CN103684748B - Symmetric encryption and decryption method, and symmetric encryption and decryption system - Google Patents
Symmetric encryption and decryption method, and symmetric encryption and decryption system Download PDFInfo
- Publication number
- CN103684748B CN103684748B CN201210364424.7A CN201210364424A CN103684748B CN 103684748 B CN103684748 B CN 103684748B CN 201210364424 A CN201210364424 A CN 201210364424A CN 103684748 B CN103684748 B CN 103684748B
- Authority
- CN
- China
- Prior art keywords
- data
- computing
- random number
- calculator
- linear
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Abstract
A symmetric encryption and decryption method and a symmetric encryption and decryption system are provided. The symmetric encryption and decryption method includes the following steps that: data to be processed, keys and first random numbers are provided; first computation and first linear computation are performed on the data to be processed, the keys and the first random numbers, such that first data are obtained; the first linear computation and second computation are performed on the first random numbers, such that second data are obtained; nonlinear computation is performed on the first data, such that third data are obtained; the first computation and second linear computation are performed on the third data and the second data, such that encryption and decryption data are obtained; the nonlinear computation includes the step that initial SBOX is provided; the second computation is performed on the first random numbers, such that fourth data can be obtained; the first computation is performed on the initial SBOX and the fourth data, such that fifth data can be obtained; the locations of elements in the fifth data are adjusted according to the first random numbers, such that new SBOX is obtained; and nonlinear byte data corresponding to the first data are selected from the new SBOX and are adopted as the third data. With the symmetric encryption and decryption method and the symmetric encryption and decryption system of the invention adopted, the security and efficiency of encryption and decryption can be improved.
Description
Technical field
The present invention relates to technical field of information processing, more particularly, to a kind of symmetrical expression encipher-decipher method and symmetrical expression add
Decryption system.
Background technology
In order to ensure message safety, need message is encrypted and decrypted, conventional encryption and decryption technology includes symmetrical expression
Encryption and decryption technology and asymmetric encryption and decryption side technology.Wherein, in symmetrical expression encryption and decryption technology, data transmission side will be in plain text
(Initial data)Send out so as to become complicated ciphertext after encryption together with encryption key;Destination receives
To after ciphertext, using the inversely processing of identical key and encryption, ciphertext is decrypted so that it may so that it is reverted to readable bright
Literary composition.Symmetrical expression encryption and decryption has the advantages that algorithm is open, amount of calculation is little, enciphering rate is fast and encryption efficiency is high.But, due to handing over
Easy both sides are using identical key it is therefore desirable to improve its security further.
In prior art, all of symmetrical expression encryption and decryption technology is all very similar, including one or many interative computation, often
Secondary interative computation includes two linear operations and a nonlinear operation.Specifically, with reference to shown in Fig. 1, can prevent in prior art
The symmetrical expression encrypting and deciphering system that imperial single order side line signal is attacked includes:
Data input module 10, for inputting plaintext to be encrypted or ciphertext to be decrypted;
Key entry module 20, for inputting key;
Randomizer 30, for producing arbitrary random number, the bit wide of described random number and described plaintext or cipher text
Bit wide correspondence is identical;
First exclusive-OR operator 40, connects output end, the output of key entry module 20 of described data input module 10
End and the output end of randomizer 30, for carrying out XOR process to described plaintext or cipher text, key and random number, obtain
First xor data related to described plaintext or cipher text;
First linear operator 50, connects the output end of described first exclusive-OR operator 40, for described first XOR
Result carries out the first linear operation, obtains the first linear data A related to described plaintext or cipher text;
First linear operator 60, connects the output end of described randomizer 40, for carrying out to described random number
First linear operation, obtains the first linear data B related to described random number;
Nonlinear operator 70, connects the output end of the first linear operator 50 and the output end of randomizer 30,
For nonlinear operation is carried out to described first linear data A according to described random number, obtain nonlinear data;
Second exclusive-OR operator 80, connects the output end of described nonlinear operator 70 and the defeated of the first linear operator 60
Go out end, for XOR is carried out to described nonlinear data and described first linear data B, obtain the second xor data;
Second linear operator 90, connects the output end of described second exclusive-OR operator 80, for described second XOR
Data carries out the second linear operation, obtains second linear data related to described plaintext or cipher text, thus completing to input
Plain text encryption or the deciphering of ciphertext.
The symmetrical expression encryption and decryption technology commonly used at present includes:DES(Data encryption standards)Technology, AES(Superencipherment mark
Accurate)Technology and SM4 technology etc..For different symmetrical expression encrypting and deciphering systems, the first linear operator 50 and 60 in said system,
Nonlinear operator 70 is different with the concrete processing method of the second linear operator 90, additionally, iterations can also be different.
More documents with regard to encryption and decryption technology may be referred to the Chinese patent that notification number is CN100561911C.
In encrypting and deciphering system shown in Fig. 1, most important and be most difficult to be accomplished that nonlinear operator 70.Due to non-linear fortune
More complicated, therefore described nonlinear operator more than 70 adopts SBOX(Non-linear byte substitution table)Realize, add solution every time
Before close, first corresponding SBOX is recalculated according to described random number, due to, during calculating new SBOX, may expose
Plaintext or cipher text it is therefore desirable to new SBOX is stored in memory, and then selected from memory by lookup table mode and
The corresponding non-linear byte data of described first linear data A is as nonlinear data.
Specifically, the course of work of described nonlinear operator 70 includes:Initial SBOX is provided, random according to input
Number and initial SBOX utilize the new SBOX of 512 clock calculation, thus obtaining new SBOX, and new SBOX are stored in
In reservoir, finally select from new SBOX with the corresponding non-linear byte data of the first linear data A receiving as described
Nonlinear data.
But there is following defect in above-mentioned technology:
1)It is required for including memory to store new SBOX in described nonlinear operator 70, thus increasing hardware
Area, is unfavorable for the miniaturization of ciphering and deciphering device;
2)Before each encryption and decryption, it is required for recalculating the value of corresponding SBOX according to new random number, thus
Need extra clock, increased the clock number of encryption and decryption;
3)The implementation of described nonlinear operator 70 is single, easily meets with side line signal and attacks, security is poor;
4)Different symmetrical expression encrypting and deciphering systems does not enable compatibility.
Content of the invention
The problem that the present invention solves is to provide a kind of symmetrical expression encryption and decryption method and a symmetric encryption and decryption system, both can carry
The high security of encryption and decryption, can improve the efficiency of encryption and decryption again.
For solving the above problems, the invention provides a kind of symmetrical expression encipher-decipher method, including one or many iteration fortune
Calculate, each interative computation includes:
Pending data, key and the first random number, the bit wide of described pending data, key and the first random number are provided
Correspondence is identical;
First computing and the first linear operation are carried out to described pending data, key and the first random number, obtains first
Data, described first computing meets law of communication and associative law;
First linear operation and the second computing are carried out to described first random number, obtains the second data;
Nonlinear operation is carried out to described first data, obtains the 3rd data;
First computing and the second linear operation are carried out to described 3rd data and described second data, obtains pending data
Encryption and decryption data;
Described nonlinear operation includes:
Initial SBOX is provided;
Second computing is carried out to described first random number, obtains the 4th data;
First computing is carried out to described initial SBOX and described 4th data, obtains the 5th data;
According to described first random number, adjust the position of element in the 5th data, obtain new SBOX;
Select non-linear byte data corresponding with described first data as the 3rd data from described new SBOX.
Alternatively, described first computing, the first linear operation, the second computing, the second linear operation or nonlinear operation two
Pipeline processing mode is adopted between two.
Alternatively, described nonlinear operation also includes:Before carrying out described second computing, described initial SBOX is carried out
Third linear computing and the inverse operation of third linear computing.
Alternatively, before the first computing and the second linear operation are carried out to described 3rd data and described second data,
There is provided the second random number, described second random number is identical with the bit wide of the first random number;To described 3rd data and described second
Data carries out the first computing and the second linear operation includes:To described 3rd data, described second data and described second random
Number carries out the first computing and the second linear operation, obtains the 13rd data;To described 13rd data and described second random number
Carry out the inverse operation of described first computing, obtain the encryption and decryption data of pending data.
Alternatively, described interative computation is multiple;First computing is being carried out to described 3rd data and described second data
Before the second linear operation, provide the second random number, described second random number is identical with the bit wide of the first random number;To described
3rd data and described second data carries out the first computing and the second linear operation includes:To described 3rd data, described second
Data and described second random number carry out the first computing and the second linear operation, obtain the encryption and decryption data of pending data, and
In next interative computation, before described nonlinear operation, to the data after described first computing and described second random
Number carries out the inverse operation of described first computing.
In order to solve the above problems, present invention also offers a kind of symmetrical expression encrypting and deciphering system, for carrying out to bright ciphertext
One or many interative computation, including:
Data input module, for providing pending data;
Key entry module, for providing key;
First randomizer, for providing the first random number, described pending data, key and the first random number
Bit wide correspondence is identical;
First processing module, connects described data input module, key entry module and the first randomizer, is used for
First computing and the first linear operation are carried out to described pending data, key and the first random number, obtains the first data, described
First computing meets law of communication and associative law;
Second processing module, connects described first randomizer, for carrying out First Line to described first random number
Property computing and the second computing, obtain the second data;
Nonlinear block, connects described first processing module and the first randomizer, for described first data
Carry out nonlinear operation, obtain the 3rd data;
3rd processing module, connects described Second processing module and nonlinear block, for described 3rd data and institute
State the second data and carry out the first computing and the second linear operation, obtain the encryption and decryption data of pending data;
Described nonlinear block includes:
Memory cell, for providing initial SBOX;
First processor, connects described first randomizer, for the second computing is carried out to described first random number,
Obtain the 4th data;
Second processing device, connects described memory cell and described first processor, for described initial SBOX and described
4th data carries out the first computing, obtains the 5th data;
Adjustment unit, connects described first randomizer and described second processing device, for according to described first with
Machine number, in adjustment the 5th data, the position of element, obtains new SBOX;
Select unit, connects described first processing module and adjustment unit, for selecting and institute from described new SBOX
State the corresponding non-linear byte data of the first data as the 3rd data.
Alternatively, described nonlinear block is all made up of combinational logic device.
Alternatively, also include memory, for reality between described first line calculator and described first computing calculator
Existing pipeline organization.
Alternatively, also include memory, for reality between described first computing calculator and described second line calculator
Existing pipeline organization.
Alternatively, described nonlinear block also includes:
3rd computing calculator, connects described memory cell, for carrying out third linear computing to described initial SBOX;
4th computing calculator, connects described 4th computing calculator and described second processing device, for third linear
Data after computing carries out third linear inverse operation, and the data is activation after third linear inverse operation is given described second processing
Device.
Alternatively, described symmetrical expression encrypting and deciphering system also includes:Second randomizer and the 5th computing calculator;
Second randomizer connects described 3rd processing module, and for providing the second random number, described second is random
Number is identical with the bit wide of described first random number;
Described 3rd processing module carries out the first fortune to described 3rd data, described second data and described second random number
Calculate and the second linear operation, obtain the 13rd data;
Described 5th computing calculator connects described 3rd processing module, for described 13rd data and described second
Random number carries out the inverse operation of described first computing, obtains the encryption and decryption data of pending data.
Alternatively, described symmetrical expression encrypting and deciphering system also includes:Second randomizer and the 6th computing calculator;
Second randomizer connects described 3rd processing module, and for providing the second random number, described second is random
Number is identical with the bit wide of described first random number;
Described 3rd processing module carries out the first fortune to described 3rd data, described second data and described second random number
Calculate and the second linear operation, obtain the encryption and decryption data of pending data;
Described 6th computing calculator connects the output end of described first computing calculator and the defeated of the first line calculator
Enter end, for the data after described first computing and described second random number are carried out with the inverse operation of described first computing, and
Data is activation after inverse operation is given the first line calculator.
Compared with prior art, technical solution of the present invention has advantages below:
1)Mask technology is used in nonlinear operation in the present invention(Increased the process to the first random number)It is ensured that
In nonlinear operation, the security of data, such that it is able to effectively defend the attack of side line signal, further increases encryption and decryption
Security.Due to need not store to new SBOX in nonlinear operation, therefore both can save the area of hardware, beneficial to plus
The Highgrade integration of deciphering device and miniaturization;The clock number required for encryption and decryption can be reduced, thus improving encryption and decryption again
Efficiency.
Further it is proposed that encryption and decryption technology be applied to all of symmetrical expression encryption and decryption technology, applied range.
Further, because encryption and decryption technology proposed by the present invention is applied to all of symmetrical expression encryption and decryption technology, so
Compatibility on hardware for the different symmetrical expression encryption and decryption technology can be realized.
2)In alternative, described first computing, the first linear operation, the second computing, the second linear operation or non-linear
Computing adopts pipeline processing mode between any two, such that it is able to save the time of encryption and decryption further, improves adding of data
Decryption efficiency.
3)In alternative, before carrying out described second computing, described initial SBOX is carried out third linear computing and
The inverse operation of third linear computing, such that it is able to improve the security of encryption and decryption further.
4)In alternative, the 3rd data and described second data are carried out the first computing and the second linear operation it
Before, first provide the second random number, thus the first fortune is carried out to described 3rd data, described second data and described second random number
Calculate and the second linear operation, obtain the 13rd data, more described 13rd data and described second random number are carried out with described the
The inverse operation of one computing or in next interative computation before described nonlinear operation to the number after described first computing
According to the inverse operation carrying out described first computing with described second random number, thus by increasing mask(I.e. the second random number)With go
Except the step of mask, improve the security of encryption and decryption further.
5)In alternative, described first computing, described second computing, described first linear operation, the second linear operation,
Described first random number or described second random number all have multiple choices, thus user can carry out free, further increase
The security of encryption and decryption and flexibility.
Brief description
Fig. 1 is the structural representation of symmetrical expression encrypting and deciphering system in prior art;
Fig. 2 is the schematic flow sheet of symmetrical expression encipher-decipher method in one embodiment of the invention;
Fig. 3 is the schematic flow sheet of nonlinear operation in Fig. 2;
Fig. 4 is the schematic flow sheet of symmetrical expression encipher-decipher method in another embodiment of the present invention;
Fig. 5 is the structural representation of symmetrical expression encrypting and deciphering system in one embodiment of the invention;
Fig. 6 is the structural representation of symmetrical expression encrypting and deciphering system in another embodiment of the present invention;
Fig. 7 is the structural representation of symmetrical expression encrypting and deciphering system in further embodiment of the present invention.
Specific embodiment
Understandable for enabling the above objects, features and advantages of the present invention to become apparent from, below in conjunction with the accompanying drawings to the present invention
Specific embodiment be described in detail.
Elaborate a lot of details in the following description in order to fully understand the present invention, but the present invention is acceptable
To be implemented different from alternate manner described here using other, therefore the present invention is not limited by following public specific embodiment
System.
Just as described in the background section, in prior art, the security ratio of symmetrical expression encryption and decryption technology is relatively low, and plus solution
The clock number more than comparison is needed to carry out nonlinear operation, thus the efficiency of encryption and decryption is very low in close process.
For drawbacks described above, the invention provides a kind of symmetrical expression encryption and decryption method and a symmetric encryption and decryption system, wherein
Nonlinear operation in the second computing is carried out to the first random number, obtain the 4th data, and initial SBOX and the 4th data entered
Row first computing, obtains the 5th data, and the position according to element in the first random number adjustment the 5th data, thus having obtained new
SBOX.Use mask technology due in nonlinear operation, and without memory, thus it is fast to have safe, encryption and decryption
Degree is fast, the advantages of save hardware area.
It is described in detail below in conjunction with the accompanying drawings.
With reference to shown in Fig. 2, one embodiment of present embodiment provides a kind of symmetrical expression encipher-decipher method, including once or
Successive ignition computing, each interative computation includes:
Step S11, provides pending data, key and the first random number;
Step S12, carries out the first computing and the first linear operation to described pending data, key and the first random number,
Obtain the first data;
Step S13, carries out the first linear operation and the second computing to described first random number, obtains the second data;
Step S14, carries out nonlinear operation to described first data, obtains the 3rd data;
Step S15, carries out the first computing and the second linear operation to described 3rd data and described second data, is treated
The encryption and decryption data of processing data.
The present embodiment method can apply to arbitrary symmetrical expression encipher-decipher method such as DES technology, AES technology or SM4 technology
In.
Step S11 is first carried out, pending data, key and the first random number are provided.
When interative computation is one time, described pending data is plaintext to be encrypted or ciphertext to be decrypted(Following letter
Claim bright ciphertext).
When interative computation for multiple when, pending data described in first time interative computation is bright ciphertext, second iteration
Pending data described in computing and follow-up interative computation is the encryption and decryption data after a front interative computation.
It should be noted that the present invention does not limit the bit wide of pending data.Described bit wide includes data form, such as:Two
System;Also include element number, such as:128.
Under the premise of ensureing the bit wide of the first random number and the bit wide identical of key, described key can be any by user
Set, and encrypt identical with the key in deciphering.
Under the premise of ensureing the bit wide of the first random number and the bit wide identical of pending data, can arbitrarily set described
First random number.
Then execution step S12, carries out the first computing and First Line to described pending data, key and the first random number
Property computing, obtains the first data.
Described first computing needs to meet law of communication and associative law simultaneously.Described law of communication can be expressed as:t(x,y)=t
(y,x);Described associative law can be expressed as:(t (x, y), x)=t (x, t (y, z)), wherein, t represents the first fortune to t (x, y, z)=t
The functional expression calculated;X, y and z represent variable respectively.
Specifically, described first computing can be in add operation or the domain in XOR or domain
Subtraction, can also be that other meets the arbitrary functions of law of communication and associative law.
Described first linear operation can be corresponding with specific encipher-decipher method.
The present invention does not limit the concrete execution sequence of the first computing and the first linear operation.
In a specific example, the first computing and first are carried out to described pending data, key and the first random number
Linear operation can include:First the first computing is carried out to described pending data, key and the first random number, obtain the 6th number
According to;Again the first linear operation is carried out to described 6th data, obtain the first data.Only need in this example to carry out one time first linear
Computing, fairly simple, efficiency high.
In another specific example, described pending data, key and the first random number are carried out with the first computing and
One linear operation can include:First respectively the first linear operation is carried out to described pending data, key and the first random number, obtain
To the 7th data, the 8th data and the 9th data;Again the first fortune is carried out to described 7th data, the 8th data and the 9th data
Calculate, obtain the first data.
Preferably, pipeline processes side can be adopted in above-mentioned two example between the first computing and the first linear operation
Formula, that is, the step increasing data storage, its specific implementation is well known to those skilled in the art, and here is no longer superfluous
State.
Then execution step S13, carries out the first linear operation and the second computing to described first random number, obtains the second number
According to.
Described second computing can be any line computing or arbitrary nonlinear operation.As:Described second computing
Identical with the first computing, the first linear operation or the second linear operation.
The present invention does not limit the concrete execution sequence of the second computing and the first linear operation.
Preferably, pipeline processes side can be adopted in above-mentioned two example between the first computing and the second linear operation
Formula, that is, the step increasing data storage, its specific implementation is well known to those skilled in the art, and here is no longer superfluous
State.
Then execution step S14, carries out nonlinear operation to described first data, obtains the 3rd data.
Specifically, with reference to shown in Fig. 3, described nonlinear operation includes:
Step S141, provides initial SBOX;
Step S142, carries out the second computing to described first random number, obtains the 4th data;
Step S143, carries out the first computing to described initial SBOX and described 4th data, obtains the 5th data;
Step S144, according to described first random number, adjusts the position of element in the 5th data, obtains new SBOX;
Step S145, selects non-linear byte data corresponding with described first data as the from described new SBOX
Three data.
Described initial SBOX includes multiple non-linear byte datas, and non-linear byte data is at least relative with the first data
Should, it is corresponding with specific encipher-decipher method.Specifically, described initial SBOX can be real in the way of with combinational logic bracing wire
Existing, thus corresponding hardware area is smaller.
Pipeline processing mode can be adopted, to improve between the second computing in described nonlinear operation and the first computing
The speed of encryption and decryption.
Preferably, before carrying out described second computing, described initial SBOX can also be carried out third linear computing and
The inverse operation of third linear computing, such that it is able to improve the security of encryption and decryption further.Now, described second computing and described
Can also be using at streamline between third linear computing, between described third linear computing and the inverse operation of third linear computing
Reason mode, to improve the speed of encryption and decryption.
Below, illustrate how to adjust the position of element in the 5th data according to the first random number taking binary data as a example.
Because initial SBOX includes multiple data, therefore described initial SBOX and described 4th data are carried out by the first computing and refer to
Each data in initial SBOX and described 4th data are carried out the first computing, thus obtaining multiple 5th data.
Specifically, described first random number includes i+1 element, and m [i] is the highest address bit element of the first random number, m
[0] be the first random number lowest address bit element;Described 5th data includes n element, using Dx1x2......xnRepresent,
Wherein xi=1 represents that the 5th i-th element of data is 1, xi=0 represents that the 5th i-th element of data is 0,2i+1=n.According to described
First random number, in adjustment the 5th data, the position of element includes:
According to the difference of highest addresses in the 5th data, the data in described 5th data is divided into two first order collection
Close;As m [i]=0, exchange the position of two first order set;As m [i]=1, then need not be exchanged;
According to the difference of time high address in the 5th data, respectively the data in described first order set is divided into two the
Two grades of set;As m [i-1]=0, exchange the position of two second level set in same first order set;As m [i-1]=1
When, then need not be exchanged;
Using aforesaid way, the difference according to bit address remaining in the 5th data and the first random number corresponding element successively
Value, enters division and the exchange of row set to the 5th data, until obtaining 2i+1Individual i+1 level set, and when m [0]=0, adjust
Change the position of two i+1 level set in same i-stage set.
In a specific example, described first random number includes 2 elements, specially:10.Described 5th data includes
4 elements, specially:1011.Then included according to the position that the first random number adjusts element in the 5th data:
1)According to the difference of highest addresses in the 5th data, the 5th data is divided into the first order that highest addresses are 1
Set A:11 and first order set B that highest address is 0:01.
2)Due to m [1]=1, first order set A and the position of first order set B therefore need not be exchanged.
3)According to the difference of in the 5th data high address, first order set A is divided into the second level that time high address is 1
Set C:The second level set D that 1 is 0 with time high address:1, and second that first order set B is divided into that time high address is 1
Level set E:The second level set F that 0 is 0 with time high address:1.
4)Due to m [0]=0 it is therefore desirable to exchange the position of second level set C and second level set D, and exchange second
The position of level set E and second level set F, thus obtain the 5th new data 1110.
5)The non-linear byte data of the new SBOX of all the 5th new data compositions.Now, still wrap in new SBOX
Include is the corresponding relation of new non-linear byte data and the first data.
Non-linear byte number corresponding with the first data is selected after obtaining new SBOX it is possible to from new SBOX
According to as the 3rd data.
It should be noted that in other embodiments of the invention, can also according to the address of the 5th data from low to high
It is adjusted successively it is also possible to be adjusted to the element in the 5th data according to other chaotic orders, it does not limit this
Bright protection domain.
Consider the first random number in the nonlinear operation of the present embodiment, that is, used mask technology, ensure that non-thread
Property computing in data security such that it is able to effectively defend the attack of side line signal, further increase the safety of encryption and decryption
Property.Due to need not store to new SBOX in nonlinear operation, the area of hardware therefore both can be saved, beneficial to encryption and decryption
The Highgrade integration of device and miniaturization;The clock number required for encryption and decryption can be reduced, thus improving the effect of encryption and decryption again
Rate.
Then execution step S15, carries out the first computing and second to described 3rd data and described second data and linearly transports
Calculate, obtain the encryption and decryption data of pending data.
Described second linear operation is corresponding with the concrete encipher-decipher method adopting.
Preferably, pipeline processing mode can be adopted between described first computing and described second linear operation, that is, increase
Plus the step of data storage, its specific implementation is well known to those skilled in the art, will not be described here.
The present invention does not limit the concrete execution sequence of the first computing and the second linear operation.
In a specific example, the first computing and second is carried out to described 3rd data and described second data and linearly transports
Calculation can include:First the first computing is carried out to described 3rd data and described second data, obtain the tenth data;Again to described
Ten data carry out the second linear operation, obtain the encryption and decryption data of pending data.Only need in this example to carry out second line
Property computing, fairly simple, efficiency high.
In another specific example, described 3rd data and described second data are carried out with the first computing and second linear
Computing can include:First respectively the second linear operation is carried out to described 3rd data and described second data, obtain the 11st number
According to the 12nd data;Again the first computing is carried out to described 11st data and described 12nd data, obtain pending data
Encryption and decryption data.
So far, complete an iteration computing or complete the encryption and decryption process to bright ciphertext.
In the present embodiment on the basis of improving security and encryption and decryption efficiency, may apply to all of symmetrical expression and add solution
Secret skill art, expands range.Additionally, described first computing, described second computing, described first linear operation, the second line
Property computing, described first random number or described second random number all have multiple choices, thus user can carry out free, further
Improve security and the flexibility of encryption and decryption.
With reference to shown in Fig. 4, the symmetrical expression encipher-decipher method providing in another embodiment of present embodiment includes following step
Suddenly:
Step S21, provides pending data, key and the first random number;
Step S22, carries out the first computing and the first linear operation to described pending data, key and the first random number,
Obtain the first data;
Step S23, carries out the first linear operation and the second computing to described first random number, obtains the second data;
Step S24, carries out nonlinear operation to described first data, obtains the 3rd data;
Step S25, provides the second random number;
Step S26, carries out the first computing and second to described 3rd data, described second data and described second random number
Linear operation, obtains the 13rd data;
Step S27, carries out the inverse operation of described first computing, obtains to described 13rd data and described second random number
The encryption and decryption data of pending data.
Compared with method shown in Fig. 2, in the present embodiment, increased the second random number, that is, many weight mask technology, from
And the security of encryption and decryption can be improved further.
Under the premise of ensureing the bit wide of the second random number and the bit wide identical of the first random number, can arbitrarily set described
Second random number.Described second random number and described first random number can identical it is also possible to different.
In the present embodiment, the first computing and the second linear operation are simultaneous for described 3rd data, described second data and institute
State the second random number to carry out, but the present embodiment does not still limit the sequencing of the first computing and the second linear operation.
Due to embodiment adds plus mask step, therefore also need to the step removing mask, that is, obtain described
In addition it is also necessary to described 13rd data and described second random number are carried out with the inverse fortune of described first computing after 13rd data
Calculate, to obtain the encryption and decryption data of pending data, thus terminating current iteration computing.
It should be noted that the present embodiment method can apply in the encipher-decipher method only include an iteration computing,
Can also be applied in the encipher-decipher method including successive ignition computing.
Additionally, in other embodiments, when interative computation for multiple when, the step of described removal mask can be placed on next time
In interative computation.Specifically, described 3rd data, described second data and described second random number are carried out with the first computing and
Bilinear computing, obtains the encryption and decryption data of pending data, and in next interative computation, described nonlinear operation it
Before, the data after described first computing and described second random number are carried out with the inverse operation of described first computing, to complete
The step of mask second random number.Now, the security of encryption and decryption is higher.
Correspondingly, one embodiment of present embodiment provides a kind of symmetrical expression encrypting and deciphering system, for entering to bright ciphertext
Row one or many interative computation, including:
Data input module 110, for providing pending data;
Key entry module 120, for providing key;
First randomizer 130, for providing the first random number, described pending data, key and first are random
The bit wide correspondence of number is identical;
First processing module 140, connects described data input module 110, key entry module 120 and the first random number and sends out
Raw device 130, for carrying out the first computing and the first linear operation to described pending data, key and the first random number, obtains
First data, described first computing meets law of communication and associative law;
Second processing module 150, connects described first randomizer 130, for carrying out to described first random number
First linear operation and the second computing, obtain the second data;
Nonlinear block 160, connects described first processing module 140 and the first randomizer 130, for described
First data carries out nonlinear operation, obtains the 3rd data;
3rd processing module 170, connects described Second processing module 150 and nonlinear block 160, for the described 3rd
Data and described second data carry out the first computing and the second linear operation, obtain the encryption and decryption data of pending data;
Described nonlinear block 160 includes:
Memory cell 161, for providing initial SBOX;
First processor 162, connects described first randomizer 130, for described first random number is carried out with the
Two computings, obtain the 4th data;
Second processing device 163, connects described memory cell 161 and described first processor 162, for described initial
SBOX and described 4th data carry out the first computing, obtain the 5th data;
Adjustment unit 164, connects described first randomizer 130 and described second processing device 163, for according to institute
State the first random number, in adjustment the 5th data, the position of element, obtains new SBOX;
Select unit 165, connects described first processing module 140 and adjustment unit 164, for from described new SBOX
Select non-linear byte data corresponding with described first data as the 3rd data.
Described pending data can be the encryption and decryption data after bright ciphertext or a front interative computation.Therefore,
The present embodiment can also include first selector(In figure is not shown), connect the input of described data input module 110, be used for
Encryption and decryption data after bright ciphertext or a front interative computation is inputed to data input module 110.
Preferably, described nonlinear block 160 is all made up of combinational logic device, such that it is able to save hardware area,
Be conducive to miniaturization and the Highgrade integration of encrypting and deciphering system.
The first computing in first processing module 140 described in the present embodiment and the first linear operation can be with exchange sequences.
In a specific example, described first processing module 140 can include:First computing calculator and first linear
Calculator(In figure is not shown);
Described first computing calculator connects described data input module 110, key entry module 120 and the first random number
Generator 130, for carrying out the first computing to described pending data, key and the first random number, obtains the 6th data;
Described first line calculator connects described first computing calculator and nonlinear block 160, for described the
Six data carry out the first linear operation, obtain the first data.
In another specific example, described first processing module 140 can include:Three the first line calculator and one
First computing calculator;
Described three the first line calculator connect respectively data input module 110, key entry module 120 and first with
Machine number generator 130, for carrying out the first linear operation to described pending data, key and the first random number respectively, obtains
7th data, the 8th data and the 9th data;
Described first computing calculator, connects described three the first line calculator and nonlinear block 160, for institute
State the 7th data, the 8th data and the 9th data and carry out the first computing, obtain the first data.
In above-mentioned two specific example, acceptable between described first line calculator and described first computing calculator
Including memory, it is used for realizing pipeline organization, it is well known to those skilled in the art, will not be described here.
The first computing in 3rd processing module 170 described in the present embodiment and the second linear operation can be with exchange sequences.
In a specific example, described 3rd processing module 170 can include:First computing calculator and second linear
Calculator(In figure is not shown);
Described first computing calculator connects described Second processing module 150 and nonlinear block 160, for described the
Three data and described second data carry out the first computing, obtain the tenth data;
Described second line calculator connects described first computing calculator, for carrying out the second line to described tenth data
Property computing, obtains the encryption and decryption data of pending data.
In another specific example, described 3rd processing module 170 can include:Two the second line calculator and one
First computing calculator;
Described two second line calculator connect described Second processing module 150 and nonlinear block 160 respectively, are used for
Respectively the second linear operation is carried out to described 3rd data and described 4th data, obtain the 11st data and the 12nd data;
Described first computing calculator connects described two second line calculator, for described 11st data and institute
State the 12nd data and carry out the first computing, obtain the encryption and decryption data of pending data.
In above-mentioned two specific example, acceptable between described first computing calculator and described second line calculator
Including memory, it is used for realizing pipeline organization, it is well known to those skilled in the art, will not be described here.
Described second line calculator can be any line calculator or arbitrary nonlinear calculator.
Described first computing calculator can be the adder calculator in exclusive-OR operator, domain or the subtraction in domain
Device, can also be that other arbitrarily meet the calculator of law of communication and associative law.
Specifically, described first computing calculator can include:First loader, second selector and multiple first computing
Unit, described second selector connects described first loader and described first arithmetic element, in each first arithmetic element all
Be stored with first operation function, the corresponding numbering of each first operation function, and user can be defeated by the first loader
Enter a numbering, so described second selector select from multiple first arithmetic elements with described numbering corresponding that first
Arithmetic element, thus realizing the free of the first operation function, improves the flexibility of encryption and decryption.
Described second computing calculator can be arbitrary line calculator or arbitrary nonlinear calculator.
Specifically, described second computing calculator can include:Second loader, third selector and multiple second computing
Unit, described third selector connects described second loader and described second arithmetic element, in each second arithmetic element all
Be stored with second operation function, the corresponding numbering of each second operation function, and user can be defeated by the second loader
Enter a numbering, so described third selector select from multiple second arithmetic elements with described numbering corresponding that second
Arithmetic element, thus realizing the free of the second operation function, improves the flexibility of encryption and decryption.
Additionally, described nonlinear block 160 can also include:
3rd computing calculator(In figure is not shown), connect described memory cell, for described initial SBOX is carried out with the
Three linear operations;
4th computing calculator(In figure is not shown), connect described 3rd computing calculator and described second processing device 163,
For third linear inverse operation is carried out to the data after third linear computing, and the data is activation after third linear inverse operation is given
Described second processing device 163.
Before carrying out described second computing, by described initial SBOX is carried out with third linear computing and third linear fortune
The inverse operation calculated, can improve the security of encryption and decryption further.
Below, illustrate that adjustment unit 164, how according to the first random number, adjusts in the 5th data taking binary data as a example
The position of element.Because initial SBOX includes multiple data, therefore described initial SBOX and described 4th data are carried out with
One computing refers to each data in initial SBOX and described 4th data be carried out the first computing, thus obtaining multiple five
Data.
Described first random number includes i+1 element, and m [i] is the highest address bit element of the first random number, and m [0] is the
The lowest address bit element of one random number;Described 5th data includes n element, using Dx1x2......xnRepresent, wherein xi=
1 represents that the 5th i-th element of data is 1, xi=0 represents that the 5th i-th element of data is 0,2i+1=n;
Described adjustment unit 164 can include:I+1 divides subelement, i+1 receiving subelement and i+1 and exchanges son
Unit;
First divides subelement according to the difference of highest addresses in the 5th data, and the data in described 5th data is divided
For two first order set;
First input subelement connects described first randomizer 130, for inputting m [i];
First exchange subelement, connects described first and divides subelement and described first input subelement, as m [i]=0,
Exchange the position of two first order set, and by the data is activation after exchanging to the second division subelement;Otherwise, will be described two
First order set is sent to the second division subelement;
Second divides subelement connects the first exchange subelement, for the difference according in the 5th data high address,
Respectively the data in described first order set is divided into two second level set;
Second input subelement connects described first randomizer 130, for inputting m [i-1];
Second exchange subelement, connects described second and divides subelement and described second input subelement, as m [i-1]=0
When, exchange the position of two second level set in same first order set, and the data is activation after exchanging is divided son to the 3rd
Unit;Otherwise, the set of described two second level is sent to the 3rd division subelement;
I+1 divides subelement and connects described i-th exchange subelement, for according to minimum bit address in the 5th data not
Same, respectively the data in i-stage set is divided into two i+1 level set;
I+1 input subelement connects described first randomizer 130, for inputting m [0];
I+1 exchanges subelement, connects described i+1 and divides subelement and described i+1 input subelement, when m [0]=0
When, exchange the position of two i+1 level set in same i-stage set, and by the data is activation after exchanging to the 3rd process mould
Block 170;Otherwise, by 2i+1I+1 level set is sent to the 3rd processing module 170.
The specific work process of above-mentioned encrypting and deciphering system may refer to the encipher-decipher method shown in Fig. 2, will not be described here.
The symmetrical expression encrypting and deciphering system that the present embodiment provides is applied to all of symmetrical expression encryption and decryption technology, you can to realize
Compatibility on hardware for the different symmetrical expression encryption and decryption technology, and safe, speed is fast, and area occupied is little.
Compared with encrypting and deciphering system shown in Fig. 5, with reference to shown in Fig. 6, symmetrical expression in another embodiment of present embodiment
Encrypting and deciphering system can also include:Second randomizer 180 and the 5th computing calculator 190;
Second randomizer 180 connects described 3rd processing module 170, for providing the second random number, described
Two random numbers are identical with the bit wide of described first random number;
Described 3rd processing module 170 carries out to described 3rd data, described second data and described second random number
One computing and the second linear operation, obtain the 13rd data;
Described 5th computing calculator 190 connects described 3rd processing module 170 and the second randomizer 180, uses
In the inverse operation that described 13rd data and described second random number are carried out with described first computing, obtain adding of pending data
Ciphertext data.
In the present embodiment, the specific work process of encrypting and deciphering system refers to the encipher-decipher method shown in Fig. 4, and here is no longer
Repeat.
Compared with encrypting and deciphering system shown in Fig. 5, with reference to shown in Fig. 7, symmetrical expression in present embodiment further embodiment
Encrypting and deciphering system can also include:Second randomizer 180 and the 6th computing calculator 200;
Second randomizer 180 connects described 3rd processing module 170, for providing the second random number, described
Two random numbers are identical with the bit wide of described first random number;
Described 3rd processing module 170 carries out to described 3rd data, described second data and described second random number
One computing and the second linear operation, obtain the encryption and decryption data of pending data;
Described 6th computing calculator 200 connects the output end of the first computing calculator, the second randomizer 180 and
Nonlinear block 160, for carrying out described first computing to the data after described first computing and described second random number
Inverse operation, and by the data is activation after inverse operation to select unit 165.
Compared with Fig. 6, the operation removing mask in the present embodiment is placed in next interative computation, at this point it is possible to ensure to add
Deciphering security is higher.
Often build a new SBOX in prior art, need 64*8=512 extra clock.When interative computation number of times
For 16, and in each interative computation using different random numbers when, need 512*16=8192 clock new to calculate 16 altogether
SBOX.Correspondingly, under identical interative computation number of times, the present invention can save the clock of this part, thus improve plus solution
Close efficiency.
Additionally, often constructing a new SBOX in prior art to need the memory of 4*64*8=2048bit, and the present invention
Using combinational logic, therefore omit this memory, thus saving hardware area.
Although the present invention is disclosed as above with preferred embodiment, the present invention is not limited to this.Any art technology
Personnel, without departing from the spirit and scope of the present invention, all can make various changes or modifications, and therefore protection scope of the present invention should
When being defined by claim limited range.
Claims (24)
1. a kind of symmetrical expression encipher-decipher method, including one or many interative computation it is characterised in that each interative computation bag
Include:
There is provided pending data, key and the first random number, the bit wide of described pending data, key and the first random number corresponds to
Identical;
First computing and the first linear operation are carried out to described pending data, key and the first random number, obtain the first data,
Described first computing meets law of communication and associative law;
First linear operation and the second computing are carried out to described first random number, obtains the second data;
Nonlinear operation is carried out to described first data, obtains the 3rd data;
First computing and the second linear operation are carried out to described 3rd data and described second data, obtains adding of pending data
Ciphertext data;
Described nonlinear operation obtains new SBOX according to initial SBOX, including:
Initial SBOX is provided;
Second computing is carried out to described first random number, obtains the 4th data;
First computing is carried out to described initial SBOX and described 4th data, obtains the 5th data;
According to described first random number, adjust the position of element in the 5th data, obtain new SBOX;
Select non-linear byte data corresponding with described first data as the 3rd data from described new SBOX.
2. symmetrical expression encipher-decipher method as claimed in claim 1 is it is characterised in that to described pending data, key and
One random number carries out the first computing and the first linear operation includes:First described pending data, key and the first random number are entered
Row first computing, obtains the 6th data;Again the first linear operation is carried out to described 6th data, obtain the first data.
3. symmetrical expression encipher-decipher method as claimed in claim 1 is it is characterised in that to described pending data, key and
One random number carries out the first computing and the first linear operation includes:First random to described pending data, key and first respectively
Number carries out the first linear operation, obtains the 7th data, the 8th data and the 9th data;Again to described 7th data, the 8th data
Carry out the first computing with the 9th data, obtain the first data.
4. symmetrical expression encipher-decipher method as claimed in claim 1 is it is characterised in that count to described 3rd data and described second
According to carrying out the first computing and the second linear operation includes:First the first computing is carried out to described 3rd data and described second data,
Obtain the tenth data;Again the second linear operation is carried out to described tenth data, obtain the encryption and decryption data of pending data.
5. symmetrical expression encipher-decipher method as claimed in claim 1 is it is characterised in that count to described 3rd data and described second
According to carrying out the first computing and the second linear operation includes:First respectively the second line is carried out to described 3rd data and described second data
Property computing, obtains the 11st data and the 12nd data;Again first is carried out to described 11st data and described 12nd data
Computing, obtains the encryption and decryption data of pending data.
6. symmetrical expression encipher-decipher method as claimed in claim 1 it is characterised in that described first computing, the first linear operation,
Second computing, the second linear operation or nonlinear operation adopt pipeline processing mode between any two.
7. symmetrical expression encipher-decipher method as claimed in claim 1 is it is characterised in that described first computing is XOR, domain
Subtraction in interior add operation or domain.
8. symmetrical expression encipher-decipher method as claimed in claim 1 is it is characterised in that described nonlinear operation also includes:Entering
Before described second computing of row, third linear computing and the inverse operation of third linear computing are carried out to described initial SBOX.
9. symmetrical expression encipher-decipher method as claimed in claim 1 is it is characterised in that to described 3rd data and described second
Before data carries out the first computing and the second linear operation, provide the second random number, described second random number and the first random number
Bit wide identical;First computing is carried out to described 3rd data and described second data and the second linear operation includes:To described
3rd data, described second data and described second random number carry out the first computing and the second linear operation, obtain the 13rd number
According to;Described 13rd data and described second random number are carried out with the inverse operation of described first computing, obtains pending data
Encryption and decryption data.
10. symmetrical expression encipher-decipher method as claimed in claim 1 is it is characterised in that described interative computation is multiple;To institute
State the 3rd data and before described second data carries out the first computing and the second linear operation, the second random number is provided, described
Two random numbers are identical with the bit wide of the first random number;First computing and second are carried out to described 3rd data and described second data
Linear operation includes:First computing and the second line are carried out to described 3rd data, described second data and described second random number
Property computing, obtains the encryption and decryption data of pending data, and in next interative computation, before described nonlinear operation, right
Data after described first computing and described second random number carry out the inverse operation of described first computing.
11. symmetrical expression encipher-decipher methods as claimed in claim 1 are it is characterised in that described first random number includes i+1 unit
Element, m [i] is the highest address bit element of the first random number, and m [0] is the lowest address bit element of the first random number;Described 5th
Data includes n element, using Dx1x2......xnRepresent, wherein xi=1 represents that the 5th i-th element of data is 1, xi=0 table
Show that the 5th i-th element of data is 0,2i+1=n;
According to described first random number, the position adjusting element in the 5th data includes:
According to the difference of highest addresses in the 5th data, the data in described 5th data is divided into two first order set;
As m [i]=0, exchange the position of two first order set;
According to the difference of in the 5th data high address, respectively the data in described first order set is divided into two second level
Set;As m [i-1]=0, exchange the position of two second level set in same first order set;
Using aforesaid way, successively according to the difference of bit address remaining in the 5th data and taking of the first random number corresponding element
Value, enters division and the exchange of row set to the 5th data, until obtaining 2i+1Individual i+1 level set, and when m [0]=0, exchange
The position of two i+1 level set in same i-stage set.
A kind of 12. symmetrical expression encrypting and deciphering systems are it is characterised in that for carrying out one or many interative computation to bright ciphertext, wrap
Include:
Data input module, for providing pending data;
Key entry module, for providing key;
First randomizer, for providing the first random number, the bit wide of described pending data, key and the first random number
Correspondence is identical;
First processing module, connects described data input module, key entry module and the first randomizer, for institute
State pending data, key and the first random number and carry out the first computing and the first linear operation, obtain the first data, described first
Computing meets law of communication and associative law;
Second processing module, connects described first randomizer, linearly transports for carrying out first to described first random number
Calculate and the second computing, obtain the second data;
Nonlinear block, connects described first processing module and the first randomizer, for carrying out to described first data
Nonlinear operation, obtains the 3rd data;
3rd processing module, connects described Second processing module and nonlinear block, for described 3rd data and described the
Two data carry out the first computing and the second linear operation, obtain the encryption and decryption data of pending data;
Described nonlinear block obtains new SBOX according to initial SBOX, including:
Memory cell, for providing initial SBOX;
First processor, connects described first randomizer, for carrying out the second computing to described first random number, obtains
4th data;
Second processing device, connects described memory cell and described first processor, for described initial SBOX and the described 4th
Data carries out the first computing, obtains the 5th data;
Adjustment unit, connects described first randomizer and described second processing device, for according to described first random number,
Adjust the position of element in the 5th data, obtain new SBOX;
Select unit, connects described first processing module and adjustment unit, for selecting from described new SBOX and described the
The corresponding non-linear byte data of one data is as the 3rd data.
13. symmetrical expression encrypting and deciphering systems as claimed in claim 12 are it is characterised in that described nonlinear block is all by combining
Logical device is constituted.
14. symmetrical expression encrypting and deciphering systems as claimed in claim 12 are it is characterised in that described first processing module includes:The
One computing calculator and the first line calculator;
Described first computing calculator connects described data input module, key entry module and the first randomizer, uses
In the first computing is carried out to described pending data, key and the first random number, obtain the 6th data;
Described first line calculator connects described first computing calculator and nonlinear block, for entering to described 6th data
Row first linear operation, obtains the first data.
15. symmetrical expression encrypting and deciphering systems as claimed in claim 12 are it is characterised in that described first processing module includes:Three
Individual first line calculator and a first computing calculator;
Described three the first line calculator connect data input module, key entry module and the first random number respectively and occur
Device, for respectively the first linear operation being carried out to described pending data, key and the first random number, obtain the 7th data,
Eight data and the 9th data;
Described first computing calculator, connects described three the first line calculator and nonlinear block, for the described 7th
Data, the 8th data and the 9th data carry out the first computing, obtain the first data.
16. symmetrical expression encrypting and deciphering systems as described in claims 14 or 15 it is characterised in that described first line calculator and
Also include memory between described first computing calculator, be used for realizing pipeline organization.
17. symmetrical expression encrypting and deciphering systems as claimed in claim 12 are it is characterised in that described 3rd processing module includes:The
One computing calculator and the second line calculator;
Described first computing calculator connects described Second processing module and nonlinear block, for described 3rd data and institute
State the second data and carry out the first computing, obtain the tenth data;
Described second line calculator connects described first computing calculator, linearly transports for carrying out second to described tenth data
Calculate, obtain the encryption and decryption data of pending data.
18. symmetrical expression encrypting and deciphering systems as claimed in claim 12 are it is characterised in that described 3rd processing module includes:Two
Individual second line calculator and a first computing calculator;
Described two second line calculator connect described Second processing module and nonlinear block respectively, for respectively to described
3rd data and described 4th data carry out the second linear operation, obtain the 11st data and the 12nd data;
Described first computing calculator connects described two second line calculator, for described 11st data and described the
12 data carry out the first computing, obtain the encryption and decryption data of pending data.
19. symmetrical expression encrypting and deciphering systems as described in claim 17 or 18 it is characterised in that described first computing calculator and
Also include memory between described second line calculator, be used for realizing pipeline organization.
20. symmetrical expression encrypting and deciphering systems as described in claim 14,15,17 or 18 are it is characterised in that described first computing meter
Calculation device is exclusive-OR operator, the adder calculator in domain or the subtraction operator in domain.
21. symmetrical expression encrypting and deciphering systems as claimed in claim 12 are it is characterised in that described nonlinear block also includes:
3rd computing calculator, connects described memory cell, for carrying out third linear computing to described initial SBOX;
4th computing calculator, connects described 3rd computing calculator and described second processing device, for third linear computing
Data afterwards carries out third linear inverse operation, and the data is activation after third linear inverse operation is given described second processing device.
22. symmetrical expression encrypting and deciphering systems as claimed in claim 12 are it is characterised in that also include:Second randomizer
With the 5th computing calculator;
Second randomizer connects described 3rd processing module, for providing the second random number, described second random number and
The bit wide of described first random number is identical;
Described 3rd processing module described 3rd data, described second data and described second random number are carried out the first computing and
Second linear operation, obtains the 13rd data;
Described 5th computing calculator connects described 3rd processing module and the second randomizer, for the described 13rd
Data and described second random number carry out the inverse operation of described first computing, obtain the encryption and decryption data of pending data.
23. symmetrical expression encrypting and deciphering systems as claimed in claim 14 are it is characterised in that also include:Second randomizer
With the 6th computing calculator;
Second randomizer connects described 3rd processing module, for providing the second random number, described second random number and
The bit wide of described first random number is identical;
Described 3rd processing module described 3rd data, described second data and described second random number are carried out the first computing and
Second linear operation, obtains the encryption and decryption data of pending data;
Described 6th computing calculator connects output end, the second randomizer and the First Line of described first computing calculator
The input of property calculator, for carrying out described first computing to the data after described first computing and described second random number
Inverse operation, and by the data is activation after inverse operation give the first line calculator.
24. symmetrical expression encrypting and deciphering systems as claimed in claim 12 are it is characterised in that described first random number includes i+1
Element, m [i] is the highest address bit element of the first random number, and m [0] is the lowest address bit element of the first random number;Described
Five data include n element, using Dx1x2......xnRepresent, wherein xi=1 represents that the 5th i-th element of data is 1, xi=0
Represent that the 5th i-th element of data is 0,2i+1=n;
Described adjustment unit includes:I+1 divides subelement, i+1 receiving subelement and i+1 exchange subelement;
First divides subelement according to the difference of highest addresses in the 5th data, and the data in described 5th data is divided into two
Individual first order set;
First input subelement connects described first randomizer, for inputting m [i];
First exchange subelement, connects described first and divides subelement and described first input subelement, as m [i]=0, adjust
Change the position of two first order set, and by the data is activation after exchanging to the second division subelement;Otherwise, by described two
One-level set is sent to the second division subelement;
Second divides subelement connects the first exchange subelement, for the difference according in the 5th data high address, difference
Data in described first order set is divided into two second level set;
Second input subelement connects described first randomizer, for inputting m [i-1];
Second exchange subelement, connects described second and divides subelement and described second input subelement, as m [i-1]=0,
Exchange the position of two second level set in same first order set, and it is single that the data is activation after exchanging is divided son to the 3rd
Unit;Otherwise, the set of described two second level is sent to the 3rd division subelement;
I+1 divides subelement and connects described i-th exchange subelement, for the difference according to minimum bit address in the 5th data,
Respectively the data in i-stage set is divided into two i+1 level set;
I+1 input subelement connects described first randomizer, for inputting m [0];
I+1 exchanges subelement, connects described i+1 and divides subelement and described i+1 input subelement, when m [0]=0,
Exchange the position of two i+1 level set in same i-stage set, and by the data is activation after exchanging to the 3rd processing module;
Otherwise, by 2i+1I+1 level set is sent to the 3rd processing module.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210364424.7A CN103684748B (en) | 2012-09-26 | 2012-09-26 | Symmetric encryption and decryption method, and symmetric encryption and decryption system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210364424.7A CN103684748B (en) | 2012-09-26 | 2012-09-26 | Symmetric encryption and decryption method, and symmetric encryption and decryption system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103684748A CN103684748A (en) | 2014-03-26 |
| CN103684748B true CN103684748B (en) | 2017-02-08 |
Family
ID=50321147
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210364424.7A Active CN103684748B (en) | 2012-09-26 | 2012-09-26 | Symmetric encryption and decryption method, and symmetric encryption and decryption system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103684748B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106100790B (en) * | 2016-06-16 | 2019-06-18 | 武汉六为科技有限公司 | A kind of data transmission method and system |
| CN109417468B (en) * | 2017-04-12 | 2021-07-30 | 北京炼石网络技术有限公司 | Method and device for realizing safe and efficient block cipher algorithm |
| CN107959565A (en) * | 2017-11-02 | 2018-04-24 | 北京中电华大电子设计有限责任公司 | A kind of implementation method of unified AES and SM4 S boxes |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1924023A2 (en) * | 2006-11-16 | 2008-05-21 | Fujitsu Limited | Encrypting apparatus for symmetric key cipher |
| CN101197660A (en) * | 2006-12-07 | 2008-06-11 | 上海安创信息科技有限公司 | Encrypting method and chip for anti-attack standard encryption criterion |
| CN101729241A (en) * | 2008-10-23 | 2010-06-09 | 国民技术股份有限公司 | AES encryption method for resisting differential power attacks |
| CN102447556A (en) * | 2010-10-14 | 2012-05-09 | 上海华虹集成电路有限责任公司 | DES (data encryption standard) encryption method of resisting differential power analysis based on random offset |
| CN102546157A (en) * | 2011-12-14 | 2012-07-04 | 北京航空航天大学 | Random mixed encryption system for resisting energy analysis and implementation method thereof |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| DE102004018874B4 (en) * | 2004-04-19 | 2009-08-06 | Infineon Technologies Ag | Method and device for determining a result |
-
2012
- 2012-09-26 CN CN201210364424.7A patent/CN103684748B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1924023A2 (en) * | 2006-11-16 | 2008-05-21 | Fujitsu Limited | Encrypting apparatus for symmetric key cipher |
| CN101197660A (en) * | 2006-12-07 | 2008-06-11 | 上海安创信息科技有限公司 | Encrypting method and chip for anti-attack standard encryption criterion |
| CN101729241A (en) * | 2008-10-23 | 2010-06-09 | 国民技术股份有限公司 | AES encryption method for resisting differential power attacks |
| CN102447556A (en) * | 2010-10-14 | 2012-05-09 | 上海华虹集成电路有限责任公司 | DES (data encryption standard) encryption method of resisting differential power analysis based on random offset |
| CN102546157A (en) * | 2011-12-14 | 2012-07-04 | 北京航空航天大学 | Random mixed encryption system for resisting energy analysis and implementation method thereof |
Non-Patent Citations (2)
| Title |
|---|
| Efficient random number for the masking method against DPA attacks;M.Yoshikawa等;《Systems Engineering (ICSEng), 2011 21st International Conference on》;20110818;全文 * |
| 抗DPA攻击的AES算法研究与实现;郑新建;《计算机研究与探索》;20090715;摘要及正文第3、4部分 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103684748A (en) | 2014-03-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106788974B (en) | Mask S box, grouping key calculation unit, device and corresponding construction method | |
| CN109361507B (en) | Data encryption method and encryption equipment | |
| CN106850221B (en) | Information encryption and decryption method and device | |
| CN102185692B (en) | Multimode reconfigurable encryption method based on advanced encryption standard (AES) encryption algorithm | |
| CN106921487B (en) | Reconfigurable S-box circuit structure | |
| US11546135B2 (en) | Key sequence generation for cryptographic operations | |
| CN104639314A (en) | Device based on AES (advanced encryption standard) encryption/decryption algorithm and pipelining control method | |
| CN102546157B (en) | Random mixed encryption system for resisting energy analysis and implementation method thereof | |
| CN102904711B (en) | Information ciphering method | |
| CN105099672A (en) | Hybrid encryption method and device for realizing the same | |
| US9565018B2 (en) | Protecting cryptographic operations using conjugacy class functions | |
| CN100428140C (en) | Implement method of elliptic curve cipher system coprocessor | |
| CN106712930A (en) | SM4 encryption method and device | |
| CN104917608B (en) | A kind of method of the anti-power consumption attack of key | |
| CN106100844A (en) | Optimization automatic Bilinear map encryption method and the device of method is blinded based on point | |
| CN102801519A (en) | Method and device for implementing AES (Advanced Encryption Standard) enciphering and deciphering | |
| CN101951314A (en) | Design method of S-box in symmetric password encryption | |
| CN103684748B (en) | Symmetric encryption and decryption method, and symmetric encryption and decryption system | |
| JunLi et al. | Email encryption system based on hybrid AES and ECC | |
| CN101582170B (en) | Remote sensing image encryption method based on elliptic curve cryptosystem | |
| CN102857334B (en) | Method and device for realizing AES (advanced encryption standard) encryption and decryption | |
| CN105577362B (en) | A kind of byte replacement method and system applied to aes algorithm | |
| Singh et al. | Study & analysis of cryptography algorithms: RSA, AES, DES, T-DES, blowfish | |
| RU2503135C1 (en) | Method for cryptographic transformation of information and apparatus for realising said method | |
| CN104837131A (en) | Batch Cramer-Shoup cryptosystem based on batch processing exponential operation product |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |