphering identification subscriber identity information UserID and random key Random with generation,
14, a kind of encrypting user identity information and random key generate the method for cipher code recognition information
[A] input Cipher Strength and subscriber identity information UserID,
[B] calculates the length L ong of random key according to the relation between length, Cipher Strength and the predetermined decrypted program speed three of random key, and producing length is the random key Random of Long,
[C] utilizes subscriber identity information UserID, random key Random to derive from a code string UR,
The position that the serial number code that [D] utilizes ordering to produce is reset each code among the code string UR, utilization is used for discerning the cipher code recognition information PassID of subscriber identity information UserID and random key Random along with the stream cipher that the crypto process increase item number multinomial inferior with adjusting power produces comes encrypted code string UR when deciphering with generation.
15, a kind of encrypting user identity information and random key generate the method for cipher code recognition information
[A] input Cipher Strength and subscriber identity information UserID,
[B] calculates the length L ong of random key according to the relation between length, Cipher Strength and the predetermined decrypted program speed three of random key, and producing length is the random key Random of Long,
[C] utilizes subscriber identity information UserID, random key Random to derive from a code string UR,
[D] utilizes random data Rand encrypted code string UR according to pre-defined algorithm, with generation ciphertext BeUR,
[E] utilizes random data Rand and ciphertext BeUR to derive from a code string RB,
The position that the serial number code that [F] utilizes ordering to produce is reset each code among the code string RB, utilization is used for discerning the cipher code recognition information PassID of subscriber identity information UserID and random key Random along with the stream cipher that the crypto process increase item number multinomial inferior with adjusting power produces comes encrypted code string RB when deciphering with generation.
16, according in the claim 2 to 15 any one, it is characterized in that: wherein
The method that any decrypted program at this encryption method all needs to adopt the method for exhaustion or adopts the method for exhaustion to combine with the cryptanalysis technology is sought random key, the subscriber identity information that discharges in the subscriber identity information of input and the decrypting process when not only needing deciphering is compared, the random key that also needs to discharge in random key that exhaustive circulation is enumerated and the decrypting process is compared, only in the comparison of aforementioned two kinds of keys all after the unanimity, just can guarantee correct decrypting ciphertext, to discharge expressly, subscriber identity information UserID and random key Random participate in the plain text encryption to maintaining secrecy.
Described pre-defined algorithm is meant one or more in the following cryptographic algorithm: mathematical relationship encryption, displacement encryption, logical encrypt, arithmetic encryption, block encryption, stream cipher encrypting, linear encryption, non-linear encryption, statistics are encrypted, pseudorandom is encrypted, utilize along with crypto process increase item number and adjust the algorithm of the stream cipher encrypting that the multinomial of power time produces, cryptographic algorithm that the serial number code that produced according to ordering is adjusted code position
Described Cipher Strength depends on the cipher code recognition information PassID that is generated behind encrypting user identity information UserID and the random key Random, during deciphering, has only the deciphering of finishing earlier cipher code recognition information PassID, could guarantee ciphertext is expressly correctly deciphered, to discharge expressly, and during deciphering, after confirming that subscriber identity information UserID and random key Random are correct, the relative the amount of calculation of amount of calculation that solves plaintext from ciphertext expressly is often very little.Therefore, described Cipher Strength also equal to the Cipher Strength of expressly encrypting and be following one of them: the average computation amount of deciphering, the max calculation amount of deciphering, the multiplication factor of amount of calculation when the average computation amount of deciphering is encrypted relatively, the multiplication factor of amount of calculation when the max calculation amount of deciphering is encrypted relatively, the multiplication factor of amount of calculation when the relative single of the average computation amount of deciphering is deciphered, the multiplication factor of amount of calculation when the relative single of the max calculation amount of deciphering is deciphered, the average deciphering time on the predetermined speed machine, the longest deciphering time on the predetermined speed machine
Described random key is to be made of following wherein one or more information: the random information that system produces, the information that the random data that the serial number code system for rearranging that utilizes ordering to produce produces obtains, the information that the random data that utilization produces system the statistics in internal memory or the external memory obtains after with certain algorithm intervention, the information that obtains after utilizing random data that data in internal memory or the external memory produce system with certain algorithm intervention, utilize the information that obtains after the random data intervention of clock number to system's generation.
CNA2009100042268A 2008-02-13 2009-02-12 Ciphering method for generating cipher code recognition information Pending CN101488848A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNA2009100042268A CN101488848A (en) 2008-02-13 2009-02-12 Ciphering method for generating cipher code recognition information

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
CN200810008126.8 2008-02-13
CNA2008100081268A CN101227275A (en) 2008-02-13 2008-02-13 Enciphering method for combining accidental enciphering and exhaust algorithm decipher
CNA2009100042268A CN101488848A (en) 2008-02-13 2009-02-12 Ciphering method for generating cipher code recognition information

Publications (1)

Publication Number Publication Date
CN101488848A true CN101488848A (en) 2009-07-22

Family

ID=39859048

Family Applications (3)

Application Number Title Priority Date Filing Date
CNA2008100081268A Pending CN101227275A (en) 2008-02-13 2008-02-13 Enciphering method for combining accidental enciphering and exhaust algorithm decipher
CN2009100042179A Expired - Fee Related CN101488858B (en) 2008-02-13 2009-02-12 Random ciphering method which needs to be deciphered by exhaust algorithm
CNA2009100042268A Pending CN101488848A (en) 2008-02-13 2009-02-12 Ciphering method for generating cipher code recognition information

Family Applications Before (2)

Application Number Title Priority Date Filing Date
CNA2008100081268A Pending CN101227275A (en) 2008-02-13 2008-02-13 Enciphering method for combining accidental enciphering and exhaust algorithm decipher
CN2009100042179A Expired - Fee Related CN101488858B (en) 2008-02-13 2009-02-12 Random ciphering method which needs to be deciphered by exhaust algorithm

Country Status (2)

Country Link
CN (3) CN101227275A (en)
WO (1) WO2009100679A1 (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103095452A (en) * 2011-11-01 2013-05-08 刘海云 Random encryption method needing to adopt exhaustion method for deciphering
CN103944715A (en) * 2014-04-25 2014-07-23 天地融科技股份有限公司 Data processing method based on agreement key
CN104462939A (en) * 2014-12-31 2015-03-25 浪潮(北京)电子信息产业有限公司 Inter-cluster node password information processing method and system
CN104462932A (en) * 2014-11-24 2015-03-25 广西大学 Method for generating and verifying maintenance password of embedded device
CN109564614A (en) * 2016-08-12 2019-04-02 7隧道公司 The device and method for encrypting to enable portable secured communication using random cipher plate
CN109918877A (en) * 2019-03-21 2019-06-21 深圳市网心科技有限公司 A kind of data ciphering method, system, client and computer readable storage medium
CN110086618A (en) * 2019-06-12 2019-08-02 南京格兰斯贝网络科技有限公司 Lighting control system communication protocol encryption method
CN112100611A (en) * 2020-08-14 2020-12-18 广州江南科友科技股份有限公司 Password generation method and device, storage medium and computer equipment
CN113746801A (en) * 2021-07-30 2021-12-03 佛山市青松科技股份有限公司 Communication method, sending terminal, receiving terminal and system based on temporary secret key

Families Citing this family (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101227275A (en) * 2008-02-13 2008-07-23 刘海云 Enciphering method for combining accidental enciphering and exhaust algorithm decipher
CN102013980A (en) * 2009-05-06 2011-04-13 刘海云 Random encryption method for decrypting by adopting exhaustion method
WO2010091566A1 (en) * 2009-02-12 2010-08-19 Liu Haiyun Encryption/decryption method
CN102564248B (en) * 2010-12-31 2014-03-12 贵州久联民爆器材发展股份有限公司 Encryption method for electronic detonators
US8917872B2 (en) 2011-07-06 2014-12-23 Hewlett-Packard Development Company, L.P. Encryption key storage with key fragment stores
CN103248491B (en) 2013-05-23 2016-04-13 天地融科技股份有限公司 A kind of backup method of electronic signature token private key and system
CN103269271B (en) * 2013-05-23 2016-12-07 天地融科技股份有限公司 A kind of back up the method and system of private key in electronic signature token
CN104506504B (en) * 2014-12-16 2017-12-26 成都驰通数码系统有限公司 A kind of storage method and safety device of card-free terminal classified information
CN105760764B (en) * 2014-12-18 2020-03-17 中兴通讯股份有限公司 Encryption and decryption method and device for embedded storage device file and terminal
CN107465649A (en) * 2016-06-02 2017-12-12 中兴通讯股份有限公司 Control method of electronic device, terminal and control system
CN106506487A (en) * 2016-11-03 2017-03-15 武汉斗鱼网络科技有限公司 A kind of information Encrypt and Decrypt method and device
CN106921482B (en) * 2017-02-17 2019-04-05 武汉斗鱼网络科技有限公司 A kind of method and system based on ARM instruction construction data encrypting and deciphering algorithm
CN109150494B (en) * 2017-06-27 2021-07-23 武汉斗鱼网络科技有限公司 Method, storage medium, device and system for constructing encryption and decryption algorithm in mobile terminal
CN108009830A (en) * 2017-12-14 2018-05-08 上海密尔克卫化工储存有限公司 Products in circulation tracking and system based on block chain
CN109255612B (en) * 2018-08-14 2020-06-23 海南新软软件有限公司 Backup method and device for digital currency private key and terminal
CN109523658B (en) * 2018-09-29 2021-01-26 深圳市视美泰技术股份有限公司 Method and device for safely checking virtual password and intelligent lockset
CN109145533B (en) * 2018-09-30 2021-11-26 武汉斗鱼网络科技有限公司 Method and device for protecting code by using random password
CN109754045B (en) * 2019-01-25 2020-01-21 海明联合能源集团矩网科技有限公司 Annular code, annular code generation method and application thereof
US11848958B2 (en) * 2019-12-23 2023-12-19 Mcafee, Llc Methods and apparatus to detect malware based on network traffic analysis
CN113408729A (en) * 2021-07-06 2021-09-17 安徽理工大学 Data processing method for DNA calculation
CN117424752B (en) * 2023-12-07 2024-03-15 佛山市顺德弘金电器科技有限公司 Communication encryption and decryption method and device
CN117499159B (en) * 2023-12-27 2024-03-26 杭州字节方舟科技有限公司 Block chain-based data transaction method and device and electronic equipment

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1338841A (en) * 2000-08-11 2002-03-06 海南格方网络安全有限公司 Intelligent key for security authentication of computer
US9520993B2 (en) * 2001-01-26 2016-12-13 International Business Machines Corporation Renewable traitor tracing
WO2005034424A1 (en) * 2003-10-08 2005-04-14 Engberg Stephan J Method and system for establishing a communication using privacy enhancing techniques
CN100550721C (en) * 2004-03-17 2009-10-14 华为技术有限公司 A kind of method and system of end-to-end wireless encryption communication
ATE450966T1 (en) * 2005-06-17 2009-12-15 Research In Motion Ltd ENCRYPTION OF MESSAGES FOR USE IN A COMMUNICATIONS SYSTEM BASED ON SECURITY CLASSIFICATION STATUS
US7690026B2 (en) * 2005-08-22 2010-03-30 Microsoft Corporation Distributed single sign-on service
CN101059957B (en) * 2007-05-24 2011-06-22 华中科技大学 An audio coding selective cryptographic method
CN101227275A (en) * 2008-02-13 2008-07-23 刘海云 Enciphering method for combining accidental enciphering and exhaust algorithm decipher

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103095452A (en) * 2011-11-01 2013-05-08 刘海云 Random encryption method needing to adopt exhaustion method for deciphering
CN103944715A (en) * 2014-04-25 2014-07-23 天地融科技股份有限公司 Data processing method based on agreement key
CN103944715B (en) * 2014-04-25 2017-09-19 天地融科技股份有限公司 A kind of data processing method based on arranging key
CN104462932A (en) * 2014-11-24 2015-03-25 广西大学 Method for generating and verifying maintenance password of embedded device
CN104462932B (en) * 2014-11-24 2017-05-17 广西大学 Method for generating and verifying maintenance password of embedded device
CN104462939A (en) * 2014-12-31 2015-03-25 浪潮(北京)电子信息产业有限公司 Inter-cluster node password information processing method and system
CN104462939B (en) * 2014-12-31 2017-11-17 浪潮(北京)电子信息产业有限公司 Encrypted message processing method and system between a kind of clustered node
CN109564614A (en) * 2016-08-12 2019-04-02 7隧道公司 The device and method for encrypting to enable portable secured communication using random cipher plate
CN109918877A (en) * 2019-03-21 2019-06-21 深圳市网心科技有限公司 A kind of data ciphering method, system, client and computer readable storage medium
CN110086618A (en) * 2019-06-12 2019-08-02 南京格兰斯贝网络科技有限公司 Lighting control system communication protocol encryption method
CN112100611A (en) * 2020-08-14 2020-12-18 广州江南科友科技股份有限公司 Password generation method and device, storage medium and computer equipment
CN113746801A (en) * 2021-07-30 2021-12-03 佛山市青松科技股份有限公司 Communication method, sending terminal, receiving terminal and system based on temporary secret key

Also Published As

Publication number Publication date
WO2009100679A1 (en) 2009-08-20
CN101227275A (en) 2008-07-23
CN101488858B (en) 2012-07-04
CN101488858A (en) 2009-07-22

Similar Documents

Publication Publication Date Title
CN101488848A (en) Ciphering method for generating cipher code recognition information
CN102013980A (en) Random encryption method for decrypting by adopting exhaustion method
US10810315B2 (en) Enabling access to data
EP2361462B1 (en) Method for generating an encryption/decryption key
CN103095452A (en) Random encryption method needing to adopt exhaustion method for deciphering
CN103716157A (en) Grouped multiple-key encryption method and grouped multiple-key encryption device
CN101262341A (en) A mixed encryption method in session system
CN106130716A (en) Cipher key exchange system based on authentication information and method
CN104396182A (en) Method of encrypting data
CN109873699A (en) A kind of voidable identity public key encryption method
CN114186249A (en) Computer file security encryption method, computer file security decryption method and readable storage medium
CN113014380A (en) File data password management method and device, computer equipment and storage medium
CN107332663A (en) Archive management method based on encryption technology
CN109412788B (en) Anti-quantum computing agent cloud storage security control method and system based on public key pool
CN116248316A (en) File encryption method, file decryption method, device and storage medium
CN115204876A (en) Quantum security U shield equipment and method for mobile payment
Kumar et al. Hybridization of Cryptography for Security of Cloud Data
US20130058483A1 (en) Public key cryptosystem and technique
CN114139177A (en) Token generation method, system and device
Pushpa Enhancing Data Security by Adapting Network Security and Cryptographic Paradigms
Rahim et al. Security Enhancement with USB Flash Disk as Key using AES Algorithm
CN111314053B (en) Data encryption and decryption method
PRAKASH Performance evaluation of cloud data security framework using symmetric key algorithm
CN110572256B (en) Anti-quantum computing asymmetric key management method and system based on asymmetric key pool and implicit certificate
CN111314052A (en) Data encryption and decryption method based on uniformly distributed symmetric compression algorithm

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C02 Deemed withdrawal of patent application after publication (patent law 2001)
WD01 Invention patent application deemed withdrawn after publication

Open date: 20090722