RU2254685C2 - Method of data conversion - Google Patents

Abstract

FIELD: data processing.

SUBSTANCE: before beginning of decoding all possible non-repeating meanings of combinations of alphabet u_i are recorded randomly into code spreadsheet with N lines by means of random numbers detector (RND). Number i of code line of code spreadsheet Tk is recorded in each line u_i of address spreadsheet Ta. Meaning of combinations of alphabet u_i is recorded in spreadsheet Tk, where N-size of alphabet coincident with number of lines of code and address spreadsheets Tk and Ta, u_i is original combination being subject to coding. Moreover for filling any next i-line and line from code spreadsheet Tk (where i equals 1 to N) the next meaning of combination of alphabet from RND which is subsequently compared with each i-th meaning from recorded combinations of alphabet in code spreadsheet Tk. In case there is no coincidence with any recorded combinations of alphabet, the next meaning of combination of alphabet u_i is recorded into i-th line of code spreadsheet Tk. When coding line u_i of address spreadsheet Ta the address A(u_i) of original combination is read out from code spreadsheet Tk. Value of coded combination v_i of original combination u_i at value of parameter of conversion of ξ_i equals to value of combination of alphabet being stored in line A(v_i) of code spreadsheet Tk, which address is determined as A(v_i)=A(u_i)+ξ_i for module of N number. Value of coded combination v_i is read out from line of code spreadsheet Tk with address A(v_i). When decoding coded combination v_i at value of conversion parameter of ξ_i the value of combination is defined, which combination is stored in address line A(u_i) of spreadsheet Tk which address is determined as A(u_i)=A(v_i) - ξ_i for module N number. Value of u_i combination is read out from line of code spreadsheet Tk having address A(u_i).

EFFECT: increased speed of data processing.

Description

The invention relates to cryptography and means of protecting information from unauthorized acquaintance, changes in the content (modification) when storing and transmitting information, and can be used to build software, hardware and software and hardware cryptographic information protection from acquaintance and control and restoration of information integrity.

Known methods of encrypting information based on the use of cryptographic information conversion using random replacement tables. The first known method of such encryption, called the Polybian square, involves the use of a table in which the meanings of the letters of the alphabet used are randomly recorded. The value of the encrypted letter is used as the address at which the letter written there is read from the table, which is the result of a cryptographic conversion. From the standpoint of modern cryptography, such a conversion does not change the probability of the appearance of individual letters in the ciphertext, but only changes the ratio of the probabilities of individual letters in the cryptogram. If the letter "a", in accordance with the replacement table, goes into the letter "t", then the probability of the appearance of the letter "a" in the source text will be equal to the probability of the appearance of the letter "t" in the cryptogram. It is known that analysis of the statistics of individual letters in the text of a cryptogram makes it possible for an adversary to decrypt a test. Such replacement tables, as one parametric cryptographic conversion operation, are used in various cryptographic algorithms, including the national encryption standard GOST 28147-89, as one of the operations of conversion complication.

The mathematical principles of constructing absolutely stable ciphers, formulated by C. Shannon, are known. In accordance with these principles, only a cipher can be absolutely secret, providing a sequence at the encoder output that is close in its statistical properties to a random equiprobable sequence, regardless of the statistics of the appearance of individual letters in the original encrypted sequence.

In accordance with the invention, the encryption conversion method is intended to construct encryption as a two-parameter operation, where the result of the encryption conversion depends on the value of the original encrypted combination u _{i of} length L bits (in the simplest case, it is a letter or byte, more generally it is a q-ary character or block containing several bytes) and a quasi-random transformation parameter ξ _{i of} length at least L bits - f (ui, ξ _i ). The sign i indicates that these operands involved in the conversion belong to a certain time interval. For almost every next encrypted combination u _i , a new value ξ _{i is} generated _.

To implement the method, a code table T is built _{for a} volume of 2 ^l , where l is the length of the encrypted sequence (block), and the value 2 ^l = N determines the size of the alphabet of processed characters. Prior _to the start of encryption, all possible values of characters processed in the process of encryption of characters of length l bits are recorded in table T _k before encryption begins. The filling process can be carried out in one of two ways. In accordance with the first, the table is entered sequentially in ascending order from 0 to 2 ^l -1. Then, a random rearrangement of the values recorded in the table is performed without introducing new or eliminating existing letter values. The number of such possible permutations is (2 ^l ) !. For example, with l = 8, the number of permutations (2 ⁸ )! exceeds 10 ³⁰⁰ . Such a mathematical interpretation of the formation of the table T _to gives an idea of the number of options for filling the table, but does not give a specific implementation of the filling. In accordance with paragraph 5 of the claims, practically filling is carried out using the following operations. Pre-filling of the table T _{to is} performed using a random number sensor (DSC) in the following order, the first value of the sign received from the DSC is recorded on the first line of the table T _to number 0, the second sign value received from the DSC is compared with the previously recorded first sign, when the second value is recorded in the second cell of the table with number 1, otherwise the value of the second character received from the DSL is discarded, a third character value is generated, then compared with the value recorded in the table, for filling the next row of the table T _to with the number i (i has a value from 1 to 2 ^l -1) receive the next value of the sign from the DSL, compare the obtained value with each of the i-1 values recorded in the table of characters, in case of mismatch with any of characters, this character is written in the line with the number i, in case of coincidence with one of the characters previously recorded in the character table, the value received from the DSL is discarded and the process of filling the table is repeated until it is completely filled.

The encryption of the next character (block) of the source text u _i , performed using the two-parameter operation F (u _i , ξ _i ), involves the value of the transformation parameter ξ _i , obtained from a gamma source independent of the encrypted message, which acts as a random number sensor (DSN) . Obtained using the operation F (u _i , ξ _i ), the value of the encrypted sign v _i in accordance with the invention is obtained as follows: find the table T _{to the} value of the original sign u _i , and in this table any possible value of the original sign is necessarily present in a single row of the table , as a result of this operation, the address of the original combination in the code table A (u _i ) is obtained. Then they retreat along the rows of the table T _to ξ _i rows “down”, considering the combination ξ _{i as a} binary number. From the row of the table T _to , spaced from the row with the number A (u _i ) on ξ _{i of the} rows "down", the result of the transformation v _{i is} read. The offset operation “down” in the table can be expressed through the operation with addresses, that is, the address of the conversion result is

A (v _i ) = A (u _i ) + ξ _i mod N, where N is the size of the table.

Decryption is performed using the inverse operation relative to encryption. This operation consists in a search in the code table T _{for the} combination v _{i to} be decrypted, to shift the table “up” by the number of rows determined by the decryption parameter ξ _i . That is, decryption is performed by calculating the result address

A (u _i ) = A (v _i ) -ξ _i mod N, where N is the size of the table.

To simplify the search line in the table T _{to the} original combination of addresses is constructed an additional table of addresses on the basis of T _and filled codebook. If the first line of the table T _{to the} number 0 is written combination g, then the row of the table T _and the address g is recorded value of 0 if the second row of the table T _to the address 1 stored combination of t, then the line t of the table T _{and the} stored value 1 etc. Then, the search for the original combination u _i during encryption and v _i during decryption is reduced to reading from the table T _{and the} values of the combinations, respectively, from the rows with numbers u _i and v _{i of the} table T _a .

The described method has the following advantages:

- high speed information processing;

- providing after encryption a quasi-random sequence of signals regardless of the statistics of individual letters in the source text;

- a complex transformation that does not have any other formal description, except for the description of filling the code table T _to ;

- the ability to consider the initial filling of the table as an encryption key.

Sources of information

1. GOST 28147-89. Information processing systems. Cryptographic protection. Cryptographic conversion algorithm. - M.: Civil Code of the USSR by standards. 1989.

2. Romanets Yu.V., Timofeev PA, Shangin V.F .. Information security in computer systems and networks. - M .: Radio and communications, 1999.

Claims (1)

A method of encrypting information conversion, characterized in that prior to encryption, all possible non-repeating values of alphabet combinations u _{i are} randomly written using a random number sensor (RNC) into a code table with N lines, and a line number is written in each line u _{i of the} address table Ta i code table Tc in which the recorded value of the combination of the alphabet u _i where N - alphabet size coinciding with the number of lines of code and address tables Tc and Ta, u _i - initial combination to be encrypted, wherein for the full i is the next i-th line of the code table Tk, where i is a value from 1 to N, they receive the next value of the alphabet combination from the DSL, which is compared with each of the i-1 values of the recorded alphabet combinations in the code table Tk, and in case of a mismatch with one of the recorded alphabet combinations, the next value of the alphabet combination u _{i is} written to the i-th line of the code table Tk, when encrypting from the line u _{i of the} address table Ta, the address A (u _i ) of the original combination u _i is read in the code table Tk, the value of the encrypted combination v _i initial combination alpha avita u _i when the value of the transformation parameter ξ _i is equal to the value of the alphabet combination stored in row A (v _i ) of the code table Tk, the address of which is defined as A (v _i ) = A (u _i ) + ξ _i modulo the number N, read the value of the encrypted combination v _i from the line of the code table Tk with the address A (v _i ), when decrypting the encrypted combination v _i with the value of the conversion parameter ξ _i , the value of the combination stored in the line is the address A (u _i ) of the code table Tk, the address of which is determined as A (u _i ) = A (v _i ) -ξ _i modulo the number N, and read the value of the combination u _i from code table rows Tk with address A (u _i ).