CN1323507C - Short block processing method in block encryption algorithm - Google Patents
Short block processing method in block encryption algorithm Download PDFInfo
- Publication number
- CN1323507C CN1323507C CNB2005100797931A CN200510079793A CN1323507C CN 1323507 C CN1323507 C CN 1323507C CN B2005100797931 A CNB2005100797931 A CN B2005100797931A CN 200510079793 A CN200510079793 A CN 200510079793A CN 1323507 C CN1323507 C CN 1323507C
- Authority
- CN
- China
- Prior art keywords
- block
- length
- grouping
- encryption
- algorithm
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Abstract
The present invention discloses a short block processing method in a block encryption algorithm. The encryption process comprises the procedures that after a transmitting party encrypts a plaintext of a last complete block, an obtained cipher text block is divided into two parts; one part is taken as a cipher text block of a short block, and uses a filling part to carry out jointing with the short block to form a complete block; the complete block is encrypted, and is transmitted to a receiving party. The decryption process comprises the procedures that after the receiving party receives the cipher text block of the last complete block, the cipher text block is decrypted; the decrypted block is divided into two parts, one part is a plaintext of the short block, and the other part is jointed with the received cipher text block of the short block to obtain a complete cipher text block; the block is decrypted to obtain a plaintext of the last complete block. The method of the present invention can improve the security of data transmission.
Description
Technical field
The present invention relates to data encryption technology, specially refer in block encryption algorithm short processing method of dividing into groups.
Background technology
In communication system, fail safe is an important indicator of estimating a communication system performance quality, particularly in wireless communication system, because wireless communication system has open and ambulant characteristics, makes the fail safe of wireless communication system seem particularly important.
IEEE 802.16d/e serial protocols has defined WiMAX and has fixed and moved the consensus standard that inserts the part of eating dishes without rice or wine.In order to guarantee the air interface data safety of transmission, above-mentioned serial protocols has defined a Security Sublayer (Privacy Sublayer), is used to realize the distribution of authentication, key to wireless communication system user and management and follow-up data encryption and authentication or the like.After authentication is finished, MS and BS also need to generate, distribute and manage air interface data is carried out encrypted secret key by IKMP (PKM), the result of above-mentioned PKM process generates a basic key that is used to derive from other key resources---KI (AK, Authorization Key) between MS and BS.After obtaining the key resource by authentication, MS and BS just can realize the safe transmission of air interface data by cryptographic algorithm.
IEEE 802.16d/e serial protocols provides multiple alternative cryptographic algorithm, specifically uses which kind of cryptographic algorithm, needs MS and BS to consult in the message interaction process of authentication.Cryptographic algorithm commonly used at present is a block encryption algorithm, use described block encryption algorithm before encryption, the block of plaintext data that transmit leg at first carries out needs encryption is divided into several groupings according to fixing big or small m, and described block encryption algorithm is encrypted with the unit of being grouped into.According to agreement regulation, in concrete application process, can use multiple different encryption mode, for example electronic codebook mode (ECB, ElectronicCode Book) pattern and cipher block chaining (CBC, Cipher Block Chaining) pattern etc.
Wherein, ECB is the simplest a kind of pattern in the block encryption algorithm.Under this pattern, transmit leg directly uses identical key K i to encrypt to each grouping is independent, and the result after will encrypting sends to the recipient as ciphertext block.The recipient will carry out independently decryption processing after receiving each ciphertext block, directly obtain the plaintext of each grouping.In the ECB encryption mode, the encryption and decryption of each grouping all are independently.
CBC is the normal a kind of encryption mode that uses in the block encryption algorithm.Under this pattern, communicating pair also will consult to produce a CBC initial vector (IV), the big or small m that the length of this initial vector equals to divide into groups, an input when being used for as first block encryption except having a shared data encryption key Ki.The CBC encryption mode adopts following steps to handle to clear packets:
1, for first grouping, at first the clear data with CBC IV and first grouping carries out xor operation, the XOR result is encrypted, with the ciphertext block of encrypted result as first grouping again;
2, since second grouping, corresponding each grouping, each all elder generations carry out xor operation with the ciphertext block of previous grouping and the clear data of current group, the XOR result are encrypted again, and obtain the ciphertext block of respective packets; It is all identical employed key K i to be encrypted in each grouping here;
3,,, the processing identical with other groupings will be adopted if the length of this grouping just equals m for last grouping; If its length, is referred to as short grouping less than m, different cryptographic algorithm will adopt different processing methods for short grouping.
Under above two kinds of encryption modes, when each grouping is encrypted employed cryptographic algorithm also have a variety of, for example, Advanced Encryption Standard (AES, Advanced Encryption Standard) algorithm and data encryption standard (DES, Data Encryption Standard) algorithm or the like.IEEE802.16d-2004 version regulation can be used based on the DES algorithm of CBC pattern each grouping of business datum is encrypted.IEEE 802.16e/D7 regulation can adopt in 802.16 systems based on the aes algorithm of CBC pattern encrypts each grouping of business datum.
In based on the DES algorithm of CBC pattern and aes algorithm based on the CBC pattern, be identical to last length less than the processing method of the short grouping of m, the length that will lack grouping here is made as n, and n<m, mainly comprises:
The ciphertext block that transmit leg directly will be lacked the previous complete packet of grouping is carried out once the cryptographic operation based on ecb mode again; Xor operation is directly expressly carried out with described short grouping in the n position, the left side of the ciphertext block after the above-mentioned encryption of learning from else's experience, with the result that the obtains ciphertext block as described short grouping.
Employed cryptographic algorithm was identical when employed here cryptographic algorithm was encrypted with other groupings, can be DES algorithm or aes algorithm, and employed encryption key is also identical with other employed encryption keys that divide into groups.
The recipient to the complete packet of front, is decrypted processing with corresponding decipherment algorithm after receiving each grouping corresponding ciphertext grouping; To last short grouping, the recipient at first carries out the ciphertext block of the previous complete packet of described short grouping once the encryption based on ecb mode again, and carry out xor operation, thereby obtain the described short corresponding plaintext of dividing into groups with the n position, the left side of encrypting the ciphertext block obtain and the ciphertext block of described short grouping.
This shows, in existing cryptographic algorithm, ciphertexts of all short groupings only be this weak point grouping expressly with the ciphertext block of last grouping in a part of ciphertext carry out the result of simple xor operation, in fact not to not encrypting described short the grouping.Like this, the network attack person can be by changing some position in the short grouping ciphertext, systematically change the short grouping in deciphering back content expressly, if last short grouping does not comprise important information, adopt this cryptographic algorithm not have what problem, if but last grouping has comprised important information, serious potential safety hazard will be had.
In addition, for the cipher mode that adopts the des encryption algorithm, because the DES algorithm is the cryptographic algorithm of a symmetry, in ciphering process to described short grouping, the XOR result of the plaintext of last complete packet and the ciphertext block of penult complete packet need be carried out des encryption twice, this equates this XOR result is carried out having carried out the DES deciphering again behind the des encryption.So, to the cryptographic operation that described short grouping is expressly carried out, be equal to preceding n position and the preceding n position of last complete packet plaintext and the result that xor operation is expressly carried out in described short grouping of the ciphertext block of using the penult complete packet.Therefore, if the network attack person has obtained the plaintext of described short grouping, he just can instead release some plaintext position of penult grouping; In like manner, if the network attack person has obtained the plaintext of last complete packet, he just can obtain the plaintext of described short grouping at an easy rate.Like this, can't realize the safe transmission of data.
Summary of the invention
In order to solve the problems of the technologies described above, the invention provides and a kind of method of encrypting is carried out in short grouping, to improve safety of data transmission, eliminate the potential safety hazard that prior art exists.
Of the present invention in block encryption algorithm to the processing method of short grouping, comprise two processes of encryption and decryption, described grouping comprises that length is that short grouping and the length of n is the complete packet of m, and n is arranged less than m;
Described ciphering process comprises:
After A, transmit leg were encrypted the plaintext of last complete packet, it was that n and length are two parts that m subtracts n that the ciphertext block that obtains is divided into length;
B, use length expressly to splice as filling part and described short grouping that m subtracts n, form the complete packet that length is m, described complete packet is encrypted, the ciphertext block as described last complete packet sends to the recipient;
C, be the ciphertext block of the ciphertext block part of n, send to the recipient as described short grouping with the length that obtains in the steps A;
Described decrypting process comprises:
A, recipient are decrypted this ciphertext block after receiving the ciphertext block of described last complete packet;
It is that n and length are two parts that m subtracts n that b, the described connecting method of the corresponding step B of the grouping after will deciphering are divided into length, and wherein said length is that the part of n is the plaintext of described short grouping;
C, be that the described dividing mode of the corresponding steps A of part that m subtracts n is spliced with the ciphertext block of the described short grouping that receives with length among the step b, obtain the ciphertext block that length is m, again this ciphertext block is decrypted processing, obtains the plaintext of described last complete packet.
Steps A is described to be encrypted as employing and to encrypt based on the data encryption standard algorithm of cipher block chaining model;
The described decryption processing of step c is decrypted for adopting the data encryption standard algorithm based on cipher block chaining model.
Steps A is described to be encrypted as employing and to encrypt based on the Advanced Encryption Standardalgorithm of cipher block chaining model;
The described decryption processing of step c is decrypted for adopting the Advanced Encryption Standardalgorithm based on cipher block chaining model.
Steps A is described to be divided into: the m-n position as a part, and will be left as another part in the preceding n position of described ciphertext block, perhaps with the preceding m-n position of described ciphertext block as a part, and will be left the n position as another part.
The described filling part of step B is that the described length that is marked off by ciphertext block of steps A is the part of m-n;
Step B is described to be spliced into: described short grouping expressly is placed on described filling part front, or described filling part is placed on described short grouping front expressly;
Step B is described to be encrypted as employing and to encrypt based on electronic codebook mode pattern cryptographic algorithm;
The described deciphering of step a is decrypted based on electronic codebook mode pattern decipherment algorithm for adopting.
Of the present invention is Advanced Encryption Standardalgorithm based on the electronic codebook mode pattern based on electronic codebook mode pattern cryptographic algorithm; Described is Advanced Encryption Standardalgorithm based on the electronic codebook mode pattern based on electronic codebook mode pattern decipherment algorithm.
Of the present invention is data encryption standard algorithm based on the electronic codebook mode pattern based on electronic codebook mode pattern cryptographic algorithm; Described is data encryption standard algorithm based on the electronic codebook mode pattern based on electronic codebook mode pattern decipherment algorithm.
The encryption key that uses when encrypting is identical with other employed encryption keys that divide into groups of encryption;
Employed decruption key is identical with other employed decruption keys that divide into groups of deciphering when deciphering.
The described filling part of step B is that length is any number of m-n;
Step B is described to be spliced into: according to the described dividing mode of steps A, described short grouping is expressly spliced with described filling part, make that length is that n position partly is corresponding in described short grouping position expressly and the described ciphertext block;
Step B is described to be encrypted as employing and to encrypt based on the cipher block chaining model cryptographic algorithm;
The described deciphering of step a is decrypted based on the cipher block chaining model decipherment algorithm for adopting.
Employing of the present invention is encrypted based on the cipher block chaining model cryptographic algorithm and is comprised:
B1, the use described ciphertext block of steps A and the described complete packet of step B are carried out xor operation;
B2, the use encryption key identical with encrypting other employed encryption keys that divide into groups encrypted above-mentioned XOR result, obtains the ciphertext block of described last complete packet of step B.
Of the present inventionly comprise based on the cipher block chaining model decipherment algorithm:
A1, use the decruption key identical that the ciphertext block of described last complete packet of step a is decrypted with deciphering other employed decruption keys that divide into groups;
A2, according to the joining method identical with step B, the ciphertext block of described filling part and the described short grouping that receives is spliced into the complete ciphertext block that length is m;
The complete ciphertext block that a3, the decrypted result that step a1 is obtained and step a2 obtain is carried out xor operation, with the decrypted result of XOR result as the ciphertext block of described last complete packet.
Of the present invention is Advanced Encryption Standardalgorithm based on cipher block chaining model based on the cipher block chaining model cryptographic algorithm; Described is Advanced Encryption Standardalgorithm based on cipher block chaining model based on the cipher block chaining model decipherment algorithm.
Of the present invention is data encryption standard algorithm based on cipher block chaining model based on the cipher block chaining model cryptographic algorithm; Described is data encryption standard algorithm based on cipher block chaining model based on the cipher block chaining model decipherment algorithm.
This shows, use method of the present invention and can carry out encryption, guaranteed safety of data transmission, eliminated the potential safety hazard of prior art short grouping.In addition, method of the present invention is being carried out not changing in the encrypted process length of data to described short grouping, thereby is also being guaranteed the efficiency of transmission of data.
Description of drawings
The method flow diagram that Fig. 1 carries out encryption for the described transmit leg of a preferred embodiment of the invention to short grouping;
Fig. 2 is decrypted the method flow diagram of processing to short grouping for the described recipient of a preferred embodiment of the invention;
The method flow diagram that Fig. 3 carries out encryption for the described transmit leg of another preferred embodiment of the present invention to short grouping;
The method flow diagram that Fig. 4 carries out encryption for the described recipient of another preferred embodiment of the present invention to short grouping.
Embodiment
In order to solve the problem that prior art exists, the invention provides a kind of processing method of in block encryption algorithm, weak point being divided into groups, the main thought of this method is: by ciphertext peculation method (CTS) described short grouping is filled to a complete grouping, and then use existing cryptographic algorithm that this complete packet is encrypted, thereby guarantee that all data that transmit leg sent expressly all are through encrypting, improving the reliability of system data transmission.
Method of the present invention is applicable to the situation of the plaintext of ciphered data piece length greater than the complete packet length m that need, the complete packet that promptly to comprise a length at least in the described grouping after grouping be m.
Fig. 1 has shown the flow chart that the described transmit leg of a preferred embodiment of the invention carries out encryption to short grouping., suppose that needs are carried out the ciphered data piece is divided into the k group according to the big or small m of complete packet here, length of last short grouping is n, and n<m is arranged, as shown in Figure 1, in this embodiment, transmit leg mainly comprises the encryption process of described short grouping:
Step 101: transmit leg is with the plaintext P of last complete packet
K-1After encrypting, the ciphertext block C that obtains is divided into two parts, a part of length is n, is designated as C
k, another part length is m-n, is designated as C '.
The described encryption of this step can be adopted the DES algorithm based on the CBC pattern, also can adopt the aes algorithm based on the CBC pattern.And employed encryption key employed encryption key when encrypting other and divide into groups is identical when encrypting.
It is described that the ciphertext block that obtains is divided into two-part method also is arbitrarily, for example, and can be with the preceding n position of C as C
k, and the part that will be left is as C ', perhaps with C
iPreceding m-n position as C ', and the part that will be left is as C
kIn addition, adopt other dividing mode also to be fine, and can not exceed scope of the present invention.
Step 102: the C ' part that with length is m-n is as filling part and the described short P of grouping
kPlaintext splice, form the complete packet P that length is m
k', to described complete packet P
k' encrypt, obtain a complete ciphertext block C
K-1, as last complete packet P
K-1Ciphertext block send to the recipient.
In this step, described joining method also can be arbitrarily, for example described short grouping expressly can be placed on the front of C ', also C ' part can be placed on described short grouping front expressly.
The described encryption of this step can be adopted based on the DES algorithm of ecb mode or adopt aes algorithm based on ecb mode, and employed encryption key is identical with other employed encryption keys that divide into groups of encryption under the CBC pattern.
Step 103: the C that step 101 is obtained
kCiphertext block as described short grouping sends to the recipient.
Fig. 2 has shown the flow chart that carries out decryption processing according to the described method recipient of present embodiment after receiving above-mentioned grouping, and as shown in Figure 2, described decrypting process mainly comprises:
Step 201: the recipient is receiving the ciphertext block C of last complete packet
K-1After, this ciphertext block is decrypted, obtain a complete packet P
k';
Corresponding with step 102, if employed cryptographic algorithm is a aes algorithm based on ECB when encrypting, then should use aes algorithm to be decrypted based on ecb mode in this step; If the cryptographic algorithm of using when encrypting is the DES algorithm based on ecb mode, then should use DES algorithm to be decrypted based on ECB in this step; And employed decruption key is identical with the decruption key of other groupings during deciphering;
Step 202: with described complete packet P
k' the described connecting method of corresponding step 102 is divided into two parts, a part of length is n, another part length is m-n; Wherein, length is that the part of n is exactly the plaintext P of described short grouping
k, length is that the part of m-n is exactly the described C ' of step 101;
From step 102 as can be seen, described complete packet P
k' be by described short grouping P
kPlaintext and last complete packet length in once encrypting the ciphertext block obtain be the portion C of m-n ' be spliced, therefore, with P
k' the described connecting method of corresponding step 102 is divided into two parts, just can directly obtain described short grouping P
kPlaintext;
Step 203: with P
kThe ciphertext C of ' in length be the portion C of m-n ' described dividing mode of corresponding step 101 and the described short grouping that receives
kSplicing, obtaining length is the complete ciphertext block C of m, again this grouping is decrypted processing, obtains the clear packets P of last complete packet
K-1
Wherein, described deciphering is corresponding to the employed cryptographic algorithm of step 101, if adopt the aes algorithm based on the CBC pattern when encrypting, should adopt the aes algorithm based on the CBC pattern when then deciphering; If adopt DES algorithm when encrypting, should adopt DES algorithm when then deciphering based on the CBC pattern based on the CBC pattern.Employed decruption key is also identical with the decruption key of other groupings during deciphering.
So far, the recipient can obtain the plaintext of last complete packet and described short grouping.
Fig. 3 has shown the flow chart that the described transmit leg of another preferred embodiment of the present invention carries out encryption to short grouping., suppose that needs are carried out the ciphered data piece is divided into the k group according to the big or small m of complete packet here, length of last short grouping is n, and n<m is arranged, as shown in Figure 3, in this embodiment, transmit leg mainly comprises the encryption process of described short grouping:
Step 301: transmit leg is with the plaintext P of last complete packet
K-1After encrypting, the ciphertext block C that obtains is divided into two parts, a part of length is n, is designated as C
k, another part length is m-n, is designated as C ';
In this step, described encryption can be adopted the DES algorithm based on the CBC pattern, also can adopt the aes algorithm based on the CBC pattern.Employed encryption key was identical when employed encryption key was with other complete packet of encryption during encryption.
It is described that the ciphertext block that obtains is divided into two-part method also is arbitrarily, for example, and can be with the preceding n position of described ciphertext block C as C
k, and the part that will be left is as C ', perhaps with C
iPreceding m-n position as C ', and the part that will be left is as C
kIn addition, adopt other dividing mode also to be fine, and can not exceed scope of the present invention.
Step 302: use length to be the filling part of m-n and the short grouping P of length n
kPlaintext splice, form the complete packet P that length is m
k", to described complete packet P
k" encrypt, obtain a complete ciphertext block C
K-1, as last complete packet P
K-1Ciphertext block send to the recipient.
In this step, employed filling part can be arbitrarily, for example, can be m-n individual 0 or other any number.
The described splicing of this step should the described dividing mode of corresponding step 301 be carried out, after the splicing, and described complete packet P
k" in short grouping P
kShould with the C among the described ciphertext block C
kPart position correspondence.
In this step, described encryption can be adopted based on the DES algorithm of CBC pattern or adopt aes algorithm based on the CBC pattern.
Because the ciphertext block and the current group that adopt the encryption method of CBC pattern need at first use a grouping are carried out xor operation, therefore, in the present embodiment, adopt the CBC pattern to described complete packet P
k" encrypt mainly and comprise:
Step 3021: use described ciphertext block C of step 301 and the described complete packet P of step 302
k" carry out xor operation;
Step 3022: use the encryption key identical that above-mentioned XOR result is encrypted, obtain described complete ciphertext block C with encrypting other employed encryption keys that divide into groups
K-1
Step 303: the C that step 301 is obtained
kCiphertext block as described short grouping sends to the recipient.
Fig. 4 has shown the flow chart that carries out decryption processing according to the described method recipient of present embodiment after receiving above-mentioned grouping, and as shown in Figure 4, described decrypting process mainly comprises:
Step 401: the recipient is receiving the ciphertext block C of last complete packet
K-1After, this ciphertext block is decrypted, obtain a complete packet P
k.
Corresponding with step 303, if employed cryptographic algorithm is the aes algorithm based on CBC when encrypting, then should use aes algorithm to be decrypted based on the CBC pattern in this step, if the cryptographic algorithm of using when encrypting is the DES algorithm based on the CBC pattern, then should use DES algorithm to be decrypted based on CBC in this step.
Described decrypting process based on the CBC pattern further comprises:
Step 4011: use the ciphertext block C of the decruption key identical to described last complete packet with other employed decruption keys that divide into groups of deciphering
K-1Be decrypted;
Step 4012:, be the filling part of m-n and the ciphertext block C of the described short grouping that receives with length according to the joining method identical with step 302
kBe spliced into the complete ciphertext block that a length is m;
Step 4013: the complete ciphertext block that decrypted result that obtains with step 4011 and step 4012 obtain is carried out xor operation, obtains a complete packet P
k.
Contrast ciphering process shown in Figure 3, the ciphertext block C of described last complete packet
K-1Be by described short grouping plaintext P
kComplete packet and described C with filling part composition
kCarry out passing through the result that cryptographic operation obtains again behind the xor operation with the composition complete packet of C '.According to the characteristic of XOR, this result and P
kComplete packet and described C with C ' composition
kForming complete packet with filling part carries out equating on mathematics through encrypting the result who obtains behind the xor operation again.Therefore, the complete packet P that obtains of step 4013 as can be known
k is by described short grouping P
kPlaintext be the ciphertext block portion C of m-n with length ' combine.
Step 402: with described complete packet P
kThe described connecting method of the corresponding step 302 of is divided into two parts, and a part of length is n, and another part length is m-n; Wherein, length is that the part of n is exactly the plaintext P of described short grouping
k, length is that the part of m-n is exactly the described C ' of step 301;
Step 403: with P
kLength is the portion C of m-n among the ' described dividing mode of corresponding step 302 and the described short ciphertext C that divides into groups that receives
kSplicing, obtaining length is the complete ciphertext block C of m, this grouping is decrypted again, and obtains the clear packets P of last complete packet
K-1
Wherein, described deciphering is corresponding to the employed cryptographic algorithm of step 301, if adopt the aes algorithm based on the CBC pattern when encrypting, should adopt the aes algorithm based on the CBC pattern when then deciphering; If adopt DES algorithm when encrypting, should adopt DES algorithm when then deciphering based on the CBC pattern based on the CBC pattern.And when deciphering employed decruption key when other divide into groups with deciphering employed decruption key identical.
So far, the recipient can obtain the plaintext of last complete packet and described short grouping.
From above-mentioned two described methods of embodiment as can be seen, transmit leg sends to all groupings of recipient, comprises the ciphertext block of described short grouping, all is through what encrypt, therefore, can guarantee reliability of data transmission, eliminates the potential safety hazard of prior art.And, above-mentioned encryption method do not increase transmit the length of data, thereby can guarantee the efficient of transfer of data.
Claims (9)
1, a kind of in block encryption algorithm to the processing method of short grouping, it is characterized in that described method comprises two processes of encryption and decryption, described grouping comprises that length is that short grouping and the length of n is the complete packet of m, and n is arranged less than m;
Described ciphering process comprises:
After A, transmit leg were encrypted the plaintext of last complete packet, it was that n and length are two parts that m subtracts n that the ciphertext block that obtains is divided into length;
B, use length to subtract the filling part of n as m and the plaintext of described short grouping splices, form the complete packet that length is m, described complete packet is encrypted, the ciphertext block as described last complete packet sends to the recipient;
C, be the ciphertext block of the ciphertext block part of n, send to the recipient as described short grouping with the length that obtains in the steps A;
Described decrypting process comprises:
A, recipient are decrypted this ciphertext block after receiving the ciphertext block of described last complete packet;
It is that n and length are two parts that m subtracts n that b, the described connecting method of the corresponding step B of the grouping after will deciphering are divided into length, and wherein said length is that the part of n is the plaintext of described short grouping;
C, be that the described dividing mode of the corresponding steps A of part that m subtracts n is spliced with the ciphertext block of the described short grouping that receives with length among the step b, obtain the ciphertext block that length is m, again this ciphertext block is decrypted processing, obtains the plaintext of described last complete packet.
2, the method for claim 1 is characterized in that, steps A is described to be encrypted as employing and to encrypt based on the data encryption standard algorithm of cipher block chaining model;
The described decryption processing of step c is decrypted for adopting the data encryption standard algorithm based on cipher block chaining model.
3, the method for claim 1 is characterized in that, steps A is described to be encrypted as employing and to encrypt based on the Advanced Encryption Standardalgorithm of cipher block chaining model;
The described decryption processing of step c is decrypted for adopting the Advanced Encryption Standardalgorithm based on cipher block chaining model.
4, the method for claim 1 is characterized in that, steps A is described to be divided into: the preceding n position of described ciphertext block as a part, is subtracted the n position as another part and will be left m; Perhaps the preceding m with described ciphertext block subtracts the n position as a part, and will be left the n position as another part.
5, the method for claim 1 is characterized in that, the described filling part of step B is that the described length that is marked off by ciphertext block of steps A is the part that m subtracts n;
Step B is described to be spliced into: described short grouping expressly is placed on described filling part front, or described filling part is placed on described short grouping front expressly;
Step B is described to be encrypted as employing and to encrypt based on electronic codebook mode pattern cryptographic algorithm;
The described deciphering of step a is decrypted based on electronic codebook mode pattern decipherment algorithm for adopting.
6, method as claimed in claim 5 is characterized in that, described is Advanced Encryption Standardalgorithm based on the electronic codebook mode pattern based on electronic codebook mode pattern cryptographic algorithm; Described is Advanced Encryption Standardalgorithm based on the electronic codebook mode pattern based on electronic codebook mode pattern decipherment algorithm.
7, method as claimed in claim 5 is characterized in that, described is data encryption standard algorithm based on the electronic codebook mode pattern based on electronic codebook mode pattern cryptographic algorithm; Described is data encryption standard algorithm based on the electronic codebook mode pattern based on electronic codebook mode pattern decipherment algorithm.
As claim 1,2,3,5,6 or 7 described methods, it is characterized in that 8, the encryption key that uses is identical with other employed encryption keys that divide into groups of encryption when encrypting;
Employed decruption key is identical with other employed decruption keys that divide into groups of deciphering when deciphering.
9, the method for claim 1 is characterized in that, the described filling part of step B is that length is any number that m subtracts n; Step B is described to be spliced into: according to the described dividing mode of steps A, described short grouping is expressly spliced with described filling part, make that length is that n position partly is corresponding in described short grouping position expressly and the described ciphertext block;
Step B is described to be encrypted as employing and to encrypt based on the cipher block chaining model cryptographic algorithm;
The described deciphering of step a is decrypted based on the cipher block chaining model decipherment algorithm for adopting.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2005100797931A CN1323507C (en) | 2005-06-28 | 2005-06-28 | Short block processing method in block encryption algorithm |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2005100797931A CN1323507C (en) | 2005-06-28 | 2005-06-28 | Short block processing method in block encryption algorithm |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1801693A CN1801693A (en) | 2006-07-12 |
| CN1323507C true CN1323507C (en) | 2007-06-27 |
Family
ID=36811482
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2005100797931A Expired - Fee Related CN1323507C (en) | 2005-06-28 | 2005-06-28 | Short block processing method in block encryption algorithm |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1323507C (en) |
Families Citing this family (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1980122B (en) * | 2006-11-16 | 2012-11-14 | 北京尧天网迅科技有限公司 | Method for increasing information transmission safety |
| CN101355421B (en) * | 2008-09-25 | 2011-05-11 | 中国电信股份有限公司 | Method for adapting ciphering/deciphering data length of packet |
| EP2197144A1 (en) * | 2008-12-15 | 2010-06-16 | Thomson Licensing | Methods and devices for a chained encryption mode |
| CN101488860B (en) * | 2009-02-20 | 2011-07-27 | 四川长虹电器股份有限公司 | File ciphering, deciphering method |
| CN102546156A (en) * | 2012-02-01 | 2012-07-04 | 李智虎 | Method, system and device for grouping encryption |
| CN103001766A (en) * | 2012-11-26 | 2013-03-27 | 北京视博数字电视科技有限公司 | Symmetrical encryption and decryption method for supporting non-aligned data and system thereof |
| CN103488914B (en) * | 2013-09-16 | 2016-08-17 | 博隆科技有限公司 | A kind of efficient self-adapted Modular Data encryption method and system thereof |
| CN104683093B (en) * | 2013-11-27 | 2018-01-26 | 财团法人资讯工业策进会 | Have block encryption device, block encryption method, block decryption device and the block decryption method of integrity verification concurrently |
| CN105873033B (en) * | 2016-05-16 | 2019-04-30 | 北京鼎合信安科技有限公司 | A kind of encipher-decipher method of short message communication |
| CN106301762A (en) * | 2016-08-09 | 2017-01-04 | 杭州迪普科技有限公司 | The method and device of data deciphering |
| CN106788982A (en) * | 2017-02-22 | 2017-05-31 | 郑州云海信息技术有限公司 | A kind of sectional encryption transmission method and device |
| CN109245881A (en) * | 2018-09-14 | 2019-01-18 | 杭州嘀嗒科技有限公司 | A kind of photograph video cloud encryption storage method |
| CN110086823A (en) * | 2019-05-07 | 2019-08-02 | 山东渔翁信息技术股份有限公司 | A kind of data communications method, device, equipment and medium |
| CN111368322B (en) * | 2020-03-11 | 2022-04-12 | 中电科(天津)网络信息安全有限公司 | File decryption method and device, electronic equipment and storage medium |
| CN112866288B (en) * | 2021-03-01 | 2022-09-06 | 上海海事大学 | Data symmetric encryption method for double-plaintext transmission |
| CN113595719A (en) * | 2021-07-31 | 2021-11-02 | 中国电子科技集团公司第十五研究所 | Link layer beacon encryption method based on packet CBC mode |
| CN113794551A (en) * | 2021-09-13 | 2021-12-14 | 北京江南天安科技有限公司 | Equal-length block encryption method and ciphertext decryption method for long message data |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CA2347011A1 (en) * | 1998-10-28 | 2000-05-04 | Ellwood Mcgrogan | Apparatus and methods for cryptographic synchronization in packet based communications |
| GB2353191A (en) * | 1999-07-09 | 2001-02-14 | Hw Comm Ltd | Packet data encryption/decryption |
| WO2004086664A2 (en) * | 2003-03-27 | 2004-10-07 | Nds Limited | Improved cfm mode system |
-
2005
- 2005-06-28 CN CNB2005100797931A patent/CN1323507C/en not_active Expired - Fee Related
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CA2347011A1 (en) * | 1998-10-28 | 2000-05-04 | Ellwood Mcgrogan | Apparatus and methods for cryptographic synchronization in packet based communications |
| GB2353191A (en) * | 1999-07-09 | 2001-02-14 | Hw Comm Ltd | Packet data encryption/decryption |
| WO2004086664A2 (en) * | 2003-03-27 | 2004-10-07 | Nds Limited | Improved cfm mode system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1801693A (en) | 2006-07-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1323507C (en) | Short block processing method in block encryption algorithm | |
| US7827408B1 (en) | Device for and method of authenticated cryptography | |
| Krovetz et al. | The OCB authenticated-encryption algorithm | |
| CN101188496B (en) | A SMS encryption transport method | |
| WO1990009009A1 (en) | Data carrier and data communication apparatus using the same | |
| CN101262341A (en) | A mixed encryption method in session system | |
| CN101170404B (en) | Method for secret key configuration based on specified group | |
| CN107534558B (en) | Method for protecting the information security of data transmitted via a data bus and data bus system | |
| JPH0918469A (en) | Equipment and system for cipher communication and ciphering device | |
| Koko et al. | Comparison of Various Encryption Algorithms and Techniques for improving secured data Communication | |
| EP2772001A1 (en) | Dynamic encryption method | |
| CN109104278A (en) | A kind of encrypting and decrypting method | |
| CN113015157A (en) | Method, device and system for supporting multiple encryption in wireless communication system | |
| US7406595B1 (en) | Method of packet encryption that allows for pipelining | |
| CN112532384B (en) | Method for quickly encrypting and decrypting transmission key based on packet key mode | |
| US20170041133A1 (en) | Encryption method, program, and system | |
| Kumar et al. | Expansion of Round Key generations in Advanced Encryption Standard for secure communication | |
| CN104158788A (en) | Method of end-to-end data transmission | |
| CN108494554B (en) | Data symmetric encryption method based on double plaintexts | |
| Gaur et al. | A comparative study and analysis of cryptographic algorithms: RSA, DES, AES, BLOWFISH, 3-DES, and TWOFISH | |
| CN106973061B (en) | AES outgoing file encryption method based on reversible logic circuit | |
| EP1456997B1 (en) | System and method for symmetrical cryptography | |
| JP4664692B2 (en) | ENCRYPTION METHOD, DECRYPTION METHOD, ENCRYPTION DEVICE, DECRYPTION DEVICE, ENCRYPTION DEVICE, AND PROGRAM | |
| US7231048B2 (en) | Key sharing system, public key cryptosystem, signature system, key sharing apparatus, encryption apparatus, decryption apparatus, signature apparatus, authentication apparatus, key sharing method, encryption method, decryption method, signature method, authentication method, and programs | |
| Prasad et al. | A Performance Study on AES algorithms |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CI03 | Correction of invention patent |
Correction item: Claims Correct: Claim No. 1-13 False: Claim No. 1-9 Number: 16 Volume: 23 |
|
| COR | Change of bibliographic data |
Free format text: CORRECT: RIGHT-CLAIMING DOCUMENT; FROM: RIGHT-CLAIMING DOCUMENT ITEM NO. 1-9 TO: RIGHT-CLAIMING DOCUMENT ITEM NO. 1-13 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20070627 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |