CN115987489B - Lightweight encryption and decryption method and device and storage medium - Google Patents

Lightweight encryption and decryption method and device and storage medium Download PDF

Info

Publication number
CN115987489B
CN115987489B CN202211702349.0A CN202211702349A CN115987489B CN 115987489 B CN115987489 B CN 115987489B CN 202211702349 A CN202211702349 A CN 202211702349A CN 115987489 B CN115987489 B CN 115987489B
Authority
CN
China
Prior art keywords
branch
encryption
exclusive
ciphertext
memory
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202211702349.0A
Other languages
Chinese (zh)
Other versions
CN115987489A (en
Inventor
杨亚涛
董辉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
BEIJING ELECTRONIC SCIENCE AND TECHNOLOGY INSTITUTE
Original Assignee
BEIJING ELECTRONIC SCIENCE AND TECHNOLOGY INSTITUTE
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by BEIJING ELECTRONIC SCIENCE AND TECHNOLOGY INSTITUTE filed Critical BEIJING ELECTRONIC SCIENCE AND TECHNOLOGY INSTITUTE
Priority to CN202211702349.0A priority Critical patent/CN115987489B/en
Publication of CN115987489A publication Critical patent/CN115987489A/en
Application granted granted Critical
Publication of CN115987489B publication Critical patent/CN115987489B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Abstract

The embodiment of the specification provides a lightweight encryption and decryption method, a lightweight encryption and decryption device and a storage medium, wherein the method comprises the following steps: dividing the plaintext to be encrypted into four branches from low order to high order averagely; according to a preset encryption round number and an asymmetric Fei Situo structure, encryption is performed for each branch based on one or more operation rules of modulo addition, cyclic shift and exclusive or. The technical scheme provided by the application is used for solving the problem that the efficiency, space and safety of a password algorithm cannot be considered in the existing method.

Description

Lightweight encryption and decryption method and device and storage medium
Technical Field
The present document relates to the field of information security technologies, and in particular, to a lightweight encryption and decryption method, device, and storage medium.
Background
With the development of block cipher algorithms in recent years, more and more software and hardware devices select the type of algorithm to ensure the security of data. In the design process of the cryptographic algorithm, efficiency, space and security are taken as three indexes which are considered to be important.
However, conventional block cipher algorithms typically focus on one of the above-mentioned properties. For example, S-boxes are used to achieve sufficient confusion and diffusion of data, but take up a large space. The encryption text is light based on the improvement of the improved algorithm, but the iteration round number is only 12, and the encryption text is easy to attack by an analysis method aiming at the differential attack of the block cipher.
Disclosure of Invention
In view of the above analysis, the present application aims to provide a lightweight encryption and decryption method, device and storage medium, which can consider the efficiency, space and security of a cryptographic algorithm and adjust the cryptographic algorithm according to actual requirements.
In a first aspect, one or more embodiments of the present disclosure provide a lightweight encryption method, including:
dividing the plaintext to be encrypted into four branches from low order to high order averagely;
according to a preset encryption round number and an asymmetric Fei Situo structure, encryption is performed for each branch based on one or more operation rules of modulo addition, cyclic shift and exclusive or.
Further, each of the branches corresponds to a memory;
the encryption for each branch according to the asymmetric Fei Situo structure comprises:
for each encryption, the corresponding memory does not store ciphertext of the corresponding branch separately;
after the first encryption is completed, exchanging ciphertext in each memory before each encryption;
after the first encryption is completed, encrypting the current ciphertext in each memory at each encryption time.
Further, the exchanging ciphertext in each memory specifically includes:
the four branches are a first branch, a second branch, a third branch and a fourth branch;
moving the ciphertext of the first branch to a memory corresponding to a fourth branch;
moving the ciphertext of the second branch to a memory corresponding to the first branch;
moving the ciphertext of the third branch to a memory corresponding to the second branch;
and moving the ciphertext of the fourth branch to a memory corresponding to the third branch.
Further, the four branches are a first branch, a second branch, a third branch and a fourth branch;
the encrypting for each branch based on one or more operation rules of modulo addition, cyclic shift and exclusive or comprises:
encrypting the first branch and the fourth branch according to the operation sequence of cyclic shift, modulo addition, exclusive or and F function; the F function consists of a cyclic shift and an exclusive OR operation rule;
exclusive-or operations are performed for the second branch and the third branch.
Further, for the first round of encryption, before said encrypting each of said branches in the order of operation of modulo addition, cyclic shift, exclusive or, and F functions, the method further comprises:
obtaining a whitening key according to a preset master key;
exclusive-or operation is carried out on the whitening key and the first branch and the fourth branch respectively.
Further, after the last round of encryption is completed, the method further comprises:
obtaining a whitening key according to a preset master key;
exclusive-or operation is carried out on the whitening key and the second branch and the third branch respectively.
Further, the preset encryption round number is 16-48.
In a second aspect, one or more embodiments of the present disclosure provide a lightweight decryption method based on the encryption method described in the first aspect, including:
dividing ciphertext to be decrypted into four branches according to a dividing mode of plaintext to be encrypted;
according to a preset encryption round number and an asymmetric Fei Situo structure, decryption is performed for each branch based on one or more operation rules of modulo reduction, cyclic shift and exclusive or.
In a third aspect, one or more embodiments of the present specification provide a lightweight encryption device, comprising: a segmentation module and an encryption module;
the segmentation module is used for averagely segmenting the plaintext to be encrypted into four branches from low order to high order;
the encryption module is used for encrypting each branch based on one or more operation rules of modulo addition, cyclic shift and exclusive OR according to a preset encryption round number and an asymmetric Fei Situo structure.
Further, each of the branches corresponds to a memory;
the encryption module is used for encrypting each time, and the corresponding memories are not used for storing ciphertext of the corresponding branches respectively; after the first encryption is completed, exchanging ciphertext in each memory before each encryption; after the first encryption is completed, encrypting the current ciphertext in each memory at each encryption time.
In a fourth aspect, one or more embodiments of the present specification provide a storage medium comprising:
for storing computer executable instructions which, when executed, implement the methods of the first and second aspects.
Compared with the prior art, the application can at least realize the following technical effects:
the application encrypts based on modulo addition, cyclic shift and exclusive OR operation rules to replace an S box in the prior art so as to reduce the occupied space of encryption. On the basis of modulo addition, cyclic shift and exclusive or operation rules, an asymmetric Fei Situo structure is combined to improve password security. Based on the asymmetric Fei Situo structure, the encryption algorithm can select the number of encryption rounds according to actual conditions based on modulo addition, cyclic shift and exclusive OR operation rules, so that the encryption efficiency is improved, and the space occupied by running the encryption algorithm can be reasonably controlled.
Drawings
For a clearer description of one or more embodiments of the present description or of the solutions of the prior art, the drawings that are necessary for the description of the embodiments or of the prior art will be briefly described, it being apparent that the drawings in the description that follow are only some of the embodiments described in the description, from which, for a person skilled in the art, other drawings can be obtained without inventive faculty.
FIG. 1 is a flow diagram of a lightweight encryption and decryption method provided by one or more embodiments of the present disclosure;
FIG. 2 is a schematic diagram of a round of encryption provided in one or more embodiments of the present disclosure;
fig. 3 is a schematic diagram of 48 rounds of encryption provided in one or more embodiments of the present disclosure.
Detailed Description
In order to enable a person skilled in the art to better understand the technical solutions in one or more embodiments of the present specification, the technical solutions in one or more embodiments of the present specification will be clearly and completely described below with reference to the drawings in one or more embodiments of the present specification, and it is obvious that the described embodiments are only some embodiments of the present specification, not all embodiments. All other embodiments, which can be made by one or more embodiments of the present disclosure without inventive faculty, are intended to be within the scope of the present disclosure.
For ease of description, the following definitions are made:
the application can encrypt the plaintext in a plurality of rounds, each round of encryption comprises: one encryption and one ciphertext exchange. Each round of encryption is to encrypt first and then to exchange cipher text.
Based on the definition, aiming at the problems in the prior art, the embodiment of the application provides a lightweight encryption and decryption method, which comprises the following steps:
and step 1, averagely dividing the plaintext to be encrypted into four branches from low order to high order.
In the embodiment of the application, the plaintext to be encrypted can be divided into two branches, four branches, eight branches and sixteen branches, and the plaintext to be encrypted is divided into four branches according to the average from low order to high order in consideration of the space, efficiency and security attribute of encryption, specifically: a first branch, a second branch, a third branch and a fourth branch. It is obvious that the four branches are essentially different in terms of digits and cannot be replaced with each other.
And 2, encrypting each branch based on one or more operation rules of modulo addition, cyclic shift and exclusive OR according to a preset encryption round number and an asymmetric Fei Situo structure.
In the embodiment of the application, according to the asymmetric Fei Situo structure, encryption is performed for each branch, which means that ciphertext exchange is performed for each round of encryption. Specifically, for each encryption, the corresponding memory does not store ciphertext of the corresponding branch separately. After the first round of encryption is completed, ciphertext in each memory is exchanged before each encryption. After the first round of encryption is completed, encrypting the current ciphertext in each memory at each encryption time.
As shown in FIG. 2, a specific process of encryption is shown, where each branch is first encrypted based on modulo addition, cyclic shift and exclusive OR, where X 0 i Encrypting the first branch in the ith round to obtain ciphertext X 1 i Obtaining ciphertext for the second branch at the ith round, X 2 i Obtaining ciphertext for the third branch at the ith round, X 3 i Ciphertext is obtained for the fourth branch at the ith round. For X 0 i 、X 1 i 、X 2 i 、X 3 i After encryption, ciphertext X is obtained 0 i+1 、X 1 i+1 、X 2 i+1 、X 3 i+1 。<<<Is a circular displacement operator, is an exclusive or operator,representation of die 2 16 Adding F 0 And F 1 Representing the F function.
During ciphertext exchange, X is taken as 0 i+1 Moving to a memory corresponding to the fourth branch; x is to be 1 i+1 Moving to a memory corresponding to the first branch; x is to be 2 i+1 Moving to a memory corresponding to the second branch; x is to be 3 i+1 And moving to a memory corresponding to the third branch.
Therefore, based on the asymmetric Fei Situo structure, the confusion and diffusion of the ciphertext can be effectively realized, and a foundation is laid for selecting the encryption round number according to actual conditions.
In the embodiment of the application, two encryption rules are provided, the first is used for encrypting the first branch and the fourth branch, and the second is used for encrypting the second branch and the third branch.
Specifically, the first branch and the fourth branch are encrypted according to the operation sequence of cyclic shift, modulo addition, exclusive or and F function; the F function consists of cyclic shift and exclusive-or operation rules.
The F function is specifically: f (F) 0 (x)=(x<<<2)⊕(x<<<7)⊕(x<<<9) Or F 1 (x)=(x<<<5)⊕(x<<<11)⊕(x<<<14)。
Wherein < < < is a circular displacement operator, and the # -is an exclusive or operator.
Exclusive or is performed on the second branch and the third branch.
The encryption process of each time is as follows: the first branch cyclic shift has a digit of 4 and the fourth branch cyclic shift has a digit of 13. The first branch is then modulo-2 with the exclusive-or operated second branch 16 The fourth branch and the third branch subjected to exclusive OR operation are subjected to modulo-2 operation 16 And (5) adding operation. After finishing the film addition, the first branch is exclusive-ored with F 0 Exclusive-or operation is carried out on the second branch after operation, and exclusive-or operation is carried out on the fourth branch and the fourth branch 1 And performing exclusive OR operation on the third branch after the operation.
It should be noted that the exclusive or is the main operation of the first branch and the fourth branch, and the F function directly acts on the second branch and the third branch, so in order to prioritize the F function and the exclusive or, the order of the F functions is arranged after the exclusive or.
Second encryption rule: the application introduces a round key sk i Each round of encryption requires two round keys, which are exclusive-ored with the second branch and the third branch, respectively.
The round key obtaining method comprises the following steps: the master key is first set. Then dividing the master key into a plurality of parts according to the number from low to high according to the preset encryption round number, and splicing the parts into round keys of corresponding rounds according to the number sequence and the encryption round number.
In order to improve the security process of the encryption algorithm, the application introduces a whitening key rk i . As shown in fig. 3, a complete encryption process is shown for a complete 48-round encryption. In the first round of encryption, the whitening key is firstly utilized to respectively carry out exclusive-or operation with the first branch and the fourth branch, and then the subsequent encryption is carried out. And after the last round of encryption is finished, performing exclusive OR operation with the second branch and the third branch respectively by using the whitening key. Since the encryption method is not performed in a new round, exclusive-or operation with the whitening key and the second branch and the third branch, respectively, should be regarded as a part of the last round, not the new round.
The whitening key is obtained by presetting a master key, and a specific process can be seen in a method for obtaining a round key by using the master key.
In the embodiment of the application, based on the encryption method and the asymmetric Fei Situo structure, a user can select encryption rounds according to actual scenes. Generally, the encryption round of the present application may be selected from the range of 16-48 rounds. Specifically, the low round number can be used for the scenes with limited software and hardware resources such as radio frequency cards, single chip computers and the like, and the high round number can be used for the scenes with higher security requirements such as mobile terminal encryption, wireless sensor networks and the like. The application is described by way of example with the highest number of 48 rounds, and is not limited to the specific number of applicable rounds of the algorithm under different scenes.
In the embodiment of the application, after encryption is finished, ciphertext corresponding to the first branch, the second branch, the third branch and the fourth branch is spliced according to the order of the digits from low to high to obtain a complete ciphertext. After receiving the complete ciphertext, the receiver divides the complete ciphertext again according to a preset splicing identifier to obtain a first branch, a second branch, a third branch and a fourth branch. Thereafter, decryption is performed for the first branch, the second branch, the third branch, and the fourth branch.
Based on the encryption method, the embodiment of the application provides a lightweight decryption method, which comprises the following steps:
and step 1, dividing the ciphertext to be decrypted into four branches according to the dividing mode of the plaintext to be encrypted.
And 2, decrypting each branch based on one or more operation rules of modulo reduction, cyclic shift and exclusive OR according to a preset encryption round number and an asymmetric Fei Situo structure.
Specifically, during decryption, each round of decryption includes one decryption and one decryption data exchange. Each round of decryption is to decrypt first and then to exchange decrypted data.
Decryption first generates a whitening key and a round key using a master key.
In the decryption process, the use sequence of round keys is the reverse sequence of the encryption process, namely, the round key used in the first round of decryption is the round key used in the last round of encryption, and the round key used in the second round of decryption is the round key used in the second round of encryption. With such a push, each round of decryption selects a corresponding round key. In addition, the number of decryption rounds is the same as the number of encryption rounds, and the master key, the whitening key, and the round key used for decryption are the same as the encryption process.
For each decryption, the first branch and the second branch are exclusive-ored with the round key. The third branch and the fourth branch decrypt according to F function, exclusive OR, modulo reduction and cyclic shift. Wherein the shift number of the cyclic shift is the same as the encryption, but the shift direction is opposite. The modulo-subtracted value is the same as the modulo-added value at encryption, and the decrypted F-function is the same as the encrypted F-function. The first branch is exclusive-ored with the fourth branch through the operation result of the F function, and the second branch is exclusive-ored with the third branch through the operation result of the F function.
For each decrypted data exchange, the decrypted data of the first branch is moved to a memory corresponding to the second branch, the decrypted data of the second branch is moved to a memory corresponding to the third branch, the decrypted data of the third branch is moved to a memory corresponding to the fourth branch, and the decrypted data of the fourth branch is moved to a memory corresponding to the first branch.
Finally, the whitening key is still introduced during decryption, and the whitening key and the second branch and the third branch are subjected to exclusive OR operation before decryption during the first round of decryption. In the last round of decryption, the whitening key is exclusive-ored with the third branch and the fourth branch respectively before the decrypted data exchange.
The embodiment of the application provides a lightweight encryption device, which comprises: a segmentation module and an encryption module;
the segmentation module is used for averagely segmenting the plaintext to be encrypted into four branches from low order to high order;
the encryption module is used for encrypting each branch based on one or more operation rules of modulo addition, cyclic shift and exclusive OR according to a preset encryption round number and an asymmetric Fei Situo structure.
In the embodiment of the application, each branch corresponds to one memory;
the encryption module is used for encrypting each time, and the corresponding memories are not used for storing ciphertext of the corresponding branches respectively; after the first encryption is completed, exchanging ciphertext in each memory before each encryption; after the first encryption is completed, encrypting the current ciphertext in each memory at each encryption time.
An embodiment of the present application provides a storage medium including:
for storing computer executable instructions that, when executed, implement the methods described in the above embodiments.
The foregoing describes specific embodiments of the present disclosure. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims can be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing are also possible or may be advantageous.
In the 30 s of the 20 th century, improvements to one technology could clearly be distinguished as improvements in hardware (e.g., improvements to circuit structures such as diodes, transistors, switches, etc.) or software (improvements to the process flow). However, with the development of technology, many improvements of the current method flows can be regarded as direct improvements of hardware circuit structures. Designers almost always obtain corresponding hardware circuit structures by programming improved method flows into hardware circuits. Therefore, an improvement of a method flow cannot be said to be realized by a hardware entity module. For example, a programmable logic device (Programmable Logic Device, PLD) (e.g., field programmable gate array (Field Programmable Gate Array, FPGA)) is an integrated circuit whose logic function is determined by the programming of the device by a user. A designer programs to "integrate" a digital system onto a PLD without requiring the chip manufacturer to design and fabricate application-specific integrated circuit chips. Moreover, nowadays, instead of manually manufacturing integrated circuit chips, such programming is mostly implemented by using "logic compiler" software, which is similar to the software compiler used in program development and writing, and the original code before the compiling is also written in a specific programming language, which is called hardware description language (Hardware Description Language, HDL), but not just one of the hdds, but a plurality of kinds, such as ABEL (Advanced Boolean Expression Language), AHDL (Altera Hardware Description Language), confluence, CUPL (Cornell University Programming Language), HDCal, JHDL (Java Hardware Description Language), lava, lola, myHDL, PALASM, RHDL (Ruby Hardware Description Language), etc., VHDL (Very-High-Speed Integrated Circuit Hardware Description Language) and Verilog are currently most commonly used. It will also be apparent to those skilled in the art that a hardware circuit implementing the logic method flow can be readily obtained by merely slightly programming the method flow into an integrated circuit using several of the hardware description languages described above.
The controller may be implemented in any suitable manner, for example, the controller may take the form of, for example, a microprocessor or processor and a computer readable medium storing computer readable program code (e.g., software or firmware) executable by the (micro) processor, logic gates, switches, application specific integrated circuits (Application Specific Integrated Circuit, ASIC), programmable logic controllers, and embedded microcontrollers, examples of which include, but are not limited to, the following microcontrollers: ARC 625D, atmel AT91SAM, microchip PIC18F26K20, and Silicone Labs C8051F320, the memory controller may also be implemented as part of the control logic of the memory. Those skilled in the art will also appreciate that, in addition to implementing the controller in a pure computer readable program code, it is well possible to implement the same functionality by logically programming the method steps such that the controller is in the form of logic gates, switches, application specific integrated circuits, programmable logic controllers, embedded microcontrollers, etc. Such a controller may thus be regarded as a kind of hardware component, and means for performing various functions included therein may also be regarded as structures within the hardware component. Or even means for achieving the various functions may be regarded as either software modules implementing the methods or structures within hardware components.
The system, apparatus, module or unit set forth in the above embodiments may be implemented in particular by a computer chip or entity, or by a product having a certain function. One typical implementation is a computer. In particular, the computer may be, for example, a personal computer, a laptop computer, a cellular telephone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or a combination of any of these devices.
For convenience of description, the above devices are described as being functionally divided into various units, respectively. Of course, the functions of each unit may be implemented in the same piece or pieces of software and/or hardware when implementing the embodiments of the present specification.
One skilled in the relevant art will recognize that one or more embodiments of the present description may be provided as a method, system, or computer program product. Accordingly, one or more embodiments of the present description may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present description can take the form of a computer program product on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.
The present description is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the specification. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In one typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include volatile memory in a computer-readable medium, random Access Memory (RAM) and/or nonvolatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of computer-readable media.
Computer readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device. Computer-readable media, as defined herein, does not include transitory computer-readable media (transmission media), such as modulated data signals and carrier waves.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article or apparatus that comprises the element.
One or more embodiments of the present specification may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. One or more embodiments of the specification may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.
In this specification, each embodiment is described in a progressive manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments. In particular, for system embodiments, since they are substantially similar to method embodiments, the description is relatively simple, as relevant to see a section of the description of method embodiments.
The foregoing description is by way of example only and is not intended to limit the present disclosure. Various modifications and changes may occur to those skilled in the art. Any modifications, equivalent substitutions, improvements, etc. that fall within the spirit and principles of the present document are intended to be included within the scope of the claims of the present document.

Claims (6)

1. A lightweight encryption method, comprising:
dividing a plaintext to be encrypted into four branches from low order to high order averagely, wherein the four branches are a first branch, a second branch, a third branch and a fourth branch, and each branch corresponds to a memory;
in the first round of encryption, firstly, performing exclusive-or operation with a first branch and a fourth branch respectively by using a whitening key, and then performing subsequent encryption;
in the subsequent encryption, each branch is encrypted based on one or more operation rules of modulo addition, cyclic shift and exclusive OR according to the preset encryption round number and an asymmetric Fei Situo structure;
for each encryption, the corresponding memory stores ciphertext of the corresponding branch respectively;
after the first encryption is completed, exchanging ciphertext in each memory before each encryption;
after the first encryption is finished, encrypting the first branch and the fourth branch according to the operation sequence of cyclic shift, modulo addition, exclusive OR and F function in each encryption; the F function consists of a cyclic shift operation rule and an exclusive OR operation rule; exclusive-or operation is carried out on the second branch and the third branch;
the exchanging ciphertext in each memory specifically comprises:
moving the ciphertext of the first branch to a memory corresponding to a fourth branch;
moving the ciphertext of the second branch to a memory corresponding to the first branch;
moving the ciphertext of the third branch to a memory corresponding to the second branch;
and moving the ciphertext of the fourth branch to a memory corresponding to the third branch.
2. The method of claim 1, wherein the step of determining the position of the substrate comprises,
for a first round of encryption, before said encrypting each of said branches in the order of operation of the cyclic shift, modulo addition, exclusive or and F function, said method further comprises:
obtaining a whitening key according to a preset master key;
exclusive-or operation is carried out on the whitening key and the first branch and the fourth branch respectively.
3. The method of claim 1, wherein the step of determining the position of the substrate comprises,
after the last round of encryption is completed, the method further comprises:
obtaining a whitening key according to a preset master key;
exclusive-or operation is carried out on the whitening key and the second branch and the third branch respectively.
4. A lightweight decryption method based on the encryption method of any one of claims 1-3, comprising:
dividing ciphertext to be decrypted into four branches according to a dividing mode of plaintext to be encrypted, wherein the four branches are a first branch, a second branch, a third branch and a fourth branch, and each branch corresponds to a memory;
decrypting each branch based on one or more operation rules of modulo reduction, cyclic shift and exclusive or according to a preset encryption round number and an asymmetric Fei Situo structure;
in the first decryption, performing exclusive OR operation on the whitening key, the second branch and the third branch before decryption;
for each decryption, the corresponding memory stores ciphertext of the corresponding branch respectively;
after the first decryption is finished, the third branch and the fourth branch decrypt according to F function, exclusive OR, modulo reduction and cyclic displacement when each decryption is performed; exclusive-or operation is carried out on the first branch and the fourth branch;
the exchanging ciphertext in each memory specifically comprises:
the decrypted data of the first branch is moved to the memory corresponding to the second branch, the decrypted data of the second branch is moved to the memory corresponding to the third branch, the decrypted data of the third branch is moved to the memory corresponding to the fourth branch, and the decrypted data of the fourth branch is moved to the memory corresponding to the first branch.
5. A lightweight encryption device, comprising: a segmentation module and an encryption module;
the dividing module is used for averagely dividing the plaintext to be encrypted into four branches from low order to high order, wherein the four branches are a first branch, a second branch, a third branch and a fourth branch, and each branch corresponds to one memory;
in the first round of encryption, firstly, performing exclusive-or operation with a first branch and a fourth branch respectively by using a whitening key, and then performing subsequent encryption;
during subsequent encryption, the encryption module is used for encrypting each branch based on one or more operation rules of modulo addition, cyclic shift and exclusive or according to a preset encryption round number and an asymmetric Fei Situo structure;
for each encryption, the corresponding memory stores ciphertext of the corresponding branch respectively;
after the first encryption is completed, exchanging ciphertext in each memory before each encryption;
after the first encryption is finished, encrypting the first branch and the fourth branch according to the operation sequence of cyclic shift, modulo addition, exclusive OR and F function in each encryption; the F function consists of a cyclic shift operation rule and an exclusive OR operation rule; exclusive-or operation is carried out on the second branch and the third branch;
the encryption module is specifically used for:
moving the ciphertext of the first branch to a memory corresponding to a fourth branch;
moving the ciphertext of the second branch to a memory corresponding to the first branch;
moving the ciphertext of the third branch to a memory corresponding to the second branch;
and moving the ciphertext of the fourth branch to a memory corresponding to the third branch.
6. A storage medium, comprising:
for storing computer-executable instructions which, when executed, implement the method of any of claims 1-4.
CN202211702349.0A 2022-12-28 2022-12-28 Lightweight encryption and decryption method and device and storage medium Active CN115987489B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211702349.0A CN115987489B (en) 2022-12-28 2022-12-28 Lightweight encryption and decryption method and device and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211702349.0A CN115987489B (en) 2022-12-28 2022-12-28 Lightweight encryption and decryption method and device and storage medium

Publications (2)

Publication Number Publication Date
CN115987489A CN115987489A (en) 2023-04-18
CN115987489B true CN115987489B (en) 2023-10-20

Family

ID=85966285

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211702349.0A Active CN115987489B (en) 2022-12-28 2022-12-28 Lightweight encryption and decryption method and device and storage medium

Country Status (1)

Country Link
CN (1) CN115987489B (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107181584A (en) * 2016-03-09 2017-09-19 郑珂威 Asymmetric complete homomorphic cryptography and its replacement of keys and ciphertext complete a business transaction method
KR20190020988A (en) * 2017-08-22 2019-03-05 국민대학교산학협력단 Computer-executable lightweight white-box cryptographic method and apparatus thereof
WO2020008446A2 (en) * 2019-09-25 2020-01-09 Symbiosis International (Deemed University) A system and method for encryption and decryption of text
CN112202547A (en) * 2020-11-11 2021-01-08 衡阳师范学院 Lightweight block cipher GFCS (generic fragment signature Circuit) implementation method and device and readable storage medium
CN113645615A (en) * 2021-08-12 2021-11-12 衡阳师范学院 Lightweight block cipher encryption and decryption method
CN114499826A (en) * 2022-02-25 2022-05-13 江苏大学 Method for realizing flexible serialized lightweight block cipher
CN114826560A (en) * 2022-05-07 2022-07-29 衡阳师范学院 Method and system for realizing lightweight block cipher CREF
CN115314187A (en) * 2022-10-08 2022-11-08 湖南密码工程研究中心有限公司 Method and device for realizing lightweight block cipher algorithm RainSP and electronic equipment

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107181584A (en) * 2016-03-09 2017-09-19 郑珂威 Asymmetric complete homomorphic cryptography and its replacement of keys and ciphertext complete a business transaction method
KR20190020988A (en) * 2017-08-22 2019-03-05 국민대학교산학협력단 Computer-executable lightweight white-box cryptographic method and apparatus thereof
WO2020008446A2 (en) * 2019-09-25 2020-01-09 Symbiosis International (Deemed University) A system and method for encryption and decryption of text
CN112202547A (en) * 2020-11-11 2021-01-08 衡阳师范学院 Lightweight block cipher GFCS (generic fragment signature Circuit) implementation method and device and readable storage medium
CN113645615A (en) * 2021-08-12 2021-11-12 衡阳师范学院 Lightweight block cipher encryption and decryption method
CN114499826A (en) * 2022-02-25 2022-05-13 江苏大学 Method for realizing flexible serialized lightweight block cipher
CN114826560A (en) * 2022-05-07 2022-07-29 衡阳师范学院 Method and system for realizing lightweight block cipher CREF
CN115314187A (en) * 2022-10-08 2022-11-08 湖南密码工程研究中心有限公司 Method and device for realizing lightweight block cipher algorithm RainSP and electronic equipment

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
Ballet:一个软件实现友好的分组密码算法;崔婷婷;王美琴;樊燕红;胡凯;付勇;黄鲁宁;;密码学报(06);全文 *
Gaurav Bansod ; Abhijit Patil ; Swapnil Sutar ; N. Pisharoty.An Ultra Lightweight Encryption Design for Security in Pervasive Computing.2016 IEEE 2nd International Conference on Big Data Security on Cloud (BigDataSecurity), IEEE International Conference on High Performance and Smart Computing (HPSC), and IEEE International Conference on Intelligent Data and Security (IDS).2016,全文. *
改进的广义Feistel结构轻量级分组密码算法;张晓枫,刘永桂;控制理论与应用;全文 *

Also Published As

Publication number Publication date
CN115987489A (en) 2023-04-18

Similar Documents

Publication Publication Date Title
CN112016120B (en) Event prediction method and device based on user privacy protection
WO2021103708A1 (en) Data query method, apparatus, device and system based on privacy information protection
CN108063756B (en) Key management method, device and equipment
CN112714117B (en) Service processing method, device, equipment and system
CN112231742B (en) Model joint training method and device based on privacy protection
CN113709696B (en) Vehicle remote control method and device, and key initialization method and device
CN112887297B (en) Privacy-protecting differential data determining method, device, equipment and system
CN115987489B (en) Lightweight encryption and decryption method and device and storage medium
CN116629381A (en) Federal migration learning method and device, storage medium and electronic equipment
CN115834018A (en) Multi-party data processing method, system and equipment for protecting privacy
CN109560927B (en) Equipment fingerprint implementation method and device
CN111934874A (en) Block chain-based data encryption and decryption method, equipment and medium
CN110866274A (en) Data fusion method, data fusion platform, data fusion system and data processing platform
CN115982768A (en) Privacy intersection method and device
CN115276952A (en) Private data processing method and device
CN113037764B (en) System, method and device for executing service
CN114419719A (en) Biological characteristic processing method and device
CN111641499A (en) Block chain-based private key restoration method, device, equipment and medium
CN110995447A (en) Data storage method, device, equipment and medium
CN111314057A (en) Private key using method and device depending on user input
CN113067694B (en) Method, device and equipment for comparing safety of two parties in communication optimization
CN114500356B (en) Data cross transmission method, device and system
CN115550071B (en) Data processing method, device, storage medium and equipment
CN116401683A (en) Model training method and device, storage medium and electronic equipment
CN114564453A (en) IPFS file encryption and decryption method, equipment and medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant