RU2620730C1 - Method of secured transmission of encrypted information over communication channels - Google Patents

Abstract

FIELD: radio engineering, communication.

SUBSTANCE: method of secured transmission of encrypted information over communication channels provides cryptographic protection and antinoise coding, in particular, by using k encoders to perform the encryption procedure to message M, by interpreting received blocks of cryptograms C₁, C₂, …, C_k as the least non-negative residues over the mutually generated simple modules m_i (i = 1, 2, …, k) which form an information superblock of a modular code from the sequence of blocks of cryptograms C₁, C₂, …, C_k after the operation of expanding the excess blocks of cryptograms C_k+1, C_k+2,…, C_k+r, by obtaining from a set of blocks of cryptograms C₁,…, C_k, C_k+1,…, C_k+r of a modular antinoise code.

EFFECT: ensured sustainability of protected information to different types of exposure.

2 dwg

Description

The proposed method relates to the field of telecommunications, namely to the field of devices and methods of cryptographic protection of information transmitted over open communication channels, or stored on information carriers.

Known methods for protecting information that are based on the use of cryptographic transformations (GOST 28147-89, IDEA, AES, etc.) [B. Schneier Applied Cryptography, Second Edition, John Wiley & Sons, Inc., New York, 1996], comprising the following steps: encrypting message M, which is a binary sequence, generating a secret key k _e , splitting message M into blocks M ₁ , M ₂ , ..., M _k , where k is the number of blocks in message M. Moreover, the generation of blocks of cryptograms C ₁ , C ₂ , ..., C _{k is} carried out by alternately converting blocks M ₁ , M ₂ , ..., M _k depending on private key k _e . Accordingly, extracting message M from a sequence of blocks of cryptograms C ₁ , C ₂ , ..., C _{k is} practically possible only using the key k _e used in encryption. Due to this, protection of the information contained in the message M during transmission over open communication channels is achieved. To protect against accidental and deliberate changes in the data being protected, the following modes of operation are provided for in the indicated methods: encryption in the gamma-feedback mode (GOST 28147-89), the mode of forming an insert, a hash code (Message authentication code).

The disadvantages of such methods are:

the ability to propagate errors when one or more erroneous bits in one block of the cryptogram has (s) an effect on the decryption of subsequent blocks of the message;

the inability to correct errors in blocks of cryptograms that occur during transmission over an open communication channel caused by deliberate actions by an attacker or accidental interference;

the inability to restore reliable information when used in information transfer systems without feedback.

Known methods of information protection based on the theory of algebraic coding (McElice cryptosystem, Niederreiter scheme, etc.) [McEliece R.J. A public-key cryptosystem based on algebraic coding theory, DSN Progress Report 42-44, Jet Prop. Lab., Calif. Inst. Technol., Pasadena, CA, 1978, 114-116; Niederreiter H. Knapsack-Type Cryptosystem and Algebraic Coding Theory, Probl. Control and Inform. Theory, 1986. - Vol. 15 - P. 19-34]. The implementation of these schemes is based on the complexity of decoding full linear codes (general position codes).

The disadvantages of such methods are:

the lack of the possibility of guaranteed cryptographic strength of the protected information (for example, an attack by Sidelnikov V.M. and Shestakov S.O. on the McAlice system);

significant difficulty in implementation due to the high dimensionality of systems;

the length of the cryptogram is significantly longer than the length of the plaintext;

the transmitted sequence of cryptogram blocks is sensitive to errors in the communication channel.

Known methods for transmitting encrypted information over open communication channels using error-correcting codes in error detection mode, when the transmitted sequence of blocks of cryptograms is encoded by an error-correcting code, and the received code on the receiving side is checked for possible distortions. In this case, the detected distorted code combinations are retransmitted at the request of the receiving side through the feedback channel [Mc-Williams F.J., Sloan N.J. Theory of error correction codes. - M .: Communication, 1979. - 744 s].

These methods have the following disadvantages:

the dependence of the effective transmission rate (close to bandwidth) on the detecting ability of the code;

dependence on the quality of the feedback channel when requesting the retransmission of distorted code combinations.

Known methods for transmitting encrypted information over communication channels using classic error-correcting codes with error correction mode (Hamming, Bowse-Chowdhury-Hockingham, Reed-Solomon, etc.) [Bleikhut R. Theory and practice of error-control codes. - M .: Mir, 1986. - 576 s]. However, these methods do not protect information from learning.

The closest in technical essence to the claimed method and adopted as a prototype is the method described in [Belal A.A., Abdelhamid A.S. Secure transmission of sensitive data using multiple channels, The 3rd ACS / IEEE International Conference, Computer Systems and Applications, 2005. - Access mode: http://arxiv.org/ftp/cs/papers/0403/0403023.pdf. Date of appeal: 09.21.2015].

The prototype method includes the following steps: generating message M, splitting message M into s n-bit blocks, applying block encryption procedures to the plaintext blocks with the corresponding key k _e , representing the cryptogram block C _i as an integer n-bit number, generating k mutually simple modules, such that 2 ⁿ ≤m ₁ m ₂ ... m _k , obtaining from the cryptogram block C _{i the} sequence of residues (t _i ≡C _i mod m _i (i = 1,2, ..., k)), transmitting the formed residues t _{i to} the message recipient on k channels selected according to a certain algorithm from essentially the existing A channels of information transfer, transmission of free information on channels that are not related to the transmitted residues, recovery on the receiving side from the received sequence of residues t _i , in accordance with the Chinese remainder theorem, the cryptogram block C _i , application of the procedure to the cryptogram block C _i decryption by the corresponding key k _d , formation of message M.

The structural diagram explaining the essence of the prototype method is shown in figure 1.

The disadvantage of the prototype method is the lack of the ability to protect the deductions transmitted through the communication channels from unintentional and deliberate influences. Accordingly, the distortion of at least one residue affects the process of generating the original cryptogram block, which, in turn, will lead to an erroneous block of plaintext.

The aim of the proposed technical solution is to develop a method for secure transmission of encrypted information through communication channels, which increases resistance to various types of exposure (intentional and unintentional).

This goal in a method for securely transmitting encrypted information over communication channels is achieved by generating message M, splitting message M into s n-bit blocks, applying block encryption procedures to the plaintext blocks with the corresponding key k _e , representing the cryptogram block C _i as a whole n bit number, generating k mutually simple modules, such that 2 ⁿ ≤m ₁ m ₂ ... m _k , obtaining from the cryptogram block C _{i the} sequence of residues (t _i ≡ C _i mod m _i (i = 1,2, ..., k )), transmitting the generated deductions U to the message recipient on k channels selected according to a certain algorithm from existing A channels of information transmission, recovery on the receiving side from the received residue sequence t _i , in accordance with the Chinese remainder theorem, cryptogram block C _i , application of the decryption procedure to the cryptogram block C _i using the corresponding key k _d , the formation of the message M, the new is that to perform the encryption of the plaintext blocks M ₁ , M ₂ , ..., M _k using the corresponding key k _{e of the} message M, k encoders are used, the new is the fact that the blocks of cryptograms C ₁ , C ₂ , ..., C _{k are} interpreted as the smallest non-negative residues for the generated relatively simple modules m _i (i = 1,2, ..., k), which form the information superblock of the modular code, is new also that from the sequence of blocks of cryptograms C ₁ , C ₂ , ..., C _k after the expansion operation, redundant blocks of cryptograms C _{k + 1} , C _{k + 2} , ..., C _{k + r are formed} . What is new is that the resulting set of cryptogram blocks C ₁ , ..., C _k , C _{k + 1} , ..., C _{k + r} forms an error-correcting code transmitted to the message recipient via k + r from A information transmission channels, which provides on the receiving side detection of (intentional and unintentional) actions of the attacker on the protected information, and, if necessary, restoration of reliable data transmitted via communication channels.

Thanks to this new set of essential features, through the integrated use of encryption and coding procedures, guaranteed message delivery is provided on any channel with non-zero bandwidth, as well as guaranteed strength of cryptographic information protection, etc. The analysis of the prior art made it possible to establish that there are analogues in known sources of information characterized by a combination of features identical to all the features of the claimed technical solution, absent t, which indicates compliance of the claimed invention with the condition of patentability "novelty".

Search results for known solutions in this and related fields of technology in order to identify features that match the distinctive features of the claimed object from the prototype showed that they do not follow explicitly from the prior art. The prior art also did not reveal the popularity of the impact provided by the essential features of the claimed invention, the transformations on the achievement of the specified technical result. Therefore, the claimed invention meets the condition of patentability "inventive step".

The claimed method is illustrated by drawings, which show:

- FIG. 1 is a diagram of a secure transmission of encrypted information;

- FIG. 2 - scheme of comprehensive protection and transmission of encrypted information.

, где | - символ конкатенации. Вводится формальная переменная z и i-й блок сообщения M_i представляется в полиномиальной форме:The claimed method is implemented as follows. The source message M generated by the sender in binary form is subject to encryption and is divided into blocks of fixed length

where | - a symbol of concatenation. A formal variable z is introduced and the ith message block M _i is presented in polynomial form:

,

,

.Where

.

Accordingly, to obtain a sequence of blocks of cryptograms C ₁ (z), C ₂ (z), ..., C _k (z), k encryption operations will be required, and to obtain blocks M ₁ (z), M ₂ (z), ..., M _k (z) plaintext - k decryption operations. The encryption and decryption procedures are presented in the form:

where C _i (z) is the cryptogram block, M _i (z) is the plaintext block, k _{e, i} , k _{d, i} are the keys (general case) of encryption and decryption; accordingly, for k _{e, i} = k _{d, i} , the encryption system is symmetric, and for k _{e, i} ≠ k _{d, i} is asymmetric (i = 1,2, ..., k).

и

, так как они могут иметь искажения. Представим блоки криптограмм C_i(z) как наименьшие неотрицательные вычеты по основаниям m_i(z) таким, что gcd(m_i(z), m_j(z))=1, где i≠1,2,…, k. Причем deg Ci(z)<deg m_i(z), где deg C_i(z) - степень полинома (i=1,2,…, k). Совокупность блоков криптограмм C₁(z), C₂(z),…, C_k(z) представим как единый информационный суперблок модулярного полиномиального кода (МПК) по системе оснований m₁(z), m₂(z),…,m_k(z). В соответствии с Китайской теоремой об остатках для многочленов, для заданного множества многочленов m₁(z), m₂(z),…,m_k(z), удовлетворяющих условию gcd(m_i(z), m_j(z))=1, и многочленов C₁(z), С₂(z),…, C_k(z) таких, что deg C_i(z)<deg m_i(z), система сравненийThe received blocks of cryptograms and, accordingly, plaintexts are denoted as

and

since they may have distortion. We represent the blocks of cryptograms C _i (z) as the smallest non-negative residues on the bases m _i (z) such that gcd (m _i (z), m _j (z)) = 1, where i ≠ 1,2, ..., k. Moreover, deg Ci (z) <deg m _i (z), where deg C _i (z) is the degree of the polynomial (i = 1,2, ..., k). The set of cryptogram blocks C ₁ (z), C ₂ (z), ..., C _k (z) can be represented as a single information superblock of a modular polynomial code (MPC) according to the base system m ₁ (z), m ₂ (z), ..., m _k (z). In accordance with the Chinese remainder theorem for polynomials, for a given set of polynomials m ₁ (z), m ₂ (z), ..., m _k (z) satisfying the condition gcd (m _i (z), m _j (z)) = 1, and the polynomials C ₁ (z), C ₂ (z), ..., C _k (z) such that deg C _i (z) <deg m _i (z), the comparison system

has a unique solution X (z).

We perform the expansion operation of the IPC {C ₁ (z), C ₂ (z), ..., C _k (z)} the _IPC by introducing r excess bases m _{k + 1} (z), m _{k + 2} (z), ..., m _{k + r} (z) and obtaining excess residues C _{k + 1} (z), C _{k + 2} (z), ..., C _{k + r} (z):

Moreover, gcd (m _i (z), m _j (z)) = 1, where i ≠ j; i, j = 1,2, ..., k + r and deg m ₁ (z), ..., deg m _k (z) <deg m _{k + 1} (z) <... <deg m _{k + r} (z ) We obtain the extended IPC: {C ₁ (z), C ₂ (z), ..., C _k (z), C _{k + 1} (z), C _{k + 2} (z), ..., C _{k + r} (z) } _IPC in the ring of polynomials.

By a single error in the IPC codeword we mean an arbitrary distortion of one of the blocks of cryptograms of the IPC codeword, respectively, a q-fold error is defined as an arbitrary distortion of q blocks. In this case, the IPC detects q errors at r≥q and corrects q or less errors if 2q≤r.

в частности является выполнение неравенства degX*(z)<degP_pаб(z), где

- решение системы сравнений (1) для

. Критерий существования обнаруживаемой ошибки - выполнение неравенства degX*(z)≥degP_pаб(z); символ * указывает на наличие возможных искажений в кодовом слове.In accordance with the rules for decoding modular codes [I. Akushsky, D. Yuditsky Machine arithmetic in residual classes. - M .: Soviet Radio, 1968. - 440 s], the criterion for the absence of detectable errors in the modular code and IPC

in particular, the inequality degX * (z) <degP _pab (z) _holds , where

- solution of the comparison system (1) for

. The criterion for the existence of a detected error is the fulfillment of the inequality degX * (z) _≥degPabab (z); the * symbol indicates possible distortions in the codeword.

In accordance with the Chinese remainder theorem for polynomials, the solution to system (1) is:

, где

- полиномиальные ортогональные базисы,

.

where

- polynomial orthogonal bases,

.

The values of polynomial orthogonal bases are calculated in advance and stored in the memory of the IPC decoder. Recovery of valid blocks can be performed by calculating the smallest residues:

or in any other known manner.

A feature of the above method is the need to introduce excess encrypted information, in accordance with the properties of the IPC and the specified requirements for the multiplicity of detected or corrected distortions in the transmitted data. The structural diagram explaining the essence of the method of secure transmission of encrypted information over communication channels is shown in figure 2.

The correctness and practical feasibility of this method is justified by the following example.

Example

Choose a base system - polynomials:

;

;

;

;

;

;

,

,

for which

We introduce the control (excess) base - polynomial:

.

.

We calculate the polynomial orthogonal bases of the system:

Let the sequence of blocks of cryptograms be transmitted:

;

;

;

;

;

;

;

;

.

.

Instead of the transmitted sequence of cryptogram blocks,

;

;

;

;

;

;

;

;

,

,

блоке криптограммы. Для обнаружения ошибки вычислим величину

:which contains distortion in

cryptogram block. To detect an error, we calculate the value

:

Since degX * (z)> _degPab (z), the polynomial X * (z) is incorrect, thus the fact of the presence of an erroneous cryptogram block in the transmitted sequence of cryptogram blocks is detected.

The above example showed that the inventive method of securely transmitting encrypted information over communication channels is functioning correctly, technically feasible and allows us to solve the problem.

Claims (1)

A method for securely transmitting encrypted information over communication channels, including generating an M message, splitting an M message into s n-bit blocks, applying block encryption procedures to the plaintext blocks with the corresponding key k _e , representing the cryptogram block C _i as an integer n-bit number, generating k mutually simple modules such that 2 ⁿ ≤m ₁ m ₂ ... m _k , obtaining from the cryptogram block C _{i a} sequence of residues (t _i ≡C _i mod m _i (i = 1, 2, ..., k)), transfer formed residues t _i k for the message recipient channels selected by EFINITIONS algorithm of the existing A data transmission channels, restore the reception side from the received residue sequence t _i, in accordance with the Chinese Remainder Theorem, the cryptogram block C _i, use to block cryptogram C _i decrypting procedure according to the corresponding key k _d, the formation of messages M in order to ensure resistance to various types of influences (intentional and unintentional) on the protected information, characterized in that in order to perform the encryption of the blocks of open t Text M ₁ , M ₂ , ..., M _k according to the corresponding key k _e, k encoders are used, cryptogram blocks C ₁ , C ₂ , ..., C _{k are} interpreted as the smallest non-negative residues generated by mutually simple modules m _i (i = 1, 2, ..., k) forming the information superblock of the modular code, from the sequence of cryptogram blocks C ₁ , C ₂ , ..., C _k after the expansion operation, redundant cryptogram blocks C _{k + 1} , C _{k + 2} , ..., C _{k + r are formed} , the resulting set of blocks of cryptograms C ₁ , ..., C _k , C _{k + 1} , ..., C _{k + r} forms an error-correcting code transmitted to the message recipient by k + r from A channels of information transmission, which on the receiving side ensures the detection of (intentional and unintentional) actions of an attacker on the protected information and, if necessary, the restoration of reliable data transmitted via communication channels.

Images