CN101562521B - Key updating method - Google Patents
Key updating method Download PDFInfo
- Publication number
- CN101562521B CN101562521B CN2009103026820A CN200910302682A CN101562521B CN 101562521 B CN101562521 B CN 101562521B CN 2009103026820 A CN2009103026820 A CN 2009103026820A CN 200910302682 A CN200910302682 A CN 200910302682A CN 101562521 B CN101562521 B CN 101562521B
- Authority
- CN
- China
- Prior art keywords
- key
- stream
- cryptographic system
- vector
- initialization
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Abstract
The invention relates to the fields of cryptography and information security. The invention provides a key updating method based on odd and even keys, which is simple and has high security. The key updating method comprises the following steps of: a. reading an even key as an initialization vector and inputting the initialization vector to a password system; b. intercepting a key stream with predetermined length output by the password system for updating an odd key; c. using the even key for data encryption and decryption; d. when reaching a predetermined key updating time, reading the odd keyas the initialization vector and inputting the initialization vector to the password system; e. intercepting a key stream with predetermined length output by the password system for updating the evenkey; f. using the odd key for data encryption and decryption; and g. when reaching the predetermined key updating time, returning to step a. The key updating method can be applied to a digital interface content protection technology in the field of information security, and also can be applied to other information security systems needing frequent and quick key updating.
Description
Technical field
The present invention relates to cryptography, information security field.
Background technology
At present the password in the practical application is of a great variety, but according to the viewpoint of contemporary cryptology, cryptographic system can be divided into two big classes: DSE arithmetic (single key password) and asymmetric cryptosystem (conbined public or double key password).But, no matter be what kind of cipher mechanism, the possibility that all has cryptographic algorithm and definite key length to be decrypted in theory.Therefore, in order to ensure the fail safe of system, all can not use same password to carry out encryption and decryption or signature for a long time, in actual applications, key must have certain replacing frequency could guarantee the safety that key uses, and promptly must there be the function of key updating in system.In actual applications, almost be that all cryptographic systems that relates to information security all need the key updating function, especially those security intensities require to compare higher system, some feature that has random sequence for the key stream sequence that makes generation as far as possible, key stream must have greatly cycle and very high linear complexity, cycle is big more, and randomness is good more, and is high more to the effect of covering expressly; High linear complexity prevents from the part key sequence by the whole key sequence of the simple release of linear relationship.In order to reach above requirement, more need frequently, carry out fast key updating.At present a lot of cryptographic systems, though can realize the key updating function, the cost of paying but is complexity and the operand that has increased system greatly.
In cryptography and information safety system, two keys that use in turn in the same cryptographic system are explained with strange key, even key usually.The input cryptographic system is carried out initialized initialization vector and is mainly contained following producing method in carrying out the encryption and decryption process:
1, cryptographic system is called special random number generation algorithm and is generated one group of random number as initialization vector; More new key all needs to call random number and produces algorithm and realize at every turn, is needing under the situation of frequent updating, brings very big expense to system.
2, cryptographic system utilizes fixed sequence program to upgrade initialization vector, though the simple fail safe of such way is not high.
In addition, some cryptographic system for the deciphering that guarantees that receiving terminal can be correct, need regularly be carried out key stream sync check when carrying out key updating, the generation of prevention asynchrony phenomenon.Therefore the synchronization check vector need be set in system.The producing method of synchronization check vector is identical with the mode that above-mentioned initialization vector produces, and equally also has above-mentioned technical disadvantages in actual use.
Summary of the invention
Technical problem to be solved by this invention is, provide a kind of based on odd and even keys, simple and safe key updating method, further, the cipher key system that carries out key stream sync check at need provides a kind of simple and safe key updating method of synchronization check vector that is provided with.
The present invention solves the problems of the technologies described above the technical scheme that is adopted to be, a kind of key updating method may further comprise the steps:
A, read even key as initialization vector; Initialization vector is imported cryptographic system, carry out the cryptographic system initialization;
The noveler key of key stream of one section predetermined length of b, the output of intercepting cryptographic system;
C, utilize described even key that data are carried out encryption and decryption;
D, predetermined cipher code renewal time arrive, and read described strange key as initialization vector; Initialization vector is imported cryptographic system, carry out the cryptographic system initialization;
The key stream of one section predetermined length of e, the output of intercepting cryptographic system upgrades described even key;
F, utilize described strange key that data are carried out encryption and decryption;
G, predetermined cipher code renewal time arrive, and return step a.
At the cipher key system that need carry out key stream sync check, step b comprises that also the key stream of another section predetermined length that the intercepting cryptographic system is exported is as the synchronization check vector; Step e comprises that also the key stream of another section predetermined length that the intercepting cryptographic system is exported is as the synchronization check vector.
The invention has the beneficial effects as follows, the key stream of output upgrades odd and even keys when utilizing cryptographic system work, and synchronization check vector, promptly when carrying out, encryption finished the work of upgrading, strange key or even key after upgrading are imported cryptographic system as initialization vector, method is simple, and realization speed is fast, expense is little; And, utilize key stream to upgrade odd and even keys and synchronization check vector, to compare with other random number or fixed sequence program, the key stream sequence has bigger cycle and very high linear complexity, and is safe.
Description of drawings
Fig. 1 is the embodiment flow chart.
Embodiment
With the stream cipher system is that example is set forth basic thought of the present invention and concrete steps.
In a digital interface content protective system, the transmitting terminal of equipment and receiving terminal adopt the stream cipher technology that the content of transmission is protected.Suppose that (LFSRc LFSRd) forms with n transforming function transformation function piece cryptographic system, through a series of conversion, exports the 64bit key stream at last for LFSRa, LFSRb by four linear feedback shift registers.The mode that odd and even keys is adopted in key updating adopts even key K E during the stream cipher initialization
0To linear feedback shift register initialization input, utilize random number to produce the random number sequence of algorithm generation to the transforming function transformation function initialization block.After this utilize the key stream of stream cipher output to come noveler key K E in turn
1With even key K E
0As new key more, the key stream that intercepts certain bit simultaneously is as the synchronization check vector.
Concrete steps are described as shown in Figure 1:
(1) with 256bit idol key K E
0As initialization vector;
(2) initialization vector is input to successively four linear feedback shift register LFSRa of stream cipher system, LFSRb, LFSRc, among the LFSRd:
LFSRa:k
63?k
62……k
2?k
1?k
0
LFSRb:k
127?k
126……k
66?k
65?k
64
LFSRc:k
191?k
190……k
130?k
129?k
128
LFSRd:k
255?k
254……k
194?k
193?k
192
(3) stream cipher carries out initialization, begins to export key stream; Preceding 4 of stream cipher system output is taken turns common 256bit key stream as the noveler key K E of stream cipher key updating vector
1, and intercept follow-up 32bit key stream successively as synchronization check vector V;
(4) behind intercepting stream cipher key updating vector and the synchronization check vector, utilize even key K E
0Content to transmission is carried out encryption and decryption; Transmitting terminal and receiving terminal carry out according to the encryption and decryption pattern of system regulation during to the content encryption and decryption of transmission;
(5) when the stream cipher system timing to this when carrying out key updating, transmitting terminal and receiving terminal carry out the key updating of stream cipher, the strange key K E that upgrades before reading
1As initialization vector;
(6) according to step (1) stream cipher is reinitialized;
(7) after initialization started, even key K E was upgraded in the preceding four-wheel output of intercepting stream cipher system output 256bit key stream altogether
0, and the 32bit key stream that intercepts follow-up output successively upgrades verification vector V;
(8) behind intercepting stream cipher key updating vector and the synchronization check vector, utilize the strange key K E after upgrading
1Content to transmission is carried out encryption and decryption; Transmitting terminal and receiving terminal carry out according to the encryption and decryption pattern of system regulation during to the content encryption and decryption of transmission;
(9) when the stream cipher system timing to this when carrying out key updating, transmitting terminal and receiving terminal carry out the key updating of stream cipher, get back to step (1).
So, upgrade odd and even keys in turn, and utilize strange key or even key that stream cipher is carried out initialization operation.
In the process of above stream cipher key updating and content safety transmission, the synchronization check vector of intercepting carries out sync check when utilizing stream cipher output, after system's official hour or Notation Of Content position, transmitting terminal reads receiving terminal and passes the synchronization check vector of coming, judge store with self whether consistent, thereby whether the stream cipher that can judge two ends output is synchronous.
Above encryption and decryption process is mainly at stream cipher key updating and sync check mode, and concrete cryptography architecture, initialization mechanism and transforming function transformation function piece can be different and different according to the demand of concrete system.In addition, carry out key updating and sync check at interval how long or according to what kind of content delivery sign, also can decide with concrete applied environment or chip demand.
The present invention can be applied to the digital interface content protecting technology in the information security field; prevent digital content by digital interface by bootlegging and demonstration, to carrying out encipherment protection through the content of main flow interfaces such as HDMI, Displayport, PCMCIA, USB transmission.In addition, can also be applied to other needs frequently, carries out in the information safety system of key updating fast.Utilize the key stream of cryptographic system self output to upgrade odd and even keys and synchronization check vector, compare, saved the operand that upgrades with other mechanism; Simultaneously, utilize sequence that system produces at random, more guaranteed the randomness of system, and then increased the fail safe of system as upgrading vectorial initialization stream cipher.In a word, use this technology, the key updating and the sync check of realization system that can be simpler, safer.
Claims (1)
1. a key updating method is characterized in that, may further comprise the steps:
A, read even key as initialization vector; Initialization vector is imported cryptographic system, carry out the cryptographic system initialization;
The noveler key of key stream of one section predetermined length of b, the output of intercepting cryptographic system; The key stream of another section predetermined length that also intercepts cryptographic system output is as the synchronization check vector;
C, utilize described even key that data are carried out encryption and decryption;
D, predetermined cipher code renewal time arrive, and read described strange key as initialization vector; Initialization vector is imported cryptographic system, carry out the cryptographic system initialization;
The key stream of one section predetermined length of e, the output of intercepting cryptographic system upgrades described even key; The key stream of another section predetermined length that also intercepts cryptographic system output is as the synchronization check vector;
F, utilize described strange key that data are carried out encryption and decryption;
G, predetermined cipher code renewal time arrive, and return step a.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009103026820A CN101562521B (en) | 2009-05-27 | 2009-05-27 | Key updating method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009103026820A CN101562521B (en) | 2009-05-27 | 2009-05-27 | Key updating method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101562521A CN101562521A (en) | 2009-10-21 |
| CN101562521B true CN101562521B (en) | 2011-06-22 |
Family
ID=41221153
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2009103026820A Active CN101562521B (en) | 2009-05-27 | 2009-05-27 | Key updating method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101562521B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101699859B (en) * | 2009-11-04 | 2012-09-12 | 四川虹微技术有限公司 | Method for upgrading deciphering chip of conditional access system of digital TV |
| CN105871557B (en) * | 2016-05-18 | 2019-04-16 | 飞天诚信科技股份有限公司 | Email signature method, apparatus and system |
| CN109274490B (en) * | 2018-09-25 | 2021-12-17 | 苏州科达科技股份有限公司 | SRTP code stream master key updating method, system, equipment and storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6785390B1 (en) * | 1999-05-18 | 2004-08-31 | Sony Corporation | System and method for asynchronous decryption |
| CN1729668A (en) * | 2002-12-20 | 2006-02-01 | 皇家飞利浦电子股份有限公司 | Apparatus and method for processing streams |
| CN1870808A (en) * | 2005-05-28 | 2006-11-29 | 华为技术有限公司 | Key updating method |
-
2009
- 2009-05-27 CN CN2009103026820A patent/CN101562521B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6785390B1 (en) * | 1999-05-18 | 2004-08-31 | Sony Corporation | System and method for asynchronous decryption |
| CN1729668A (en) * | 2002-12-20 | 2006-02-01 | 皇家飞利浦电子股份有限公司 | Apparatus and method for processing streams |
| CN1870808A (en) * | 2005-05-28 | 2006-11-29 | 华为技术有限公司 | Key updating method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101562521A (en) | 2009-10-21 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104468089B (en) | Data protecting device and its method | |
| CN101753292B (en) | Methods and devices for a chained encryption mode | |
| CN104717198B (en) | Oftware updating method and equipment on safety element | |
| CN102138300B (en) | Message authentication code pre-computation with applications to secure memory | |
| JP5822970B2 (en) | Encryption device for pseudo-random generation, data encryption, and message encryption hashing | |
| US8000473B2 (en) | Method and apparatus for generating cryptographic sets of instructions automatically and code generator | |
| CN103455446B (en) | For implementing the equipment of encryption method and to this operation method | |
| CN103166751A (en) | Method and device for protecting block cipher from being attacked by template | |
| US8718280B2 (en) | Securing keys of a cipher using properties of the cipher process | |
| US20180240100A1 (en) | Method for securing a transaction from a non-secure terminal | |
| CN112134703B (en) | Electronic device using improved key entropy bus protection | |
| US8699702B2 (en) | Securing cryptographic process keys using internal structures | |
| CN105337733A (en) | Two-dimensional code locking control method based on combination of synchronous-asynchronous secret key verification | |
| US8826042B2 (en) | Memory controller, memory control apparatus, memory device, memory information protection system, control method for memory control apparatus, and control method for memory device | |
| CN101242275B (en) | Secure transmission method based on stream password encryption | |
| CN101562521B (en) | Key updating method | |
| CN103444125A (en) | Encryption processing device, encryption processing method, and programme | |
| CN112054896A (en) | White box encryption method, device, terminal and storage medium | |
| CN103336920B (en) | Security system for wireless sensor network SOC chip | |
| CN1952949A (en) | A software protection method based on modified one time pad | |
| WO2015031949A1 (en) | Data encryption process | |
| CN107534550B (en) | Cryptographic apparatus, cryptographic method, computing apparatus, and computer-readable storage medium | |
| EP2918036B1 (en) | Control method and device for controlling authenticity of codes resulting from application of a bijective algorithm to messages | |
| EP3515010A1 (en) | Transmission and reception system, transmission device, reception device, method, and computer program | |
| US11061996B2 (en) | Intrinsic authentication of program code |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |