CN114465804A - Instruction encryption and decryption method capable of resisting replay attack - Google Patents

Instruction encryption and decryption method capable of resisting replay attack Download PDF

Info

Publication number
CN114465804A
CN114465804A CN202210142930.5A CN202210142930A CN114465804A CN 114465804 A CN114465804 A CN 114465804A CN 202210142930 A CN202210142930 A CN 202210142930A CN 114465804 A CN114465804 A CN 114465804A
Authority
CN
China
Prior art keywords
instruction
encryption
value
ciphertext
jumping
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210142930.5A
Other languages
Chinese (zh)
Other versions
CN114465804B (en
Inventor
杨剑
罗锋
王代强
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guizhou Furunde Cultural Industry Development Co ltd
Original Assignee
Guizhou Furunde Cultural Industry Development Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guizhou Furunde Cultural Industry Development Co ltd filed Critical Guizhou Furunde Cultural Industry Development Co ltd
Priority to CN202210142930.5A priority Critical patent/CN114465804B/en
Publication of CN114465804A publication Critical patent/CN114465804A/en
Application granted granted Critical
Publication of CN114465804B publication Critical patent/CN114465804B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/002Countermeasures against attacks on cryptographic mechanisms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1458Denial of Service
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/121Wireless intrusion detection systems [WIDS]; Wireless intrusion prevention systems [WIPS]
    • H04W12/122Counter-measures against attacks; Protection against rogue devices

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses an instruction encryption method capable of resisting replay attack, which comprises the following steps: synchronizing an initial value R with a decryption partyiI is the number of times of command encryption, the initial value RiEach time of synchronization is different; by an initial value RiKey K and instruction StepiJointly generate ciphertext Ii. The method and the device solve the problem that an attacker can easily steal message data in a channel by using special equipment and implement replay attack in the prior art.

Description

Instruction encryption and decryption method capable of resisting replay attack
Technical Field
The invention relates to an instruction encryption and decryption method capable of resisting replay attack, and belongs to the technical field of encryption.
Background
With the development of society and economy, more and more instruments and equipment issue messages and control commands by using plaintext instructions (hereinafter referred to as "instructions"), and remote equipment such as unmanned aerial vehicles and unmanned automobiles can be remotely controlled to realize remote medical treatment. Before sending the instructions, the sender and the receiver have agreed by other means the specific meaning represented by each instruction, and the instructions can be represented by numbers, short words or specific characters. Generally, the transmission of the command can realize the advantages of low communication cost and high efficiency.
The development of communication technology, especially in the context of 5G, many devices accessing the internet, while facilitating remote control of the devices by instructions, also faces a very significant security problem. Whether the instruction is a wired network or a wireless network, instruction stealing is easy to happen in the instruction transmission process, or an attacker implements replay attack or insertion attack, so that the instruction is not safe in the transmission process, which is a safety hazard of instruction transmission.
Therefore, in many instruments and equipment, the cryptographic technology is applied to deal with the risk of information leakage, and the cryptographic algorithms are used for encrypting instructions, wherein the cryptographic algorithms comprise two types of symmetric cryptographic algorithms and asymmetric cryptographic algorithms, the symmetric cryptographic algorithms comprise foreign DES and AES algorithms and domestic SM4 algorithms, the asymmetric cryptographic algorithms comprise RSA and ECC algorithms and SM2 cryptographic algorithms issued by the national crypto administration of China. Because the used instructions are limited and repeated, and the cryptographic algorithm is also fixed and unchangeable, the encryption result of each time for a specific instruction is the same, and an attacker can easily use special equipment to steal the message data in a channel to implement replay attack.
In addition, the common cryptographic algorithms mainly encrypt a large amount of data, and the cryptographic algorithms have large calculation amount, increase certain communication overhead, and have low efficiency in application scenes with high real-time requirements.
Disclosure of Invention
The technical problem to be solved by the invention is as follows: the method for encrypting and decrypting the instructions against replay attack is provided to overcome the defects of the prior art.
The technical scheme of the invention is as follows:
in a first aspect:
the invention provides an instruction encryption method capable of resisting replay attack, which comprises the following steps:
synchronizing an initial value R with a decryption partyiI is an instruction plusSecret number, initial value RiEach time of synchronization is different;
by an initial value RiKey K and instruction StepiJointly generate ciphertext Ii
Preferably, when i is 0, the initial value R is set toiThe generation method comprises the following steps:
s01_1, generating a first random number Rand1Let R0=Rand1Setting a first cycle number G1
S01_2, judgment G1If G is a value1>0, executing the step S01_3, otherwise, jumping to the step S01_ 6;
S01_3、G1=G1-1, G to the right of the equal sign1For the last time this step was performed G1Taking the value of (A);
s01_4, if R0Can not be covered by f1Integer division, then R0=R0*r1+ K, R to the right of the middle symbol0Is R at the last execution of this step0Value of r1Is a first encryption parameter, K is a secret key, f1Is a is and r1K is a prime integer;
if R is0Can be f1Integer division, then R0=R0/f1R on the right side of the equal sign0Is R at the last execution of this step0Taking values;
s01_5, jumping to the step S01_ 2;
s01_6, completing the initial value RiAnd (4) generating.
Preferably, said r1=3。
Preferably, the ciphertext IiThe generation method comprises the following steps:
i when S02 — 0, I ═ 0iIs R0Otherwise, set IiThe ciphertext finally generated for the last encryption;
s02_1, determination instruction StepiIf Step is taken as the value ofi>0, executing the step S02_2, otherwise, jumping to the step S02_ 9;
S02_2、Stepi=Stepi-1, Step to the right of the equal signiStep for the last execution of this StepiTaking the value of (A);
s02_3, setting the second cycle number G2
S02_4, judgment G2If G is a value2>0, executing the step S02_5, otherwise, jumping to the step S02_ 9;
S02_5、G2=G2-1, G to the right of the equal sign2For the last time this step was performed G2Taking the value of (A);
s02_6, if IiCan not be covered by f2Integer division, then Ii=Ii*r2+ K, I to the right of the middle markiIs the last time I of this step was performediValue of r2Is a second encryption parameter, K is a secret key, f2Is a is and r2K is a prime integer;
if IiCan be f2Integer removal ofi=Ii/f2I on the right side of the equal signiIs the last time I of this step was performediTaking values;
s02_7, jumping to the step S02_ 4;
s02_8, jumping to step S02_ 1;
s02_9, completing the ciphertext IiAnd (4) generating.
Further, the method further comprises: the encryption side will t1The secondary resend request is automatically converted to a primary resync request.
Specifically, the resynchronization request is: resetting the encryption frequency i to 0, and requesting the encryption party to regenerate R0And the ciphertext is regenerated and transmitted.
In a second aspect:
the invention also provides an instruction decryption method capable of resisting replay attack, which comprises the following steps:
s03_1, receiving ciphertext I sent by encryptori
S03_2, loading the same key K as the encryption side, and synchronizing the initial value R with the encryption sideiI is the number of times of command encryption, the initial value RiEach time of synchronization is different;
s03_3, traversing the encryptor instruction, through the key K and the initial value RiGenerating an encryption instruction for the instruction of the encryption party, and jumping to step S03_4 when generating one encryption instruction;
s03_4, encrypted instruction I 'generated in step S03_ 3'iAnd ciphertext IiMaking a comparison if the ciphertext IiAnd the encrypted instruction I 'generated in step S03_ 3'iIf the bit error rate is less than or equal to the set value SER, taking the instruction corresponding to the encrypted instruction which is the same as the ciphertext in the step S03_2 as a decrypted instruction, and jumping to the step S03_ 6; if the ciphertext IiAnd all encrypted instructions I 'generated in step S03_ 3'iIf the error rate is greater than the set value SER, jumping to step S03_3 until the encryption side instruction is traversed;
s03_5, making a resending request to the encryption party;
and S03_6, completing decryption.
Further, the method for calculating the bit error rate in step S03_4 is as follows:
the ciphertext IiAnd encrypted instruction I'iEach digit of (a) is decomposed into separate numbers;
obtaining ciphertext IiAnd encrypted instruction I'iA bit value A of the larger median;
the ciphertext IiAnd encrypted instruction I'iRespectively comparing the values of the corresponding digits after decomposition one by one, and solving the digit number B with different comparison results;
and (4) calculating the error rate P, wherein P is B/A.
Preferably, the method for generating the encryption instruction in step S03_3 includes the following steps:
s03_3_0, instruction I 'is encrypted when I ═ 0'iInitial value R sent for encryption method0Else set encrypt instruction I'iIs the encrypted instruction I 'after the last successful decryption'i-1
S03_3_1, judgment instruction StepiIf Step is taken as the value ofi>0, executing the step S03_3_2, otherwise, jumping to the step S03_3_ 9;
S03_3_2、Stepi=Stepi-1, Step to the right of the equal signiStep for the last execution of this StepiThe value of (a).
S03_3_3, setting the second cycle number G2
S03_3_4, judgment G2If G is a value2>0, executing the step S02_5, otherwise, jumping to the step S02_ 8;
S03_3_5、G2=G2-1, G to the right of the equal sign2For the last time this step was performed G2Taking the value of (A);
s03_3_6, if I'iCan not be covered by f2Removing, then I'i=I′i*r2+ K, wherein I 'to the right of equal sign'iIs encrypted instruction I 'at the last execution of this step'iValue of r2Is a second encryption parameter, K is a secret key, f2Is a is and r2K is a prime integer;
if l'iCan be f2Removing, then I'i=I′i/f2Wherein l 'on the right side of equal sign'iIs I 'of the last time this step was performed'iTaking values;
s03_3_7, jumping to step S03_3_ 4;
s03_3_8, jumping to step S03_3_ 1;
s03_3_9, finish encrypted instruction I'iAnd (4) generating.
Further, in the step S03_5, if the decryption side sends the resending request exceeding t2And then terminates the communication and allows the decryptor to execute the preset instruction.
The invention has the beneficial effects that: the invention adds the initial value when the encryption side encrypts, the initial value and the key jointly encrypt the command, and the initial value is synchronized with the decryption side, so that the limited command does not generate repeated ciphertext after being encrypted by the encryption algorithm under the condition that the cryptographic algorithm is not changed, and the result of each encryption of the same command is different, so that an attacker is difficult to steal the ciphertext in a channel to implement replay attack.
The invention generates the encryption command by synchronizing the initial value with the encryption party, traversing the encryption party command, utilizing the key and the initial value, and calculating the bit error rate corresponding to the encryption command and the ciphertext received from the encryption party one by one, and finding the command corresponding to the encryption command with the bit error rate smaller than the set value, thereby realizing the decryption of the ciphertext. The decryption is carried out by the method, and the decryption party can decrypt the received ciphertext corresponding to different instructions each time under the condition that the cryptographic algorithm is not changed, so that an attacker can not easily carry out replay attack even if the attacker steals the ciphertext transmitted in a channel.
Compared with the existing ciphertext generation method, the ciphertext generation method provided by the invention has the advantages that most of operations are computer shift operations, and the calculation efficiency is high.
Even if the decryption is unsuccessful, the invention can also provide a resending request and send a resynchronization request to the encryption party, identify DDOS attack and execute a preset instruction, so that the system is not damaged or further attacked, and the consumption is reduced.
Drawings
FIG. 1 is a flow chart of a method according to an embodiment of the present invention.
Detailed Description
The technical scheme in the embodiment of the invention has the following general idea:
the encryption side and the decryption side synchronize the initial values, and the limited instruction is encrypted without repeated ciphertext by utilizing the characteristic that the initial values are different in synchronization each time, so that an attacker is prevented from stealing the ciphertext in a channel to implement replay attack.
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The first embodiment is as follows:
referring to fig. 1, in order to solve the problem that in the prior art, there is a limited repetition of command cryptograms, and it is very easy for an attacker to steal message data in a channel using a dedicated device to implement a replay attack, from the perspective of an encryption party, in this embodiment, a command encryption method that can resist the replay attack is adopted, and the method includes:
synchronizing an initial value R with a decryption partyiI is the number of times of command encryption, the initial value RiEach time of synchronization is different;
by an initial value RiKey K and instruction StepiJointly generate ciphertext Ii
The encrypted instructions of this embodiment include, but are not limited to: signals in signal carriers capable of carrying information, such as radio signals, electrical signals, acoustic and light wave signals.
The initial value is added when the encryption side encrypts, the initial value and the secret key jointly encrypt the command, and the initial value is synchronized with the decryption side, so that under the condition that the cryptographic algorithm is not changed, the limited command cannot generate repeated ciphertexts after being encrypted by the encryption algorithm, and the ciphertexts generated by the same command in each encryption are different, so that an attacker is difficult to steal the ciphertexts in a channel to implement replay attack.
In order to lower the initial value RiTo further reduce the possibility of being attacked by replay, in a preferred embodiment of the present embodiment, when i is 0, the initial value R is set toiThe generation method comprises the following steps:
s01_1, generating a first random number Rand1Let R0=Rand1Setting a first cycle number G1
S01_2, judgment G1If G is a value1>0, executing the step S01_3, otherwise, jumping to the step S01_ 6;
S01_3、G1=G1-1, G to the right of the equal sign1For the last time G of this step1Taking the value of (A);
s01_4, if R0Can not be covered by f1Integer division, then R0=R0*r1+ K, R to the right of the middle symbol0Is R at the last execution of this step0Value of r1Is a first encryption parameter, K is a secret key, f1Is a is and r1K is a prime integer;
if R is0Can be f1Integer division, then R0=R0/f1R on the right side of the equal sign0Is R at the last execution of this step0Taking values;
s01_5, jumping to the step S01_ 2;
s01_6, completing the initial value RiAnd (4) generating.
Where G is1Can be understood as a security level
f1Preferably, it is set to 2.
In the preferred embodiment of the present invention, the method for generating the ciphertext may use an encryption algorithm in the prior art, but in order to improve the encryption efficiency and reduce the calculation amount, the present invention may be applied to a place with a small data size but a high real-time requirement, such as an instructioniThe generation method comprises the following steps:
i when S02 — 0, I ═ 0iIs R0Otherwise, set IiThe ciphertext finally generated for the last encryption;
s02_1, judgment instruction StepiIf Step is taken as the value ofi>0, executing the step S02_2, otherwise, jumping to the step S02_ 9;
S02_2、Stepi=Stepi-1, Step to the right of the equal signiStep for the last time this Step was performediTaking the value of (A);
s02_3, setting the second cycle number G2
S02_4, judgment G2If G is a value2>0, executing the step S02_5, otherwise, jumping to the step S02_ 9;
S02_5、G2=G2-1, G to the right of the equal sign2For the last executionAt this step G2Taking the value of (A);
s02_6, if IiCan not be covered by f2Integer division, then Ii=Ii*r2+ K, I to the right of the middle markiIs the last time I of this step was performediValue of r2Is a second encryption parameter, K is a secret key, f2Is a and r2K is a prime integer;
if IiCan be f2Integer removal ofi=Ii/f2I on the right side of the equal signiIs the last time I of this step was performediTaking values;
s02_7, jumping to the step S02_ 4;
s02_8, jumping to step S02_ 1;
s02_9, completing ciphertext IiAnd (4) generating.
Preferably, f here2Preferably, it is set to 2, r2=3。
In order to prove that the encryption method has the advantage of high computational efficiency, the following description is made of pseudo codes for instruction encryption, and the logic of the pseudo codes is consistent with the ciphertext generation method.
The following is the pseudo code for ciphertext generation:
Figure BDA0003507773000000071
where f is2|IiIs represented by IiCan be f2The step of removing the waste paper completely,
Figure BDA0003507773000000072
is represented byiCan not be covered by f2And (4) trimming.
Herein IiAs an initial value, generated by the encrypting party for the first time, and thereafter the ciphertext finally generated for the last encryption, G2The second cycle number is understood as a safety level.
Compared to symmetric and asymmetric encryption algorithms:
the idea of symmetric cryptography is chaos and diffusion, and various algorithms such as round key addition, byte substitution, subkey generation and the like are used in the process of diffusion and chaos, and the algorithms are not easy to simplify. The asymmetric cryptographic algorithm generally uses large-number power-mode operation in number theory, and the calculation time is long. In the encryption method, multiplication and addition are used in the if statement, and the multiplication can be decomposed into left shift by n bits and addition; in the while statement, the division operation can be converted to a right shift by n bits and an addition. Because the left shift operation and the right shift operation (collectively referred to as shift operation) have high calculation efficiency in the computer, the scheme can reduce the calculation time and improve the calculation efficiency through the shift operation.
It is worth mentioning that the preferred scheme also has the advantage of high safety. To demonstrate this, the following analysis is presented.
Here, an initial value (or the last ciphertext I) is inputi-1) Under the action of the secret key K, a ciphertext I is generatedi
In general, assume that an encrypted instruction Step is requirediIs 2 (Step)iIs 2 means IiMultiplied by r2Plus the sum of K divided by f2Has 2 times to the n power) of (a), wherein n is1And n2Is to execute the statement "Ii=Ii/f2"number of times, order G2When 1, the following exists:
Figure BDA0003507773000000081
assume that the result of the entire equation is ciphertext IiI.e. return values I in pseudo-codeiThen, equation (1) can be simplified as follows:
Figure BDA0003507773000000082
(2) mod K (i.e., key K) on both sides of the equation, simplification can result:
Figure BDA0003507773000000083
similarly, assume that an encrypted instruction Step is requirediIs 3 (Step)iIs 3 means IiMultiplied by r2Plus the sum of K divided by f23 times to the n power), and also let G21, similar to above. Then it is possible to obtain:
Figure BDA0003507773000000084
similar to the reduction steps of (1) (2) (3), (4) simultaneous mod K on both sides after reduction, then we can get after reduction:
Figure BDA0003507773000000085
further, if instruction Step is to be encryptediTo 10000, then after simplification one can get:
Figure BDA0003507773000000088
generally, if the instruction to be encrypted is StepiThen, equation (6) may become:
Figure BDA0003507773000000086
if G is x, let e be x StepiThen, obtaining:
Figure BDA0003507773000000087
note that in the formula (8), I is inputtedi-1Is an initial value or the last ciphertext, r2Is a sentence Ii←Ii*r2R in + K2,StepiIs the instruction of this transmission (i.e. the transmission is carried outObjects to be protected), IiIs the cipher text generated by the current encryption, f2Is a procedure
Figure BDA0003507773000000093
And f2|IiF in (1)2,n1,n2,n3…nStepiIs to execute the statement while f each time2|IiK is a secret key, so that even if an eavesdropper otherwise acquires I transmitted in the channeli-1、IiIf the key K is unknown, the command Step cannot be calculatediSince this can be reduced to discrete logarithm problems, which are recognized mathematical problems in the world, some cryptographic algorithms (such as the ElGamal digital signature scheme) are also designed using discrete mathematical problems. In other words, if an eavesdropper or attacker collects some of the informationCipher textTo get the instruction, one would like to get the key K, solving the discrete logarithm problem, which is almost impossible.
Thus, the above analysis can demonstrate that the ciphertext generated by the present encryption algorithm is secure.
In order to verify the effectiveness of the encryption algorithm, the applicant has performed experiments on several instructions by using the encryption algorithm, and the experimental results are shown in tables 1 and 2:
Figure BDA0003507773000000091
table 1 ciphertext transmitted in case that the second number of rounds is 8
Figure BDA0003507773000000092
Table 2 ciphertext transmitted in case that the second number of rounds is 8
In the scheme, except for the first encryption, the initial value used each time is the last ciphertext. Therefore, after each instruction is encrypted, the lengths of generated ciphertexts are consistent, the ciphertexts generated by each instruction are different, and even if an eavesdropper steals the ciphertexts transmitted on a channel, the instructions cannot be restored under the condition of not knowing a secret key, so that secret communication is realized. Secondly, even if the same instruction is used, after encryption, the generated ciphertext is completely different, and the aim of resisting replay attack is fulfilled. In this patent, the initial value, the key, the first cycle count, the second cycle count, and the command to be encrypted are set according to actual needs, and the range of values is not limited in this patent.
In order to ensure efficient decryption of the system and avoid communication interruption caused by DDOS attack, the method further comprises: the encryption side will t1The secondary resend request is automatically converted to a primary resync request. T here1The value is a preset value and is a positive integer larger than 0.
Specifically, the resynchronization request is: resetting the encryption frequency i to 0, and requesting the encryption party to regenerate R0And the ciphertext is regenerated and transmitted.
Example two:
referring to fig. 1, in order to solve the problem that in the prior art, there is a limited repetition of command cryptograms, and it is very easy for an attacker to steal message data in a channel using a dedicated device to implement a replay attack, from the perspective of a decryption party, in this embodiment, a command decryption method that can resist the replay attack is adopted, and the method includes the following steps:
s03_1, receiving ciphertext I sent by encryptori
S03_2, loading the same key K as the encryption side, and synchronizing the initial value R with the encryption sideiI is the number of times of command encryption, and the initial value RiEach time of synchronization is different;
s03_3, traversing the encryptor instruction, through the key K and the initial value RiGenerating an encryption instruction for the instruction of the encryption party, and jumping to step S03_4 when generating one encryption instruction;
s03_4, encrypting the generated in the step S03_3Instruction I'iAnd ciphertext IiMaking a comparison if the ciphertext IiAnd the encrypted instruction I 'generated in step S03_ 3'iIf the bit error rate is less than or equal to the set value SER, taking the instruction corresponding to the encrypted instruction which is the same as the ciphertext in the step S03_2 as a decrypted instruction, and jumping to the step S03_ 6; if the ciphertext IiAnd all encrypted instruction I 'generated in step S03_ 3'iIf the error rate is greater than the set value SER, jumping to step S03_3 until the encryption side instruction is traversed;
s03_5, making a resending request to the encryption party;
and S03_6, completing decryption.
During decryption, the encryption side synchronizes the initial value with the encryption side, traverses the encryption side instruction, generates the encryption instruction by using the key and the initial value, and calculates the error rate corresponding to the encryption instruction and the ciphertext received from the encryption side one by one, finds the instruction corresponding to the encryption instruction with the error rate smaller than the set value, thereby realizing decryption of the ciphertext. The method is used for decryption, and the decryption party can decrypt the ciphertext corresponding to different received instructions each time under the condition that the cryptographic algorithm is not changed, so that an attacker is difficult to steal the ciphertext in the channel to implement replay attack.
Under normal conditions, the voltage of the signal is changed by the decay of the signal in the transmission process of the communication channel, so that the signal is damaged in the transmission process, and error codes are generated. Noise, impulses caused by alternating current or lightning, transmission equipment failure, and other factors can cause errors (e.g., a 1 for the transmitted signal and a 0 for the received signal; or vice versa) to disrupt communication. To avoid this, the method for calculating the bit error rate in step S03_4 is further as follows:
cipher text IiAnd encrypt instruction I'iEach digit of (a) is decomposed into separate numbers;
obtaining ciphertext IiAnd encrypted instruction I'iThe bit value a of the one with the larger median;
cipher text IiAnd encrypted instruction I'iThe values of the corresponding digits after decomposition are respectively compared one by one to obtain comparisonThe number of bits B for which the results are different;
and (4) calculating the error rate P, wherein P is B/A.
The method and the device have the advantages that the encryption command can still be normally decrypted under the condition of the set error rate, and the communication interruption caused by too high interference noise or too high error rate due to weak signals is avoided. The solution thus enhances the stability of the system.
In the present embodiment, the same encryption algorithm as that of the encryption party is used, in order to improve the encryption efficiency and reduce the calculation amount, so that the present invention can be applied to a place where the data amount is small but the real-time requirement is high, preferably, the method for generating the encryption instruction in step S03_3 includes the following steps:
s03_3_0, instruction I 'is encrypted when I ═ 0'iInitial value R sent for encryption method0Else set encrypt instruction I'iIs the encrypted instruction I 'after the last successful decryption'i-1
S03_3_1, determination instruction StepiIf Step is taken as the value ofi>0, executing the step S03_3_2, otherwise, jumping to the step S03_3_ 9;
S03_3_2、Stepi=Stepi-1, Step to the right of the equal signiStep for the last execution of this StepiThe value of (a).
S03_3_3, setting the second cycle number G2
S03_3_4, judgment G2If G is a value2>0, executing the step S02_5, otherwise, jumping to the step S02_ 8;
S03_3_5、G2=G2-1, G to the right of the equal sign2For the last time this step was performed G2Taking the value of (A);
s03_3_6, if I'iCan not be covered by f2Removing, then I'i=I′i*r2+ K, wherein I 'to the right of the equal sign'iIs encrypted instruction I 'at the last execution of this step'iValue of r2Is a second encryption parameter, K is a secret key, f2Is a is and r2K is a prime integer;
if l'iCan be f2Removing, then I'i=I′i/f2Wherein l 'to the right of the equal sign'iIs I 'of the last time this step was performed'iTaking values;
s03_3_7, jumping to step S03_3_ 4;
s03_3_8, jumping to step S03_3_ 1;
s03_3_9, finish encrypted instruction I'iAnd (4) generating.
The decryption method has the advantages of high calculation efficiency and good safety, and the proving process is consistent with the encryption method in the first embodiment.
In addition, each time the encryption party generates the initial value through the random number, the encryption party needs to consume large computing resources, so that the communication efficiency is reduced.
In order to prevent the system from being damaged or further attacked and reduce the consumption, in this embodiment, further, in the step S03_5, if the decryption side sends the resynchronization request exceeding t2And then terminates the communication and allows the decryptor to execute the preset instruction. T here2Is a positive integer greater than 0.
Even if the decryption is unsuccessful, the method can also provide a resending request and a resynchronization request to the encryption party, identify DDOS attack and execute a preset instruction, so that the system is not damaged or subjected to further attack, and the consumption is reduced.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, hard disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention has been described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable medium that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable medium produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The foregoing is a more detailed description of the invention in connection with specific preferred embodiments and it is not intended that the invention be limited to these specific details. For those skilled in the art to which the invention pertains, several simple deductions or substitutions can be made without departing from the spirit of the invention, and all shall be considered as belonging to the protection scope of the invention.

Claims (10)

1. An instruction encryption method that is resistant to replay attacks, the method comprising:
synchronizing an initial value R with a decryption partyiI is the number of times of command encryption, and the initial value RiEach time of synchronization is different;
by an initial value RiKey K and instruction StepiJointly generate ciphertext Ii
2. The method for encrypting instructions against replay attack according to claim 1, wherein the initial value R is set to 0 when i ═ 0iThe generation method comprises the following steps:
s01_1, generating a first random number Rand1Let R be0=Rand1Setting a first cycle number G1
S01_2, judgment G1If G is a value1>0, executing the step S01_3, otherwise, jumping to the step S01_ 6;
S01_3、G1=G1-1, G to the right of the equal sign1For the last time this step was performed G1Taking the value of (a);
s01_4, if R0Can not be covered by f1Integer division, then R0=R0*r1+ K, R to the right of the middle symbol0Is R at the last execution of this step0Value of r1Is a first encryption parameter, K is a secret key, f1Is a is and r1K is a prime integer;
if R is0Can be f1Integer division, then R0=R0/f1R on the right side of the equal sign0Is R at the last execution of this step0Taking values;
s01_5, jumping to the step S01_ 2;
s01_6, completing the initial value RiAnd (4) generating.
3. Instruction encryption resistant to replay attacks according to claim 2Method, characterized in that r is1=3。
4. The method for encrypting the instruction capable of resisting the replay attack according to any one of claims 1 to 3, wherein the ciphertext IiThe generation method comprises the following steps:
i when S02 — 0, I ═ 0iIs R0Otherwise, set IiThe ciphertext finally generated for the last encryption;
s02_1, judgment instruction StepiIf Step is taken as the value ofi>0, executing the step S02_2, otherwise, jumping to the step S02_ 9;
S02_2、Stepi=Stepi-1, Step to the right of the equal signiStep for the last execution of this StepiTaking the value of (A);
s02_3, setting the second cycle number G2
S02_4, judgment G2If G is a value2>0, executing the step S02_5, otherwise, jumping to the step S02_ 9;
S02_5、G2=G2-1, G to the right of the equal sign2For the last time this step was performed G2Taking the value of (A);
s02_6, if IiCan not be covered by f2Integer division, then Ii=Ii*r2+ K, I to the right of the middle markiIs the last time I of this step was performediValue of r2Is a second encryption parameter, K is a secret key, f2Is a is and r2K is a prime integer;
if IiCan be f2Integer division, then Ii=Ii/f2I on the right side of the equal signiIs the last time I of this step was performediTaking values;
s02_7, jumping to the step S02_ 4;
s02_8, jumping to step S02_ 1;
s02_9, completing ciphertext IiAnd (4) generating.
5. According to the rightA method for encrypting instructions against replay attacks according to any one of claims 1 to 3, wherein the method further comprises: the encryption side will t1The secondary resend request is automatically converted to a primary resync request.
6. The method for encrypting instructions capable of resisting replay attack according to claim 5, wherein the resynchronization request is: resetting the encryption frequency i to 0, and requesting the encryption party to regenerate R0And the ciphertext is regenerated and transmitted.
7. An instruction decryption method that is resistant to replay attacks, the method comprising the steps of:
s03_1, receiving ciphertext I sent by encryptori
S03_2, loading the same key K as the encryption side, and synchronizing the initial value R with the encryption sideiI is the number of times of command encryption, the initial value RiEach time of synchronization is different;
s03_3, traversing the encryptor instruction, through the key K and the initial value RiGenerating an encryption instruction for the instruction of the encryption party, and jumping to step S03_4 when generating one encryption instruction;
s03_4, encrypted instruction I 'generated in step S03_ 3'iAnd ciphertext IiMaking a comparison if the ciphertext IiAnd step (d)
Encrypted instruction I 'generated in S03_ 3'iComparing the error rate with the set value SER, taking the instruction corresponding to the encrypted instruction which is the same as the ciphertext in the step S03_2 as the decrypted instruction, and skipping to the step
S03_ 6; if the ciphertext IiAnd all encrypted instructions I 'generated in step S03_ 3'iIf the bit error rate is larger than the set value SER, jumping to the step S03_3 until the encryption side instruction is traversed and completed;
s03_5, making a resending request to the encryption party;
and S03_6, completing decryption.
8. The method for decrypting instructions against replay attack according to claim 7, wherein the error rate is calculated in step S03_4 as follows:
cipher text IiAnd encrypted instruction I'iEach digit of (a) is decomposed into separate numbers;
obtaining ciphertext IiAnd encrypted instruction I'iThe bit value a of the one with the larger median;
cipher text IiAnd encrypted instruction I'iRespectively comparing the values of the corresponding digits after decomposition one by one, and solving the digit number B with different comparison results;
and (4) calculating the error rate P, wherein P is B/A.
9. The method for decrypting the instructions against replay attack according to claim 7, wherein the method for generating the encrypted instructions in step S03_3 comprises the steps of:
s03_3_0, instruction I 'is encrypted when I ═ 0'iInitial value R sent for encryption method0Else set encrypt instruction I'iIs the encrypted instruction I 'after the last successful decryption'i-1
S03_3_1, judgment instruction StepiIf Step is taken as the value ofi>0, executing the step S03_3_2, otherwise, jumping to the step S03_3_ 9;
S03_3_2、Stepi=Stepi-1, Step to the right of the equal signiStep for the last execution of this StepiThe value of (a).
S03_3_3, setting the second cycle number G2
S03_3_4, judgment G2If G is a value2>0, executing the step S02_5, otherwise, jumping to the step S02_ 8;
S03_3_5、G2=G2-1, G to the right of the equal sign2For the last time this step was performed G2Taking the value of (A);
s03_3_6, if I'iCan not be covered by f2Removing, then I'i=I′i*r2+ K, wherein I 'to the right of the equal sign'iIs encrypted instruction I 'at the last execution of this step'iValue of r2Is a second encryption parameter, K is a secret key, f2Is a is and r2K is a prime integer;
if l'iCan be f2Removing, then I'i=I′i/f2Wherein l 'on the right side of equal sign'iIs I 'of the last time this step was performed'iTaking values;
s03_3_7, jumping to step S03_3_ 4;
s03_3_8, jumping to step S03_3_ 1;
s03_3_9, finish encrypted instruction I'iAnd (4) generating.
10. The method for decrypting the instructions against the replay attack according to claim 7, wherein in the step S03_5, if the decryption side issues the resend request exceeding t2The communication is terminated and the decrypter is allowed to execute the preset instructions.
CN202210142930.5A 2022-02-16 2022-02-16 Instruction encryption and decryption method capable of resisting replay attack Active CN114465804B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210142930.5A CN114465804B (en) 2022-02-16 2022-02-16 Instruction encryption and decryption method capable of resisting replay attack

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210142930.5A CN114465804B (en) 2022-02-16 2022-02-16 Instruction encryption and decryption method capable of resisting replay attack

Publications (2)

Publication Number Publication Date
CN114465804A true CN114465804A (en) 2022-05-10
CN114465804B CN114465804B (en) 2024-03-26

Family

ID=81413235

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210142930.5A Active CN114465804B (en) 2022-02-16 2022-02-16 Instruction encryption and decryption method capable of resisting replay attack

Country Status (1)

Country Link
CN (1) CN114465804B (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102437912A (en) * 2012-01-06 2012-05-02 厦门博鼎智文传媒科技有限公司 Digital rights management method based on N RSA (Rivest Shamir Adleman) encryption algorithms based on chaotic algorithm
CN102983964A (en) * 2012-12-28 2013-03-20 大唐微电子技术有限公司 method and device for improving digital encryption standard resisting differential power analysis
CN103607276A (en) * 2013-12-05 2014-02-26 桂林电子科技大学 Grouping encryption method based on random functions and resisting to known plaintext cipher attacks
CN106778251A (en) * 2015-11-20 2017-05-31 北京计算机技术及应用研究所 Prevent the password authentication method of Replay Attack
CN109510703A (en) * 2018-11-23 2019-03-22 北京海泰方圆科技股份有限公司 A kind of data encryption/decryption method and device
CN110536294A (en) * 2019-08-07 2019-12-03 山东大学 A kind of method that inverse attack obtains GMR-2 encryption satellite communication key
CN111586000A (en) * 2020-04-28 2020-08-25 北京物资学院 Full-proxy homomorphic re-encryption transmission system and operation mechanism thereof
CN111835509A (en) * 2020-05-20 2020-10-27 成都盛拓源科技有限公司 Anti-loss one-way encryption method and device based on hash function and password

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102437912A (en) * 2012-01-06 2012-05-02 厦门博鼎智文传媒科技有限公司 Digital rights management method based on N RSA (Rivest Shamir Adleman) encryption algorithms based on chaotic algorithm
CN102983964A (en) * 2012-12-28 2013-03-20 大唐微电子技术有限公司 method and device for improving digital encryption standard resisting differential power analysis
CN103607276A (en) * 2013-12-05 2014-02-26 桂林电子科技大学 Grouping encryption method based on random functions and resisting to known plaintext cipher attacks
CN106778251A (en) * 2015-11-20 2017-05-31 北京计算机技术及应用研究所 Prevent the password authentication method of Replay Attack
CN109510703A (en) * 2018-11-23 2019-03-22 北京海泰方圆科技股份有限公司 A kind of data encryption/decryption method and device
CN110536294A (en) * 2019-08-07 2019-12-03 山东大学 A kind of method that inverse attack obtains GMR-2 encryption satellite communication key
CN111586000A (en) * 2020-04-28 2020-08-25 北京物资学院 Full-proxy homomorphic re-encryption transmission system and operation mechanism thereof
CN111835509A (en) * 2020-05-20 2020-10-27 成都盛拓源科技有限公司 Anti-loss one-way encryption method and device based on hash function and password

Also Published As

Publication number Publication date
CN114465804B (en) 2024-03-26

Similar Documents

Publication Publication Date Title
US10104048B2 (en) Method and system for secure key generation over an insecure shared communication medium
US5708714A (en) Method for sharing secret information and performing certification in a communication system that has a plurality of information processing apparatuses
US8670563B2 (en) System and method for designing secure client-server communication protocols based on certificateless public key infrastructure
US7457411B2 (en) Information security via dynamic encryption with hash function
US7860254B2 (en) Computer system security via dynamic encryption
CN113259329B (en) Method and device for data careless transmission, electronic equipment and storage medium
US8543820B2 (en) Tag generation apparatus, tag verification apparatus, communication system, tag generation method, tag verification method, and recording medium
CA2747891C (en) Method for generating an encryption/decryption key
CN112165443B (en) Multi-key information encryption and decryption method, device and storage medium
Koko et al. Comparison of Various Encryption Algorithms and Techniques for improving secured data Communication
US7376232B2 (en) Computer system security via dynamic encryption
US20160148002A1 (en) Key storage apparatus, key storage method and program therefor
CN111131311A (en) Data transmission method based on block chain and block chain link point
CN115865313A (en) Lightweight privacy protection longitudinal federal learning model parameter aggregation method
CN114465804B (en) Instruction encryption and decryption method capable of resisting replay attack
CN112149166B (en) Unconventional password protection method and intelligent bank machine
CN111131158A (en) Single byte symmetric encryption and decryption method, device and readable medium
CN114422114B (en) Time-controlled encryption method and system based on multi-time server
WO2018011825A1 (en) Encryption and decryption of messages
Mitchell A storage complexity based analogue of Maurer key establishment using public channels
CN117615471A (en) FPGA-based wireless communication data security transmission system and method
Das et al. To Achieve Higher Security in Automatic Variable Key Technique towards Optimum Data Transfer with Noise Burst in Cryptosystem
CN117714207A (en) Encryption method for intelligent control system of power transformation and distribution
CN117394985A (en) Communication method, system, equipment and medium for encrypting electric power information
Huang et al. Mutual authentication with dynamic keys in an IEEE802. 16e PKM environment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant