CN116722968A - Lightweight AES-128 dynamic encryption method based on UWB - Google Patents
Lightweight AES-128 dynamic encryption method based on UWB Download PDFInfo
- Publication number
- CN116722968A CN116722968A CN202310767442.8A CN202310767442A CN116722968A CN 116722968 A CN116722968 A CN 116722968A CN 202310767442 A CN202310767442 A CN 202310767442A CN 116722968 A CN116722968 A CN 116722968A
- Authority
- CN
- China
- Prior art keywords
- key
- round
- matrix
- encryption
- algorithm
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 60
- 230000008569 process Effects 0.000 claims abstract description 18
- 238000004891 communication Methods 0.000 claims abstract description 13
- 239000011159 matrix material Substances 0.000 claims description 53
- 238000006467 substitution reaction Methods 0.000 claims description 26
- 239000012634 fragment Substances 0.000 claims description 15
- 230000009467 reduction Effects 0.000 claims description 10
- 230000009466 transformation Effects 0.000 claims description 7
- 238000004364 calculation method Methods 0.000 claims description 6
- 239000013598 vector Substances 0.000 claims description 3
- 230000001351 cycling effect Effects 0.000 claims description 2
- 238000007781 pre-processing Methods 0.000 abstract description 6
- 238000005336 cracking Methods 0.000 abstract description 3
- 230000005540 biological transmission Effects 0.000 description 4
- 238000006073 displacement reaction Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 4
- 230000007246 mechanism Effects 0.000 description 4
- 238000009792 diffusion process Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/041—Key generation or derivation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/80—Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/08—Randomization, e.g. dummy operations or using noise
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/20—Manipulating the length of blocks of bits, e.g. padding or block truncation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a lightweight AES-128 dynamic encryption method based on UWB, and relates to the fields of wireless communication and computer cryptography. According to the invention, dynamic encryption and decryption are realized by transmitting dynamic coordinate information of the codebook and the function circulation rotation of the encryption and decryption process, even if ciphertext and coordinate information are intercepted, the secret key is not exposed, so that the secret key is still difficult to crack, the randomness of the secret key increases the violent cracking difficulty of the ciphertext, and the purpose of algorithm security is achieved. The standard AES-128 encryption algorithm prescribes ten rounds of key expansion, ten rounds of algorithm iteration output ciphertext is carried out, the calculated amount of the algorithm can be increased along with the increase of round function iteration times, and the operation efficiency is improved while the safety of the algorithm is ensured by carrying out optimal round and round key preprocessing on the initial key.
Description
Technical Field
The invention relates to the field of wireless communication and the field of computer cryptography, in particular to a lightweight AES-128 dynamic encryption method based on UWB.
Background
UWB (Ultra-wide) technology is a technology for short-range high-speed data transmission and accurate positioning. The ultra-wideband signal used by the method has the characteristics of high-speed transmission and low power consumption, and can realize high-precision positioning and high-speed data transmission. UWB technology is commonly used on embedded devices, which are basically limited in resources. The UWB technology itself has no measure for ensuring the safety, and the security needs to be ensured by introducing an external method.
The AES encryption algorithm is a symmetric key encryption algorithm, and is one of the most widely used encryption algorithms at present. It can encrypt data using a 128-bit, 192-bit or 256-bit key, the encryption process of which includes four main steps: key expansion, row shifting, column mixing, and round key addition. During encryption, data is split into a series of 16 byte-sized blocks and subjected to multiple rounds of encryption operations to ultimately produce ciphertext. AES has higher security and faster encryption speed than older encryption algorithms.
The AES-128 encryption algorithm is an AES encryption algorithm using 128-bit keys. For some embedded devices with relatively limited resources, AES-128 encryption may still consume a lot of resources, resulting in reduced system real-time. If the function cycle number of the AES-128 encryption algorithm is directly reduced, the operation amount is reduced, but the security is also reduced. In summary, UWB communication systems have problems in that the performance of embedded microprocessors is limited and data is easily intercepted during data transmission.
Disclosure of Invention
The invention aims to overcome the defects of the prior art and provide a lightweight AES-128 dynamic encryption method based on UWB.
In order to achieve the purpose, the invention is realized by adopting the following technical scheme:
a lightweight AES-128 dynamic encryption method based on UWB comprises the following steps:
(1) Ten rounds of key expansion are carried out on the initial key pair, bit difference after each round of key expansion is calculated, and round sum keys with the largest bit difference are used as optimal round sum keys;
(2) And performing round iteration operation of round encryption based on the optimal round and the round key.
Furthermore, the receiving and transmitting sides hold the same cipher code, and the receiving and transmitting sides generate the key coordinates through a random algorithm and transmit the key coordinates in a plaintext form.
Further, the codebook is a two-dimensional codebook, the two-dimensional codebook determines that one key corresponds to two coordinates, the key of the AES-128 encryption algorithm is 16 bytes, and each coordinate corresponds to an 8-byte key fragment;
a codebook of length l (x 1 ,x 2 ,…,x l ) Each element is 8 bytes, and the sender generates two random numbers { x over the length of the codebook before encrypting m ,x n And inquiring the codebook to acquire a key fragment, and then splicing the key fragment into 16 bytes to serve as an initial key, wherein m is more than or equal to 1 and less than or equal to l, n is more than or equal to 1 and less than or equal to l, and l is more than or equal to 10.
Further, before wireless communication starts, all combined optimal encryption rounds and key expansions in the codebook are calculated and stored according to the calculation method in the step (1), corresponding optimal encryption rounds and round keys are read in the encryption and decryption process, and round encryption loop iteration operation is executed based on the optimal rounds and the round keys.
Further, after wireless communication is started, each time of randomly generated key segment combination is performed, the optimal encryption round and the expansion key are calculated according to the calculation method in the step (1), and then the result is stored;
and when the key fragments are randomly combined to the same key fragments next time, reading the stored optimal encryption round and round keys, and executing round encryption round iteration operation based on the optimal round and the round keys.
Further, step (2) includes the following operations:
(201) Executing a byte substitution algorithm;
(202) Executing a row shifting algorithm;
(203) Executing a column mixing algorithm;
(204) Executing a round key addition algorithm;
(205) And (3) cycling the steps (201) - (204) until the optimal round is reached, and completing encryption.
Further, the specific operations of steps (201), (202), (203) and (204) are as follows:
(201) Executing a byte substitution algorithm, specifically:
defining an S box and an inverse S box of a 16X 16 matrix, taking the upper 4 bits of plaintext of each byte as row values and the lower 4 bits as column values, and taking out elements of corresponding rows in the S box or the inverse S box as output substitution original data according to the forward and inverse transformation to obtain a state matrix;
(202) Executing a row shift algorithm, specifically:
shifting the 0 th row of the state matrix to the left by 0 bytes, shifting the 1 st row to the left by 1 byte, shifting the 2 nd row to the left by 2 bytes, and shifting the 3 rd row to the left by 3 bytes; the inverse transform of the row shift is to perform an inverse shift operation on each row in the state matrix;
(203) Executing a column mixing algorithm, specifically:
multiplying the state matrix after the row shift with the column mixed fixed matrix to obtain a new state matrix;
when in inverse transformation, the inverse column mixing fixed matrix is applied to the new state matrix to carry out inverse column mixing operation, and finally the original column state is obtained;
(204) Executing a round key addition algorithm, specifically:
and carrying out bitwise exclusive OR operation on the round key and the data in the state matrix, wherein the inverse operation of the round key addition is completely consistent with the operation of the round key addition.
Further, the specific operation of step (1) is as follows:
(101) Performing 1 adding operation on the last bit of the last byte of each row in the initial key matrix A if the last bit is 0, performing 1 subtracting operation on the last bit of each row, obtaining a two-dimensional contrast key matrix B which is different from the initial key by one bit, performing ten rounds of key expansion on the initial key matrix A and the contrast key matrix B respectively, and storing the results in four-dimensional matrices U [ l 1] [11] [4] [4] and V [ l 1] [11] [4] [4 ]; meanwhile, the key expansion converts 128 bit original key into 4*4 matrix, which is stored in U0-U3, based on U0-U3, solving 10 sub keys U4 i-U4i+3 through formulas (2) and (3), wherein i is more than or equal to 1 and less than or equal to 10, j is more than or equal to 1 and less than or equal to 10;
U[4i]=U[4(i-1)]+T(U[4i-1]) (2)
U[4i+j]=U[4(i-1)+j]+U[4i-1+j] (3)
(102) Calculating bit differences
The method comprises the steps of carrying out exclusive or on corresponding elements in a four-dimensional matrix U [ l [11] [4] [4] and V [ l [11] [4] [4] to obtain a matrix W [ l [11] [4] [4] to obtain bit differences of each corresponding byte element in two matrices, counting bit numbers of each element to be 1 to obtain statistical values COUNT [ l [11] [4] of bit differences of byte elements corresponding to the four-dimensional matrix U [ l [11] [4] and V [ l [11] [4] [4], and finally carrying out dimension reduction operation to obtain SUM [ l ] [11], wherein each row represents bit differences of each group of keys after round key expansion;
(103) Optimal round acquisition
The maximum value of each row element in SUM [ l ] [11] matrix and the column number N thereof represent the peak value after the key expansion, and N represents the round with the greatest key confusion degree, namely the optimal round.
Further, (101) performing S-box substitution and wheel system number exclusive-or operation after rearranging the column vector U by using a T function, where the T function performs operations according to the order of word circulation, byte substitution and wheel constant exclusive-or, specifically as follows:
word loop: circularly leftwards shifting 4 bytes in 1 word by 1 byte;
byte substitution: performing byte substitution on the result of the word circulation by using an S box;
wheel constants exclusive OR: exclusive OR is carried out on the byte-substituted result and the round constant Rcon [ j ];
wherein j represents the number of rounds, the round constant Rcon [ j ] is a word, and the correspondence between the round constant Rcon [ j ] and j is as follows:
| j | 1 | 2 | 3 | 4 | 5 |
| Rcon[j] | 01000000 | 02000000 | 04000000 | 08000000 | 10000000 |
| j | 6 | 7 | 8 | 9 | 10 |
| Rcon[j] | 20000000 | 40000000 | 80000000 | 1B000000 | 36000000 |
compared with the prior art, the invention has the following beneficial effects:
according to the lightweight AES-128 dynamic encryption method based on UWB, dynamic encryption and decryption are achieved through transmitting dynamic coordinate information of a codebook, even if ciphertext and coordinate information are intercepted, a secret key is not exposed, so that the secret key is still difficult to crack, the randomness of the secret key increases the violent cracking difficulty of the ciphertext, and the purpose of algorithm safety is achieved. The standard AES-128 encryption algorithm prescribes ten rounds of key expansion, ten rounds of algorithm iteration output ciphertext is carried out, the calculated amount of the algorithm can be increased along with the increase of round function iteration times, and the operation efficiency is improved while the safety of the algorithm is ensured by carrying out optimal round and round key preprocessing on the initial key. The lightweight AES-128 dynamic encryption algorithm based on UWB provided by the invention can overcome the problem of system efficiency reduction caused by relatively limited hardware resources and relatively large encryption algorithm cost in an embedded platform, and simultaneously has the advantages of reducing the operand and simultaneously achieving the safety.
Furthermore, a method for introducing a codebook mechanism to compensate for security reduction caused by reducing function loop reduction is proposed. The two parties of the transceiver hold the same cipher book, and the key coordinates are generated through a random algorithm during the transceiver and transmitted in a plaintext form, so that the safety problem caused by the single key being cracked is reduced.
Further, when the length of the codebook is l and each codebook unit stores an 8-byte key fragment, the possible combination of the codebook is l 2 For square-level growth, the length of the codebook is not required to be too long and is less than 10, and when the length of the codebook is 10, the maximum occupied space of encryption rounds and key expansion (10 rounds) is only about 17.3KB.
Furthermore, before wireless communication starts, the iteration round and the corresponding key expansion are saved by preprocessing the codebook, and only the saved data is required to be inquired in the working process without calculation for each receiving and transmitting, so that the method is applicable to a communication system with low MCU main frequency and high real-time requirement. The invention provides a method for reducing the increase of key expansion operation rounds caused by randomly generating keys by a pretreatment mechanism. For a codebook, the combination form of the keys is relatively limited, and the efficiency of the system is improved by carrying out advanced processing and saving on the key expansion process of all the key combinations.
Further, after wireless communication is started, encryption rounds and key expansion are processed and stored, so that the method is applicable to a communication system with high MCU main frequency and low real-time requirements.
Drawings
FIG. 1 is a lightweight AES-128 dynamic encryption method flow based on UWB;
FIG. 2 is an AES-128 encryption algorithm key expansion flow.
Detailed Description
In order that those skilled in the art will better understand the present invention, a technical solution in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in which it is apparent that the described embodiments are only some embodiments of the present invention, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the present invention without making any inventive effort, shall fall within the scope of the present invention.
It should be noted that the terms "first," "second," and the like in the description and the claims of the present invention and the above figures are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments of the invention described herein may be implemented in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
The invention is described in further detail below with reference to the attached drawing figures:
the following briefly describes the encryption process of the original AES encryption algorithm, the decryption process being the inverse of the encryption process.
(1) Byte substitution:
byte substitution is a unique nonlinear transformation of the lightweight AES-128 encryption algorithm, which defines an S-box and an inverse S-box of a 16 x 16 matrix. The substitution method comprises the following steps: taking the upper 4 bits of the plaintext of each byte as a row value and the lower 4 bits as a column value, and taking out the elements of the corresponding row in the S box or the inverse S box as output substitution original data.
(2) Line shifting:
the row shift is a simple left circular shift operation, with row 0 shifted left by 0 bytes, row 1 shifted left by 1 byte, row 2 shifted left by 2 bytes, and row 3 shifted left by 3 bytes of the state matrix. The inverse transform of the row shift is to perform the opposite shift operation for each row in the state matrix.
(3) Column mixing:
column-mix transformation is a key step in data confusion, which multiplies a row-shifted state matrix by a column-mix fixed matrix to obtain a new state matrix after confusion. When in inverse transformation, the inverse column mixing fixed matrix is applied to the new state matrix to carry out inverse column mixing operation, and finally the original column state is obtained;
. The column mixing forward conversion operation process is shown in the formula (1):
(4) Round key addition:
round key addition is to perform a bit-wise exclusive-or operation on the preprocessed 128-bit round key and the data in the state matrix, and since the inverse operation of the exclusive-or operation is self, the inverse operation of the round key addition is completely consistent with the operation of the round key addition.
In the encryption and decryption process, a key expansion operation is required, the expanded key is used for the round key addition step, and the key expansion flow is shown in fig. 2. The key array W is extended by 40 new columns, constituting an extended key array of 44 columns in total. The new columns are generated in a recursive manner as follows:
(1) i is not divisible by 4:
(2) i can be divided by 4:
the T function is divided into the following three steps:
(1) Word loop: the 4 bytes in the 1 word are cyclically left shifted by 1 byte.
(2) Byte substitution: byte substitution is performed on the result of the word loop using an S-box.
(3) Wheel constants exclusive OR: the results of the first two steps are xored with a round constant Rcon [ j ], where j represents the number of rounds. The round constant Rcon [ j ] is a word whose value is shown in table 1.
TABLE 1 round constant exclusive OR result graph
| j | 1 | 2 | 3 | 4 | 5 |
| Rcon[j] | 01000000 | 02000000 | 04000000 | 08000000 | 10000000 |
| j | 6 | 7 | 8 | 9 | 10 |
| Rcon[j] | 20000000 | 40000000 | 80000000 | 1B000000 | 36000000 |
The working flow of the method proposed by the invention is shown in figure 1. The working flow of the method provided by the invention comprises the following steps:
the sender:
(1) Randomly generating key coordinates;
(2) Acquiring a complete key according to the key coordinates, and acquiring/calculating an encryption round N and a key expansion W;
(3) Performing round key addition on the plaintext by using W0, 3;
(4) Performing N-1 round of byte substitution, row displacement, column mixing, round key addition, each round using W4N-4,4N-1;
(5) Performing byte substitution, line displacement and round key addition by using W4N, 4, +3 to obtain ciphertext;
(6) And attaching the coordinates to the tail part of the ciphertext and sending.
(7) The receiving side:
(8) Receiving data and reading the coordinates of a frame tail key;
(9) Acquiring a complete key according to the key coordinates, and acquiring/calculating an encryption round N and a key expansion W;
(10) Performing byte substitution, line displacement and round key addition on the ciphertext by using W4N, 4, +3;
(11) Performing N-1 round of reverse shift, reverse byte substitution, round key addition and reverse column mixing, wherein each round uses W4N-4,4N-1;
(12) And (3) performing reverse displacement, reverse byte substitution and round key addition by using W [0,3] to obtain a plaintext.
The codebook is generated by adopting a random algorithm, and can be manually formulated. The codebook can be formulated into different dimensions according to different requirements. The invention is described by taking a two-dimensional codebook as an example. Two-dimensional codebook determines that a key requires two coordinates, and the key of the AES-128 encryption algorithm is 16 bytes, so each coordinate corresponds to an 8-byte key fragment. A codebook of length l (x 1 ,x 2 ,…,x l ) Each element is 8 bytes, and the sender generates two random numbers { x over the length of the codebook before encrypting m ,x n And (m is more than or equal to 1 and less than or equal to l, n is more than or equal to 1 and less than or equal to l), inquiring the codebook to acquire a key fragment, splicing the key fragment into a 16-byte initial key, and encrypting the segmented 16-byte data frame according to the acquired initial key.
According to the AES-128 encryption algorithm principle, the larger the bit difference after each round of key expansion is, the higher the security is. And determining the optimal number of iterations of the prestored round function and round keys by calculating the change condition of each round of bit difference of the key pair after ten rounds of key expansion. The calculation process for calculating the optimal encryption round is as follows:
the method comprises the steps of (1) conducting ten rounds of key expansion on an initial key matrix A and a comparison key matrix B respectively, storing results in four-dimensional matrices U [ l ] [11] [4] [4] and V [ l ] [11] [4] [4], converting a 128-bit original key into a 4*4 matrix by key expansion, storing the 4*4 matrix into U [0] -U [3], solving 10 sub-keys U [4i ] -U [4i+3] through formulas (2) and (3) based on U [0] -U [3], wherein 1 is less than or equal to 10,1 is less than or equal to j is less than or equal to 10, and executing S-box substitution and train number exclusive OR operation after a T function rearranges column vectors U, so that nonlinearity and safety are enhanced.
U[4i]=U[4(i-1)]+T(U[4i-1]) (2)
U[4i+j]=U[4(i-1)+j]+U[4i-1+j] (3)
(2) Calculating bit differences
Firstly, corresponding elements in U and V matrixes are exclusive-ored to obtain a matrix W [ l ] [11] [4] [4], bit differences of each corresponding byte element in the two matrixes are obtained, then the number of bits with each element being 1 is counted to obtain a statistical value COUNT [ l ] [11] [4] [4], finally, dimension reduction operation is carried out to obtain SUM [ l ] [11], and each row represents the bit differences of each group of keys after round key expansion.
(3) Optimal round acquisition
The maximum value of each row element in SUM [ l ] [11] matrix and the column number N thereof represent the peak value after the key expansion, and N represents the round with the greatest key confusion degree, namely the optimal round.
(4) Saving the obtained optimal round N
After the optimal encryption round is obtained, the key expansion operation is unnecessary to carry out ten rounds according to the original algorithm, and only the key expansion of the number of the optimal encryption rounds is needed, so that the operation amount of the key expansion is reduced.
According to the dynamic key method described above, each time the key changes, the sender and the receiver need to perform the operation of computing the key expansion on the new key in optimal rounds, which also consumes a certain time and space resources, and the effect of reducing the computation amount brought by the function round may be offset or not obvious. Two pre-processing methods are proposed here to solve this problem.
1. Before wireless communication starts, all combined optimal encryption rounds and key expansion in the codebook are calculated and stored, and the corresponding optimal encryption rounds and expansion keys are directly read in the encryption and decryption process. The method has the advantages that the operation time of the encryption and decryption process is greatly reduced; the disadvantage is that the preprocessing effort is great when the codebook is too long, and extra large storage space is required to store the expansion key.
2. After the wireless communication starts, each time the key fragments generated randomly are combined, after the optimal encryption round and the expansion key are calculated, the result is stored, and the stored optimal encryption round and expansion key are directly read when the same key is reached randomly next time. The method has the advantages that the pretreatment does not consume a large amount of time and space, and the consumption of the pretreatment is shared in the encryption and decryption process; the disadvantage is that when the password body is large, the password body may be degraded into a method without pretreatment, resulting in poor light weight effect. For this case, the key may be randomly generated and then regenerated after being used for a plurality of frames, so as to reduce resource consumption caused by too fast updating of the key.
A lightweight AES-128 dynamic encryption method based on UWB specifically comprises a method for reducing the calculated amount by using a function loop reduction and a method for improving the security by using a codebook mechanism.
First, a method is proposed to reduce the number of function loops in the original algorithm to reduce the amount of computation. For the ten rounds of function circulation fixed by the original algorithm, the ethic with better key diffusion in the ten rounds is found out by analyzing the diffusion characteristic of the key to be used as the ethic of the function circulation.
In addition, a method for introducing a codebook mechanism to compensate for security reduction caused by reducing function loop reduction is proposed. When the two parties hold the same cipher book, the key coordinates are generated by a random algorithm during receiving and transmitting in a plaintext form, so that the safety problem caused by cracking of a single key is reduced.
Finally, a method for preprocessing the key expansion operation round increase caused by randomly generating the key is provided. For a codebook, the combination form of the keys is relatively limited, and the efficiency of the system is improved by carrying out advanced processing and saving on the key expansion process of all the key combinations.
The lightweight AES-128 dynamic encryption algorithm based on UWB provided by the invention can overcome the problem of system efficiency reduction caused by relatively limited hardware resources and relatively large encryption algorithm cost in an embedded platform, and simultaneously has the advantages of reducing the operand and simultaneously achieving the safety.
The above is only for illustrating the technical idea of the present invention, and the protection scope of the present invention is not limited by this, and any modification made on the basis of the technical scheme according to the technical idea of the present invention falls within the protection scope of the claims of the present invention.
Claims (9)
1. The lightweight AES-128 dynamic encryption method based on UWB is characterized by comprising the following steps:
(1) Ten rounds of key expansion are carried out on the initial key pair, bit difference after each round of key expansion is calculated, and round sum keys with the largest bit difference are used as optimal round sum keys;
(2) And performing round iteration operation of round encryption based on the optimal round and the round key.
2. The lightweight AES-128 dynamic encryption method based on UWB according to claim 1, wherein the two parties of the transceiver hold the same codebook, and generate the key coordinates by a random algorithm and transmit in plaintext.
3. The lightweight AES-128 dynamic encryption method based on UWB according to claim 2, wherein the codebook is a two-dimensional codebook, the two-dimensional codebook determines that one key corresponds to two coordinates, the key of the AES-128 encryption algorithm is 16 bytes, and each coordinate corresponds to 8-byte key fragments;
a codebook of length l (x 1 ,x 2 ,…,x l ) Each element is 8 bytes, and the sender generates two random numbers { x over the length of the codebook before encrypting m ,x n And inquiring the codebook to acquire a key fragment, and then splicing the key fragment into 16 bytes to serve as an initial key, wherein m is more than or equal to 1 and less than or equal to l, n is more than or equal to 1 and less than or equal to l, and l is more than or equal to 10.
4. The lightweight AES-128 dynamic encryption method based on UWB of claim 1, wherein, before wireless communication starts, all combined optimal encryption rounds and key extensions in the codebook are calculated and stored according to the calculation method of step (1), the corresponding optimal encryption rounds and round keys are read in the encryption and decryption process, and a round iteration operation of round encryption is performed based on the optimal rounds and round keys.
5. The lightweight AES-128 dynamic encryption method based on UWB according to claim 1, wherein after the wireless communication is started, each time the randomly generated key segments are combined, the result is saved after the optimal encryption round and the expansion key are calculated according to the calculation method of step (1);
and when the key fragments are randomly combined to the same key fragments next time, reading the stored optimal encryption round and round keys, and executing round encryption round iteration operation based on the optimal round and the round keys.
6. The UWB-based lightweight AES-128 dynamic encryption method as in claim 1, wherein step (2) comprises the operations of:
(201) Executing a byte substitution algorithm;
(202) Executing a row shifting algorithm;
(203) Executing a column mixing algorithm;
(204) Executing a round key addition algorithm;
(205) And (3) cycling the steps (201) - (204) until the optimal round is reached, and completing encryption.
7. The UWB-based lightweight AES-128 dynamic encryption method as in claim 6, wherein the specific operations of steps (201), (202), (203) and (204) are as follows:
(201) Executing a byte substitution algorithm, specifically:
defining an S box and an inverse S box of a 16X 16 matrix, taking the upper 4 bits of plaintext of each byte as row values and the lower 4 bits as column values, and taking out elements of corresponding rows in the S box or the inverse S box as output substitution original data according to the forward and inverse transformation to obtain a state matrix;
(202) Executing a row shift algorithm, specifically:
shifting the 0 th row of the state matrix to the left by 0 bytes, shifting the 1 st row to the left by 1 byte, shifting the 2 nd row to the left by 2 bytes, and shifting the 3 rd row to the left by 3 bytes; the inverse transform of the row shift is to perform an inverse shift operation on each row in the state matrix;
(203) Executing a column mixing algorithm, specifically:
multiplying the state matrix after the row shift with the column mixed fixed matrix to obtain a new state matrix;
when in inverse transformation, the inverse column mixing fixed matrix is applied to the new state matrix to carry out inverse column mixing operation, and finally the original column state is obtained;
(204) Executing a round key addition algorithm, specifically:
and carrying out bitwise exclusive OR operation on the round key and the data in the state matrix, wherein the inverse operation of the round key addition is completely consistent with the operation of the round key addition.
8. The lightweight AES-128 dynamic encryption method based on UWB as claimed in claim 1, wherein the specific operations of step (1) are:
(101) Performing 1 adding operation on the last bit of the last byte of each row in the initial key matrix A if the last bit is 0, performing 1 subtracting operation on the last bit of each row, obtaining a two-dimensional contrast key matrix B which is different from the initial key by one bit, performing ten rounds of key expansion on the initial key matrix A and the contrast key matrix B respectively, and storing the results in four-dimensional matrices U [ l 1] [11] [4] [4] and V [ l 1] [11] [4] [4 ]; meanwhile, the key expansion converts 128 bit original key into 4*4 matrix, which is stored in U0-U3, based on U0-U3, solving 10 sub keys U4 i-U4i+3 through formulas (2) and (3), wherein i is more than or equal to 1 and less than or equal to 10, j is more than or equal to 1 and less than or equal to 10;
U[4i]=U[4(i-1)]+T(U[4i-1])(2)
U[4i+j]=U[4(i-1)+j]+U[4i-1+j](3)
(102) Calculating bit differences
The method comprises the steps of carrying out exclusive or on corresponding elements in a four-dimensional matrix U [ l [11] [4] [4] and V [ l [11] [4] [4] to obtain a matrix W [ l [11] [4] [4] to obtain bit differences of each corresponding byte element in two matrices, counting bit numbers of each element to be 1 to obtain statistical values COUNT [ l [11] [4] of bit differences of byte elements corresponding to the four-dimensional matrix U [ l [11] [4] and V [ l [11] [4] [4], and finally carrying out dimension reduction operation to obtain SUM [ l ] [11], wherein each row represents bit differences of each group of keys after round key expansion;
(103) Optimal round acquisition
The maximum value of each row element in SUM [ l ] [11] matrix and the column number N thereof represent the peak value after the key expansion, and N represents the round with the greatest key confusion degree, namely the optimal round.
9. The UWB-based lightweight AES-128 dynamic encryption method according to claim 8, wherein (101) the S-box substitution and the train number exclusive-or operation are performed after the column vectors U are rearranged by using a T-function that operates in the order of word-loop, byte-substitution, and round-constant exclusive-or, specifically as follows:
word loop: circularly leftwards shifting 4 bytes in 1 word by 1 byte;
byte substitution: performing byte substitution on the result of the word circulation by using an S box;
wheel constants exclusive OR: exclusive OR is carried out on the byte-substituted result and the round constant Rcon [ j ];
wherein j represents the number of rounds, the round constant Rcon [ j ] is a word, and the correspondence between the round constant Rcon [ j ] and j is as follows:
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310767442.8A CN116722968A (en) | 2023-06-27 | 2023-06-27 | Lightweight AES-128 dynamic encryption method based on UWB |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310767442.8A CN116722968A (en) | 2023-06-27 | 2023-06-27 | Lightweight AES-128 dynamic encryption method based on UWB |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116722968A true CN116722968A (en) | 2023-09-08 |
Family
ID=87871349
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310767442.8A Pending CN116722968A (en) | 2023-06-27 | 2023-06-27 | Lightweight AES-128 dynamic encryption method based on UWB |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116722968A (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116996628A (en) * | 2023-09-26 | 2023-11-03 | 宜兴启明星物联技术有限公司 | Network data transmission protection method |
| CN117544292A (en) * | 2023-11-09 | 2024-02-09 | 南京普爱医疗设备股份有限公司 | Encryption system based on CBCT image equipment |
| CN117560233A (en) * | 2024-01-12 | 2024-02-13 | 深圳市金飞杰信息技术服务有限公司 | Method and system based on data interaction encryption |
| CN117725605A (en) * | 2024-02-07 | 2024-03-19 | 四川建设网有限责任公司 | Method and system for remotely and automatically compiling electronic archive file information confidentiality |
| CN117807620A (en) * | 2024-03-01 | 2024-04-02 | 济南凯联通信技术有限公司 | Dynamic encryption storage method for information |
| CN117807620B (en) * | 2024-03-01 | 2024-05-24 | 济南凯联通信技术有限公司 | Dynamic encryption storage method for information |
-
2023
- 2023-06-27 CN CN202310767442.8A patent/CN116722968A/en active Pending
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116996628A (en) * | 2023-09-26 | 2023-11-03 | 宜兴启明星物联技术有限公司 | Network data transmission protection method |
| CN116996628B (en) * | 2023-09-26 | 2023-12-08 | 宜兴启明星物联技术有限公司 | Network data transmission protection method |
| CN117544292A (en) * | 2023-11-09 | 2024-02-09 | 南京普爱医疗设备股份有限公司 | Encryption system based on CBCT image equipment |
| CN117544292B (en) * | 2023-11-09 | 2024-04-26 | 南京普爱医疗设备股份有限公司 | Encryption system based on CBCT image equipment |
| CN117560233A (en) * | 2024-01-12 | 2024-02-13 | 深圳市金飞杰信息技术服务有限公司 | Method and system based on data interaction encryption |
| CN117560233B (en) * | 2024-01-12 | 2024-04-05 | 深圳市金飞杰信息技术服务有限公司 | Method and system based on data interaction encryption |
| CN117725605A (en) * | 2024-02-07 | 2024-03-19 | 四川建设网有限责任公司 | Method and system for remotely and automatically compiling electronic archive file information confidentiality |
| CN117725605B (en) * | 2024-02-07 | 2024-04-23 | 四川建设网有限责任公司 | Method and system for remotely and automatically compiling electronic archive file information confidentiality |
| CN117807620A (en) * | 2024-03-01 | 2024-04-02 | 济南凯联通信技术有限公司 | Dynamic encryption storage method for information |
| CN117807620B (en) * | 2024-03-01 | 2024-05-24 | 济南凯联通信技术有限公司 | Dynamic encryption storage method for information |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN116722968A (en) | Lightweight AES-128 dynamic encryption method based on UWB | |
| US8369522B2 (en) | Encryption processing apparatus, encryption method, and computer program | |
| US8391476B2 (en) | Masking method of defending differential power analysis attack in seed encryption algorithm | |
| CN110880967B (en) | Method for parallel encryption and decryption of multiple messages by adopting packet symmetric key algorithm | |
| CN111431697B (en) | Novel method for realizing lightweight block cipher CORL | |
| KR102169369B1 (en) | Countermeasure method of first-order side-channel attack on lightweight block cipher and apparatus using the same | |
| CN109981249B (en) | Encryption and decryption method and device based on zipper type dynamic hash and NLFSR | |
| CN109302280B (en) | AES key expansion method | |
| Gupta et al. | A new image encryption algorithm based on DNA approach | |
| CN112202511A (en) | Physical layer key generation method and system based on channel characteristics | |
| CN116418481A (en) | Text privacy data double encryption protection method, device and equipment | |
| CN103310157B (en) | Based on the image encryption method of RT-DNA cellular automaton | |
| CN113746622A (en) | Lightweight grouped text encryption method based on double two-dimensional chaotic system | |
| CN111614457B (en) | P replacement improvement-based lightweight packet encryption and decryption method, device and storage medium | |
| CN116707771B (en) | Communication method based on data encryption | |
| US7103180B1 (en) | Method of implementing the data encryption standard with reduced computation | |
| CN1286855A (en) | Cryptographic conversion of binary data blocks | |
| CN113572592A (en) | Asymmetric key encryption method | |
| Labbi et al. | Symmetric encryption algorithm for RFID systems using a dynamic generation of key | |
| KR20060014420A (en) | Method and apparatus for a low memory hardware implementation of the key expansion function | |
| Kumar et al. | Enhanced cost effective symmetric key algorithm for small amount of data | |
| CN113886804B (en) | Lightweight stream cipher generation method based on parallel cyclic shift register | |
| CN103051443A (en) | AES (Advanced Encryption Standard) key expansion method | |
| KR102157219B1 (en) | Countermeasure method of higher-order side-channel attack on lightweight block cipher and apparatus using the same | |
| CN114337993B (en) | White box SM4 encryption and decryption method and system applied to edge Internet of things proxy |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |