CN107277048B - Encryption and decryption method for communication authentication - Google Patents
Encryption and decryption method for communication authentication Download PDFInfo
- Publication number
- CN107277048B CN107277048B CN201710617990.7A CN201710617990A CN107277048B CN 107277048 B CN107277048 B CN 107277048B CN 201710617990 A CN201710617990 A CN 201710617990A CN 107277048 B CN107277048 B CN 107277048B
- Authority
- CN
- China
- Prior art keywords
- key
- encryption
- matrix
- decryption
- state
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 40
- 238000004891 communication Methods 0.000 title claims abstract description 18
- 239000011159 matrix material Substances 0.000 claims abstract description 102
- 230000009466 transformation Effects 0.000 claims abstract description 41
- 230000005540 biological transmission Effects 0.000 claims abstract description 10
- 230000002441 reversible effect Effects 0.000 claims description 22
- 238000006467 substitution reaction Methods 0.000 claims description 17
- 230000008569 process Effects 0.000 claims description 13
- 230000007704 transition Effects 0.000 claims description 9
- 239000000470 constituent Substances 0.000 claims description 3
- 238000011161 development Methods 0.000 description 7
- 238000005516 engineering process Methods 0.000 description 6
- 238000010586 diagram Methods 0.000 description 4
- 238000005096 rolling process Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 3
- 230000007547 defect Effects 0.000 description 2
- 230000007774 longterm Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000011160 research Methods 0.000 description 2
- 238000012827 research and development Methods 0.000 description 2
- 230000004044 response Effects 0.000 description 2
- 241000158650 Desera Species 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 239000000203 mixture Substances 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0478—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying multiple layers of encryption, e.g. nested tunnels or encrypting the content with a first key and then with at least a second key
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Technology Law (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Multimedia (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
- Lock And Its Accessories (AREA)
Abstract
The invention provides an encryption and decryption method for communication authentication, which relates to the technical field of communication and is used for ensuring the security of data transmission when a remote control key and a vehicle are remotely authenticated, and the encryption and decryption method comprises the following steps: s10, responding to a key request of the encryption and decryption program to authenticate the encryption and decryption program according to the key request; s20, starting an encryption and decryption program after the authentication is passed; s30, inputting a plaintext block and a key, copying the plaintext block into a matrix, obtaining an initial matrix State1, obtaining a final State matrix State through encryption operation on the initial matrix State1, and outputting a ciphertext block according to the State matrix State to encrypt data; and S40, decrypting the data through table look-up operation and inverse transformation of encryption operation. The invention solves the problem of data transmission safety during remote authentication of the remote control key and the vehicle.
Description
Technical Field
The invention relates to the technical field of communication, in particular to an encryption and decryption method for communication authentication.
Background
At present, only individual host computer factories have own special remote control key authentication algorithms, the algorithms are generally internal algorithms of the host computer factories, and related information is difficult to obtain, besides, most host computer factories adopt some algorithms recognized in the industry to carry out encryption and decryption authentication of the remote control key, and mainstream algorithms comprise the following algorithms:
keeloq rolling code encryption algorithm
The Keeloq technique is a rolling code encryption technique. Encrypting the original code with the Keeloq rolling code encryption algorithm can produce a highly confidential rolling code. Since the codes transmitted each time are different and never repeated, even if the same original code exists, the password cannot be decoded, and because the codes are different along with the difference of transmission time, the traditional illegal intrusion means (such as interception, scanning and the like) become meaningless. The Keeloq technology is a secret high-tech technology, and is a changeable, anti-interception, safe and reliable code hopping encryption and decryption technology.
However, with the increasing requirements of the Microchip company on the safety performance of the vehicle, the defect is gradually revealed, which is mainly expressed in the following aspects:
(1) hardware encryption makes system upgrade and expansion functions difficult;
(2) data transmission efficiency is relatively low;
(3) the cost is high and the attack is easy.
DES Algorithm
The DES algorithm has three entry parameters of Key, Data and Mode. Wherein Key is 64 bits in 8 bytes, and the valid bit is 56 bits, which is the working Key of DES algorithm; data is also 8 bytes of 64 bits, which is Data to be encrypted or decrypted; the Mode is the working Mode of DES, and there are two modes of encryption and decryption. The DES algorithm combines a variety of cryptographic techniques, primarily character permutation and scrambling. The algorithm has the main characteristics of high encryption speed and high safety. Compared with other encryption algorithms, the method has great advantages in encrypting a large amount of data. There is no effective method other than exhaustive.
However, with the development of technology, the DES technology is challenged more and more, and because the DES technology only has 64-bit keys, the DES password can be deciphered in less than one day by exhaustion, and the decipherment of the DES password announces the termination of the DES era. Therefore, DES has a fatal defect, that is, key management. Since the DES adopts single-key encryption, the key length is only 56 bits. Therefore, it is common to distribute secret keys prior to communication and use different keys for different objects. This adds significantly to the system overhead.
AES algorithm
The AES algorithm is also called as Rijndael algorithm, and is suitable for an application environment with less controller resources, such as an automobile remote control key, due to the characteristics of simplicity, high efficiency and safety. The key length supported by the AES algorithm may be 128 bits, 192 bits, or 256 bits, on one hand, the number of key bits is relatively long, and on the other hand, the encryption process is complex, so that the algorithm is difficult to break, and becomes mainstream in the field of data encryption.
The AES algorithm contains a round-robin algorithm and a key expansion algorithm. The round transformation algorithm consists of byte substitution transformation, row shift transformation, column mixture transformation, and extended key xor operation, and when Nk is 4 and Nb is 4, the number of iterations is 10, where the first 9 rounds of transformation are different from the last round of transformation. The AES algorithm encryption process is as follows: after the 128-bit plaintext and the 128-bit secret key are subjected to XOR operation, byte substitution transformation, line shift transformation and column mixing transformation are carried out, the obtained result and the expanded secret key are subjected to XOR operation, the operation is called a cycle, the operation is repeated for 9 times, the expanded secret keys are different, after the 9 cycles, the result is subjected to byte substitution transformation and line shift transformation again, and finally, the result and the 10 th expanded secret key (different from the previous 9 times) are subjected to XOR operation to obtain a 128-bit ciphertext.
However, in order to ensure the security of the algorithm, the AES algorithm involves a large amount of operations, requires a larger memory space, and has a higher requirement for a chip. Meanwhile, AES is a globally publicly recognized advanced encryption algorithm, and for some systems with low security requirements, the AES algorithm is not necessarily adopted. In addition, the algorithm is a public algorithm and is not suitable for being popularized as an internal generalized algorithm by a host factory.
Disclosure of Invention
The invention aims to provide an encryption and decryption method for communication authentication to ensure the security of an encryption algorithm and the feasibility of a decryption algorithm.
Another object of the present invention is to solve the problems of difficult system expansion and key management of the encryption and decryption algorithms in the prior art, or the problem that the encryption and decryption algorithms cannot be generalized to enterprise generalized algorithms due to large storage space requirements.
In particular, the present invention provides an encryption and decryption method for communication authentication, which is used for ensuring the security of data transmission when a remote control key is remotely authenticated with a vehicle, and the encryption and decryption method comprises the following steps:
s10, responding to a key request of an encryption and decryption program to authenticate the encryption and decryption program according to the key request;
s20, starting the encryption and decryption program after the authentication is passed;
s30, inputting a plaintext block and a key, copying the plaintext block into a matrix, obtaining an initial matrix State1, obtaining a final State matrix State through encryption operation on the initial matrix State1, and outputting a ciphertext block according to the State matrix State to encrypt data;
and S40, decrypting the data through table look-up operation and inverse transformation of encryption operation.
Further, the step of encrypting or decrypting comprises:
s300, negating the initial matrix State1 to obtain a matrix State2, and performing round key addition operation on the matrix State2 and a first round key to obtain a matrix State 3;
s400, performing encryption iterative operation on the matrix State3 according to a user-defined substitution table until the iteration total value cycle is finished, wherein the iteration total value is determined by the length of the secret key;
s500, after the iteration total value circulation is finished, a final State matrix State is obtained, and a corresponding ciphertext group is output according to the final State matrix State.
Further, the encryption iteration step of step S400 includes:
s401, replacing the matrix State3 by using the custom replacement table to obtain a matrix State 4;
s402, performing primary row transformation on the State4 to obtain a matrix State5, and performing primary column transformation on the matrix State5 to obtain a matrix State 6;
s403, performing reversible transformation on the matrix State6 to obtain a matrix State7, performing round key addition on the matrix State7 and a next round key, and returning to the step S401.
Further, the reversible transformation of step S403 is a linear reversible transformation including a state transition matrix, and the reversible transformation process is:
the State transition matrix is multiplied by the matrix State6 to obtain a matrix State 7;
wherein the constituent elements of the state transition matrix are composed of 00, 01, 02, and 03.
Further, the definition rule of the custom substitution table in step S400 is formulated according to a preset manner or a random manner, so as to ensure the security of the encrypted iterative data.
Further, the vehicle remote control key system includes a receiving controller, the receiving controller is loaded with a key service program, and authenticating an encryption/decryption program according to the key request includes:
s100, a request program sends a key request to a key service program, the key service program generates a random number and sends the generated random number to the request program;
s101, the request program encrypts the random number according to first key data and sends the encrypted random number to the key service program;
s102, the secret key service program decrypts the encrypted data according to second secret key data and compares the decrypted random number with the random number,
if the decrypted random number is consistent with the random number, the authentication is successful, otherwise, the authentication is failed;
s103, determining whether to send the key request according to the authentication result, if the authentication is successful, sending the key request, otherwise, not sending the key request
Further, the first key data and the second key data are the same key data.
Further, in the S102, the key service program decrypts the encrypted random number according to second key data,
if the authentication is successful, sending the second key data to the request program, and starting the encryption and decryption program;
and if the authentication fails, the second key data is not sent to the request program so as not to start the encryption and decryption program.
Further, the first round key is generated by forward expansion of the initial key through a key expansion algorithm;
the next round of keys are generated by forward expansion of the last round of keys in the encryption iterative algorithm through the key expansion algorithm.
The beneficial effects of the invention can be as follows:
firstly, in the process of encrypting or decrypting data by the encryption and decryption program through a key, the matrix State3 is replaced according to a user-defined replacement table within the iterative cycle times, the initial row-column transformation is carried out on the matrix State4 obtained after replacement to obtain a matrix State6, then the linear reversible transformation is carried out on the matrix State6 to obtain a matrix State7, and round key addition is carried out on the matrix State6 and a next round key, so that the operation of encryption iteration is realized through the iterative cycle. The matrix State7 is obtained by performing linear reversible transformation on the matrix State6, and in the reversible transformation, the reversible matrix selects a State transition matrix composed of 00, 01, 02 and 03 elements, and the State transition matrix cannot be a special matrix or a unit matrix, so that compared with the scheme of encryption and decryption in the prior art, on one hand, the scheme of the encryption and decryption algorithm can ensure that the encrypted data can be decrypted and the security of the encrypted data can be ensured; on the other hand, the reversible matrix composed of simple elements can simplify the encryption operation process, thereby improving the efficiency of the encryption operation.
Secondly, the rule of the custom substitution table is formulated in a preset mode or a random mode, and the formulated rule is limited in an enterprise, namely under the condition that the enterprise is not disclosed, a consumer or other enterprises cannot obtain the formulated rule of the custom substitution table, so that the specific encryption or decryption operation process cannot be known, therefore, the encryption and decryption algorithm can ensure the security of data transmission, and the internal technical information of the enterprise can be effectively protected.
Moreover, the encryption and decryption method for communication authentication can be uniformly defined and popularized to a platform of a vehicle remote control key, so that the safety of vehicle authentication can be ensured, the research and development efficiency of researchers can be improved for enterprises, the development period of products can be shortened, the development cost can be reduced, the capability of the researchers in applying theoretical research to actual work can be improved, and great influence is generated on long-term development of the enterprises.
The above and other objects, advantages and features of the present invention will become more apparent to those skilled in the art from the following detailed description of specific embodiments thereof, taken in conjunction with the accompanying drawings.
Drawings
Some specific embodiments of the invention will be described in detail hereinafter, by way of illustration and not limitation, with reference to the accompanying drawings. The same reference numbers in the drawings identify the same or similar elements or components. Those skilled in the art will appreciate that the drawings are not necessarily drawn to scale. In the drawings:
FIG. 1 is a schematic block diagram of a vehicle remote control system according to one embodiment of the present invention;
FIG. 2 is a schematic flow chart diagram of an encryption and decryption method according to one embodiment of the present invention;
FIG. 3 is a schematic flow diagram of encryption or decryption according to one embodiment of the present invention;
FIG. 4 is a schematic flow chart of an encryption iterative algorithm according to step S400 shown in FIG. 1;
FIG. 5 is a custom replacement table according to one embodiment of the invention;
fig. 6 is a numeric byte lookup table according to another embodiment of the invention.
Detailed Description
Security and privacy functions have become an increasing consumer concern in the field of communications, and the ever increasing use of communications in vehicles has enabled security and privacy functions to be integrated into a wider range of automotive platforms. A remote control key system for a vehicle generally comprises a receiving controller mounted on the vehicle and a transmitter carried by a user, i.e., an infinite remote control door key, and the transmitter is generally in a closed state and operates when a button is pressed or data needs to be transmitted, which is a one-way communication state. Fig. 1 is a schematic configuration diagram of a vehicle remote control system according to an embodiment of the present invention, which may generally include a receiving controller 11 installed at a vehicle body controller or an antitheft controller and a transceiving controller 22 that a user may carry with him, the transceiving controller 22 being capable of transmitting and receiving data, wherein the receiving controller 11 may be composed of a microcontroller 1, a Low Frequency (LF) device 2, a high frequency radio wave (UHF) receiver 3, a button 4, and a human interface device such as an LED indicator 5, and the transceiving controller 22 may be composed of a microcontroller 6, a radio frequency controller 7, a button 8, and a human interface device such as an LED 9. The transceiver controller 22 transmits the code 10(UHF transmission response) to the reception controller 11 by radio, and after the reception controller 11 receives the encrypted code 10, starts a key service program to perform challenge/response authentication; after the authentication is successful, the secret key is stored in the memory for the encryption and decryption programs to use, the encryption and decryption programs are loaded in the transceiver controller 22, the secret key service program is loaded in the receiving controller 11, and the encryption and decryption programs and the secret key service program automatically perform encryption and decryption communication authentication through the radio frequency controller 7, namely the encryption or decryption process is completed.
Fig. 2 is a schematic flow chart of an encryption and decryption method according to an embodiment of the present invention, for ensuring the security of data transmission during remote authentication of the key fob and the vehicle. The encryption and decryption method may generally include:
s10, responding to a key request of an encryption and decryption program to authenticate the encryption and decryption program according to the key request;
s20, starting the encryption and decryption program after the authentication is passed;
s30, inputting a plaintext block and a key, copying the plaintext block into a matrix, obtaining an initial matrix State1, obtaining a final State matrix State through encryption operation on the initial matrix State1, and outputting a ciphertext block according to the State matrix State to encrypt data;
s40, in the data decryption method, decryption of the data can be achieved through table look-up operation and inverse transformation of encryption operation.
As shown in fig. 3, encryption or decryption may include the following operation steps:
s300, negating the initial matrix State1 to obtain a matrix State2, and performing round key addition operation on the matrix State2 and a first round key to obtain a matrix State 3;
s400, performing encryption iterative operation on the matrix State3 according to a user-defined substitution table until the iteration total value cycle is finished, wherein the iteration total value is determined by the length of the secret key;
s500, after the iteration total value circulation is finished, a final State matrix State is obtained, and a corresponding ciphertext group is output according to the final State matrix State.
As shown in fig. 4, the initial iteration value i is 1, and the encryption iteration step of step S400 may include:
s401, replacing the matrix State3 by using the custom replacement table to obtain a matrix State 4;
s402, performing primary row transformation on the State4 to obtain a matrix State5, and performing primary column transformation on the matrix State5 to obtain a matrix State 6;
and S403, performing reversible transformation on the matrix State6 to obtain a matrix State7, and performing round key addition on the matrix State7 and a next round key, wherein an iteration value i is i + 1. When i is not greater than the iteration total value, returning to the step S401; when i is greater than the iteration total value, the process proceeds to step S500.
The first round of keys are generated by forward expansion of an initial key through a key expansion algorithm, and the next round of keys are generated by forward expansion of a previous round of keys in the encryption iteration process through the key expansion algorithm.
Wherein the reversible transformation of step S403 may be a linear reversible transformation, that is, a reversible matrix is left-multiplied by the matrix State6 to obtain a matrix State7, wherein the reversible matrix selects a State transition matrix in order to ensure that the encrypted data can implement a decryption operation; meanwhile, in order to ensure the security of encrypted data, the reversible matrix cannot select a basic identity matrix or a special matrix; in addition, in order to simplify the encryption operation, the constituent elements of the reversible matrix are composed of the simplest data 00, 01, 02, and 03. The matrix State6 is reversibly transformed as shown in equation 1:
compared with the scheme of encryption and decryption in the prior art, on one hand, the scheme of the encryption and decryption algorithm can ensure the security of encrypted data while ensuring the decryption operation of the encrypted data; on the other hand, the reversible matrix composed of simple elements can simplify the process of encryption operation, thereby improving the efficiency of encryption operation.
In addition, in step S401, replacing the matrix State3 with a custom replacement table belongs to a nonlinear transformation, so as to further enhance the security of the encryption and decryption algorithm, and the rule of the custom replacement table may be formulated in a preset manner or in a random manner, so that it is difficult to break the encryption and decryption algorithm. The encryption and decryption algorithm may use a custom substitution table as shown in fig. 5.
The rule of the custom substitution table can be formulated in a preset mode or a random mode, and the formulated rule is limited in an enterprise, namely, under the condition that the enterprise is not disclosed, a consumer or other enterprises cannot obtain the formulated rule of the custom substitution table, so that the specific encryption or decryption operation process cannot be known, and therefore, the encryption and decryption algorithm can ensure the security of data transmission, and the internal technical information of the enterprise can be effectively protected.
In the embodiment of fig. 6, to facilitate the operation to reduce the number of operations, the distribution law formula based on linear operation:
the operation of equation 1 may obtain the operation result by converting the numerical operation into a table lookup manner to obtain a state7, as shown in fig. 6, the numerical query manner may reduce data generated by intermediate operation, accelerate the operation speed, and reduce the operation amount of data and the storage space of the chip while further improving the encryption security.
In the implementation of fig. 2 to 6, except that the substitution of the custom substitution table for the matrix State3 in the encryption and decryption method belongs to nonlinear transformation, the decryption may be implemented by corresponding inverse transformation, that is, after a decryption key is obtained, the corresponding inverse transformation is performed on a ciphertext in an order opposite to that of the encryption step. The byte substitution operation of the encryption algorithm can be realized by inquiring the byte substitution table of fig. 5, other operations are linear reversible operations, and a specific data result can be obtained through corresponding inverse transformation to realize decryption operation.
In order to further enhance the security of the key, the key service program may perform communication authentication on the encryption/decryption program, that is, perform authentication on the encryption/decryption program according to the key request, and the authentication step may include,
s100, a request program sends a key request to a key service program, the key service program generates a random number and sends the generated random number to the request program;
s101, a request program encrypts the random number according to first key data and sends the encrypted random number to a key service program;
s102, the secret key service program decrypts the encrypted random number according to second secret key data, compares the decrypted random number with the random number, and when the decrypted random number is consistent with the random number, the authentication is successful, and when the decrypted random number is consistent with the random number, the authentication is failed;
s103, determining whether to send a key request according to an authentication result, and when the authentication is successful, sending the second key data to the request program and starting the encryption and decryption program; when the authentication fails, the second key data is not sent to the requesting program, so that the encryption/decryption program is not started.
Wherein the first key data and the second key data are the same key data.
The encryption and decryption method is uniformly defined and popularized to a platform of a vehicle remote control key, so that the safety of vehicle authentication can be guaranteed, and the research and development efficiency of researchers can be improved for an enterprise, so that the development period of a product can be shortened, the development cost can be reduced, the capability of the researchers for applying theoretical research to actual work can be improved, and great influence is generated on long-term development of the enterprise.
The encryption and decryption method for communication authentication can also be applied to other related data protection fields, such as an engine anti-theft authentication system, an intelligent key remote control system and the like, so as to protect the safety of data in the communication authentication process.
In the embodiment of fig. 1, microcontroller 1 and microcontroller 6 may employ DS89C440 or PIC18F 8490; the rf controller may use MAX7044 or MAX1479 or TRF 6901. MC9S08QG8, MSP430F2121, NXP PCF7961, PCF7936, MICROCHIP HCS300 series, PIC series, and NEC chips on a FREESCALE chip are commonly used in vehicle remote controls.
Thus, it should be appreciated by those skilled in the art that while a number of exemplary embodiments of the invention have been illustrated and described in detail herein, many other variations or modifications consistent with the principles of the invention may be directly determined or derived from the disclosure of the present invention without departing from the spirit and scope of the invention. Accordingly, the scope of the invention should be understood and interpreted to cover all such other variations or modifications.
Claims (6)
1. An encryption and decryption method for communication authentication, which is used for ensuring the security of data transmission when a remote control key is remotely authenticated with a vehicle, and comprises the following steps:
s10, responding to a key request of an encryption and decryption program to authenticate the encryption and decryption program according to the key request;
s20, starting the encryption and decryption program after the authentication is passed;
s30, inputting a plaintext block and a key, copying the plaintext block into a matrix, obtaining an initial matrix State1, obtaining a final State matrix State through encryption operation on the initial matrix State1, and outputting a ciphertext block according to the State matrix State to encrypt data;
s40, decrypting the data through table look-up operation and inverse transformation of encryption operation;
wherein the step of encrypting or decrypting comprises:
s300, negating the initial matrix State1 to obtain a matrix State2, and performing round key addition operation on the matrix State2 and a first round key to obtain a matrix State 3;
s400, performing encryption iterative operation on the matrix State3 according to a user-defined substitution table until the iteration total value cycle is finished, wherein the iteration total value is determined by the length of the secret key;
s500, obtaining a final State matrix State after the iteration total value circulation is finished, and outputting a corresponding ciphertext group according to the final State matrix State;
wherein the encryption iteration step of step S400 includes:
s401, replacing the matrix State3 by using the custom replacement table to obtain a matrix State 4;
s402, performing primary row transformation on the State4 to obtain a matrix State5, and performing primary column transformation on the matrix State5 to obtain a matrix State 6;
s403, performing reversible transformation on the matrix State6 to obtain a matrix State7, performing round key addition on the matrix State7 and a next round key, and returning to the step S401;
the first round of keys are generated by forward expansion of an initial key through a key expansion algorithm, and the next round of keys are generated by forward expansion of a previous round of keys in the encryption iterative operation through the key expansion algorithm.
2. The encryption and decryption method according to claim 1, wherein the reversible transformation of step S403 is a linear reversible transformation including a state transition matrix, and the reversible transformation process is:
the State transition matrix is multiplied by the matrix State6 to obtain a matrix State 7;
wherein the constituent elements of the state transition matrix are composed of 00, 01, 02, and 03.
3. The encryption and decryption method according to claim 1, wherein the definition rule of the custom substitution table of step S400 is formulated in a preset manner or in a random manner to ensure the security of the encrypted iterative data.
4. The encryption and decryption method of claim 2, wherein the vehicle key fob system includes a receiving controller loaded with a key service program, and the authenticating the encryption and decryption program according to the key request includes:
s100, a request program sends a key request to a key service program, the key service program generates a random number and sends the generated random number to the request program;
s101, the request program encrypts the random number according to first key data and sends the encrypted random number to the key service program;
s102, the secret key service program decrypts the encrypted random number according to second secret key data and compares the decrypted random number with the random number,
if the decrypted random number is consistent with the random number, the authentication is successful, otherwise, the authentication is failed;
s103, determining whether to send the key request according to the authentication result, if the authentication is successful, sending, and if not, not sending.
5. The encryption and decryption method according to claim 3, wherein the first key data and the second key data are the same key data.
6. The encryption and decryption method according to claim 4, wherein in the S102, the key service program decrypts the encrypted random number based on second key data,
if the authentication is successful, sending the second key data to the request program, and starting the encryption and decryption program;
and if the authentication fails, the second key data is not sent to the request program so as not to start the encryption and decryption program.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710617990.7A CN107277048B (en) | 2017-07-26 | 2017-07-26 | Encryption and decryption method for communication authentication |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710617990.7A CN107277048B (en) | 2017-07-26 | 2017-07-26 | Encryption and decryption method for communication authentication |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107277048A CN107277048A (en) | 2017-10-20 |
| CN107277048B true CN107277048B (en) | 2020-04-24 |
Family
ID=60078579
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710617990.7A Active CN107277048B (en) | 2017-07-26 | 2017-07-26 | Encryption and decryption method for communication authentication |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107277048B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108989024B (en) * | 2018-06-29 | 2023-04-14 | 百度在线网络技术(北京)有限公司 | Method, device and equipment for controlling communication between ECUs and corresponding vehicle |
| CN109902498B (en) * | 2019-02-27 | 2023-08-18 | 南京师范大学 | Data encryption method, data decryption method, and corresponding devices and equipment |
| CN114710324B (en) * | 2022-03-16 | 2024-02-13 | 深圳市风云实业有限公司 | Cross-network tunnel message transmission method based on cipher-key replacement encryption and decryption |
| CN114844728B (en) * | 2022-07-04 | 2022-09-06 | 道格特半导体科技(江苏)有限公司 | Serialized data secure communication method and big data platform |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102970129A (en) * | 2012-11-16 | 2013-03-13 | 深圳光启创新技术有限公司 | Time information-based signal encrypting and decrypting method and time information-based signal encrypting and decrypting device |
| JP2013105100A (en) * | 2011-11-15 | 2013-05-30 | Tokai Rika Co Ltd | Data converter |
| CN104184579A (en) * | 2014-09-12 | 2014-12-03 | 南京航空航天大学 | Lightweight block cipher VH algorithm based on dual pseudo-random transformation |
| CN106921486A (en) * | 2015-12-28 | 2017-07-04 | 航天信息股份有限公司 | The method and apparatus of data encryption |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1925401B (en) * | 2006-10-12 | 2011-06-15 | 中国联合网络通信有限公司北京市分公司 | Internet access system and method |
| CN101277186B (en) * | 2007-03-30 | 2011-06-15 | 北京握奇数据系统有限公司 | Method for implementing exterior authentication using asymmetry key algorithm |
| CN103516512A (en) * | 2013-10-21 | 2014-01-15 | 深圳市芯通信息科技有限公司 | Encryption and decryption method and encryption and decryption device based on AES (advanced encryption standard) algorithm |
| CN106850221B (en) * | 2017-04-10 | 2019-11-08 | 四川阵风科技有限公司 | Information encryption and decryption method and device |
-
2017
- 2017-07-26 CN CN201710617990.7A patent/CN107277048B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2013105100A (en) * | 2011-11-15 | 2013-05-30 | Tokai Rika Co Ltd | Data converter |
| CN102970129A (en) * | 2012-11-16 | 2013-03-13 | 深圳光启创新技术有限公司 | Time information-based signal encrypting and decrypting method and time information-based signal encrypting and decrypting device |
| CN104184579A (en) * | 2014-09-12 | 2014-12-03 | 南京航空航天大学 | Lightweight block cipher VH algorithm based on dual pseudo-random transformation |
| CN106921486A (en) * | 2015-12-28 | 2017-07-04 | 航天信息股份有限公司 | The method and apparatus of data encryption |
Non-Patent Citations (1)
| Title |
|---|
| "AES改进算法在CCMP协议中的应用";李京,等;《延边大学学报(自然科学版)》;20150930;244-248 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107277048A (en) | 2017-10-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107277048B (en) | Encryption and decryption method for communication authentication | |
| US9641331B2 (en) | Method for converting a conditional access content and receiver for the implementation for said method | |
| CN101753292B (en) | Methods and devices for a chained encryption mode | |
| EP3154215B1 (en) | Scrambled counter mode for differential power analysis resistant encryption | |
| CN102238430A (en) | Personalized whitebox descramblers | |
| CN112906070A (en) | Block cipher side channel attack mitigation for security devices | |
| CN113098675B (en) | Binary data encryption system and method based on polynomial complete homomorphism | |
| CN101867471A (en) | Irrational number based DES authentication encryption algorithm | |
| Kim et al. | Triple ID flexible MAC for CAN security improvement | |
| CN101739540A (en) | Label reader-writer and data communication method and system of radio frequency label | |
| CN103427981A (en) | Encryption and decryption achieving method and device | |
| US11533612B2 (en) | Transceiver system | |
| Lv et al. | AES encryption algorithm keyless entry system | |
| EP1625693A2 (en) | A hardware implementation of the mixcolumn / invmixcolumn functions | |
| CN107749795B (en) | Automobile remote control method based on rolling code secondary encryption | |
| US20120321079A1 (en) | System and method for generating round keys | |
| CN105790926A (en) | Method for realizing working mode of block cipher algorithm for WIA-PA security | |
| CN114978475A (en) | Automobile instrument encryption and decryption processing method and system based on AES-128 algorithm | |
| KR20060011999A (en) | Des algorithm-based encryption method | |
| CN101882991A (en) | Communication data stream encryption method based on block cipher | |
| CN107579824B (en) | Automobile remote control method based on rolling code | |
| Landge et al. | VHDL based Blowfish implementation for secured embedded system design | |
| KR20060058789A (en) | Method and apparatus for data security on home network system | |
| CN106788968A (en) | It is applied to the implementation method of the security coprocessor of WIA-PA agreements | |
| US8908861B2 (en) | AES algorithm-based encryption apparatus and method for mobile communication system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |