RU2812949C1 - Method and device for forming modified crypto-code structures for noise-resistant data transmission over communication channels - Google Patents

Abstract

FIELD: cryptographic information protection.

SUBSTANCE: method for forming modified crypto-code structures for noise-resistant data transmission over communication channels is ensured by constructing crypto-code structures, the essence of which is to combine block encryption algorithms and multi-valued noise-resistant codes. A sequence of ciphertext or plaintext blocks or ciphertext blocks and a simulated insert generated from them, formed from a message M, is represented as a single information superblock of modular code, on the basis of which one or two redundant data blocks are formed. In this case, a simulated insertion and a redundant block or two redundant blocks are represented as a pseudo-complex number. Next, the objectivation procedure is performed. From the set of generated sequences of cipher or plaintext and real deduction, a data array is formed, which is transposed to form an error-resistant sequence of cipher or plaintext.

EFFECT: increasing resistance to deliberate simulating influences of an attacker.

4 cl, 6 dwg

Description

Field of technology to which the invention relates

The present invention relates to the field of radio and telecommunications, namely to the field of methods and devices for cryptographic protection of information transmitted over open communication channels or stored on information storage media.

State of the art

a) Description of analogues

There are known methods of cryptographic information protection that are based on block ciphers (DES, AES, Serpent, Twofish, Grasshopper, Magma) [Ferguson N., Schneier V., T.Kohno Cryptography Engineering. Design Principles and Practical Applications, Second Edition, New York, John Wiley & Sons, Inc., 2010; GOST P 34.12-2015 Information technology. Cryptographic information protection. Block ciphers], which include the following stages: encryption of plaintext and, if necessary, padded text M, presented in the form of blocks of fixed length M = {M ₁ ||M ₂ || … ||M _k }, where || - concatenation operation, k - number of plaintext blocks M, generation of an encryption key to _e , obtaining ciphertext blocks according to the following rule:

extracting plaintext M from a sequence of ciphertext blocks using the decryption key :

performing the inverse addition procedure, where i = 1, 2, …, k. Thus, the protection of information contained in the plaintext M is ensured when transmitted over open communication channels. To protect against the imposition of false information, substitution of transmitted information or changes in stored data, the following operating modes are provided in these methods:

- gamma mode with output feedback (Output Feedback, OFB);

- simple replacement mode with engagement (Cipher Block Chaining, SBC);

- gamma mode with ciphertext feedback (Cipher Feedback, CFB);

- mode of generating imitative insertion, hash code (Message Authentication Code algorithm). The disadvantages of such methods are:

- the inability to correct distortions in ciphertext blocks caused by the intentional influence of an attacker or the influence of random interference during transmission over open communication channels;

- the possibility of error propagation, where one or more erroneous bits in one cryptogram block(s) affect the decryption of subsequent plaintext blocks;

- inability to restore reliable information when used in information transmission systems without feedback.

There are known methods for protecting information based on the theory of algebraic coding (McEliece cryptosystem, Niederreiter scheme, Rao-Nama cryptosystem and their modifications) [McEliece R.J. A public-key cryptosystem based on algebraic coding theory, DSN Progress Report 42-44, Jet Prop.Lab., Calif. Inst. Technol. 1978. - pp.114-116; Niederreiter H. Knapsack-Type Cryptosystem and Algebraic Coding Theory, Probl. Control and Inform. Theory. 1986. - pp.19-34; Rao T.R.N., Nam K.H. Private-key algebraic-coded cryptosystem. Advances in Cryptology - CRYPTO 86, New York. - NY: Springer. 1986. - pp.35-48]. The implementation of these schemes is based on the complexity of decoding complete linear codes (general position codes).

The disadvantages of such methods are:

- inability to guarantee the cryptographic strength of the protected information (for example, the attack by V.M. Sidelnikov and S.O. Shestakov on the McEliece system);

- complexity in implementation due to the high dimensions of the system;

- the length of the cryptograms significantly exceeds the length of the plaintext;

- fairly high sensitivity of cryptogram blocks to distortions occurring in the communication channel.

There is a known method for the secure transmission of encrypted information via communication channels [RF Patent No. 2620730 publ. 05/29/2017], in which to perform the procedure for encrypting plaintext blocks by the corresponding key applies to encryption procedures, ciphertext blocks are interpreted as the smallest residues from the generated polynomials, ordered by degree magnitude, coprime polynomials forming an information superblock of a modular code from a sequence of ciphertext blocks after the expansion operation, redundant data blocks are formed the resulting collection of ciphertext blocks and redundant data blocks forms a code vector of a modular code transmitted to the message recipient via k + r from A information transmission channels, which on the receiving side ensures the detection (intentional and unintentional) of an attacker’s influence on the protected information and, if necessary, the restoration of reliable data transmitted over communication channels.

A disadvantage of the method is the inability to protect information from the imitating influences of an attacker, due to the presence of “one” encoding rule corresponding to a modular polynomial code, as a result of which, in order to impose false messages, an attacker needs to intercept the information superblock of the modular code to calculate redundant data blocks.

There is a known method for imitating transmission of information via communication channels [RF Patent No. 2669144 publ. 10/08/2018], in which information is protected by presenting the message M(z) in the form of blocks of fixed length applying encryption procedures to blocks of plaintext by the corresponding key representation of the received ciphertext blocks in the form of the smallest non-negative residues over the generated, ordered by magnitude, co-prime modules formation of an information superblock of a modular code performing the operation of expanding the information superblock of a modular code and obtaining redundant data blocks applied to redundant data blocks block encryption procedures, the algorithm of which performs nonlinear bijective transformations using the corresponding key obtaining redundant ciphertext blocks and the formation of crypto-code structures - imitation-resistant ciphertext sequence.

The disadvantages of this method are:

- increased consumption of encryption keys required for cryptographic transformations of redundant data blocks;

- the ability to calculate a fragment of a cipher gamma when encrypting redundant data blocks requires the use of a stream encryption algorithm (gamma mode);

- the lack of possibility of complexifying a redundant data block and a simulated insert into a single data block when implementing block encryption procedures in the “development of a simulated insert” mode.

b) Description of the closest analogue (prototype)

The closest in its technical essence to the declared technical solution and adopted as a prototype is the method of generating crypto-code structures for imitation-resistant data transmission over communication channels, described in [RF Patent No. 2764960 publ. 01/24/2022].

In the prototype method under consideration, information protection is carried out by presenting the message M in the form of blocks of fixed length applying encryption procedures to blocks of plaintext by the corresponding key production from the received ciphertext blocks simulating insertions H according to the corresponding key h, representing the resulting ciphertext blocks in the form of the smallest non-negative residues over the generated, ordered by magnitude, co-prime modules and the formation of an information superblock of a modular code by performing the operation of expanding the information superblock of a modular code and obtaining a redundant data block ω _k+1 , representing the resulting simulated insert H and the redundant block ω _k+1 as a pseudo-complex number which undergoes a reification procedure - the transformation of a pseudo-complex number into an integer real residue h modulo and the formation of a screencode design - an imitative sequence of ciphertext and a redundant block (real deduction), which ensures control of an attacker’s imitating effects and reliable recovery of ciphertext blocks.

The disadvantages of this method are:

- increased computational complexity of the process of generating redundant data blocks and the process of localization and correction of distortions associated with the basic representation of the transmitted superblocks of modular code;

- low corrective ability of crypto-code structures, due to the possibility of detecting distortion and correcting one block of data;

- inability to detect and restore data blocks of modular code superblocks corrupted by error packets.

A device for secure information processing is known from the prior art. So, in [Massey J.L. An introduction to contemporary cryptology. Proc. IEEE. 1988. - pp.533-549) a device is proposed that contains on the transmitting side a message source generating plaintext, a randomizer, an encoder, as well as a key gamma generator, the output of the message source is connected to the first input of the encoder, the second input of which is connected to the randomizer output, Accordingly, the output of the key gamma generator is connected to the third input of the encoder, and the output of the encoder is connected through an “open” communication line on the receiving side to the first input of the decoder, to the second input of which the output of the key gamma block is connected through a secure communication line, while the output of the decoder is connected to the input message source.

The disadvantage of the device is low noise immunity.

A device for imitative transmission of information via communication channels is known from the prior art [RF Patent No. 2669144 publ. 10/08/2018], containing on the transmitting side a crypto-code information converter, from the output of which the generated crypto-code constructs - an imitation-resistant sequence of cipher text - enter the communication channel, and on the receiving side - a crypto-code information converter, to which an imitation-resistant sequence of cipher text is received from the communication channel and with whose output is plaintext.

The main disadvantage of the device is the lack of mechanisms for hiding redundant symbols of cryptocode structures (redundant data block and imitative insertion) in a single data block (one-to-one conversion) under conditions of imitating attacker influences.

The closest in technical essence is a device for generating crypto-code structures for imitation-resistant data transmission over communication channels [RF Patent No. 2764960 publ. 01/24/2022], containing on the transmitting side a crypto-code information converter (Fig. 1), consisting of a plaintext input buffer, a control parameter storage unit (drive), a processor that implements functions presented in the form of functional blocks: a plaintext preprocessor, an encryption unit , block for generating simulation inserts of the encryption block, output buffer for simulation inserts, reification block, text block counter, encryption key processor, prime number generator, modular code expansion block; ciphertext output buffer, block (table) of code symbols, redundant data output buffer, merging switch, while the first output of the control parameter storage block (N) is connected to the third input of the plaintext preprocessor, the output of the plaintext preprocessor is connected to the first input of the encryption block, which the second input of which is connected to the second output of the control parameters storage block ( - iterative encryption keys and the formation of imitative inserts, generated on the basis of the secret key in this case, the first output of the encryption block is connected to the input of the output buffer of ciphertext blocks, the second output of the encryption block is connected to the first group (first input) of the inputs of the modular code expansion block, to the second group (second, third inputs) of whose inputs the first and second outputs of the simple generator are connected numbers (information and redundant), to the input of which the third output of the control parameter storage block (N) is connected; the output of the modular code expansion block is connected to the first input of the reification block, the second input of which is connected to the output of the simulation insert output buffer, the input of which is connected to the output of the simulation insert generation block of the encryption block; in this case, the third and fourth outputs of the prime number generator are connected to the third group (third, fourth inputs) of the reification block inputs; a group (fourth and fifth outputs) of outputs of the control parameters storage block (precalculated parameters p and q) is connected to the fourth group (fifth and sixth inputs) of the inputs of the materialization block; in this case, a group (sixth, seventh, eighth outputs) of outputs of the control parameters storage block (precalculated parameters) is connected to the third group (fourth, fifth, sixth inputs) of the inputs of the modular code expansion block ); the output of the ciphertext block output buffer and the output of the redundant data output buffer are connected to the first and second inputs of the combination switch, the output of which is the output of a crypto-code information converter, from the output of which the generated crypto-code structures (imitation-proof cipher text sequence) enter the communication channel; the text block counter tracks the number of the processed block, and on the receiving side there is a crypto-code information converter (Fig. 2), consisting of a separation switch, a control parameter storage unit, a redundant data input buffer, a ciphertext input buffer, a processor that implements functions presented in the form of functional blocks: redundant data preprocessor, prime number generator, encryption key processor, ciphertext preprocessor, complexification block, distortion detection and correction block, ciphertext decryption block, ciphertext decryption block simulation insert generation block, text block counter; a plaintext output buffer, a block (table) of code symbols, and a separation switch, the input of which is the input of a cryptocode information converter, to which cryptocode structures are received from the communication channel - an imitation-resistant sequence of ciphertext, and the first output of the separation switch is connected to the input of the input buffer redundant data, the output of which is connected to the first input of the redundant data preprocessor, to the second input of which the first output of the control parameter storage block (N) is connected, while the output of the redundant data preprocessor is connected to the first input of the complexification block, to the second group (second, third inputs) the inputs of which are connected to the second and third outputs of the control parameter storage block (p, q); the first and second outputs of the prime number generator are connected to the third group (fourth, fifth inputs) of the inputs of the complexification block, while the first output of the complexification block is connected to the first input of the simulation insert generation block of the ciphertext decryption block, the output of which is connected to the first input of the distortion detection and correction block, to the second input of which the second output of the complexification block is connected; the third and fourth outputs of the prime number generator (information and redundant) are connected to the third group (third, fourth inputs) of the inputs of the distortion detection and correction unit, to the input of which the fourth output of the control parameters storage unit (N) is connected; wherein the second output of the separation switch is connected to the input of the ciphertext block input buffer, the output of which is connected to the first input of the ciphertext preprocessor, to the second input of which the fifth output of the control parameters storage block (N) is connected; the first output of the ciphertext preprocessor is connected to the second input of the block for generating imitations of the ciphertext decryption block, while the second output of the ciphertext preprocessor is connected to the fourth group (fifth input) of the inputs of the distortion detection and correction block, the corresponding output of which is connected to the first input of the decryption block, to the second input of which the sixth output of the control parameters storage unit is connected the first input of which is connected to an encryption key processor, the input of which receives a secret key in this case, the output of the decryption block is connected to the first input of the output buffer of plaintext blocks, the second input of which is connected to the output of the block (table) of code symbols, the output of which is the output of the cryptocode information converter, from the output of which the plaintext is received; in this case, a group (seventh, eighth, ninth outputs) of outputs of the control parameters storage block (precalculated parameters) is connected to the fifth group (sixth, seventh, eighth inputs) of the distortion detection and correction block inputs ); The text block counter keeps track of the block number being processed.

The main disadvantages of the prototype device include:

- inability to select operating modes of the crypto-code converter for processing clear or encrypted text;

- inability to detect the correction of data blocks affected by error packets in the communication channel.

Disclosure of the Invention

a) The technical result to which the invention is aimed. The purpose of the proposed technical solution is to increase the stability of the method

and devices for generating crypto-code structures for imitation-resistant data transmission over communication channels to the intentional imitating effects of an attacker, causing data damage by error packets.

b) Set of essential features The technical result of the invention is achieved by the fact that:

1. In the known method of generating crypto-code structures for imitation-resistant data transmission over communication channels, information protection is carried out by presenting the message M in the form of blocks of a fixed length applying encryption procedures to blocks of plaintext by the corresponding key generation of ciphertext blocks from the received ones imitation inserts N using the corresponding key representation of the received ciphertext blocks in the form of the least non-negative residues over the generated, ordered by magnitude, coprime modules and the formation of an information superblock of a modular code by performing the operation of expanding the information superblock of a modular code and obtaining a redundant data block presentation of the obtained simulated insert H and excess block as a pseudo-complex number which undergoes a reification procedure - the transformation of a pseudo-complex number into an integer real residue h modulo and the formation of a cryptocode structure h - a copy-resistant sequence of ciphertext and a redundant block (real deduction), ensuring control of the attacker's simulating effects and reliable recovery of ciphertext blocks.

What is new is that the simulated insertion H is represented as the smallest non-negative deduction based on an additionally generated base (modulo) satisfying the condition of ordering by magnitude and such that and an information-control superblock of modular code is formed

What is new is that when performing the operation of expanding the information superblock of a modular code or information-control superblock of modular code redundant blocks are generated without a basis representation based on linear form coefficients

What is new is that from the many generated sequences of ciphertext and redundant block (real deduction) (cryptocode structures) a data array is formed in which the strings are cryptocode structures - sequences of ciphertext blocks and a redundant block

What is new is that the resulting data array is transposed to form cryptocode structures to be transmitted in the sequence in which the strings are blocks of ciphertext and redundant blocks - a noise-resistant sequence of ciphertext and redundant blocks, which ensures control of an attacker’s simulating effects and reliable recovery of ciphertext blocks damaged in the communication channel by error packets.

What is also new is that when performing the expansion operation of each information superblock of the modular code two redundant data blocks are formed which are presented as a whole real deduction according to the corresponding complex module

What is also new is that plaintext blocks encryption procedures are not applied (may not be applied), and plaintext blocks are represented in the form of the smallest non-negative residues over the generated, ordered by magnitude, coprime modules the operation of expanding the generated information superblock of the modular code is performed to receive two redundant data blocks which undergoes a reification procedure - obtaining from a pseudo-complex number whole real deduction according to the corresponding complex module and multi-valued code structures are formed - a noise-resistant sequence of plaintext and redundant blocks, which ensures control of an attacker’s simulating effects and reliable recovery of plaintext blocks damaged in the communication channel by error packets.

2. A device for generating crypto-code structures for imitation-resistant data transmission over communication channels, containing on the transmitting side a crypto-code information converter consisting of a clear text input buffer, a block for storing control parameters (drive), a processor that implements functions presented in the form of functional blocks: an open preprocessor text, encryption block, block for generating simulation inserts of the encryption block, output buffer for simulation inserts, reification block, text block counter, encryption key processor, prime number generator, modular code expansion block; a ciphertext output buffer, a block (table) of code symbols, a redundant data output buffer, a merging switch, wherein a plaintext input buffer, the input of which is the input of a cryptocode information converter, which receives plaintext, the output of which is connected to the first input of the plaintext preprocessor, the second input of which is connected to the output of the block (table) of code symbols, while the first output of the control parameter storage block (N) is connected to the third input of the plaintext preprocessor, the output of the plaintext preprocessor is connected to the first input of the encryption block, to the second input of which the second output is connected control parameter storage block ( - iterative encryption keys and the formation of imitative inserts, generated on the basis of the secret key in this case, the first output of the encryption block is connected to the input of the output buffer of ciphertext blocks, the second output of the encryption block is connected to the first group (first input) of the inputs of the modular code expansion block, to the second group (second, third inputs) of whose inputs the first and second outputs of the simple generator are connected numbers (information and redundant), to the input of which the third output of the control parameter storage block (N) is connected; the output of the modular code expansion block is connected to the first input of the reification block, the second input of which is connected to the output of the simulation insert output buffer, the input of which is connected to the output of the simulation insert generation block of the encryption block; in this case, the third and fourth outputs of the prime number generator are connected to the third group (third, fourth inputs) of the reification block inputs; a group (fourth and fifth outputs) of outputs of the control parameters storage block (precalculated parameters p and q) is connected to the fourth group (fifth and sixth inputs) of the inputs of the materialization block; in this case, a group (sixth, seventh, eighth outputs) of outputs of the control parameters storage block (precalculated parameters) is connected to the third group (fourth, fifth, sixth inputs) of the inputs of the modular code expansion block ); the output of the ciphertext block output buffer and the output of the redundant data output buffer are connected to the first and second inputs of the combination switch, the output of which is the output of a crypto-code information converter, from the output of which the generated crypto-code structures (imitation-proof cipher text sequence) enter the communication channel; The text block counter tracks the number of the block being processed, and on the receiving side there is a crypto-code information converter, consisting of a separation switch, a control parameter storage unit (drive), a redundant data input buffer, a ciphertext input buffer, a processor that implements functions presented in the form of functional blocks: redundant data preprocessor, prime number generator, encryption key processor, ciphertext preprocessor, complexification unit, distortion detection and correction unit; ciphertext decryption block, ciphertext decryption block simulation insert generation block, text block counter; a plaintext output buffer, a block (table) of code symbols, and a separation switch, the input of which is the input of a cryptocode information converter, to which cryptocode structures are received from the communication channel - an imitation-resistant sequence of ciphertext, and the first output of the separation switch is connected to the input of the input buffer redundant data, the output of which is connected to the first input of the redundant data preprocessor, to the second input of which the first output of the control parameter storage block (N) is connected, while the output of the redundant data preprocessor is connected to the first input of the complexification block, to the second group (second, third inputs) the inputs of which are connected to the second and third outputs of the control parameter storage block (p, q); the first and second outputs of the prime number generator are connected to the third group (fourth, fifth inputs) of the inputs of the complexification block, while the first output of the complexification block is connected to the first input of the simulation insert generation block of the ciphertext decryption block, the output of which is connected to the first input of the distortion detection and correction block, to the second input of which the second output of the complexification block is connected; the third and fourth outputs of the prime number generator (information and redundant) are connected to the third group (third, fourth inputs) of the inputs of the distortion detection and correction unit, to the input of which the fourth output of the control parameters storage unit (N) is connected; wherein the second output of the separation switch is connected to the input of the ciphertext block input buffer, the output of which is connected to the first input of the ciphertext preprocessor, to the second input of which the fifth output of the control parameters storage block (N) is connected; the first output of the ciphertext preprocessor is connected to the second input of the block for generating imitations of the ciphertext decryption block, while the second output of the ciphertext preprocessor is connected to the fourth group (fifth input) of the inputs of the distortion detection and correction block, the corresponding output of which is connected to the first input of the decryption block, to the second input of which the sixth output of the control parameters storage unit is connected the first input of which is connected to an encryption key processor, the input of which receives a secret key in this case, the output of the decryption block is connected to the first input of the output buffer of plaintext blocks, the second input of which is connected to the output of the block (table) of code symbols, the output of which is the output of the cryptocode information converter, from the output of which the plaintext is received; in this case, a group (seventh, eighth, ninth outputs) of outputs of the control parameters storage block (precalculated parameters) is connected to the fifth group (sixth, seventh, eighth inputs) of the distortion detection and correction block inputs ); the text block counter tracks the number of the processed block, characterized in that the elements of the block for storing control parameters (precalculated parameters λ _i ) are entered on the transmitting side; functional blocks of the processor: block for generating linear coefficients, plain text output buffer; functional blocks of a cryptocode information converter: data array generation block, block counter transposition block, wherein a plaintext input buffer, the input of which is the input of a cryptocode information converter, to which plaintext is received, the output of which is connected to the first input of the plaintext preprocessor, to the second input of which the output of a block (table) of code symbols is connected, and to the third input of the plaintext preprocessor is connected to the first output of the control parameter storage block (N), the first output of the plaintext preprocessor is connected to the first input of the encryption block, to the second input of which the second output of the control parameter storage block is connected ( - iterative encryption keys and the formation of imitative inserts, generated on the basis of the secret key in this case, the first output of the encryption block is connected to the input of the output buffer of ciphertext blocks, the second output of the encryption block is connected to the second input of the modular code expansion block, to the third input of which is connected the first output of the prime number generator, to the input of which is connected the third output of control parameters (N ), the output of the modular code expansion block is connected to the first input of the reification block, the output of which is connected to the input of the redundant data output buffer; in this case, the output of the simulation insert output buffer is connected to the first input of the modular code expansion block, the input of which is connected to the output of the simulation insert generation block of the encryption block; the second output of the prime number generator is connected to the second input of the reification block; the fourth output of the control parameters storage block (precalculated parameters p and q) is connected to the third input of the materialization block; in this case, the fifth, sixth and seventh outputs of the control parameters storage block (precalculated parameters) are connected to the fourth, fifth and sixth inputs of the modular code expansion block, respectively ), the output of the linear coefficient generation block is connected to the seventh input of the modular code expansion block the input of which is connected to the eighth output of the control parameters storage block (N); The output of the ciphertext block output buffer and the output of the redundant data output buffer are connected, respectively, to the first and second inputs of the data array formation block, the output of which is connected to the input of the transposition block, the output of which is connected to the input of the merging switch, the output of which is the output of the cryptocode information converter, from the output of which generated cryptocode structures - an imitation-resistant sequence of encrypted or plaintext and redundant blocks enter the communication channel; block counter tracks the number of the block being processed; in this case, the output of the plaintext output block is connected to the third input of the data array generation block, the input of which is connected to the second output of the plaintext preprocessor, which is also connected to the eighth input of the modular code expansion block; block counter tracks the number of message blocks to form a data array, and on the receiving side a data array formation block is introduced; transpose block; data array division block; block counter clear text input buffer; element of the control parameters storage block: linear coefficients processor functional blocks: block for generating linear coefficients a plaintext preprocessor, an error (distortion) table, an error (distortion) analysis processor of a distortion detection and correction unit, wherein a separation switch, the input of which is the input of a cryptocode information converter, to which cryptocode constructs are received from the communication channel - an imitation-resistant sequence of cipher or plaintext and redundant data, while the output of the division switch is connected to the input of the data array formation block, the output of which is connected to the input of the transposition block, the output of which is connected to the input of the data array division block, and the first output of the division block is connected to the redundant data input buffer, the output of which connected to the first input of the redundant data preprocessor, to the second input of which the first output of the control parameter storage block (N) is connected, while the output of the redundant data preprocessor is connected to the first input of the complexification block, to the second input of which the second output of the control parameter storage block (p, q); the output of the prime number generator is connected to the third input of the complexification block, to the input of which the third output of the control parameters storage block (N) is connected, while the first output of the complexification block is connected to the first input of the distortion detection and correction block, the second output of the complexification block is connected to the first input of the block generating a simulated insertion of a ciphertext decryption block, the output of which is connected to the second input of the distortion detection and correction block, to the third input of which the third output of the complexification block is connected; The output of the linear coefficients generation unit is connected to the fourth input of the distortion detection and correction block to the input of which the fourth output of the control parameter storage unit (N) is connected, the output of the error (distortion) table is connected to the error (distortion) analysis processor of the distortion detection and correction unit; in this case, the second output of the data array division block is connected to the input of the ciphertext input buffer, the output of which is connected to the first input of the ciphertext preprocessor, to the second input of which the fifth output of the control parameters storage block (N) is connected; the first output of the ciphertext preprocessor is connected to the second input of the block for generating imitations of the ciphertext decryption block, while the second output of the ciphertext preprocessor is connected to the fifth input of the distortion detection and correction block, the first output of which is connected to the first input of the decryption block, the second input of which is connected to the sixth output of the storage block control parameters the first input of which is connected to an encryption key processor, the input of which receives a secret key in this case, the output of the decryption block is connected to the first input of the plaintext output buffer, the second input of which is connected to the output of the block (table) of code symbols and the output of which is the output of the cryptocode information converter, from the output of which the plaintext is received; in this case, the seventh, eighth and ninth outputs of the control parameters storage unit are connected to the sixth, seventh and eighth inputs of the distortion detection and correction block, respectively The text block counter (i) keeps track of the number of the block being processed; wherein the third output of the array division block is connected to the input of the plaintext input buffer, the output of which is connected to the plaintext preprocessor, the output of which is connected to the ninth input of the distortion detection and correction block; block counter tracks the number of message blocks to generate a data array; in this case, the second output of the distortion detection and correction unit is connected to the third input of the plaintext output buffer.

c) Cause-and-effect relationship between features and technical result Thanks to the introduction of a set of essential distinctive features into a known object, the method and device for generating modified cryptocode structures for noise-resistant data transmission over communication channels allows:

- ensure the detection and reliable recovery of distorted data imitated by an attacker;

- increase the level of corrective ability of cryptocode structures;

- reduce the computational complexity of the process of generating redundant data blocks by eliminating transformations associated with the basic representation of the transmitted superblocks of modular code;

- ensure detection and reliable recovery of data distorted in communication channels by error packets.

Evidence of compliance of the claimed invention with the conditions of patentability “novelty” and “inventive step”

The analysis of the level of technology allowed us to establish that there are no analogues characterizing sets of features identical to all the features of the claimed technical solution, which indicates that the claimed method complies with the patentability condition of “novelty”.

The results of a search for known solutions in this and related fields of technology in order to identify features that coincide with the features of the claimed object that are distinctive from the prototype showed that they do not follow obvious from the level of technology. The prior art also does not reveal the knowledge of distinctive essential features that determine the same technical result that was achieved in the claimed method. Therefore, the claimed invention corresponds to the level of patentability “inventive step”.

Brief description of drawings

The claimed method and device are illustrated by drawings, which show:

- Fig.1 shows a diagram explaining the essence of the operation of the prototype method (transmitting part);

- Fig.2 shows a diagram explaining the essence of the operation of the prototype method (receiving part);

- Fig.3 shows a diagram of a device for generating cryptocode structures (transmitting part);

- Fig.4 shows a diagram of a device for generating cryptocode structures (receiving part);

- Fig.5 shows a diagram explaining the essence of the operation of the blocks for forming and transposing a data array (transmitting part);

- Fig.6 shows a diagram explaining the essence of the operation of the blocks for forming and transposing a data array (receiving part).

Carrying out the invention

For greater clarity, the description of the invention, allowing a specialist to carry out the implementation of the proposed invention and showing the influence of the features given in the claims on the above technical result, will be carried out as follows: first we will reveal the structure of the device, and then we will describe the implementation of the method within the framework of the proposed device.

The device for generating modified crypto-code structures for noise-resistant data transmission over communication channels contains on the transmitting side (Fig. 3) a crypto-code information converter 30, consisting of a clear text input buffer 200, a storage unit (drive) 210 control parameters, a processor 220 that implements the functions presented in the form of functional blocks: a plaintext preprocessor 221, an encryption block 222 with a simulation insertion (MAC) generation block 222.1, a prime number generator 223, a linear coefficient generation block 224, an encryption key preprocessor 225, a simulation insertion output buffer 226, a modular code extension block 227, a block 228 reifications, counter 229 blocks of text; plaintext output buffer 230, code symbol block (table) 240, ciphertext output buffer 250, redundant data output buffer 260, data array generation block 270 (FIG. 5), data block counter 271, transposition block 280 (FIG. 5), aggregation switch 290; and on the receiving side, the device contains (Fig. 4) a crypto-code information converter 50, consisting of a division switch 300, a data array generation block 310 (Figure 6), a data block counter 311, a transposition block 320 (Figure 6), a division block 330 data array, redundant data input buffer 340, storage unit (drive) 350 control parameters, ciphertext input buffer 360, plaintext input buffer 370, processor 380 implementing functions presented in the form of functional blocks: redundant data preprocessor 381, prime number generator 382 , linear coefficient generation unit 383, encryption key processor 384, ciphertext preprocessor 385, plaintext preprocessor 386, complexification unit 387, distortion detection and correction unit 388, error (distortion) analysis processor 388.1 of the distortion detection and correction unit, error (distortion) table 389 ), a text block counter 390, a decryption block 391 with a simulation insertion (MAC) generation block 391.1; plaintext output buffer 410, block (table) 420 code symbols.

The device operates in the following modes:

- formation of crypto-code structures with the reification and complexification of the authentication code (imitation insert) and the redundant data block;

- formation of crypto-code structures with reification and complexification of redundant data blocks;

- formation of multi-valued code structures with reification and complexification of redundant symbols.

The device works as follows:

The information to be transmitted, presented as a stream of characters, enters the crypto-code information converter 30, is buffered by the plaintext input buffer 200 before being pre-processed by the plaintext preprocessor 221. The plaintext preprocessor 221 analyzes the input plaintext character stream, breaks it into fixed-length blocks according to the parameter (N) of the control parameter accumulator 210, and converts the plaintext characters into numeric values coming from the code character block (table) 240.

The generated plaintext blocks in operating modes with plaintext encryption enter the encryption block 222, in which the block encryption procedure is carried out with nonlinear bijective transformations using iterative encryption keys control parameter storage 210, or, in unencrypted operation mode, to plaintext buffer 230. Further, in the mode of operation with encryption and generation of imitative inserts, the ciphertext blocks are supplied to block 222.1 for generating imitative inserts, in which, using the key an authentication code (imit insertion) is generated, which enters the imitative insertion output buffer 226, and then from the imitative insertion output block 226 to the modular code expansion block 227. In this case, iterative encryption keys and the formation of imitative inserts are generated by the encryption key processor 225 based on the entered secret key . The ciphertext blocks generated in the encryption block 222 enter the ciphertext output buffer 250 and the modular code expansion block 227, which also receives prime numbers and linear coefficients generated by the generator 223 and the linear coefficient generation block 224 in accordance with the parameters (N) of the control drive 210 parameters. The simulation insert generated in block 222.1 from the simulation insert output buffer 226, as well as the redundant data block generated in the modular code expansion block 227, enters the materialization block 228. Also, the reification block 228 receives mutually prime numbers p and q generated by the generator 223 in accordance with the parameter (N) of the drive 210 of control parameters. In the mode of operation of the crypto-code converter without data encryption, the plaintext blocks from the plaintext preprocessor 221 are supplied to the plaintext buffer 230 and the modular code expansion block 227. In the modular code expansion block 227, in operating modes without generating a simulation insert, two redundant data blocks are generated, which are supplied to the materialization block 228. Next, in the materialization block 228, depending on the operating mode, a pseudo-complex number is generated from a redundant data block and a simulated insertion or two redundant data blocks and the subsequent calculation of a real deduction according to a given (generated) complex module The generated real deduction enters the buffer 260 for outputting redundant data. Moreover, depending on the operating mode of the crypto-code information converter, the generated ciphertext blocks from the output of the ciphertext output buffer 250 or plaintext blocks from the output of the plaintext output buffer 226 (information elements) and the generated redundant block (real deduction) from the output of the redundant data output buffer 260 ( redundant element) are supplied to the corresponding inputs of the data array generation block 270, which is supplied to the transposition block 280, from the output of which the received data is sent to the input of the combination switch 290, in which cryptocode structures are formed - an error-resistant sequence of encrypted or plaintext and redundant blocks (real deductions ). In this case, the text block counter 229 tracks the processed text block to match the control parameters of the encryption procedures, and the block counter 271 tracks the number of message blocks to form a data array (data array lines).

On the receiving side, the received crypto-code structures (noise-resistant sequence of encrypted or plaintext and real deductions) enter the crypto-code information converter 50 at the input of the separation switch 300, from the output of which they enter the data array formation block 310, from which the data array enters the transposition block 320 and , then to a data splitter 330, from the first output of which a sequence of redundant data blocks is buffered by a redundant data input buffer 340 before being preprocessed by a redundant data preprocessor 381. The redundant data preprocessor 381 analyzes the input data stream in accordance with the parameter (N) of the control parameter accumulator 350. The received blocks of redundant data (real deductions) enter the complexification block 387, in which the real deduction is converted according to a given complex module p+qi into a pseudo-complex number (a redundant data block and a simulated insert or two redundant blocks depending on the operating mode of the cryptocode converter), where Prime numbers (p,q) are also received, generated by the generator 382 in accordance with the parameter (N) of the drive 350 of control parameters (the number and values of the generated numbers correspond to the parameters of the transmitting side). Depending on the operating mode of the crypto-code converter, one or two generated redundant data blocks are supplied to the distortion detection and correction unit 388, which also receives linear coefficients generated by block 383 for generating linear coefficients in accordance with the parameter (N) of the drive 350 of control parameters (the number and values of the generated coefficients correspond to the parameters of the transmitting side). In the simulation insert generation mode, the simulate insert obtained from the pseudo-complex number to check the presence of distortions in the received sequence of ciphertext blocks enters the simulation insert generation block 391.1 of the decryption block 391. In this case, from the second and third output of the data array division block 330, depending on the operating mode of the cryptocode information converter, the sequence of ciphertext or plaintext is buffered by ciphertext input buffer 360 or plaintext input buffer 370 before their preliminary processing by ciphertext preprocessor 385 or plaintext processor 386, respectively. In the encryption mode of the crypto-code converter, the ciphertext preprocessor 385 analyzes the input ciphertext stream, splits it into blocks of a fixed length in accordance with the parameter (N) of the control parameter accumulator 350. The generated ciphertext blocks (information elements) enter the distortion detection and correction block 388 and the simulation insert generation block 391.1 of the decryption block 391, in which the simulated insertion is calculated from the received sequence of ciphertext blocks (information elements) using a key and a comparison is made between the simulated insert received from the communication channel and the simulated insert calculated on the receiving side. In this case, the key for generating the imitative inserts is generated by the encryption key processor 384 based on the entered secret key . The comparison result from the block 391.1 of generating the imitative insertion of the decryption block 391 enters the distortion detection and correction block 388, in which the localization and correction of distortions caused by the imitating influences of the attacker is carried out by analyzing possible errors by the error analysis processor 388.1. The corrected sequence of ciphertext blocks is fed to the input of decryption block 391, in which a procedure is performed to reversely convert the sequence of ciphertext blocks into a sequence of plaintext blocks in accordance with a given encryption algorithm and using iterative decryption keys . In this case, iterative decryption keys are generated by the encryption key processor 384 based on the entered secret key . The decrypted sequence of plaintext blocks enters a plaintext output buffer 410, which converts the numeric values into plaintext characters coming from the code character block (table) 420. In this case, the text block counter 390 tracks the processed text block to match the control parameters of the decryption procedures, and the block counter 311 tracks the number of data blocks received to form data array rows.

In the mode of operation of the crypto-code information converter without encryption, the plaintext preprocessor 386 analyzes the input plaintext stream, breaks it into blocks of a fixed length in accordance with the parameter (N) of the drive 350 of control parameters. The generated plaintext blocks (information elements) enter the distortion detection and correction block 388, in which distortions are detected by calculating the error syndrome and localization and correction of distortions by analyzing possible errors by the error (distortion) analysis processor 388.1, which receives table data (block ) 389 errors (distortions). The corrected sequence of plaintext blocks is supplied to a plaintext output buffer 410, which converts the numeric values into plaintext characters coming from the code character block (table) 420.

In one embodiment of a cryptocode information converter, prime numbers and other parameters of the distortion detection and correction unit 388 and the complexification unit 387 can be calculated in advance and stored in the control parameter storage 350.

The method (device) for generating modified crypto-code structures for noise-resistant data transmission over communication channels can be implemented in accordance with the provisions of the codes of the residual class system (modular codes) and their weakly arithmetic modification [I.Ya. Akushsky, I.T. Pak Issues of error-resistant coding in a non-positional code // Issues of cybernetics. - 1977. - T.28 - P.36-56].

The bases of the system of residual classes are a set of positive integers ordered by magnitude coprime numbers that is:

and

Then any integer A in the range is represented by its residues for each of their bases in a unique way:

Where

To construct a correcting error of the code system, we introduce, in addition to k, an additional control base Check digit numbers A by control module we will define it as follows:

Where - coefficients of linear form that satisfy the condition:

The criterion for the presence of an error in the code combination there will be a correlation of check digits combinations without errors and check digit combination containing an error, i.e. error syndrome calculation:

When σ = 0 there is no error, when σ ≠ 0 there is an error. Mutual simplicity of linear coefficients λ _i and control base ensures the uniqueness of the solution to comparison (6).

Thus, each value of the error syndrome σ ≠ 0 corresponds to a certain alternative set of bases of the number An error in the numbers for each of which can lead to the magnitude of the error syndrome. And for each of the bases value determined errors in the figures on this basis.

For each base system a table of possible error values corresponding to the value a of the error syndrome can be compiled. Analysis of tables of possible errors allows you to localize the error, and its magnitude is thereby determined.

Analysis of alternative sets of reasons for which an error is possible, in addition, allows for a “contraction” of alternatives, that is, according to the magnitude of the error syndrome find the intersection (coincidence) of alternative sets of bases before they are reduced to a single base for which the figure is erroneous. Precomputed tables of alternative sets can also be constructed for q-fold errors.

To combat error packets, decomposed data array transmission is used. Suppose you need to transfer an array of codewords:

Decomposition consists of passing the array in columns, that is, in the sequence:

Then a packet of errors on the receiving side when constructing codewords in the form (7) will affect the digits in one base or two adjacent ones.

In addition, the present invention proposes a method for generating modified crypto-code structures for noise-resistant data transmission over communication channels for different operating modes:

1. In the mode of generating cryptocode structures by a cryptocode converter with the complexification of a control block and a redundant block with encryption in the mode of generating an imitation insert, the message generated by the sender to be encrypted, is received at the input of the crypto-code information converter 30, and is buffered in the form of characters in the plaintext input buffer 200 before its pre-processing by the plaintext preprocessor 221. The plaintext preprocessor 221 analyzes the input plaintext character stream, converts the plaintext characters into numeric values coming from the code character block (table) 240, and, in accordance with the parameter (N) of the control parameter storage block 210, breaks each message into fixed-length blocks. depending on the encryption algorithm (for example, GOST 34.12-2015 with blocks of 64, 128 bits, respectively).

In order to ensure the required level of information confidentiality, the generated sequences of plaintext blocks enter the encryption block 222. To obtain a sequence of ciphertext blocks k encryption operations will be required for each j-th message. Accordingly, display (1) can be presented as:

Where - iterative encryption keys generated by the key generation processor 225 on the transmitting side based on the entered secret key

Further for each of sequences of ciphertext blocks encrypted message in block 222.1 the simulation insertion is calculated according to the display:

Where - operator for generating imitation inserts on the key (key generated by the key generation processor 225 on the transmitting side based on the entered secret key - vector representation of the ciphertext superblock of each j-th message

Then the simulated insertion enters the simulation insert output buffer 227. Next, the sequence of ciphertext blocks formed in the encryption block 222 is buffered in the ciphertext output buffer 250 and in parallel enters the MK expansion block 227, which also receives the simulation insert generated in the block 222.1 Each j-th sequence of ciphertext blocks received by the MK extension block 227 and a simulated insertion represented in the form of the smallest non-negative residues by bases (modules) generated by generator 223, satisfying conditions (2) and (3). Moreover Each set of ciphertext blocks and simulated inserts is presented as a single information superblock MK according to the base system

Next, for the MK expansion block 227, the generator 223 carries out additional formation of a redundant base (module) satisfying conditions (2) and (3), linear coefficients generation block 224 generates linear coefficients satisfying condition (5) and in accordance with expression (4) for each information superblock of the modular code a redundant data block is generated, which we denote as Excess deductions generated in MK expansion block 227 and imitative inserts enter the reification block 228, where pseudo-complex numbers are generated Also, the reification block 229 additionally receives prime numbers (p, q) generated by the generator 223 to form a complex module and calculating the K norm. After forming a complex module pseudocomplex numbers converted to real integers according to the expression:

2. In the mode of generating cryptocode structures by a cryptocode converter with complexification of redundant blocks without generating imitative inserts, each generated sequence of ciphertext blocks is presented as a single information superblock MK according to a system of bases ordered by size satisfying conditions (2) and (3). Next, for the MK expansion block 227, the generator 223 additionally generates two redundant bases satisfying conditions (2) and (3), and linear coefficients generation block 224 produces linear coefficients satisfying condition (5) and in accordance with expression (4) two redundant blocks are generated which enter the materialization block 228, where in accordance with the expression:

are converted to integer real residues

3. In the mode of generating multi-valued code structures without encryption by the crypto-code converter, the generated message blocks from the plaintext preprocessor 229 are buffered in the plaintext output buffer 230 and in parallel enter the MK expansion block 227, where they are presented as a single information block of the MK according to a radix system ordered by size satisfying conditions (2) and (3). Next, in accordance with expression (4), two redundant blocks are generated based on 223 additional redundant bases generated by the generator and linear coefficients generated by block 224 . Received excess blocks enter the materialization block, where, in accordance with the expression:

are converted to integer real residues

Calculated real deductions enter the redundant data output buffer 260. At the same time, the elements of the complex module - prime numbers (p, q) are kept secret.

The MK information superblocks from the ciphertext output buffer 250 or, depending on the operating mode of the crypto-code converter, from the plaintext buffer 230 and redundant MK elements from the redundant data output buffer 260 enter block 270 for generating a data array of the form (7), that is:

for operating modes of a cryptocode converter with encryption or type

for operating mode without encryption of data blocks.

The generated data array enters the transposition block 280 to form a data array of the form:

for operating modes of a cryptocode converter with encryption or type

for operating mode without encryption of data blocks.

That is, decomposed transmission of a data array in sequence

depending on the operating mode of the crypto-code converter. The combining switch 290, based on the array of information and redundant blocks received from the output buffer 285, generates crypto-code structures - a copy-resistant sequence of cipher or plaintext and redundant blocks.

On the receiving side, the cryptocode constructions received by the cryptocode information converter 50 (an imitation-resistant sequence of encrypted or plaintext and redundant blocks) are sent to the input of the separation switch 300, from the output of which they enter the data array generation block 310, in which, depending on the operating mode of the cryptocode converter, from the received sequence (13) or (14) an array of received data of the form (11) or (12) is formed, respectively.

The received data array enters block 320 and is transposed to obtain a data array of the form (9) or (10) (depending on the operating mode of the crypto-code converter), which enters the separation block 330, from the first output of which the redundant MC elements enter the buffer 340 input of redundant data, then they are preprocessed by the preprocessor 381 of redundant data in accordance with the parameter (TV) of the drive 350 of control parameters. From the second output of the separation unit 330, the sequence of ciphertext or plaintext (a single information superblock MK) enters the ciphertext input buffer 360 or the plaintext input buffer 370, then preprocessing is carried out by the ciphertext preprocessor 385 or the plaintext preprocessor 386 and the formation of ciphertext or plaintext blocks, respectively. length specified by the value (N) of the drive 320 control parameters. The ciphertext blocks generated by the ciphertext preprocessor 385, designated as or plaintext preprocessor 386 generated plaintext blocks due to the possible content of distorted elements, they enter block 388 for detecting and correcting distortions. Excessive elements of the MC (real deductions), also possibly containing distortions and designated as enter the complexification block 387, in which they are converted into a pseudo-complex number depending on the operating mode of the crypto-code converter.

In the mode of generating imitation inserts, the received redundant data block and imitation insert enter block 388 for detecting and correcting distortions. Imitovinsert and the ciphertext blocks generated by the preprocessor 385 also enter the block 391.1 for generating the imitations of the decryption block 391. In the block 391.1 of generating imitations of the decryption block 391, a possible imitation of the enemy is detected in the received sequence of ciphertext blocks by comparing the simulated insert received from the communication channel and imitative inserts calculated from the received sequence of ciphertext blocks

At the output of the block 391.1 for generating the simulation insert of the decryption block 391, a signal is generated

which enters block 388 for detecting and correcting distortions.

In block 388 for detecting and correcting distortions based on the received information superblocks MK by bases (modules) generated by prime number generator 382 and linear coefficients generated by block 383 for generating linear coefficients, the redundant block is calculated or, depending on the operating mode of the cryptocode converter, and by comparing them with the redundant block received from the communication channel or in accordance with expression (6), the error syndrome is calculated . An additional criterion for checking the absence of detected errors is the fulfillment of the condition Since each value corresponds to a certain error value for appropriate reasons if the condition is not met localization and restoration of distorted MC elements is carried out by analyzing the magnitude of the error syndrome in the processor 388.1 for analyzing permissible errors of the distortion detection and correction block 388 based on pre-calculated error tables (block) 389.

In encryption mode, the corrected sequence of ciphertext blocks is received at the input of decryption block 391, in which the procedure of inversely converting a sequence of ciphertext blocks into a sequence of plaintext blocks is performed:

using iterative decryption keys encryption keys generated by the processor 384 based on the entered secret key Decrypted sequence of plaintext blocks enters the plaintext output buffer 410, which converts the numeric values into plaintext characters coming from the code character block (table) 420.

In the mode of operation of the cryptocode converter without encryption of data blocks, the corrected sequence of plaintext blocks enters the plaintext output buffer 410, which converts the numeric values into plaintext characters coming from the code character block (table) 420.

If the transmitted data array is affected by several error packets and there is no data to “contract” alternative sets, it is possible to resample not the entire data array, but one or several blocks that are necessary to carry out the procedure of “contracting” alternative sets of bases to the only possible one.

The claimed invention can be implemented using means and methods described in available sources of information. This allows us to conclude that the claimed invention meets the criteria of “industrial applicability”.

Claims (4)

1. The method of forming modified crypto-code structures for noise-resistant data transmission over communication channels is that information is protected by presenting a message M in the form of blocks of a fixed length M = {M ₁ ||M ₂ || … ||M _k }, applying encryption procedures to plaintext blocks M ₁ , M ₂ , …, M _k using the corresponding key to _e,i (i = 1, 2, …, k), generating ciphertext Ω from the resulting blocks ₁ , Ω ₂ , …, Ω _k simulating inserts Н according to the corresponding key h, representing the resulting ciphertext blocks Ω ₁ , Ω ₂ , …, Ω _k in the form of the smallest non-negative residues according to the generated, ordered by magnitude, coprime modules m _i (i = 1 _{. _ _ _ _ 1} in the form of a pseudo-complex number ω _k+1 +Hi, which is subjected to the reification procedure, obtaining from the pseudo-complex number ω _k+1 +Hi an integer real residue h according to the corresponding module and the formation of a cryptocode construction Ω ₁ , Ω ₂ , …, Ω _k , h - a imitation-resistant sequence of ciphertext and a redundant block (real deduction), characterized in that the imitation insertion H is represented as the smallest non-negative deduction on an additionally generated base m _k+1 > m _k , the information and control superblock MK is formed an extension operation is performed to obtain a redundant block non-basic representation based on coefficients of the linear form λ _i (i = 1, 2, …, k, k+1), and from the set generated ciphertext sequences and redundant blocks (real residues) a data array is formed in which the strings are cryptocode structures - sequences of ciphertext blocks and redundant block and which is transposed to form transferable cryptocode structures - a noise-resistant sequence of ciphertext and redundant blocks, ensuring control of the attacker’s simulating effects and reliable recovery of ciphertext blocks and imitation inserts damaged by error packets in communication channels. 2. The method according to claim 1, in which the ciphertext blocks are represented in the form of the smallest non-negative residues by generated, ordered by magnitude, coprime modules m _i (i = 1, 2, ..., k) and the formation of an information superblock of a modular code by performing the operation of expanding the information superblock of a modular code and obtaining two redundant data blocks representation of received redundant data blocks as a pseudo-complex number which undergoes a reification procedure, obtained from a pseudo-complex number whole real deduction according to the corresponding module and the formation of a set of generated sequences of ciphertext and redundant blocks (real residues) a data array in which the strings are sequences of ciphertext blocks and redundant blocks and which is transposed to form transferable cryptocode structures - a noise-resistant sequence of ciphertext and redundant blocks, ensuring control of an attacker’s simulating effects and reliable recovery of ciphertext blocks damaged by error packets in communication channels. 3. The method according to claim 1, in which the plaintext blocks are represented in the form of the smallest non-negative residues by generated, ordered by magnitude, coprime modules m _i (i = 1, 2, ..., k) and the formation of an information superblock of a modular code performing the operation of expanding the information superblock of a modular code and obtaining redundant data blocks representation of received redundant data blocks And as a pseudo-complex number which undergoes a reification procedure, obtained from a pseudo-complex number whole real deduction according to the corresponding module and the formation of a set of generated plaintext sequences and a redundant block (real deduction) a data array in which the strings are plaintext sequences and redundant blocks and which is transposed to form transferable multi-character code structures - a noise-resistant sequence of plaintext and redundant blocks, which ensures control of an attacker’s simulating effects and reliable recovery of plaintext blocks damaged by error packets in communication channels. 4. A device for generating crypto-code structures for imitation-resistant data transmission over communication channels, containing on the transmitting side a crypto-code information converter consisting of a clear text input buffer, a block for storing control parameters (drive), a processor that implements functions presented in the form of functional blocks: an open preprocessor text, encryption block, block for generating simulation inserts of the encryption block, output buffer for simulation inserts, reification block, text block counter, encryption key processor, prime number generator, modular code expansion block; a ciphertext output buffer, a block (table) of code symbols, a redundant data output buffer, a merging switch, wherein a plaintext input buffer, the input of which is the input of a cryptocode information converter, which receives plaintext, the output of which is connected to the first input of the plaintext preprocessor, the second input of which is connected to the output of the block (table) of code symbols, while the first output of the control parameter storage block (N) is connected to the third input of the plaintext preprocessor, the output of the plaintext preprocessor is connected to the first input of the encryption block, to the second input of which the second output is connected control parameter storage block ( - iterative encryption keys and the formation of imitative inserts, generated on the basis of the secret key in this case, the first output of the encryption block is connected to the input of the output buffer of ciphertext blocks, the second output of the encryption block is connected to the first group (first input) of the inputs of the modular code expansion block, to the second group (second, third inputs) of whose inputs the first and second outputs of the simple generator are connected numbers (information and redundant), to the input of which the third output of the control parameter storage block (N) is connected; the output of the modular code expansion block is connected to the first input of the reification block, the second input of which is connected to the output of the simulation insert output buffer, the input of which is connected to the output of the simulation insert generation block of the encryption block; in this case, the third and fourth outputs of the prime number generator are connected to the third group (third, fourth inputs) of the reification block inputs; a group (fourth and fifth outputs) of outputs of the control parameters storage block (precalculated parameters p and q) is connected to the fourth group (fifth and sixth inputs) of the inputs of the materialization block; in this case, a group (sixth, seventh, eighth outputs) of outputs of the control parameters storage block (precalculated parameters B _i , m _i , m _k+1 ) is connected to the third group (fourth, fifth, sixth inputs) of the inputs of the modular code expansion block; the output of the ciphertext block output buffer and the output of the redundant data output buffer are connected to the first and second inputs of the combination switch, the output of which is the output of a crypto-code information converter, from the output of which the generated crypto-code structures (imitation-proof cipher text sequence) enter the communication channel; the text block counter tracks the number of the processed block, and on the receiving side there is a crypto-code information converter, consisting of a separation switch, a control parameter storage unit, a redundant data input buffer, a ciphertext input buffer, a processor that implements functions presented in the form of functional blocks: redundant data preprocessor , prime number generator, encryption key processor, ciphertext preprocessor, complexification unit, distortion detection and correction unit, ciphertext decryption unit, ciphertext decryption unit simulation insert generation unit, text block counter; a plaintext output buffer, a block (table) of code symbols, and a separation switch, the input of which is the input of a cryptocode information converter, to which cryptocode structures are received from the communication channel - an imitation-resistant sequence of ciphertext, and the first output of the separation switch is connected to the input of the input buffer redundant data, the output of which is connected to the first input of the redundant data preprocessor, to the second input of which the first output of the control parameter storage block (N) is connected, while the output of the redundant data preprocessor is connected to the first input of the complexification block, to the second group (second, third inputs) the inputs of which are connected to the second and third outputs of the control parameter storage unit (p, q); the first and second outputs of the prime number generator are connected to the third group (fourth, fifth inputs) of the inputs of the complexification block, while the first output of the complexification block is connected to the first input of the simulation insert generation block of the ciphertext decryption block, the output of which is connected to the first input of the distortion detection and correction block, to the second input of which the second output of the complexification block is connected; the third and fourth outputs of the prime number generator (information and redundant) are connected to the third group (third, fourth inputs) of the inputs of the distortion detection and correction unit, to the input of which the fourth output of the control parameters storage unit (N) is connected; wherein the second output of the separation switch is connected to the input of the ciphertext block input buffer, the output of which is connected to the first input of the ciphertext preprocessor, to the second input of which the fifth output of the control parameters storage block (N) is connected; the first output of the ciphertext preprocessor is connected to the second input of the block for generating imitations of the ciphertext decryption block, while the second output of the ciphertext preprocessor is connected to the fourth group (fifth input) of the inputs of the distortion detection and correction block, the corresponding output of which is connected to the first input of the decryption block, to the second input of which the sixth output of the control parameters storage unit is connected the first input of which is connected to an encryption key processor, the input of which receives a secret key in this case, the output of the decryption block is connected to the first input of the output buffer of plaintext blocks, the second input of which is connected to the output of the block (table) of code symbols, the output of which is the output of the cryptocode information converter, from the output of which the plaintext is received; in this case, a group (seventh, eighth, ninth outputs) of outputs of the control parameters storage unit (precalculated parameters B _i , m _i , m _i+r ) is connected to the fifth group (sixth, seventh, eighth inputs) of the inputs of the distortion detection and correction block; the text block counter tracks the number of the processed block, characterized in that the elements of the block for storing control parameters (precalculated parameters λ _i ) are entered on the transmitting side; functional blocks of the processor: block for generating linear coefficients, plain text output buffer; functional blocks of a cryptocode information converter: data array generation block, block counter transposition block, wherein a plaintext input buffer, the input of which is the input of a cryptocode information converter, to which plaintext is received, the output of which is connected to the first input of the plaintext preprocessor, to the second input of which the output of a block (table) of code symbols is connected, and to the third input of the plaintext preprocessor is connected to the first output of the control parameter storage block (N), the output of the plaintext preprocessor is connected to the input of the switch, the first output of which is connected to the first input of the encryption block, to the second input of which the second output of the control parameter storage block is connected ( - iterative encryption keys and the formation of imitative inserts, generated on the basis of the secret key in this case, the first output of the encryption block is connected to the input of the output buffer of ciphertext blocks, the second output of the encryption block is connected to the first input of the modular code expansion block, the second input of which is connected to the first output of the prime number generator, to the input of which the third output of control parameters (N) is connected, the output of the modular code expansion block is connected to the first input of the reification block, the output of which is connected to the input of the redundant data output buffer; in this case, the output of the imitative insertion output buffer is connected to the second input of the materialization block (via a controlled key), the input of which (via a managed key) is connected to the output of the imitative insertion generation block of the encryption block; the second output of the prime number generator is connected to the third input of the reification block; the fourth output of the control parameters storage block (precalculated parameters p and q) is connected to the fourth input of the materialization block; in this case, the fifth, sixth and seventh outputs of the control parameters storage block are connected to the third, fourth and fifth inputs of the modular code expansion block (precalculated parameters m _i , m _i+r , λ _i ), respectively; the generation block is connected to the sixth input of the modular code expansion block linear coefficients, the input of which is connected to the eighth output of the control parameters storage block (N); The output of the ciphertext block output buffer and the output of the redundant data output buffer are connected, respectively, to the first and second inputs of the data array formation block, the output of which is connected to the input of the transposition block, the output of which is connected to the input of the merging switch, the output of which is the output of the cryptocode information converter, from the output of which generated crypto-code structures - imitation-resistant sequences of cipher text and redundant blocks enter the communication channel; The block counter i keeps track of the number of the block being processed; at the same time to the third entrance the data array generation block is connected to the output of the plaintext output block, the input of which is connected to the second output of the switch, which is also connected to the seventh input of the modular code expansion block; block counter tracks the number of message blocks to form a data array, and on the receiving side a data array formation block is introduced; transpose block; data array division block; block counter element of the control parameters storage block: linear coefficients λ _i ; functional blocks of the processor: block for generating linear coefficients λ _i , clear text input buffer, clear text preprocessor, table of errors (distortions), processor for analyzing alternatives (distortions) of the distortion detection and correction block, and a separation switch, the input of which is the input of a crypto-code information converter , to which crypto-code structures are received from the communication channel - an imitation-resistant sequence of encrypted or plaintext and redundant data, while the output of the separation switch is connected to the input of the data array generation block, the output of which is connected to the input of the transposition block, the output of which is connected to the input of the data array division block , while the first output of the separation block is connected to the redundant data input buffer, the output of which is connected to the first input of the redundant data preprocessor, to the second input of which the first output of the control parameter storage block is connected, while the output of the redundant data preprocessor is connected to the first input of the complexification block, to the second input of which is connected to the second output of the control parameters storage block (p, q); the output of the prime number generator is connected to the third input of the complexification block, to the input of which the third output of the control parameters storage block (N) is connected, while the output of the complexification block is connected to the first input of the distortion detection and correction block and the first input of the simulation generation block of the ciphertext decryption block , the output of which is connected to the second input of the distortion detection and correction block, to the third input of which the second output of the complexification block is connected; The output of the block for generating linear coefficients λ _i is connected to the fourth input of the distortion detection and correction block, the fourth output of the control parameters storage block (N) is connected to the input of which, the output of the error (distortion) table is connected to the error (distortion) analysis processor of the distortion detection and correction block ; in this case, the second output of the data array division block is connected to the input of the ciphertext input buffer, the output of which is connected to the first input of the ciphertext preprocessor, to the second input of which the fifth output of the control parameters storage block (N) is connected; the first output of the ciphertext preprocessor is connected to the second input of the block for generating imitations and inserting the ciphertext decryption block, while the second output of the ciphertext preprocessor is connected to the fifth input of the distortion detection and correction block, the output of which is connected to the first input of the decryption block, to the second input of which the sixth output of the control storage block is connected parameters the first input of which is connected to an encryption key processor, the input of which receives a secret key in this case, the output of the decryption block is connected to the first input of the plaintext output buffer, the second input of which is connected to the output of the block (table) of code symbols and the output of which is the output of the cryptocode information converter, from the output of which the plaintext is received; in this case, the seventh, eighth and ninth outputs of the control parameter storage unit (m _i , m _i+r , λ _i ) are connected to the sixth, seventh and eighth inputs of the distortion detection and correction unit, respectively; the text block counter i keeps track of the number of the block being processed; wherein the third output of the array division block is connected to the input of the plaintext input buffer, the output of which is connected to the plaintext preprocessor, the output of which is connected to the ninth input of the distortion detection and correction block; block counter tracks the number of message blocks to generate a data array; in this case, the second output of the distortion detection and correction unit is connected to the second input of the plaintext buffer.

Images