CN105721147A - Self-synchronous stream cipher algorithm based on block encryption synchronous information - Google Patents

Self-synchronous stream cipher algorithm based on block encryption synchronous information Download PDF

Info

Publication number
CN105721147A
CN105721147A CN201610131893.2A CN201610131893A CN105721147A CN 105721147 A CN105721147 A CN 105721147A CN 201610131893 A CN201610131893 A CN 201610131893A CN 105721147 A CN105721147 A CN 105721147A
Authority
CN
China
Prior art keywords
encryption
false code
synchronizing information
stream cipher
algorithm
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201610131893.2A
Other languages
Chinese (zh)
Inventor
张游杰
张清萍
马俊明
刘佳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
CETC 33 Research Institute
Original Assignee
CETC 33 Research Institute
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by CETC 33 Research Institute filed Critical CETC 33 Research Institute
Priority to CN201610131893.2A priority Critical patent/CN105721147A/en
Publication of CN105721147A publication Critical patent/CN105721147A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/065Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
    • H04L9/0656Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention provides a self-synchronous stream cipher algorithm based on block encryption synchronous information, belongs to the technical field of information security, and solves the problem that the existing synchronous stream cipher algorithm is not suitable for a 1-to-n transmission mode in network transmission. The algorithm comprises the steps of firstly, generating a random number as synchronous information, and encrypting the random number by using a block cipher algorithm; meanwhile, performing sequence encryption on data by using the random number as a key seed of the stream cipher algorithm to form a ciphertext; finally, sending the ciphertext and the encrypted synchronous information to a receiving end; and performing, by the receiving end, decryption according to the opposite process to obtain original data. The algorithm is relatively suitable for encryption protection of network transmission protocols such as user datagram protocols (UDPs), transmission control protocols (TCPs) and the like.

Description

A kind of self-synchronous stream cipher algorithm based on block encryption synchronizing information
Technical field
A kind of self-synchronous stream cipher algorithm based on block encryption synchronizing information of the present invention, belongs to field of information security technology.
Background technology
Currently, along with developing rapidly and extensive use of network technology, Situation on Information Security is increasingly serious, and network security problem is also outstanding day by day.Network security is network data security in essence.In network data transmission security fields, the focus that people pay close attention to is mainly data information security, and wherein data cryptogram technology is that computer security has played powerful guaranteeing role.
The cryptographic algorithm of current main flow has block cipher and stream cipher algorithm.In block cipher, data encryption standards (the DataEncryptionStandard continuing the most frequently used, DES) after algorithm, triple DES (TripleDataEncryptionAlgorithm is developed for the weakness that DES key length is too short, 3DES) algorithm, in succession occur in that again Advanced Encryption Standard (AdvancedEncryptionStandard, AES), RC5, RC6, IDEA (InternationalDataEncryptionAlgorithm, IDEA) scheduling algorithm.Wherein aes algorithm is widely used with its advantage such as key motility and higher realizability, calendar year 2001 becomes the senior symmetric cryptographic algorithm that (U.S.) Federal Information Processing Standards (FederalInformationProcessingStandards, FIPS) is ratified.Compared with block cipher, stream cipher has a clear superiority on enciphering rate and hardware size, is highly suitable for the applications of mass data transmission and limited resources.Existing stream cipher algorithm has RC4, Rabbit and HC-256 scheduling algorithm.But, the synchronicity of transmitting-receiving two-end is required high by stream cipher algorithm, limits its use scope.Compared with general sequence cryptographic algorithm, self-synchronous stream cipher algorithm can automatically be set up between sending and receiving both sides and recover synchronized relation.There are many documents that this has done theoretical research, but mostly do not realize on computers.Therefore, it is intended that in conjunction with the advantage of block cipher and stream cipher algorithm, design a kind of self-synchronous stream cipher algorithm based on block encryption synchronizing information, and realize with computer so that it is network transmission security protection can be applied to.
Summary of the invention
Not being suitable for the problem of 1 pair of n transmission mode in network transmission for existing synchronous stream cipher algorithm, the present invention proposes a kind of self-synchronous stream cipher algorithm based on block encryption synchronizing information.This algorithm firstly generates a random number as synchronizing information, with block cipher, it is encrypted protection;Simultaneously using this random number as the key seed of stream cipher algorithm, data are carried out sequential encryption and forms ciphertext;Finally the synchronizing information after ciphertext and encryption is together mail to receiving terminal;Receiving terminal obtains initial data by inverse process deciphering.
For solving above-mentioned technical problem; the technical solution used in the present invention is: a kind of self-synchronous stream cipher algorithm based on block encryption synchronizing information; it is characterized in that: before the packet of each sequential encryption, add a synchronizing information, and be encrypted protection with block cipher.
Detailed: transmitting terminal firstly generates a random number as synchronizing information, with block cipher, it is encrypted protection;Simultaneously using this random number as the key seed of stream cipher algorithm, data are carried out sequential encryption and forms ciphertext;Finally the synchronizing information after ciphertext and encryption is together mail to receiving terminal;Receiving terminal obtains initial data by inverse process deciphering.
Described transmitting terminal, its workflow is as follows:
The first step, generates random number S, and its false code is: S=Rand (32);
Second step, generates synchronizing information bag Sc by S by block cipher encryption, and master key is M, and its false code is: Sc=AesCipher (S, M);
3rd step, using S as key seed initialization sequence cryptographic algorithm, its false code is: Rc4Init (S);
4th step, obtains encrypted packets C by clear data bag P by stream cipher algorithm encryption, and its false code is: C=Rc4 (P);
5th step, by synchronizing information bag Sc and encrypted packets C generated data bag Ch, its false code is: Ch=H (Sc, C);
6th step: sending packet Ch, its false code is: Send (Ch).
Described receiving terminal, its workflow is as follows:
The first step, receives packet Ch, and its false code is: Ch=Recv ();
Second step, resolution data bag Ch obtains encrypted packets C and synchronizing information bag Sc, and its false code is: [C, Sc]=J (Ch);
3rd step, obtains random number S by Sc by block cipher deciphering, and master key is M, and its false code is: S=AesInvCipher (Sc, M);
4th step, using S as key seed initialization sequence cryptographic algorithm, its false code is: Rc4Init (S);
5th step, obtains clear data bag P by encrypted packets C by stream cipher algorithm deciphering, and its false code is: P=Rc4 (C).
The present invention compared with the existing technology has the beneficial effect that
After this algorithm utilizes AES to realize the block encryption of synchronizing information on computers, RC4 realizes the sequential encryption of data; overall operational speed is better than aes algorithm; in safety close with aes algorithm; adaptability is better than RC4 algorithm, is relatively specific for the encipherment protection of the network transmission protocols such as UDP, TCP.
Accompanying drawing explanation
Fig. 1 is 1 pair of n network transmission mode explanation;
Fig. 2 is transmitting terminal illustraton of model;
Fig. 3 position receiving terminal illustraton of model.
Detailed description of the invention
In network transmission process, during particularly in network layer transport in open system interconnection reference model (OpenSystemInterconnect, OSI), it is typically allRightTransmission mode, namely node simultaneously withIndividual node communication.Such as Fig. 1, nodeThe target that each packet sent out arrives is likely to difference: first packet is likely to issue b1, second packet is likely to issue b2, theIndividual packet is likely to issue bn
In like manner, nodeThe packet received is also by from different nodes.In this case, traditional stream cipher model will be unable to normal operation.For this, it is proposed to a kind of new mixed cipher algorithm model is based on the self-synchronous stream cipher algorithm of block encryption synchronizing information: add a synchronizing information before the packet of each sequential encryption, and be encrypted protection with block cipher.
As in figure 2 it is shown, transmitting terminal shares master key with receiving terminal.Transmitting terminal will generate a random number for each packet, and willIt is input to key stream generator as key seed, generates key stream Ki.By packetThe plain text stream P generatediWith KiAfter step-by-step carries out XOR, export stream cipher Ci.Random number S utilizes master keySynchronization packets S is generated after block encryptionc, with stream cipher CiConstitute ciphertext packetPacket C is ultimately generated through Data Synthesish
Receiving terminal receives packet ChAfter, obtain ciphertext packet through data parsingWith synchronization packets Sc.By ScUtilize master keyKey seed is generated after packet decipheringIt is input to key stream generator, generates key stream Ki.By packetThe stream cipher C generatediWith KiAfter step-by-step carries out XOR, export plain text stream Pi.Finally, by PiConstitute clear data bag P.
This cryptogram-modle, in units of packet, all contains a synchronizing information, it is ensured that the data that in Fig. 1, each node receives all can normally be deciphered in each packet.
In actual applications, it is possible to use AES realizes packet encryption and decryption, utilizes RC4 to realize sequence encryption and decryption.
AES is the symmetric block ciphers of an iteration, and block length is fixed as 128 bits, it is provided that 128,192,256 bit three kinds key lengths may select.AES cryptographic algorithm is first by 128 clear data packets and expanded keys XOR, then Nr next round computing is carried out, including four steps: byte substitution (SubBytes), line displacement conversion (ShiftRows), mixcolumns (MixColumns), key addition (AddRoundKey), last is taken turns computing and omits MixColumns conversion.
RC4 algorithm is the one of stream cipher algorithm, and it is different from the aes algorithm packet transaction to expressly carrying out, but each byte in plaintext is encrypted successively in the way of byte stream.RC4 algorithm is the cryptographic algorithm that a kind of key length is variable, according to expressly generating the key stream corresponding with length of the plaintext with key.RC4 algorithm includes initialization algorithm and two parts of pseudorandom cipher generating algorithm.Each element in its core codon substitutions box (substitutionbox, S-Box) is confused at random in initialization procedure, and different S-Box obtains different sub-key sequences after pseudorandom cipher generating algorithm processes.Again with the key stream obtained with expressly carrying out XOR obtains ciphertext.
1) transmitting terminal workflow
The first step, stochastic generation 32 byte random number S, its false code is: S=Rand (32);
Second step, generates synchronizing information bag Sc by S by AES encryption, and master key is M, and its false code is: Sc=AesCipher (S, M);
3rd step, initializes RC4 AES by S, generates its S-Box, and its false code is: Rc4Init (S);
4th step, obtains encrypted packets C by clear data bag P by RC4 encryption, and its false code is: C=Rc4 (P);
5th step, by packet Sc and C generated data bag Ch, its false code is: Ch=H (Sc, C);
6th step: sending packet Ch, its false code is: Send (Ch).
2) receiving terminal workflow
The first step, receives packet Ch, and its false code is: Ch=Recv ();
Second step, resolution data bag Ch obtains encrypted packets C and synchronizing information bag Sc, and its false code is: [C, Sc]=J (Ch);
3rd step, obtains random number S by Sc by AES deciphering, and master key is M, and its false code is: S=AesInvCipher (Sc, M);
4th step, initializes RC4 AES by S, generates its S-Box, and its false code is: Rc4Init (S);
5th step, obtains clear data bag P by encrypted packets C by RC4 deciphering, and its false code is: P=Rc4 (C).

Claims (4)

1. the self-synchronous stream cipher algorithm based on block encryption synchronizing information, it is characterised in that: before the packet of each sequential encryption, add a synchronizing information, and be encrypted protection with block cipher.
2. a kind of self-synchronous stream cipher algorithm based on block encryption synchronizing information according to claim 1, it is characterised in that: transmitting terminal firstly generates a random number as synchronizing information, with block cipher, it is encrypted protection;Simultaneously using this random number as the key seed of stream cipher algorithm, data are carried out sequential encryption and forms ciphertext;Finally the synchronizing information after ciphertext and encryption is together mail to receiving terminal;Receiving terminal obtains initial data by inverse process deciphering.
3. a kind of self-synchronous stream cipher algorithm based on block encryption synchronizing information according to claim 2, it is characterised in that: described transmitting terminal, its workflow is as follows:
The first step, generates random number S, and its false code is: S=Rand (32);
Second step, generates synchronizing information bag Sc by S by block cipher encryption, and master key is M, and its false code is: Sc=AesCipher (S, M);
3rd step, using S as key seed initialization sequence cryptographic algorithm, its false code is: Rc4Init (S);
4th step, obtains encrypted packets C by clear data bag P by stream cipher algorithm encryption, and its false code is: C=Rc4 (P);
5th step, by synchronizing information bag Sc and encrypted packets C generated data bag Ch, its false code is: Ch=H (Sc, C);
6th step: sending packet Ch, its false code is: Send (Ch).
4. a kind of self-synchronous stream cipher algorithm based on block encryption synchronizing information according to claim 2, it is characterised in that: described receiving terminal, its workflow is as follows:
The first step, receives packet Ch, and its false code is: Ch=Recv ();
Second step, resolution data bag Ch obtains encrypted packets C and synchronizing information bag Sc, and its false code is: [C, Sc]=J (Ch);
3rd step, obtains random number S by Sc by block cipher deciphering, and master key is M, and its false code is: S=AesInvCipher (Sc, M);
4th step, using S as key seed initialization sequence cryptographic algorithm, its false code is: Rc4Init (S);
5th step, obtains clear data bag P by encrypted packets C by stream cipher algorithm deciphering, and its false code is: P=Rc4 (C).
CN201610131893.2A 2016-03-09 2016-03-09 Self-synchronous stream cipher algorithm based on block encryption synchronous information Pending CN105721147A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610131893.2A CN105721147A (en) 2016-03-09 2016-03-09 Self-synchronous stream cipher algorithm based on block encryption synchronous information

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610131893.2A CN105721147A (en) 2016-03-09 2016-03-09 Self-synchronous stream cipher algorithm based on block encryption synchronous information

Publications (1)

Publication Number Publication Date
CN105721147A true CN105721147A (en) 2016-06-29

Family

ID=56156544

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610131893.2A Pending CN105721147A (en) 2016-03-09 2016-03-09 Self-synchronous stream cipher algorithm based on block encryption synchronous information

Country Status (1)

Country Link
CN (1) CN105721147A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111400730A (en) * 2020-03-11 2020-07-10 西南石油大学 AES key expansion method based on weak correlation

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6351539B1 (en) * 1998-09-18 2002-02-26 Integrated Device Technology, Inc. Cipher mixer with random number generator
CN1524362A (en) * 2001-07-06 2004-08-25 �ʼҷ����ֵ������޹�˾ Streamcipher information redundant in next packet of encrypted frame
CN1578207A (en) * 2003-07-17 2005-02-09 日本胜利株式会社 Information transmission system, and information sending apparatus and information receiving apparatus used therein
CN1595978A (en) * 2003-09-12 2005-03-16 日本胜利株式会社 Information transmission system
CN1633069A (en) * 2004-12-09 2005-06-29 中国电子科技集团公司第三十研究所 An encryption method applicable to SDH
CN1852088A (en) * 2005-10-13 2006-10-25 华为技术有限公司 Enciphering-deciphering method for flow medium transmission code flow and module
CN1973481A (en) * 2004-04-27 2007-05-30 英特尔公司 Apparatus and method for performing RC4 ciphering

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6351539B1 (en) * 1998-09-18 2002-02-26 Integrated Device Technology, Inc. Cipher mixer with random number generator
CN1524362A (en) * 2001-07-06 2004-08-25 �ʼҷ����ֵ������޹�˾ Streamcipher information redundant in next packet of encrypted frame
CN1578207A (en) * 2003-07-17 2005-02-09 日本胜利株式会社 Information transmission system, and information sending apparatus and information receiving apparatus used therein
CN1595978A (en) * 2003-09-12 2005-03-16 日本胜利株式会社 Information transmission system
CN1973481A (en) * 2004-04-27 2007-05-30 英特尔公司 Apparatus and method for performing RC4 ciphering
CN1633069A (en) * 2004-12-09 2005-06-29 中国电子科技集团公司第三十研究所 An encryption method applicable to SDH
CN1852088A (en) * 2005-10-13 2006-10-25 华为技术有限公司 Enciphering-deciphering method for flow medium transmission code flow and module

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111400730A (en) * 2020-03-11 2020-07-10 西南石油大学 AES key expansion method based on weak correlation
CN111400730B (en) * 2020-03-11 2022-03-08 西南石油大学 AES key expansion method based on weak correlation

Similar Documents

Publication Publication Date Title
CN101753292B (en) Methods and devices for a chained encryption mode
CN106411518B (en) A kind of unfixed symmetrical whitepack encryption method of key and device
JP7353375B2 (en) End-to-end double ratchet encryption with epoch key exchange
CN102447698B (en) Encrypting and transmitting method for network communication information
CN1323507C (en) Short block processing method in block encryption algorithm
CA3051928A1 (en) Equivocation augmentation
CN111034115A (en) Encryption system and method for expanding apparent size of pool of true random numbers
CN105391701A (en) Data encryption method and system
WO2004086672A1 (en) Device, method, and program for encryption and decryption and recording medium
CN101867471A (en) Irrational number based DES authentication encryption algorithm
El_Deen Design and implementation of hybrid encryption algorithm
CN107896149A (en) 128 symmetric encryption methods based on three group operationes
Gaur et al. A comparative study and analysis of cryptographic algorithms: RSA, DES, AES, BLOWFISH, 3-DES, and TWOFISH
Englund et al. A note on distinguishing attacks
CN105721147A (en) Self-synchronous stream cipher algorithm based on block encryption synchronous information
Mohan et al. Revised aes and its modes of operation
Shinde et al. A review of various encryption techniques
Kumar et al. Implementation of AES algorithm using VHDL
Kadry et al. An improvement of RC4 cipher using vigenère cipher
CN106973061A (en) A kind of outgoing document encryption method of the AES based on reversible logic circuits
Ahmad et al. Energy efficient sensor network security using Stream cipher mode of operation
Wang et al. Research on AES encryption algorithm based on timestamp in Wireless Sensor Networks
Huang et al. Real-time mode hopping of block cipher algorithms for mobile streaming
Pandya et al. Comparative analysis of encryption techniques
CN103634113A (en) Encryption and decryption method and device with user/equipment identity authentication

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20160629

RJ01 Rejection of invention patent application after publication