The encryption method of one type of standardization document
Technical field
The invention belongs to information security field, relate to the encryption method of one type of standardization document, particularly, have the encryption method that misleads function to the pseudo-key of easy searching of this type standardization document.
Background technology
The a large amount of document that exists in the reality all is based on various language, has many defectives, such as to natural language understanding with handle relatively difficulty, be difficult to by computer Recognition, add up and gather, also irregular simultaneously, and have a large amount of redundancies.Because language is irregular, there is redundancy, so use conventional methods the ciphertext that obtains after the encryption, be difficult to find pseudo-key, the only distance of separating is very short.Like this, meet with when coaxing and pestering unceasingly to attack, the key holder often has to surrender real key.Simultaneously, also very fragile for the thought ciphertext analysis under the unlimited computing capability.The inventor has designed some and has had the encryption method that misleads function, still, their limitation is arranged also; Because the irregular and standard of language makes that the operand of encrypting is big, and; Erroneous judgement sometimes also can occur, cause some pseudo-keys to lose efficacy keyword.Therefore, in the face of Computer Processing and the dual requirements that misleads encryption, a kind of normalized document is proposed.Normalized document is to be made up of label and element thereof fully; For all labels, fixing element is all arranged, the quantity of supposing element is limited; This document in many cases; The document that can replace general content of text fully in some cases, then can combine effective expression information with other document.Cite a plain example, time, place, weather, personage, activity can put together all possible time as a label, are exactly the element of time tag, and other label also is like this.After some xml in the reality, table, excel document use restraint, can become the standardization document of this type.Such document compresses more easily, and redundancy can be eliminated well, adopts special encryption can increase the quantity of pseudo-key, and this standardization also more is applicable to computer treatmenting information.In order to express complicated semanteme, can also do more standards to the content between the label.
Summary of the invention
The present invention is intended to overcome the limitation that existing encryption method can't mislead; Existing defectives such as complicacy with misleading function encryption method; And after document is standardized, a kind of simple, practical AES with the standardization document that misleads function is provided.For the consideration of various fail safes, the present invention has comprised outer and internal layer two infill layers, and interior infill layer makes can have the misleading function, and the also further encryption of information such as label of some possibility needs to be keep secret is then said in outer field encryption, and outer infill layer is optional.
Based on our definition to this type standardization document, the fixed element that each label is all limited can be set up the database of a tag element; This database is being deposited all elements in each label, and these elements be what the coding, in database, all elements are numbered; In the most key interior infill layer; Element in each label in the plaintext to be encrypted all is mapped as numbering corresponding in the database, numbering is encrypted obtain ciphertext c, the computing that encryption and decryption adopted is sealed; That is to say; Be directed to the encryption ciphertext c of the numbering of each label, can travel through all numberings with different secret key decryption c again, then ciphertext is numbered c and write the corresponding element position of label.
Complete encryption flow is following:
(1) reads the content of each label in the document seriatim; It is the element in the label; Query Database draws the corresponding numbering of this element in the corresponding label, then seriatim from the internal layer key key of intercepting correspondence position be used for the encryption of this label substance; Obtain the ciphertext c of element, the encrypting and decrypting algorithm guarantees closure.Ciphertext with element in the label writes the corresponding content of respective labels in the document one by one.
(2) document behind the infill layer in the preservation obtains the transition ciphertext.
(3) alternatively, this document is carried out an outer field encryption, obtain final ciphertext.This is encrypted and adopts traditional encryption method to carry out, and selects a kind of symmetric encryption method to get final product.
In the decrypting process, at first final ciphertext is deciphered with traditional symmetric cryptographic algorithm accordingly, obtain the cryptograph files of transition, its less important deciphering of the transition file that obtains being carried out internal layer.When carrying out this layer deciphering, the ciphertext in each label is read, then, obtain the corresponding key of this label, through deciphering, obtain the pairing numbering of plaintext of label substance, then according to database, can check in corresponding content.
This encryption method can be easy to find pseudo-key, and promptly wrong key can decrypt the acquisition methods that significant plaintext can pseudo-key: A) two keys are arranged in the encrypting and decrypting, obtain pseudo-key; Can the key of outer symmetric cryptography is constant, choose an internal layer key sequence then arbitrarily and carry out intercepting, distribute to corresponding label successively; Decipher; At this moment read text, whether do not have and comply with one's wishes (such as unreasonable, expose weak point, think that to mislead effect bad) keyword, if dissatisfied; Can use the key of attempting other with quadrat method; And can make amendment according to the needs of oneself according to the position at keyword place, form the live part of final internal layer key like this, cooperating correct outer symmetric cryptography key with this key is exactly a pseudo-key; B) also have a kind of mode of selecting pseudo-key more freely, can decide, the pseudo-key sequence of infill layer in confirming with this according to the label substance of own desirable misleading; Method is that outer key is constant, according to the keyword of text, is foundation with the database; The misleading element replaced is wanted in selection; Can confirm the pseudo-sub-key of the correspondence of this element, the pseudo-sub-key that each label is corresponding is connected in turn, and is the pseudo-key of internal layer; Adopt constant outer key, the pseudo-key that gets final product always.
When receiving cryptanalysis person cryptanalytic; Cryptanalysis person is to obtain different meaningful plaintexts according to different internal layer keys; Add the same meaning that also maybe be close, opposite of the plaintext that these different keys obtain with original plaintext; So very identical communication background, cryptanalysis person also can't confirm real key.
Embodiment
Be embodiments of the invention below, still, the present invention is not limited to embodiment.
In concrete the realization, the different piece that both sides arrange total key is respectively applied for internal layer and outer infill layer, and outer key is a regular length, and the algorithm that adopts according to outer infill layer decides, and adopts 256 AES to encrypt such as outer AES.The foremost 256bit of key is outer key, and all the other are the internal layer key.The internal layer key carries out the equal length intercepting, and it is fixed that intercepted length comes according to the number N of possible element maximum in all labels in the database, and value should be more than or equal to log
2N.With distributing to each label successively after the intercepting of internal layer key, as the sub-key of encrypting usefulness.
The file encryption flow process is following:
1) communicating pair is shared key, and key is long, can adopt quantum-key distribution to realize the distribution of personal attendant's secret key.Both sides stipulate to adopt identical AES, and share identical database.
2) will be in the ciphering process according to the type or the form of file, open file with corresponding software and to read its content, such as; The encryption of xml or excel file; Just open file with corresponding software earlier, read the content in each label, prepare to carry out interior infill layer.
3) interior infill layer, select here is numbered all elements from 0 to n-1, numbers, and n is the number of all elements of this label.AES is that mould adds computing, according to the fixed structure of key, sub-key k intercepting from sequence is come out, and the intercept method of sub-key has: A) adopt method intercepting from random sequence of intercepting equal length sub-key, the length of intercepting is for being equal to, or greater than log
2The positive integer of N is worked as log
2When N was positive integer, intercepted length was log
2N; Log
2When N is non-integral, intercepting log
2The integer part of N adds 1, and N is the maximum of element number in all labels, all carries out intercepting according to such rule in the time of encryption and decryption, can guarantee that like this sub-key of encryption and decryption intercepting is synchronous, and this method key demand is big, but fast operation; B) according to the needed shortest length intercepting of each label traversal all elements, the length of intercepting is for being equal to, or greater than log
2The positive integer of n is worked as log
2When n was positive integer, intercepted length was log
2N; Log
2When n is non-integral, intercepting log
2The integer part of n adds 1; N is the number of this label all elements, all carries out intercepting according to such rule in the time of encryption and decryption, can guarantee that like this sub-key of encryption and decryption intercepting is synchronous; This method arithmetic speed is slow, but can save the key demand to greatest extent.
The method of calculating the ciphertext numbering is c=m+k mod n, below is the relevant information of a very simple text:
Table one example
Label |
Element |
Numbering m |
n |
Key value |
The ciphertext numbering |
Week |
Monday |
1 |
7 |
76 |
0 |
Item |
Working |
0 |
5 |
56 |
1 |
4) interior infill layer has obtained new text, text is saved in the cryptograph files of transition.
5) carry out outer field encryption and obtain final ciphertext.For tightening security property is carried out outer field encryption to the cryptograph files of transition.This is encrypted and adopts 256 traditional aes algorithms to encrypt.
Deciphering is an opposite process, and the file decryption flow process is following: at first encrypt for outer field symmetric cryptography and decipher accordingly, obtain the cryptograph files of transition; It is less important opens the transition file that obtains with related software, read its content, the sub-key of the correspondence that obtains according to intercepting; Decipher the m value that obtains, Query Database; Can confirm the corresponding database element, such as, what deciphering obtained week is numbered 1; The Query Database culminant star is interim, and to be numbered 1 element be Monday, get final product expressly in the corresponding label content be Monday.
We also can obtain pseudo-key according to a kind of in above-mentioned two kinds of methods like this, obtain significant plaintext, and can obtain satisfied " expressly pseudo-" according to the intention of oneself.