CN104301111A - High-precision Beidou differential information security transmission method - Google Patents
High-precision Beidou differential information security transmission method Download PDFInfo
- Publication number
- CN104301111A CN104301111A CN201410535665.2A CN201410535665A CN104301111A CN 104301111 A CN104301111 A CN 104301111A CN 201410535665 A CN201410535665 A CN 201410535665A CN 104301111 A CN104301111 A CN 104301111A
- Authority
- CN
- China
- Prior art keywords
- signature
- textual information
- information
- key
- rsa
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Abstract
The invention provides a high-precision Beidou differential information security transmission method. For a common user, an RSA secret key pair is adopted to add a signature to an appointed section in telegraph text information, a receiver verifies the validity of the signature through an RSA public key, and the telegraph text information is discarded if the signature is verified to be invalid. For a special user, the telegraph text information is encrypted according to the AES standard procedure, a signature is added to the appointed section through an RSA private key, and the receiver carries out decryption through an AES encryption key and verifies the validity of the signature through the RSA public key. By means of the method, deceptive attack methods of the outside can be effectively resisted, and therefore the communication reliability of a system can be further improved.
Description
Technical field
The present invention relates to a kind of Big Dipper high-precision difference safe information transmission implementation method.
Background technology
The Beidou satellite navigation system of China is after GPS of America, Russian GLONASS, global the third-largest satellite navigation system.Building up of " No. one, the Big Dipper " satellite navigation system in 2003, indicates that China becomes the 3rd country having an independent satellite navigation system in the world.Beidou satellite navigation system will cover Asia-Pacific region in 2012, and formation is had satellite navigation system covering the whole world by 35 Satellite Networkings by the year two thousand twenty.But because communication satellite celestial body is exposed to the overhead of its overlay area for a long time; Many and the dispersion of the service object of communication satellite, the antenna footprint of satellite is large, and text navigation signal is fainter, and signal frequency and bandwidth are fixed, and therefore telegraph signal is easy to be interfered.From the technical point of view, electronic jamming can be divided into two classes: one is suppression jamming, and two is duplicity interference.Suppress interfere is easily found, and duplicity interference, refer to and the text satellite-signal received is broadcasted away again, thus form a false text satellite-signal (being called that repeating jamming cheat) or by the jammer transmitting wireless signal identical with text satellite-signal to cheat receiver (being called production Disturbance and deceit), be therefore textual information security fields problem demanding prompt solutions.
If be benchmark for the information security policy based on cryptographic system with key, they can be divided into conbined public or double key cryptographic system and single key cryptosystem.The former, each user has pair of secret keys, i.e. PKI and private key; The ciphering process of the latter is identical with decrypting process, and key used in these two processes is also identical.RSA Algorithm is the representative of open key system, and its fail safe is based upon the conjunction number with the Big prime factor, on its this rule of Factorization difficulty.Rijndael algorithm is as the Advanced Encryption Standard (AES) of a new generation, it belongs to single key cryptosystem category, chip is not needed to have very high disposal ability and large internal memory during operation, operation can resist the attack of Time and place easily, under different running environment, can keep good performance all the time.This makes AES by safety, and efficiently, performance, convenient, flexibility is integrated in one, and ought to become the first-selection of big data quantity encryption.Compare, because at present the length of AES key is the longest only have 256 bits, software and hardware can be utilized to realize high speed processing, and RSA Algorithm needs to carry out the power of big integer and asks the long precision process such as mould, processing speed is considerably slower than AES; So aes algorithm encryption and decryption treatment effeciency is apparently higher than RSA Algorithm.In key management, because aes algorithm requires to carry out key distribution to key before communicating, the private key of deciphering must be sent to encrypted data reception side by network, and RSA adopts public key encryption, private key deciphering (or encrypted private key, public key decryptions), in encryption process need not Internet Transmission maintain secrecy key; So RSA Algorithm key management and signature mechanism obviously will be better than aes algorithm.In sum, RSA encryption/decryption speed is slow, is not suitable for mass data file encryption, and being therefore there is no need by open code regime transmissions confidential information completely in the communications, is also unrealistic.AES encryption speed is very fast, but how safety management AES key is the important step ensureing AES encryption safety in network transmission process.Like this both sides of conveyer confidential information, if use AES DSE arithmetic to transmission data encipher, use the asymmetric cryptographic system of RSA to be used as signature verification mechanism, the advantage that just comprehensively can play AES and RSA avoids their shortcomings simultaneously simultaneously.
Summary of the invention
In order to overcome the deficiencies in the prior art, the invention provides a kind of integration encryption system combined based on RSA and AES and information processing is carried out to Big Dipper high-precision difference system, effectively can resist extraneous duplicity attack method, thus the communication reliability of further raising system.
The technical solution adopted for the present invention to solve the technical problems comprises the following steps:
(1) divide domestic consumer and superuser according to information frame Head Section, domestic consumer enters step (2), and superuser enters step (3);
(2) domestic consumer performs following steps:
While (a) transmit leg editor textual information, produce RSA key pair;
B () adds signature to the appointment section in textual information;
C () will the textual information after signature be noted to satellite;
D () recipient receives the textual information that satellite forwards, utilize the correctness that the public key verifications of RSA is signed, if signature verification is invalid, abandons this textual information; Otherwise, then accept textual information and carry out later stage positioning calculation;
(3) superuser performs following steps:
While (a) transmit leg editor textual information, produce RSA key pair;
B () is encrypted textual information according to AES normal process, the private key of recycling RSA adds signature to appointment section;
C () will the textual information after signature, encryption be noted to satellite;
D () recipient receives the textual information that satellite forwards, the AES encryption key utilizing transmit leg to provide is decrypted;
E correctness that () utilizes the public key verifications of RSA to sign, if signature verification is invalid, abandons this textual information; Otherwise, then accept textual information and carry out later stage positioning calculation.
Described RSA key produces employing following steps:
Step1: the random span producing two large prime number p and q, p and q is 96-1024;
Step2: calculate n=p × q, φ (n)=(p-1) × (q-1), mod represents congruence symbol;
Step3: the coprime integer e of random selecting one and φ (n) as public-key cryptography, i.e. gcd (e, φ (n))=1;
Step4: calculate private cipher key d=e
-1mod (φ (n)).
Described interpolation signature comprises the following steps: textual information is ceased M and be decomposed into the grouping of some message bit strings, block length L ensures 2
l≤ n, representing of the decimal system message after representing a certain grouping with m, then 0≤m≤n; Adopt private cipher key d to perform the computing of grouping module exponent, obtain grouping information c=m
d(modn), grouping information is combined into signature C, signature C and textual information M is sent together.
Described certifying signature comprises the following steps: recipient obtains PKI e from the PKI book announced, and then performs grouping module exponent computing m ,=c
, e(modn), the m then will calculated, is combined into M'; Relatively M and M', if the same thinks that signature effectively, otherwise then thinks that this time signature is not real, and refusal is received information.
In described ciphering process, grouping AES block length being equaled former textual information frame length carries out data encryption, grouping block length being less than former textual information frame length is supplied by the rear portion data of the ciphertext after last group encryption, obtain block length equal the grouping of former textual information frame length and then be encrypted, finally the ciphertext obtained is refilled in original frame length in order.
The invention has the beneficial effects as follows: single key cryptosystem and public-key cryptosystem organically combine by the different user for Big Dipper high-precision difference information, best balance point is found out in fail safe, ageing and practicality, make Big Dipper high-precision difference system while meeting existing demand, himself fail safe is ensured.Adopt the present invention, effectively can contain the duplicity interference problem in difference information transmittance process.
Accompanying drawing explanation
Fig. 1 is the method flow diagram that the present invention is directed to domestic consumer;
Fig. 2 is the method flow diagram that the present invention is directed to superuser;
Fig. 3 is the method flow diagram that the present invention is directed to superuser block cipher superencipher
Embodiment
Below in conjunction with drawings and Examples, the present invention is further described, the present invention includes but be not limited only to following embodiment.
Big Dipper high-precision difference information has two class users---and domestic consumer, superuser (distinguishing according to information frame head), for each class user, text aspect will adopt different security solutions.
The Information Security Mechanism of domestic consumer
Definition: domestic consumer refers to the navigation message that can obtain non-encrypted passage, and textual information only has error detecing capability, the integrality of basic guarantee signal, only to complete the user of rough location navigation function.
Security mechanism: transmit leg only adopts signature protection to textual information, does not encrypt for telegraph text data itself.Mentioned production Disturbance and deceit can be prevented above when regularly replacing double secret key.Fig. 1 is shown in concrete operations, comprises the following steps:
(1), while transmit leg editor textual information, RSA key pair is produced;
(2) customizing messages (example: the textual information in 100 ~ 300 intervals in subframe) is signed;
(3) will the textual information after signature be noted to satellite;
(4) recipient's (receiver) receives the signature text launched by satellite repeater, and the correctness utilizing the public key verifications of RSA to sign, if signature verification is invalid, abandons navigation message; Otherwise, then accept text and carry out later stage positioning calculation.
The Information Security Mechanism of superuser (commercial and military)
Definition: superuser refers to and obtains navigation message by special modality, text not only has error detecing capability, and there is the integrality of higher signal, and additional information (such as difference information etc.), require needs with the navigator fix meeting degree of precision.
Security mechanism: transmit leg not only adopts signature protection to text, and is encrypted for telegraph text data itself.When regularly replacing double secret key, not only can prevent mentioned production Disturbance and deceit above, and can also repeating jamming be tackled because telegraph text data itself is encrypted.Consider from commercial operation angle, encrypted text can also prevent undelegated third party from using without authorization, thus can reach the object being convenient to manage.Fig. 2 is shown in concrete operations, comprises the following steps:
(1), while transmit leg editor textual information, RSA key pair is produced;
(2) be encrypted textual information according to AES normal process, the private key of recycling RSA signs (example: the textual information in 100 ~ 300 intervals in subframe) to customizing messages;
(3) will the textual information after signature, encryption be noted to satellite;
(4) after recipient's (receiver) receives the ciphertext launched by satellite repeater, the encryption key of transmit leg AES (encryption key can be presented to the electronic cards acquisition of authorized user by Yun Kong center) is utilized to be decrypted;
(5) carry out the correctness (PKI can by Yun Kong center, ground or official website obtain) of the public key decryptions certifying signature of RSA, if signature verification is invalid, abandon navigation message; Otherwise, then received text is utilized to resolve.
When carrying out described signature, comprise the following steps:
Generally key length will be inserted, between 96-1024bits time RSA Algorithm is initialized.In view of satellite communication efficiency and real-time are considered, the present embodiment selects key length to be 155bit.
RSA key produces algorithm
Step1: random generation two large prime numbers (155bit length) p, q;
Step2: calculate n=p × q, d=e
-1mod (φ (n)) φ (n)=(p-1) × (q-1) (mod represents congruence symbol);
Step3: the coprime integer e of random selecting one and φ (n) as public-key cryptography, i.e. gcd (e, φ (n))=1;
Step4: calculate private cipher key d=e
-1mod (φ (n));
Open n, e, secret p, q, d, just can use them to carry out signature verification work.
Signature-verification process
Step1: before being encrypted the initial data M of signature, first message M is decomposed into the grouping of message bit string, block length L ensures 2
l≤ n, if the decimal representation representing the message after a certain grouping with m, then 0≤m≤n; Then obtain the private key d with oneself, perform the computing of grouping module exponent: c=m
d(modn), the grouping information after computing is combined into signature C, finally by channel, signature C and text M is sent together;
Step2: the PKI book that recipient announces from network obtains PKI e, then according to the packet mode identical with signature execution module exponent computing below: m ,=c
, d(modn), the m then will calculated, is combined into M';
Step3: compare M and M', if the same thinks that signature effectively, otherwise then thinks that this time signature is not real, and refusal is received information.
Outlier data is encrypted
Utilize the cryptographic algorithm of AES, before and after encryption, data length is consistent, so the ciphertext after its encryption can not have an impact to frame length.The present embodiment adopts 128bit key, and be also adopt every 128bit to be one group to be encrypted for initial data, gained ciphertext length is also 128bit is one group, then refills and broadcasts to primitive frame structure.If the length of subframe structure is not the multiple of 128bit, the grouping AES then first block length being met 128bit carries out data encryption, the remaining data less than 128bit are gathered into 128bit with the ciphertext restructuring after last group encryption and then are encrypted, and finally ciphertext are refilled in order in original frame length.Accompanying drawing 3 is shown in concrete operations.
Claims (5)
1. a Big Dipper high-precision difference information secure transmission method, is characterized in that comprising the steps:
(1) divide domestic consumer and superuser according to information frame Head Section, domestic consumer enters step (2), and superuser enters step (3);
(2) domestic consumer performs following steps:
While (a) transmit leg editor textual information, produce RSA key pair;
B () adds signature to the appointment section in textual information;
C () will the textual information after signature be noted to satellite;
D () recipient receives the textual information that satellite forwards, utilize the correctness that the public key verifications of RSA is signed, if signature verification is invalid, abandons this textual information; Otherwise, then accept textual information and carry out later stage positioning calculation;
(3) superuser performs following steps:
While (a) transmit leg editor textual information, produce RSA key pair;
B () is encrypted textual information according to AES normal process, the private key of recycling RSA adds signature to appointment section;
C () will the textual information after signature, encryption be noted to satellite;
D () recipient receives the textual information that satellite forwards, the AES encryption key utilizing transmit leg to provide is decrypted;
E correctness that () utilizes the public key verifications of RSA to sign, if signature verification is invalid, abandons this textual information; Otherwise, then accept textual information and carry out later stage positioning calculation.
2. Big Dipper high-precision difference information secure transmission method according to claim 1, is characterized in that described RSA key produces employing following steps:
Step1: the random span producing two large prime number p and q, p and q is 96-1024;
Step2: calculate n=p × q, φ (n)=(p-1) × (q-1), mod represents congruence symbol;
Step3: the coprime integer e of random selecting one and φ (n) as public-key cryptography, i.e. gcd (e, φ (n))=1;
Step4: calculate private cipher key d=e
-1mod (φ (n)).
3. Big Dipper high-precision difference information secure transmission method according to claim 1, is characterized in that: described interpolation signature comprises the following steps: textual information is ceased M and be decomposed into the grouping of some message bit strings, block length L ensures 2
l≤ n, representing of the decimal system message after representing a certain grouping with m, then 0≤m≤n; Adopt private cipher key d to perform the computing of grouping module exponent, obtain grouping information c=m
d(modn), grouping information is combined into signature C, signature C and textual information M is sent together.
4. Big Dipper high-precision difference information secure transmission method according to claim 1, is characterized in that: described certifying signature comprises the following steps: recipient obtains PKI e from the PKI book announced, and then performs grouping module exponent computing m '=c '
e(modn), then the m ' calculated is combined into M '; Relatively M and M', if the same thinks that signature effectively, otherwise then thinks that this time signature is not real, and refusal is received information.
5. Big Dipper high-precision difference information secure transmission method according to claim 1, it is characterized in that: in described ciphering process, grouping AES block length being equaled former textual information frame length carries out data encryption, grouping block length being less than former textual information frame length is supplied by the rear portion data of the ciphertext after last group encryption, obtain block length equal the grouping of former textual information frame length and then be encrypted, finally the ciphertext obtained is refilled in original frame length in order.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410535665.2A CN104301111A (en) | 2014-10-11 | 2014-10-11 | High-precision Beidou differential information security transmission method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410535665.2A CN104301111A (en) | 2014-10-11 | 2014-10-11 | High-precision Beidou differential information security transmission method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104301111A true CN104301111A (en) | 2015-01-21 |
Family
ID=52320691
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410535665.2A Pending CN104301111A (en) | 2014-10-11 | 2014-10-11 | High-precision Beidou differential information security transmission method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104301111A (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107065512A (en) * | 2017-04-01 | 2017-08-18 | 航天恒星空间技术应用有限公司 | A kind of No. two positioning timing time service terminal installations of the Big Dipper |
| CN109581421A (en) * | 2018-12-14 | 2019-04-05 | 中国民航大学 | The anti-deception hardware platform of Beidou II navigation message realized based on Verilog language |
| CN109617693A (en) * | 2018-12-18 | 2019-04-12 | 中国民航大学 | The anti-deception measures of Beidou II system based on elliptic curve |
| CN109633693A (en) * | 2018-12-14 | 2019-04-16 | 中国民航大学 | The anti-fraud schemes of Beidou II navigation system based on domestic password |
| CN111404952A (en) * | 2020-03-24 | 2020-07-10 | 中国南方电网有限责任公司 | Transformer substation data encryption transmission method and device, computer equipment and storage medium |
| CN113777634A (en) * | 2021-11-12 | 2021-12-10 | 深圳华文寰宇信息科技发展有限公司 | Satellite differential positioning information security method and related equipment |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101783793A (en) * | 2009-01-14 | 2010-07-21 | 北京中星微电子有限公司 | Method, system and device for improving safety of monitoring data |
| CN101807238A (en) * | 2009-02-13 | 2010-08-18 | 索尼公司 | Content delivering apparatus, system, method and program and content operative installations |
| CN101895882A (en) * | 2009-05-21 | 2010-11-24 | 中兴通讯股份有限公司 | Data transmission method, system and device in WiMAX system |
| CN102609667A (en) * | 2012-02-22 | 2012-07-25 | 浙江机电职业技术学院 | Automatic file encryption and decryption system and automatic file encryption and decryption method based on filter drive program |
| CN103618610A (en) * | 2013-12-06 | 2014-03-05 | 上海千贯节能科技有限公司 | Information safety algorithm based on energy information gateway in smart power grid |
-
2014
- 2014-10-11 CN CN201410535665.2A patent/CN104301111A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101783793A (en) * | 2009-01-14 | 2010-07-21 | 北京中星微电子有限公司 | Method, system and device for improving safety of monitoring data |
| CN101807238A (en) * | 2009-02-13 | 2010-08-18 | 索尼公司 | Content delivering apparatus, system, method and program and content operative installations |
| CN101895882A (en) * | 2009-05-21 | 2010-11-24 | 中兴通讯股份有限公司 | Data transmission method, system and device in WiMAX system |
| CN102609667A (en) * | 2012-02-22 | 2012-07-25 | 浙江机电职业技术学院 | Automatic file encryption and decryption system and automatic file encryption and decryption method based on filter drive program |
| CN103618610A (en) * | 2013-12-06 | 2014-03-05 | 上海千贯节能科技有限公司 | Information safety algorithm based on energy information gateway in smart power grid |
Non-Patent Citations (1)
| Title |
|---|
| 袁宗伟: "基于RSA和AES加密系统的网络信息传输的安全技术研究", 《中国优秀硕士学位论文全文数据库信息科技辑》 * |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107065512A (en) * | 2017-04-01 | 2017-08-18 | 航天恒星空间技术应用有限公司 | A kind of No. two positioning timing time service terminal installations of the Big Dipper |
| CN109581421A (en) * | 2018-12-14 | 2019-04-05 | 中国民航大学 | The anti-deception hardware platform of Beidou II navigation message realized based on Verilog language |
| CN109633693A (en) * | 2018-12-14 | 2019-04-16 | 中国民航大学 | The anti-fraud schemes of Beidou II navigation system based on domestic password |
| CN109617693A (en) * | 2018-12-18 | 2019-04-12 | 中国民航大学 | The anti-deception measures of Beidou II system based on elliptic curve |
| CN111404952A (en) * | 2020-03-24 | 2020-07-10 | 中国南方电网有限责任公司 | Transformer substation data encryption transmission method and device, computer equipment and storage medium |
| CN113777634A (en) * | 2021-11-12 | 2021-12-10 | 深圳华文寰宇信息科技发展有限公司 | Satellite differential positioning information security method and related equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9172529B2 (en) | Hybrid encryption schemes | |
| EP2533460B1 (en) | Digital signatures with implicit certificate chains | |
| CN104301111A (en) | High-precision Beidou differential information security transmission method | |
| CN104270249A (en) | Signcryption method from certificateless environment to identity environment | |
| CN103312506B (en) | The multi-receiver label decryption method of recipient's identity anonymous | |
| CN106027239A (en) | Multi-receiver signcryption method based on keyless trusteeship problem of elliptic curve | |
| CN105429941A (en) | Multi-receiver identity anonymity signcryption method | |
| CN102340483B (en) | Methods for generation, verification and tracking of democratic group signature and democratic group signature system | |
| CN104301108A (en) | Signcryption method based from identity environment to certificateless environment | |
| CN104767612A (en) | Signcryption method from certificateless environment to public key infrastructure environment | |
| US6640303B1 (en) | System and method for encryption using transparent keys | |
| CN110545169B (en) | Block chain method and system based on asymmetric key pool and implicit certificate | |
| CN104052601A (en) | Secret key isolation signcryption method | |
| CN104836657A (en) | Identity anonymity-based broadcast encryption method having efficient decryption characteristic | |
| CN102598575B (en) | Method and system for the accelerated decryption of cryptographically protected user data units | |
| CN104767611A (en) | Signcryption method from public key infrastructure environment to certificateless environment | |
| CN105743641A (en) | Multi-receiver signcryption method for explicit verification of public key | |
| CN105763528A (en) | Multi-recipient anonymous encryption apparatus under hybrid mechanism | |
| Latif et al. | A review on key management and lightweight cryptography for IoT | |
| CN102291396B (en) | Anonymous authentication algorithm for remote authentication between credible platforms | |
| CN106357397A (en) | Sender-authenticated asymmetric group key negotiation method | |
| CN101867471A (en) | Irrational number based DES authentication encryption algorithm | |
| CN105306212A (en) | Signcryption method with hidden identity and strong security | |
| Huang et al. | Constructing a Secure Point-to-Point Wireless Environment by Integrating Diffie-Hellman PKDS RSA and Stream Ciphering for Users Known to Each Other. | |
| Ogundoyin | An Efficient, Secure and Conditional Privacy-Preserving Authentication Scheme for Vehicular Ad-hoc Networks. |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20150121 |