CN107425963A

CN107425963A - A kind of construction method and system of password wall

Info

Publication number: CN107425963A
Application number: CN201710319769.3A
Authority: CN
Inventors: 谈剑锋; 郑建华; 马翔
Original assignee: Shanghai Peoplenet Security Technology Co Ltd
Current assignee: Xie Xinyong
Priority date: 2017-05-09
Filing date: 2017-05-09
Publication date: 2017-12-01
Anticipated expiration: 2037-05-09
Also published as: WO2018205469A1; CN107425963B

Abstract

The invention discloses a kind of construction method of password wall, including：Step S100 gets parms configuration information according to the key information of user terminal；Step S200 distributes the parameter configuration of acquisition into the corresponding parameter part of the password wall；Relevant parameter part includes password brick, data backflow, interlaced plies in the password wall；The parameter configuration that step S300 configures according to relevant parameter part in the password wall, builds the password wall.Uniform, the nonlinear unidirectional transform expansion according to user key information design of its purpose, ensure that by the irreversibility of configuration data to user key.

Description

Construction method and system of password wall

Technical Field

The invention relates to the field of information interaction, in particular to a method and a system for constructing a password wall.

Background

With the rapid development of the mobile internet era, the importance of identity authentication is highlighted day by day, but the traditional security means has limitations: static passwords are the simplest and simplest identity authentication mode, but are also the mode with the highest risk, and are easily attacked by phishing, brute force cracking, library collision and the like. The short message verification code mode is the mobile payment authentication mode which is the most widely applied and the highest in acceptance at present, but the short message verification code mode is low in security level and high in transaction risk and becomes a main attack target of lawbreakers. Hardware safety products, such as USBKey, dynamic cipherers and the like, have the problems of inconvenient carrying and complex operation inevitably no matter how the form is changed and the communication mode is changed, and the user acceptance degree is very low. Although the problem of hardware carrying is solved to a certain extent by the mobile phone soft token, the security of the mobile phone soft token is greatly reduced by adopting the traditional cryptographic algorithm under the condition that the private key of the user is not protected by a security chip, and the supervision requirement cannot be met.

Therefore, a technology for improving the authentication security and the sensitive information storage security on the premise of not changing the convenient experience of the user is urgently needed in the market. The SOTP cryptographic algorithm system is designed for identity authentication and session key negotiation of the handheld terminal equipment in a mobile environment in view of the security requirement of mobile internet.

Disclosure of Invention

The invention provides a method and a system for constructing a cipher wall, aiming at designing uniform and nonlinear unidirectional expansion transformation according to user key information and ensuring irreversibility from configuration data to a user key.

The technical scheme provided by the invention is as follows:

a method of constructing a cryptographic wall, comprising: step S100, parameter configuration information is obtained according to key information of a user side; step S200, distributing the acquired parameter configuration information to corresponding parameter components of the password wall; the corresponding parameter parts in the password wall comprise password bricks, data reflux and interwoven layers; step S300 constructs the password wall according to the parameter configuration information configured by the corresponding parameter component in the password wall.

In the invention, the data reflux realizes the variable algorithm structure, greatly enhances the complexity of the algorithm and improves the safety intensity of the password; the interleaving layer can uniformly, quickly and nonlinearly interleave the information of each part to other parts, and the parameters are variable and are nonlinear operation, so that a chaotic effect is realized; based on the user key, uniform and nonlinear unidirectional expansion transformation is designed, and irreversibility from configuration data to the user key is guaranteed.

Preferably, the step S100 includes: step S110, according to the key information obtained from the user side, grouping the key information; step S120, performing multi-round conversion on the key information after grouping according to a first preset algorithm, and generating initial parameter configuration information; step S130, generating a multi-element S box according to the initial parameter configuration information; step S140 performs S transformation according to the multivariate S-box and the initial parameter configuration information to generate the parameter configuration information.

In the invention, the generated code wall, namely the generation algorithm, is designed aiming at sufficiently fusing the key and the encryption algorithm, and the algorithm parameters (including the S box) are required to accord with random distribution in principle, and the users are different and the algorithms are different; the first method is realized, no secret key information is leaked, and even if an attacker obtains a user cryptographic algorithm, a user secret key cannot be obtained by restoring the user cryptographic algorithm; second, the distance between the instances of the algorithms is large enough that the difference between the algorithms is large enough even when the user keys are relatively close.

Preferably, the step S200 includes: step S210, setting the size of the cipher bricks and the number of the cipher bricks according to a first configuration parameter obtained from the parameter configuration information; step S220 sets a data information flow direction of the data reflux and position information in the code wall according to a second configuration parameter obtained from the first configuration parameter; step S230 sets the interleaving parameter of the interleaving layer according to the third configuration parameter obtained from the parameter configuration information.

Preferably, the size and number of the cipher bricks in one layer of the cipher wall include: step S211, grouping and setting the first configuration parameters according to a preset byte amount, and forming a plurality of groups of first configuration parameter sub-information; step S212, arranging high and low bytes of the first configuration parameter sub-information; step S213 selects the parameter information of the high and low bytes corresponding to the preset number from the first configuration parameter sub information arranged by bytes in step S212, and calculates according to a second preset algorithm; step S214, confirming the length of the cipher brick according to the calculation result of the step S213; step S215 of calculating a remaining length of the first configuration parameter sub information parameter according to the length of the cipher brick and the first configuration parameter sub information length in step S214; step S216 is to calculate the length of the cipher brick according to the remaining length of the first configuration parameter sub-information in the step S215 and the changed preset byte amount; repeatedly performing step S215 and step S216; and determining the size of the password transfer and the number of the password transfer of the corresponding layer.

Preferably, the data reflux of the cipher conversion is set as follows: step S221, selecting configuration parameter sub-information with a preset byte amount from the first configuration parameter sub-information; step S222 divides the configuration parameter sub-information selected in step S221 into a low byte bit and a high byte bit; step S223 sets the low byte bit obtained in step S222 as the data outflow direction position of the password switch, and sets the high byte bit as the data inflow direction position of the password switch.

Preferably, the setting of the interleaving parameters of the interleaving layer comprises: 231, grouping and setting the third configuration parameters according to a preset byte amount, and forming a plurality of groups of third configuration parameter sub-information; wherein, the step 231 is correspondingly equal to the step S211 according to the preset byte amount; step 232, calculating the third configuration parameter sub-information according to a third preset algorithm; step 233 determines the interleaving parameter of the interleaving layer according to the result of calculating the third configuration parameter sub-information in step S232.

Preferably, the S-transform comprises at least one layer: the mathematical model of the single-layer S transform is: x → S [ X + -Cmod 2ⁿ](ii) a The size of the S-S box and the size of the n-S box are preset, and C is a parameter of the S box randomly selected according to the key information of the user side;

the mathematical model of the multi-layer S transform is:

wherein,

S-S transformation, n-S transformation preset size, and C is an S transformation parameter randomly selected according to the key information of the user side; x and Y are input high byte and low byte of multi-layer S transformation respectively; x 'and Y' are output high byte and output low byte of the multi-layer S transformation respectively.

Preferably, the password wall of the user side comprises at least one layer of construction generation; wherein, each layer of the code wall is sequentially provided with the code bricks and the interwoven layer; the size of the cipher bricks in each layer is different, and the number of the cipher bricks is different.

In the invention, the hierarchical structure of the algorithm is changed by data reflux, so that two cipher bricks become a composite function relationship, the algorithm complexity can be greatly increased, and the safety intensity of the algorithm is increased; in one layer of the cipher wall, small-size cipher bricks and large-size cipher bricks exist, so that the structure is staggered and varied; the amount of change of the cipher brick is huge, so that the information is encrypted more safely and reliably.

A detection method of a construction method of a password wall comprises the following steps: step S100, detecting the generated code wall according to a preset detection rule; step S200, judging whether the code wall meets the preset detection rule, and regenerating the code wall when the code wall does not meet the preset detection rule.

Preferably, the preset detection rule in step S100 includes: whether S-box transformation of the encryption algorithm is straight-through; and/or whether a plurality of layers of coded bricks are subjected to S transformation with the same preset size in the same layer.

In the invention, the generated algorithm parameters are detected through detecting the construction method of the password wall, the algorithm parameters can be generated while detecting in the process of realizing the engineering, and if the algorithm generated by detection does not meet the preset rule, the user key is regenerated and the user algorithm is generated. The information is safer and more reliable.

An encryption method of a password wall, comprising: step S100, obtaining information to be encrypted from a user side; step S200, inputting the information to be encrypted into the cipher bricks of the corresponding layer in the cipher wall; step S300, carrying out S transformation on each cipher brick in the step S200, and setting the data backflow direction of each cipher brick; step S400, inputting the result of the conversion of each cipher brick of the corresponding layer in the step S300 into the interwoven layer of the corresponding layer for interweaving conversion; step S500, judging whether the information to be encrypted traverses each layer of the password wall or not, and outputting the calculation result of the interwoven layer as encryption information when the information to be encrypted is finished; otherwise, inputting the result of the calculation of the interwoven layer to the next round of the password wall, and returning to execute the step S200.

A decryption method of a construction method of a password wall includes: step S100, obtaining information to be decrypted from a server; step S200, inputting the information to be decrypted into the interwoven layer of the corresponding layer in the password wall; step S300, performing inverse interleaving transformation on the interleaving layer of the corresponding layer in the step S200, and setting the data backflow direction of each cipher brick of the layer corresponding to the interleaving layer; step S400, inputting the result of the inverse interleaving transformation in the step S300 into each cipher brick of the cipher brick layer, and performing inverse S transformation; step S500, judging whether the information to be decrypted traverses each layer of the cipher wall, and outputting the result of the reverse S transformation calculation of the cipher brick as decryption information when the information to be decrypted is finished; otherwise, inputting the result of the reverse S transformation of the cipher brick to the next layer in the cipher wall, and returning to execute the step S200.

A construction system for a password wall, comprising: the information acquisition module is used for acquiring parameter configuration information by the server according to the key information of the user side; the information distribution module is electrically connected with the information acquisition module, and the server distributes the acquired parameter configuration information to the corresponding parameter components of the password wall; the corresponding parameter parts in the password wall comprise password bricks, data reflux and interwoven layers; and the server constructs the password wall according to the parameter configuration information configured by the corresponding parameter components in the password wall.

Preferably, the information acquiring module includes: the grouping setting submodule is used for carrying out grouping setting according to the key information of the user side; the initial information generation submodule is electrically connected with the grouping setting submodule, performs multi-round conversion on the key information of the user side after the grouping setting according to a first preset algorithm, and generates initial parameter configuration information; the initial information transformation submodule is electrically connected with the information generation submodule and generates a multi-element S box according to the initial parameter configuration information; and the information generation submodule is electrically connected with the initial information conversion submodule and is used for carrying out S conversion according to the multi-element S box and the initial parameter configuration information to generate the parameter configuration information.

Preferably, the information distribution module includes: the parameter configuration submodule of the cipher bricks sets the size of the cipher bricks and the number of the cipher bricks according to a first configuration parameter obtained from the parameter configuration information; the data reflux parameter configuration submodule sets the data information flow direction of the data reflux and the position information in the code wall according to a second configuration parameter obtained from the first configuration parameter; and the interleaving parameter configuration submodule is used for setting the interleaving parameters of the interleaving layer according to the third configuration parameters obtained from the parameter configuration information.

In the invention, a technical method from random number to replacement is designed, the operation is less, the generated replacement is random, and the replacement is not easy to be decoded by illegal users, so that the method is safe and reliable; in one layer of the cipher wall, small-size cipher bricks and large-size cipher bricks exist, so that the structure is staggered and varied; the amount of change of the cipher brick is huge, so that the information is encrypted more safely and reliably.

A detection system for a cryptographic wall construction system comprising: the detection module is used for detecting the generated code wall according to a preset detection rule; the detection judgment module is electrically connected with the detection module and is used for judging whether the password wall meets a preset detection rule or not; when the password is not satisfied, regenerating the password wall; wherein, the preset detection rule comprises: whether S-box transformation of the encryption algorithm is straight-through; and/or whether a plurality of layers of coded bricks are subjected to S transformation with the same preset size in the same layer.

An encryption system for a cryptographic wall, comprising: the information to be encrypted acquisition module acquires information to be encrypted from the user side; the information to be encrypted input module is electrically connected with the information to be encrypted acquisition module and inputs the information to be encrypted into the cipher bricks on the corresponding layer in the cipher wall; the data backflow direction setting module is electrically connected with the information input module to be encrypted, performs S transformation on each cipher brick in the information input module to be encrypted, and sets the data backflow direction of each cipher brick; the interweaving conversion module is electrically connected with the data backflow direction setting module, and inputs the conversion result of each cipher brick on the corresponding layer in the data backflow direction setting module into the interweaving layer on the corresponding layer for interweaving conversion; the information processing module to be encrypted is electrically connected with the interweaving conversion module, judges whether the information to be encrypted traverses each layer of the password wall or not, and outputs the calculation result of the interweaving layer as encrypted information when the information to be encrypted is finished; otherwise, inputting the calculation result of the interwoven layer to the next layer in the cipher wall, controlling the information to be encrypted input module, and executing the information to be encrypted to be input to each cipher brick of the corresponding layer in the cipher wall.

A decryption system for a cryptographic wall, comprising: the information to be decrypted acquiring module acquires the information to be decrypted from the server; the information to be decrypted input module is electrically connected with the information to be decrypted acquisition module and inputs the information to be decrypted into the interwoven layer of the corresponding layer in the password wall; the data backflow direction setting module is electrically connected with the information input module to be decrypted, carries out reverse interweaving transformation on the interweaving layer of the corresponding layer in the information input module to be decrypted, and sets the data backflow direction of each cipher brick of the layer corresponding to the interweaving layer; the reverse S conversion module is electrically connected with the data backflow direction setting module, inputs the result of reverse interweaving conversion in the data backflow direction setting module into each cipher brick of the cipher brick layer, and performs reverse S conversion; the information processing module to be decrypted is electrically connected with the interweaving transformation reverse module, judges whether the information to be decrypted traverses each layer of the cipher wall, and outputs the result of the reverse S transformation calculation of the cipher brick as decryption information when the information to be decrypted is finished; otherwise, inputting the result of the reverse S conversion of the cipher brick to the next layer in the cipher wall, controlling the information input module to be decrypted, and executing the input of the information to be decrypted to the interwoven layer of the corresponding layer in the cipher wall.

In the invention, a plurality of basic components, a plurality of size specifications, a plurality of hierarchical structures and a plurality of data flow directions are adopted. In a figure, the cipher bricks with different sizes, different hierarchical structures and different operation parameters are stacked into a layer like a building, and then the layer is alternately used with interweaving layers with different configurations, and a building with a cipher algorithm is built layer by layer; during encryption, data are transmitted and operated from top to bottom in sequence, but a backward backflow situation exists in some places, the time sequence of data flow direction and operation is disturbed, and the situation is equivalent to the hierarchy structure of a changed algorithm.

Compared with the prior art, the invention provides a construction method and a system of a password wall, which at least bring the following technical effects:

1. in the invention, the user key is subjected to uniform and nonlinear unidirectional expansion transformation to generate configuration data, the key in the password wall generated by the user has a difference of even one bit, and the corresponding configuration data has a difference of about half. Thus, effective safety interval between different user keys is ensured.

2. In the invention, because the irreversibility of the user key is realized, even if an attacker analyzes the unified algorithm framework of the SOTP algorithm and corresponding configuration data from one algorithm example, the user key is difficult to be solved due to the unidirectional property from the user key to the configuration data.

Drawings

The method and system features, technical characteristics, advantages and implementation of the cipher wall will be further described in the following description of preferred embodiments in a clearly understandable manner by referring to the accompanying drawings.

FIG. 1 is a flow chart of one embodiment of a method for constructing a cryptographic wall of the present invention;

FIG. 2 is a flow chart of another embodiment of a method for constructing a cryptographic wall of the present invention;

FIG. 3 is a flow chart of another embodiment of a method for constructing a cryptographic wall of the present invention;

FIG. 4 is a flow chart of another embodiment of a method for constructing a cryptographic wall of the present invention;

FIG. 5 is a flow chart of another embodiment of a method for constructing a cryptographic wall of the present invention;

FIG. 6 is a flow chart of another embodiment of a method for constructing a cryptographic wall of the present invention;

FIG. 7 is a block diagram of one embodiment of the present invention for setting the data reflow direction;

FIG. 8 is a cipher wall structure of the present invention;

FIG. 9 is a flowchart of an embodiment of a method for detecting a construction method of a password wall according to the present invention;

FIG. 10 is a flow chart of one embodiment of a cryptographic wall encryption method of the present invention;

FIG. 11 is a flow chart of another embodiment of a decryption method of the password wall of the present invention;

FIG. 12 is a block diagram of one embodiment of a construction system for a cryptographic wall of the present invention;

FIG. 13 is a block diagram of one embodiment of an encryption system for a cryptographic wall of the present invention;

fig. 14 is a block diagram of one embodiment of a decryption system for a cryptographic wall of the present invention.

Detailed Description

In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the following description will be made with reference to the accompanying drawings. It is obvious that the drawings in the following description are only some examples of the invention, and that for a person skilled in the art, other drawings and embodiments can be derived from them without inventive effort.

For the sake of simplicity, the drawings only schematically show the parts relevant to the present invention, and they do not represent the actual structure as a product. In addition, in order to make the drawings concise and understandable, components having the same structure or function in some of the drawings are only schematically illustrated or only labeled. In this document, "one" means not only "only one" but also a case of "more than one".

The present invention provides an embodiment of a method for constructing a password wall, which is shown in fig. 1 and includes: step S100, parameter configuration information is obtained according to key information of a user side; step S200, distributing the acquired parameter configuration information to corresponding parameter components of the password wall; the corresponding parameter parts in the password wall comprise password bricks, data reflux and interwoven layers; step S300 constructs the password wall according to the parameter configuration information configured by the corresponding parameter component in the password wall.

Specifically, in the present embodiment, refer to fig. 1; the isolation technology of the algorithm instance is generated by uniformly and nonlinearly expanding 1024-bit user keys to algorithm parameter configuration data of no less than 3856 bits and then generating the algorithm instance by the configuration data. So that the algorithm instances are sparsely distributed at 2³⁸⁵⁶In a space formed by configuration data, average is 2²⁸³²Each configuration data corresponds to only one algorithm instance. The cipher brick is realized by S transformation, based on S boxes generated by user key and initial configuration data (alternate rolling), and various sizes are realized by nested compositionS transform of (1). Due to the fact that the size of the embedded multi-parameter algorithm is different, the number of the embedded layers is different from the selected parameters, the algorithm structure is changed to a certain degree while the operation parameters are changed, and the safety interval between different algorithm examples is improved. Data reflow refers to data to be returned from the output of a certain component of the current layer to the input of another component of the current layer; according to the size of the cipher code, the number of the cipher code in each layer, the set data reflux direction and the parameters of the interweaving layer, a cipher code wall is constructed, so that the user cipher keys and the algorithm are deeply fused, and different user cipher keys correspond to different encryption and decryption block algorithms, namely the cipher code wall. This is different from the conventional method in which the block cipher distinguishes the encryption/decryption functions by the encryption/decryption key. In the application, the user key and the algorithm are fused, and the algorithm is used for identity authentication and negotiation session key, so that the encryption key is not required to be continuously changed when the traditional block cipher is used, and a key expansion algorithm is not used. Different keys correspond to different algorithms, the difficulty of attacking the cipher by the prior attacking technology is greatly enhanced for cipher attackers, the diversity of the cipher walls is determined by the diversity of the keys, and a plurality of cipher walls correspond to one encryption and decryption algorithm cluster.

Specifically, a further embodiment is provided on the basis of the above embodiment, as shown with reference to fig. 2; grouping and setting are carried out according to the key information of the user side; performing multi-round conversion on the key information of the user side after the grouping is set according to a first preset algorithm, and generating initial parameter configuration information; generating an S box according to the generated initial parameter configuration information; further calculating and generating the parameter configuration information according to the results of the previous 3 steps, and selecting algorithm parameters such as cipher bricks, data reflux, interweaving layers and the like of each round; acquiring parameter configuration information, and in the first step, generating initial configuration data based on a user key. Suppose the byte number of the key of the user is 1024 bits, namely K₀,…K₁₅Dividing K from low to high into 16 64bit numbers, and respectively recording the numbers as K; defining a function: m (x) x mod4, n (x) x mod16,remember a again_i(i ═ 0,1,2,3) is a 64-bit number, and the initial value is preset to 0X 555555555555555555555555555555555555555555; the number of (i ═ 0,1,.. said., 15) is 6 bits, and is in this order 17,27,37,47,17,27,37,47,17,27,37,47,17,27,37, 47. D_i(i-0, 1, … …,15) is a 64bit number, in order:

e7587fb070245d81,59377783eda99126,785ff6d8a555b001,

8f58e8945cf65ca9, f46c818ff7c470fb, a5855ee2a3e52db9, c55c32da2a35f5d0, e84d05e769aeab45, ddd7b6484638b3eb,1ec6846a2e738656, c969ef9eda 44575,062df4a6915aa787,6 b5aa15153b0894, 96568dcbc697e2a5,9c822a1b405 76c, cefc0f5d02035730 are required when generating the initial configuration data₀,a₁,a₂,a₃And performing 24 transformations, wherein every 16 transformations are performed, the ith and jth transformation is defined as follows: namely a first preset algorithm;

wherein Δ_i7i is the offset of the ith, i is 0,1, 23, j is 0,1, 15; starting from the ith to 8, outputting a after 16 calculations are completed₀,a₁,a₂,a₃The output is 16 for every 256 bits of output, and 4096 bits of initial configuration data are generated.

Second, a 16-ary S-box S is generated using the initial configuration data. The initial configuration data is 512 bytes in total and is marked as t_iI is equal to 0,1,2, …,511, and t is then added_iThe upper 4 and lower 4 bits are respectively marked asThe s-boxes are preset into unit replacement, and addresses in the s are exchanged256,257.., 511, i.e.256 swaps are performed in total, and the swaped S is used as a 16-element S box in the encryption algorithm.

Third, generate 256-element S-box S using S and initial configuration data. First, an S-box SS is preset with S:generating a conversion starting point through feedback carry addition: u shape₂₅₆,V₂₅₆: let U₀＝0,V₀Calculate (i ═ 0, 1.., 255), U ═ 0_i+1＝((U_i+t_i＞＞8)+(U_i+t_i))&0xff；V_i+1＝((V_i+t_i+256＞＞8)+(V_i+t_i+256))&0 xff; then, 256 times of SS is exchanged, and the address in the SS is the i + U₂₅₆mod 256，t_i+256, the content of the cell, i ═ 0, 1.., 255; finally, let S be SS, carry on 256 times to exchange S, exchange S address for i + V₂₅₆mod 256、t_iThe content of the cell, i ═ 0, 1.., 255. This generates a 256-tuple S-box S used in the encryption algorithm, while obtainingTo an S-box SS used in the generation process.

And fourthly, generating parameter configuration data on the basis of the former step, and selecting algorithm parameters such as each cipher brick, data backflow, interweaving layers and the like. The calculation method of step 1 is adopted, a₀,a₁,a₂,a₃The data when the calculation in the step 1 is completed is still reserved, namely the last 256 bits of the initial configuration data; the SS of the substitution table is divided into 32 64-bit numbers according to 8 units and is recorded as the SS_iI is 0,1,. multidot.31; and (3) recalculating:

wherein, Delta_iThe offset amount of the ith is 7i, i is 0,1, 15, j is 0, 1. A is output after 16 calculations are completed from each round₀,a₁,a₂,a₃The value of (2) is output 16 every 256 bits to generate 4096-bit parameter configuration data, i.e. parameter configuration information.

the mathematical model of the multi-layer S transform is:

wherein,

Specifically, a further embodiment is provided on the basis of the above embodiment; shown with reference to fig. 3, 4, 5, 6, 7; 4096-bit parameter configuration data, namely parameter configuration information, generated in the above embodiment is distributed, each parameter component in the cipher wall is divided unequally, and if the distributed cipher brick is 3072 bits, the distributed cipher brick is the first configuration parameter; the secondary password brick 3072bit is distributed to data to flow back to 1024 bits, namely the second configuration parameter; the allocation to the interleaved layer is 1024 bits, which is the third configuration parameter; the specific method for distributing the parameter configuration information comprises the following steps: determining the space capacity of each parameter component in the cipher wall, namely the size of the number of the parameter component in the cipher wall and the like in 4096bit parameter configuration data:

firstly, determining the number and size of cipher bricks. Determining the number and the size of the cipher bricks based on S transformation; including single and multiple layers; single-layer S transformation: assuming that when the size of the cipher brick n is 4bit or 8bit, the S transformation directly calls the S box, and let X be n-bit input, specifically:

the n-bit parameter C is randomly generated by a generation algorithm, addition or subtraction is randomly selected and used, and a 16-element S box S or a 256-element S box S is determined according to the size n and is also randomly generated by the generation algorithm according to a user key.

Multilayer S transformation: assuming that when the size of the cipher brick n is 16bit or 32bit, S transformation is formed by nesting and calling 8bit S transformation and 16bit S transformation respectively; meanwhile, the method also comprises G transformation:

wherein C is a randomly selected parameter; the input of the S transformation is divided into a left part and a right part which are respectively marked as X and Y; similarly, the outputs are denoted as X ', Y'; for distinction, the S transformation of nbit is denoted S_n：(X,Y)→S_n(X, Y) ═ X ', Y', then:

the parameters of S transformation and G transformation are randomly selected by a generation algorithm and are different. As can be seen from the mathematical model, the S transformation of 16 bits is generated by two layers of S transformation and G transformation of 8 bits, and the structural hierarchy can be regarded as two layers; the 32-bit S transformation is generated by two layers of 16-bit S transformation and G transformation, and is reduced to 4 layers when the 8-bit S transformation and G transformation are generated.

Further determining the parameter information of each part of the password wall as follows;

firstly, determining the size of a password conversion;

for the purpose of more concrete visualization of the embodiment, assume that 4096-bit parameter configuration data is divided into 16 256-bit numbers, denoted as T_i(i ═ 0, 1.., 15), and then T is counted for the ith 256-bit number_iAnd is denoted by t in units of 64 bits_i,j(j ═ 0,1,. and 3), denoted tt in 16 bits_i,j(j＝0,1,...,16)。

First, a 64-bit number is calculatedThen, the number of the coded bricks and the size of each brick are determined by using u, which comprises the following steps:

1. and taking 2 bits for u from low to high in sequence, and when the value of the 2-bit number is: when the password is 0, the length of the password brick is 4 bits; when the number is 1, the length of the cipher brick is taken as 8 bit; when the number is 2, the length of the cipher brick is taken as 16 bit; when the number is 3, the length of the password brick is 32 bit. According to the method, the cipher bricks are selected sequentially backwards, and the lengths of the selected cipher bricks are continuously subtracted from the original length of 64bit in sequence until the residual length is less than or equal to 0. When the remaining length is equal to 0, the algorithm ends; and when the length is less than 0, discarding the last selected cipher brick and recalculating the residual length.

2. If the residual length is not less than 16, continuing to take 4 bits from u, taking the value of the 4 bits as an address to select the length of the password from the array {4,8,4,4,4,4,8,8,8,8,16,16,16,16,16 }, calculating the residual length, if the residual length is not less than 16, continuing the process, otherwise, turning to the next step. In addition, the actual probabilities of selecting 4,8, and 16 are 5/16,5/16, and 6/16, respectively, which approximates the randomly selected probability 1/3. The purpose of the design is to make the probability of selecting the 16-bit brick with higher complexity slightly larger and enhance the complexity of the algorithm.

3. If the residual length is not less than 8, continuing to take 1bit from u, and if the residual length is 0, selecting a 4-bit cipher brick; if the number is 1, 8bit cipher bricks are selected. And calculating the residual length, if the residual length is not less than 8, continuing the process, and otherwise, turning to the next step.

4. If the remaining length is equal to 4, the size of the last cipher brick is selected to be 4 bits.

The selection of the cipher bricks is completed based on the above.

Secondly, determining data reflow; as shown with reference to FIG. 7; because data flows in simultaneously, the cipher bricks on the same layer can be calculated in a time sequence and then output simultaneously, which seems to be the parallel connection of the cipher bricks; data reflow is that the output of one cipher brick in the same layer is input into another cipher brick again, and calculation can be performed only on different time sequences before and after the output, which is as if the output is 'serial connection' of the cipher bricks. Data reflow changes the hierarchy of the algorithm. The cipher brick A and the cipher brick B are respectively on the ith and j (i < j) positions of the same layer, and the corresponding S transformation is respectively recorded as transformation S_i,S_jAnd the inputs are respectively marked as a and b, then: and (3) right reflux transformation:

and (3) left reflux transformation:

at most one data reflow is set on each layer of the cipher wall, and when generating and compiling, the positions (i, j) of the cipher bricks of each layer of data reflow and the cipher bricks of the flow direction need to be generated. Because each layer has 16 cipher bricks at most, 24bit numbers are generated as the positions i and j of the cipher bricks, if the two numbers are the same, the cipher bricks are directly connected; if i, j is larger than the number M of the actual password bricks, the actual password bricks are converted into the range M through modular operation: i mod M → i, j mod M → j. And if the sizes of the cipher bricks are not equal, performing XOR operation by low-order alignment, and keeping the result after XOR according to the size of the inflow square cipher brick. The data reflux changes the hierarchical structure of the algorithm, so that the two cipher bricks become a composite function relationship, the complexity of the algorithm can be greatly increased, and the safety intensity of the algorithm is increased.

In a further embodiment, the highest 16 bits (i.e., 48-63 bits) of u are divided into high and low bytes, with the low 4 bits of the low byte being taken as the location of the outgoing side cipher brick and the low 4 bits of the high byte being taken as the location of the incoming side cipher brick in the data stream.

And thirdly, determining the operation parameters of the cipher brick. Since the algorithm parameters for the transformation of the cipher bricks are all multiples of 16bit, the selection is agreed to start from the brick of the data reflux, from tt_i,jAnd (j ═ 0,1,. and 16) are sequentially selected and used as required until all the parameters of the coded bricks are selected.

Fourthly, determining interleaving layer parameters. Calculating a 64bit numberThen, v is used to determine the parameters a, b of the interleaving, so that a takes the upper 32 bits of v, b takes the lower 32 bits, and the lowest 2 bits of a are forced to be '1', and the lowest 1bit of b is forced to be '1'. The interweaving layer is different from a pure linear interweaving layer, not only plays an interweaving role, but also has a disorderly effect, and is the basis of the security of the cryptographic algorithm. Inputting 64 bits, namely a left part L and a right part R which are respectively 32 bits, according to interleaving parameters a and b; the interleaved transform is defined as:

p is interleaving transformation; wherein a and b are two 32-bit parameters, a satisfies that the lowest two bits are '1', and b is an odd number; p is linear transformation with byte as unit, and for the input 32-bit integer, the vector of 4 bytes is subjected to linear transformation;

the construction architecture of the password wall is shown by a reference diagram; the structure of the password wall is more vividly displayed; the cipher bricks and the interweaving layers are in one-to-one correspondence, and the size of the cipher bricks on each layer is different, so that the number of the cipher bricks on each layer is different; the data flow direction and the data flow direction are different. The data reflow is randomly set on the cipher brick layer, and is only marked on the last layer in fig. 8, and the specific set flow direction is obtained according to the setting algorithm.

In the invention, in one layer of the cipher wall, the small-sized cipher bricks and the large-sized cipher bricks exist, so that the structural layers are staggered and varied; the amount of change of the cipher brick is huge, so that the information is encrypted more safely and reliably.

The present invention also provides an embodiment of a detection method of a method for constructing a cryptographic wall, which is shown with reference to fig. 9; the method comprises the following steps: step S100, detecting the generated code wall according to a preset detection rule; step S200, judging whether the code wall meets the preset detection rule, and regenerating the code wall when the code wall does not meet the preset detection rule.

Specifically, as shown in fig. 9, it further includes whether the cipher brick layer selects the same preset element S box in the same layer for transformation; and when the number of the cipher brick layers exceeds the preset number of the layers. On the basis of the above embodiment, the present invention provides another embodiment, which can be used directly without detection under ordinary conditions; in case of high security requirements, such as in a mobile payment environment, it should be detected that: 1) whether or not S boxStraight through, discard if both straight through, 16-and 256-membered S-boxes with a probability of about 2^-44×2^-1684＝2^-1728(ii) a 2) Whether the cipher brick layer with more than 4 layers exists or not is selected from 16-element S transformation within one layer, and the probability is aboutIf so, it is discarded. The discard case "almost" does not occur in consideration of the number of users actually used. And (3) checking the rule:

s, judging whether the boxes are straight, and if so, discarding; a 16-membered S-box S, S [ i ] equal to i, i ═ 0,1,. 15, then abort; a 256-tuple S box S, S [ i ] is equal to i, i ═ 0,1,. 255 is discarded. The detection rule is preset according to the safety requirement of the scene of the using place.

The present invention further provides an embodiment of an encryption method for a cryptographic wall, which is shown in fig. 10 and includes: step S100, obtaining information to be encrypted from a user side; step S200, inputting the information to be encrypted into the cipher bricks of the corresponding layer in the cipher wall; step S300, carrying out S transformation on each cipher brick in the step S200, and setting the data backflow direction of each cipher brick; step S400, inputting the result of the conversion of each cipher brick of the corresponding layer in the step S300 into the interwoven layer of the corresponding layer for interweaving conversion; step S500, judging whether the information to be encrypted traverses each layer of the password wall or not, and outputting the calculation result of the interwoven layer as encryption information when the information to be encrypted is finished; otherwise, inputting the result of the calculation of the interwoven layer to the next round of the password wall, and returning to execute the step S200.

In particular, according to the foregoing description of the above embodiments, the implementation of the data reflow and interleaving layer is clear and will not be repeated. Suppose that 64-bit plaintext is used as input data of an encryption algorithm of a user, and 64-bit ciphertext data is output after layer-by-layer processing of the encryption algorithm. Starting from the first of the encryption algorithms: 1) inputting input data into the cipher brick layer correspondingly, and performing S transformation calculation on each cipher brick; if the cipher brick relates to data backflow, firstly processing the calculation of the cipher brick of the outflow party, carrying out XOR on the calculation result of the outflow party and the input data of the cipher brick of the inflow party, and then carrying out the calculation of the cipher brick of the inflow party as a new input; 2) after the cipher brick layer is completely calculated, the calculation result of the cipher brick layer is input into the interweaving layer for interweaving transformation; 3) if all 16 rounds of calculation are finished, outputting the calculation result of the interwoven layer as a ciphertext; otherwise, taking the calculation result of the interwoven layer as next input data, and turning to 1) to continue the next calculation.

The present invention further provides an embodiment of a decryption method of a method for constructing a cryptographic wall, which is shown in fig. 11 and includes: step S100, obtaining information to be decrypted from a server; step S200, inputting the information to be decrypted into the interwoven layer of the corresponding layer in the password wall; step S300, performing inverse interleaving transformation on the interleaving layer of the corresponding layer in the step S200, and setting the data backflow direction of each cipher brick of the layer corresponding to the interleaving layer; step S400, inputting the result of the inverse interleaving transformation in the step S300 into each cipher brick of the cipher brick layer, and performing inverse S transformation; step S500, judging whether the information to be decrypted traverses each layer of the cipher wall, and outputting the result of the reverse S transformation calculation of the cipher brick as decryption information when the information to be decrypted is finished; otherwise, inputting the result of the reverse S transformation of the cipher brick to the next layer in the cipher wall, and returning to execute the step S200.

In this embodiment, an embodiment of a decryption method of a method for constructing a cryptographic wall is provided, where a decryption process is an inverse process of an encryption process and is slightly different from the encryption process. The main expression is different in processing modes of the cipher brick and the interweaving layer, and the inverse transformation of S transformation and interweaving transformation is used in decryption. In addition, the data flow back also needs to be reversed. Specifically, taking a 64-bit ciphertext as an example of input data, the following processes are sequentially performed from the first stage of the decryption algorithm: 1) inputting the input data into the interweaving layer to carry out inverse interweaving transformation; 2) inputting the calculation result of the reverse transformation of the interweaving layer into the cipher brick layer, and calculating the reverse S transformation of each cipher brick; if the cipher brick involves data backflow, the input data of the original outflow side is subjected to exclusive OR on the data of the inverse S transformation calculation result of the cipher brick of the inflow side, and the data is used as the final output result of the cipher brick of the inflow side; 3) if 16 all the calculation is finished, outputting the calculation result of the cipher brick layer as a plaintext; otherwise, taking the calculation result of the cipher brick layer as the next input data, and turning to 1) to continue the calculation of the next round.

The present invention also provides an embodiment of a system for constructing a password wall, which is shown in fig. 12; the method comprises the following steps: the information acquisition module 100, the server acquires the parameter configuration information according to the key information of the user side; the information distribution module 200 is electrically connected with the information acquisition module 100, and the server distributes the acquired parameter configuration information to the corresponding parameter components of the password wall; the corresponding parameter parts in the password wall comprise password bricks, data reflux and interwoven layers; the password wall construction module 300, together with the information distribution module 200, constructs the password wall according to the parameter configuration information configured by the corresponding parameter components in the password wall.

Preferably, the information obtaining module 100 includes: a grouping setting sub-module 110, which performs grouping setting according to the key information of the user side; an initial information generation sub-module 120, electrically connected to the grouping setting sub-module 110, for performing multiple rounds of conversion on the key information of the user side after grouping setting according to a first preset algorithm, and generating initial parameter configuration information; an initial information transformation submodule 130 electrically connected to the information generation submodule 120, and configured to generate a multi-element S-box according to the initial parameter configuration information; and an information generating submodule 140 electrically connected to the initial information converting submodule 130, and configured to perform S conversion according to the multivariate S-box and the initial parameter configuration information to generate the parameter configuration information.

Preferably, the information distribution module 200 includes: a cipher brick parameter configuration submodule 210 configured to set a size of the cipher bricks and a number of the cipher bricks according to a first configuration parameter obtained from the parameter configuration information; a data reflux parameter configuration submodule 220, configured to set a data information flow direction of the data reflux and position information in the password wall according to a second configuration parameter obtained from the first configuration parameter; the interleaving parameter configuration sub-module 230 sets the interleaving parameters of the interleaving layer according to the third configuration parameters obtained from the parameter configuration information.

Specifically, in this embodiment and what needs to be explained, contents such as information interaction and execution process among modules in the system are based on the same concept as the above method embodiment, and in the embodiment of the present application, S-box transformation is applied, so that the method has the remarkable characteristics of controllable property, large quantity, convenience in implementation, and the like, and is widely used in block cipher design. In this application password wall design, this application has also chooseed S box as the basis of S transform to regard S transform as to constitute important cryptographic module. However, unlike the general block cipher design, the present application employs variable S-boxes, and the variable range is not limited to the "optimal" S-box range, but rather to a symmetric group, i.e., the entire N-ary permutation. Generating variable S-boxes within an optimal range is not a difficult task, since the starting point for the present application to consider the problem is not the "individual" security of a certain algorithm instance, but the security of the whole system. System safety is sought, naturally the larger the range the better, no obvious features, unrecognizable as good. And the S box is randomly generated in the range of the symmetric group, so that the user key information can be borne to the maximum extent. Another consideration with variable S-boxes is their irreversibility, i.e., if an attacker acquires an S-box of an algorithm instance, it is also difficult to reverse-extrapolate its generation steps to restore the configuration data, which is also a principle of "white-box" cryptographic design. A fusion recursive method of S box generation and user key nonlinear expansion is designed, and the user key is guaranteed to be effectively diffused to the S box and configuration data; a method for realizing 65536 and 4294967296 element replacement through nested multiplexing based on 16 element replacement and 256 element replacement is designed.

In the invention, a technical method from random number to replacement is designed, the operation is less, the generated replacement is random, and the replacement is not easy to be decoded by illegal users, thereby being safe and reliable.

The isolation technology of the algorithm instance is generated by uniformly and nonlinearly expanding 1024-bit user keys to algorithm parameter configuration data of no less than 3856 bits and then generating the algorithm instance by the configuration data. So that the algorithm instances are sparsely distributed at 2³⁸⁵⁶In a space formed by configuration data, average is 2²⁸³²Each configuration data corresponds to only one algorithm instance. The cipher brick is realized by S transformation, and based on an S box (alternate rolling) generated by a user key and initial configuration data, the S transformation of various sizes is realized by nested composition. Due to the fact that the size of the embedded multi-parameter algorithm is different, the number of the embedded layers is different from the selected parameters, the algorithm structure is changed to a certain degree while the operation parameters are changed, and the safety interval between different algorithm examples is improved. Data reflow refers to data to be returned from the output of a certain component of the current layer to the input of another component of the current layer; according to the size of the cipher code, the number of the cipher code in each layer, the set data reflux direction and the parameters of the interweaving layer, a cipher code wall is constructed, so that the user cipher keys and the algorithm are deeply fused, and different user cipher keys correspond to different encryption and decryption block algorithms, namely the cipher code wall. This is different from the conventional method in which the block cipher distinguishes the encryption/decryption functions by the encryption/decryption key. In the application, the user key and the algorithm are fused, and the algorithm is used for identity authentication and negotiation session key, so that the encryption key is not required to be continuously changed when the traditional block cipher is used, and a key expansion algorithm is not used. Different keys correspond to different algorithms, the difficulty of attacking the cipher by the prior attacking technology is greatly enhanced for cipher attackers, the diversity of the cipher walls is determined by the diversity of the keys, and a plurality of cipher walls correspond to one encryption and decryption algorithm cluster.

Grouping and setting are carried out according to the key information of the user side; according toPerforming multi-round conversion on the key information of the user side after the grouping is set by a first preset algorithm, and generating initial parameter configuration information; generating an S box according to the generated initial parameter configuration information; further calculating and generating the parameter configuration information according to the results of the previous 3 steps, and selecting algorithm parameters such as cipher bricks, data reflux, interweaving layers and the like of each round; acquiring parameter configuration information, and in the first step, generating initial configuration data based on a user key. Suppose the byte number of the key of the user is 1024 bits, namely K₀,…K₁₅Dividing K from low to high into 16 64bit numbers, and respectively recording the numbers as K; defining a function: m (x) x mod4, n (x) x mod16,remember a again_i(i ═ 0,1,2,3) is a 64-bit number, and the initial value is preset to 0X 555555555555555555555555555555555555555555; the number of (i ═ 0,1,.. said., 15) is 6 bits, and is in this order 17,27,37,47,17,27,37,47,17,27,37,47,17,27,37, 47. D_i(i ═ 0, 1.. said., 15.) is a 64bit number, followed by:

e7587fb070245d81,59377783eda99126,785ff6d8a555b001,

wherein Δ_i7i is the offset of the ith, i is 0,1, 23, j is 0,1, 15; starting from the ith to 8, outputting a after 16 calculations are completed₀,a₁,a₂,a₃256 bits per output, for 16 outputs, yielding 4096bit initial configuration data.

Second, a 16-ary S-box S is generated using the initial configuration data. The initial configuration data is 512 bytes in total and is marked as t_iI is 0,1,2, 511, and t is then added_iThe upper 4 and lower 4 bits are respectively marked asThe s-boxes are preset into unit replacement, and addresses in the s are exchanged256,257.., 511, i.e.256 swaps are performed in total, and the swaped S is used as a 16-element S box in the encryption algorithm.

Third, generate 256-element S-box S using S and initial configuration data. First, an S-box SS is preset with S:generating a conversion starting point through feedback carry addition: u shape₂₅₆,V₂₅₆: let U₀＝0,V₀Calculate (i ═ 0,1, 255), U ═ 0_i+1＝((U_i+t_i＞＞8)+(U_i+t_i))&0xff；V_i+1＝((V_i+t_i+256＞＞8)+(V_i+t_i+256))&0 xff; then, 256 times of SS is exchanged, and the address in the SS is the i + U₂₅₆mod 256，t_i+256, the content of the cell, i ═ 0,1, 255; finally, let S be SS, carry on 256 times to exchange S, exchange S address for i + V₂₅₆mod 256、t_iThe content of the cell, i ═ 0, 1.., 255. This generates a 256-element S-box S used in the encryption algorithm, and at the same time obtains an S-box SS used in the generation.

And fourthly, generating parameter configuration data on the basis of the former step, and selecting algorithm parameters such as each cipher brick, data backflow, interweaving layers and the like. Taking the meter of step 1Calculation method, a₀,a₁,a₂,a₃The data when the calculation in the step 1 is completed is still reserved, namely the last 256 bits of the initial configuration data; the SS of the substitution table is divided into 32 64-bit numbers according to 8 units and is recorded as the SS_iI is 0,1,. multidot.31; recalculation

the mathematical model of the multi-layer S transform is:

wherein,

4096-bit parameter configuration data, namely parameter configuration information, generated in the above embodiment is distributed, each parameter component in the cipher wall is divided unequally, and if the distributed cipher brick is 3072 bits, the distributed cipher brick is the first configuration parameter; the secondary password brick 3072bit is distributed to data to flow back to 1024 bits, namely the second configuration parameter; the allocation to the interleaved layer is 1024 bits, which is the third configuration parameter; the specific method for distributing the parameter configuration information comprises the following steps: determining the space capacity of each parameter component in the cipher wall, namely the size of the number of the parameter component in the cipher wall and the like in 4096bit parameter configuration data:

firstly, determining the size of a password conversion;

The selection of the cipher bricks is completed based on the above.

and (3) left reflux transformation:

Fourthly, determining interleaving layer parameters. Calculating a 64bit numberThen, v is used to determine the parameters a, b of the interleaving, so that a takes the upper 32 bits of v, b takes the lower 32 bits, and the lowest 2 bits of a are forced to be '1', and the lowest 1bit of b is forced to be '1'. The interweaving layer is different from a pure linear interweaving layer, not only plays an interweaving role, but also has a disorderly effect, and is the basis of the security of the cryptographic algorithm. Inputting 64 bits, respectively to the left and the rightThe parts L and R are respectively 32 bits according to interleaving parameters a and b; the interleaved transform is defined as:

The invention also provides an embodiment of a detection system of the password wall construction system, which comprises the following steps: the detection module 100 is used for detecting the generated code wall according to a preset detection rule; the detection judgment module 200 is electrically connected with the detection module 100 and is used for judging whether the code wall meets a preset detection rule or not; when the password is not satisfied, regenerating the password wall; wherein, the preset detection rule comprises: whether S-box transformation of the encryption algorithm is straight-through; and/or whether a plurality of layers of coded bricks are subjected to S transformation with the same preset size in the same layer.

The present invention also provides an embodiment of an encryption system of a password wall, which is shown in fig. 13 and includes: the information to be encrypted acquisition module 100 acquires information to be encrypted from a user side; the information to be encrypted input module 200 is electrically connected with the information to be encrypted acquisition module 100 and inputs the information to be encrypted into the cipher bricks on the corresponding layer in the cipher wall; a data reflux direction setting module 300, electrically connected to the information input module 200 to be encrypted, for performing S transformation on each cipher brick in the information input module 200 to be encrypted, and setting a data reflux direction of each cipher brick; an interleaving transformation module 400 electrically connected to the data reflow direction setting module 300, for inputting the result of the transformation of each cipher brick of the corresponding layer in the data reflow direction setting module 300 into the interleaving layer of the corresponding layer to perform interleaving transformation; the information processing module 500 to be encrypted is electrically connected with the interleaving conversion module 400, judges whether the information to be encrypted traverses each layer of the password wall or not, and outputs the calculation result of the interleaving layer as encrypted information when the information to be encrypted is finished; otherwise, inputting the calculation result of the interwoven layer to the next layer in the cipher wall, controlling the information to be encrypted input module 200, and executing the input of the information to be encrypted to each cipher brick of the corresponding layer in the cipher wall.

The present invention further provides an embodiment of a decryption system of a cryptographic wall, as shown in fig. 14, including: the information to be decrypted acquiring module 100 acquires information to be decrypted from the server; the information to be decrypted input module 200 is electrically connected with the information to be decrypted acquisition module 100, and inputs the information to be decrypted into the interwoven layer of the corresponding layer in the password wall; a data reflux direction setting module 300, electrically connected to the information to be decrypted input module 200, for performing inverse interleaving transformation on the interleaving layer of the corresponding layer in the information to be decrypted input module 200, and setting a data reflux direction of each cipher brick of the layer corresponding to the interleaving layer; an inverse S transform module 400, electrically connected to the data reflow direction setting module 300, for inputting the result of inverse interleaving transform in the data reflow direction setting module 300 into each cipher brick of the cipher brick layer to perform inverse S transform; the information processing module 500 to be decrypted is electrically connected with the interleaving transformation inverse module 400, judges whether the information to be decrypted traverses each layer of the cipher wall, and outputs the result of the inverse S transformation calculation of the cipher brick as decryption information when the information to be decrypted is finished; otherwise, inputting the result of the reverse S transformation of the cipher brick to the next layer in the cipher wall, controlling the information to be decrypted input module 200, and executing inputting the information to be decrypted to the interwoven layer of the corresponding layer in the cipher wall.

It should be noted that, the contents of information interaction, execution process, and the like between the modules in the encryption system of the cryptographic wall and the decryption system of the cryptographic wall in the present application are based on the same concept as the above method embodiment, and specific contents may refer to the description in the method embodiment of the present invention, and are not described herein again.

A specific embodiment is also provided in the present application for the specific implementation of the transformation of the cipher brick S: let x be the input and y be the output. For convenient transmission and selection, the parameters of the cipher brick are all in the unit of 16 bits.

1. When the cipher brick size is 4 bits, 5-bit algorithm parameters are needed, 16-bit data are actually transmitted (c15, c14, a.... c2, c1 and c0), and if c8 is 0, y is calculated to be s [ x + c3c2c1c0mod 16 ]; otherwise, when c8 is 1, then y is calculated as s [ x-c3c2c1c 0mod 16 ];

2. when the cipher brick size is 8 bits, 9-bit algorithm parameters are needed, 16-bit data are actually transmitted (c15, c14, a...... c2, c1 and c0), and if c8 is 0, calculation is carried out

y — S [ x + c7c6c5c4c3c2c1c 0mod 256 ]; otherwise, if c8 is 1, then the calculation is performed

y＝S[x-c7c6c5c4c3c2c1c0 mod 256]；

3. When the cipher brick size is 16 bits, 32-bit algorithm parameters are needed, and 2 16-bit parameters C ═ C (C15, C14, a.... C2, C1, C0) and D ═ D (D15, D14.... D2, D1, D0) are actually transmitted. Dividing the input 16bit x into two high and low parts a and b according to bytes, and completing S transformation in 4 steps:

1) if c8 is equal to 0, then calculate b1 equal to S [ b + c7c6c5c4c3c2c1c 0mod 256 ]; otherwise, when c8 is 1, then b1 is calculated as S [ b-c7c6c5c4c3c2c1c 0mod 256 ];

2) computing

Wherein, c15 c14 c13 c12 c11 c10 c 91 means that the last 1bit of the 8bit number is forced to be 1;

3) if d8 is equal to 0, then calculate a2 equal to S [ a1+ d7d6d5d4d3d2d1d 0mod 256 ]; otherwise, when d8 is equal to 1, then a2 is calculated as S [ a1-d7d6d5d4d3d2d1d 0mod 256 ];

4) computing

Wherein d15 d14 d13 d12 d11 d10 d 91 is equivalent to the last 1bit of the 8bit number and is forced to be 1; the result of the S transformation, y, is a2 < 8| b2, i.e. a₂,b₂Respectively 8 bits high and 8 bits low of the transformation result y.

4. When the cipher brick size is 32 bits, 6 16-bit algorithm parameters C are needed₀,C₁,C₂,C₃,C₄,C₅Dividing the input 32bit into two 16bit numbers A, B, calculating

1) A transformation method is utilized when the size of the cipher brick is 16 bits, B is used as input, C₀,C₁Calculating S transformation of 16 bits for the algorithm parameters, and recording the 16bit transformation result asB1；

2) ComputingWherein C2|1 indicates that the last 1bit of C2 is forced to 1;

3) using 16bit transformation method, taking A1 as input, C₃,C₄Calculating S transformation of 16 bits as an algorithm parameter, and recording a 16bit transformation result as A2;

4) computingWherein C5|1 indicates that the last 1bit of C5 is forced to 1; the result of the S transform, y, is a2 < 16| B2, i.e., a2, B2 are respectively 16 bits high and 16 bits low of the transform result y.

In the invention, the construction of the password wall comprises two parts, namely, a generation algorithm, and an encryption and decryption algorithm is generated for each user according to a user key; the second is a block encryption algorithm, which is different according to different users and can be regarded as an SP-like structure in a broad sense. The encryption algorithm is generated by the random arrangement of the cipher bricks, interwoven layers and data reflow.

In the present application, the SOTP cryptographic algorithm, that is, the method for constructing the cipher device, uses three new concepts of cipher brick, interwoven layer, data reflow, etc., and the other descriptors are used according to the common algorithm description habit, and the following is briefly described:

1. a cipher brick. The cipher brick is a main cipher component, adopts a randomly generated S box, and completes operations including substitution, addition and subtraction on an integer ring, exclusive or and the like through S transformation generated directly or in a nested manner.

The puzzle pieces primarily provide the necessary non-linearity to achieve an internal "chaotic" effect. The cipher bricks with larger sizes can be regarded as being formed by multi-layer composite transformation of the cipher bricks with smaller sizes, so the cipher bricks can also generate the effect of disordered logic structure layers.

The operating parameters of the cipher brick are randomly generated as the encryption and decryption algorithms are generated for each user.

2. And (6) data is refluxed. The data backflow refers to changing the normal data flow direction of the cipher bricks, and the operation result of one cipher brick is input into another cipher brick of the layer for processing, including the situations of direct connection, left backflow, right backflow and the like. The data reflux can change the logic structure hierarchical relation of the algorithm, greatly enhance the complexity of the algorithm and improve the safety intensity of the password. And the related cipher bricks participating in data reflux are randomly selected when a user encryption and decryption algorithm is generated.

3. And (4) interweaving layers. The interleaving layer can interleave the operation output information of each cipher brick to other positions as uniformly, quickly and even nonlinearly as possible. The main function of the interleaving layer is 'interleaving', and the interleaving layer plays a nonlinear 'chaotic' role simultaneously and is an important safety foundation of the SOTP algorithm, unlike the traditional SP cipher algorithm in which the interleaving layer only plays a linear interleaving role.

4. Symbols and abbreviations.

K is 1024 bits and is used for generating a user key of an encryption and decryption algorithm, and different keys of users are different;

s is 4bit to replace the table, namely a 16-element S box;

s, 8bit replaces the table, namely the S box of 256 yuan;

g transformation, namely transformation performed by algebraic operation on a ring Z2n and a domain F2;

s transformation, namely, nonlinear transformation formed by directly expanding an S box or by nesting expansion;

p is linear transformation with bytes as units;

XOR operation is carried out;

adding arithmetic;

-arithmetic subtraction;

circularly moving left;

in the description of the algorithm, terms such as random generation or random selection are used to indicate that the algorithm only conforms to a random distribution, but not truly random, and the exact expression should be generated or selected in a manner conforming to the random distribution, and thus, the description is only convenient for the sake of convenience.

It should be noted that the above embodiments can be freely combined as necessary. The foregoing is only a preferred embodiment of the present invention, and it should be noted that, for those skilled in the art, various modifications and decorations can be made without departing from the principle of the present invention, and these modifications and decorations should also be regarded as the protection scope of the present invention.

Claims

1. A construction method of a password wall is characterized by comprising the following steps:

step S100, parameter configuration information is obtained according to key information of a user side;

step S200, distributing the acquired parameter configuration information to corresponding parameter components of the password wall; the corresponding parameter parts in the password wall comprise password bricks, data reflux and interwoven layers;

step S300 constructs the password wall according to the parameter configuration information configured by the corresponding parameter component in the password wall.

2. The method for constructing a cipher wall according to claim 1, wherein the step S100 comprises:

step S110, according to the key information obtained from the user side, grouping the key information;

step S120, performing multi-round conversion on the key information after grouping according to a first preset algorithm, and generating initial parameter configuration information;

step S130, generating a multi-element S box according to the initial parameter configuration information;

step S140 performs S transformation according to the multivariate S-box and the initial parameter configuration information to generate the parameter configuration information.

3. The method for constructing a cipher wall according to claim 1, wherein the step S200 comprises:

step S210, setting the size of the cipher bricks and the number of the cipher bricks according to a first configuration parameter obtained from the parameter configuration information;

step S220 sets a data information flow direction of the data reflux and position information in the code wall according to a second configuration parameter obtained from the first configuration parameter;

step S230 sets the interleaving parameter of the interleaving layer according to the third configuration parameter obtained from the parameter configuration information.

4. The method of claim 3, wherein the setting of the size and number of the tiles in one of the layers of the cipher wall comprises:

step S211, grouping and setting the first configuration parameters according to a preset byte amount, and forming a plurality of groups of first configuration parameter sub-information;

step S212, arranging high and low bytes of the first configuration parameter sub-information;

step S213 selects the parameter information of the high and low bytes corresponding to the preset number from the first configuration parameter sub information arranged by bytes in step S212, and calculates according to a second preset algorithm;

step S214, confirming the length of the cipher brick according to the calculation result of the step S213;

step S215 of calculating a remaining length of the first configuration parameter sub information parameter according to the length of the cipher brick and the first configuration parameter sub information length in step S214;

step S216 is to calculate the length of the cipher brick according to the remaining length of the first configuration parameter sub-information in the step S215 and the changed preset byte amount; repeatedly performing step S215 and step S216; and determining the size of the password transfer and the number of the password transfer of the corresponding layer.

5. The method for constructing the password wall according to claim 4, wherein the data reflux of the password is set as follows:

step S221, selecting configuration parameter sub-information with a preset byte amount from the first configuration parameter sub-information;

step S222 divides the configuration parameter sub-information selected in step S221 into a low byte bit and a high byte bit;

step S223 sets the low byte bit obtained in step S222 as the data outflow direction position of the password switch, and sets the high byte bit as the data inflow direction position of the password switch.

6. The method for constructing a cipher wall according to claim 4, wherein setting the interleaving parameters of the interleaving layer comprises:

231, grouping and setting the third configuration parameters according to a preset byte amount, and forming a plurality of groups of third configuration parameter sub-information; wherein, the step 231 is correspondingly equal to the step S211 according to the preset byte amount;

step 232, calculating the third configuration parameter sub-information according to a third preset algorithm;

step 233 determines the interleaving parameter of the interleaving layer according to the result of calculating the third configuration parameter sub-information in step S232.

7. The method of claim 2, wherein the S-transform comprises at least one layer:

the mathematical model of the single-layer S transform is: x → S [ X + -Cmod 2ⁿ]；

The size of the S-S box and the size of the n-S box are preset, and C is a parameter of the S box randomly selected according to the key information of the user side;

the mathematical model of the multi-layer S transform is:

<mrow> <mfenced open = "{" close = ""> <mtable> <mtr> <mtd> <msup> <mi>X</mi> <mo>&prime;</mo> </msup> <mo>=</mo> <msub> <mi>S</mi> <mrow> <mi>n</mi> <mo>/</mo> <mn>2</mn> </mrow> </msub> <mo>(</mo> <mi>G</mi> <mrow> <mo>(</mo> <mrow> <mi>X</mi> <mo>,</mo> <msub> <mi>S</mi> <mrow> <mi>n</mi> <mo>/</mo> <mn>2</mn> </mrow> </msub> <mrow> <mo>(</mo> <mi>Y</mi> <mo>)</mo> </mrow> </mrow> <mo>)</mo> </mrow> <mo>)</mo> </mtd> </mtr> <mtr> <mtd> <msup> <mi>Y</mi> <mo>&prime;</mo> </msup> <mo>=</mo> <mi>G</mi> <mo>(</mo> <msub> <mi>S</mi> <mrow> <mi>n</mi> <mo>/</mo> <mn>2</mn> </mrow> </msub> <mrow> <mo>(</mo> <mi>Y</mi> <mo>)</mo> </mrow> <mo>,</mo> <msup> <mi>X</mi> <mo>&prime;</mo> </msup> <mo>)</mo> </mtd> </mtr> </mtable> </mfenced> <mo>;</mo> </mrow>

wherein,

8. The method for constructing a cryptographic wall according to claim 3, wherein the cryptographic wall at the user side comprises at least one layer of construction generation;

wherein, each layer of the code wall is sequentially provided with the code bricks and the interwoven layer;

the size of the cipher bricks in each layer is different, and the number of the cipher bricks is different.

9. A detection method capable of executing the method for constructing a cryptographic wall according to any one of claims 1 to 8, comprising:

step S100, detecting the generated code wall according to a preset detection rule;

step S200, judging whether the code wall meets the preset detection rule, and regenerating the code wall when the code wall does not meet the preset detection rule.

10. The method for detecting a password wall construction method according to claim 9, wherein the preset detection rule in step S100 includes:

whether S-box transformation of the encryption algorithm is straight-through; and/or the presence of a gas in the gas,

and whether a plurality of layers of cipher bricks are subjected to S transformation with the same preset size in the same layer or not.

11. A method for encrypting a cryptographic wall, comprising performing a method for constructing a cryptographic wall according to any one of claims 1 to 8, comprising:

step S100, obtaining information to be encrypted from a user side;

step S200, inputting the information to be encrypted into the cipher bricks of the corresponding layer in the cipher wall;

step S300, carrying out S transformation on each cipher brick in the step S200, and setting the data backflow direction of each cipher brick;

step S400, inputting the result of the conversion of each cipher brick of the corresponding layer in the step S300 into the interwoven layer of the corresponding layer for interweaving conversion;

step S500, judging whether the information to be encrypted traverses each layer of the password wall or not, and outputting the calculation result of the interwoven layer as encryption information when the information to be encrypted is finished; otherwise, inputting the result of the calculation of the interwoven layer to the next round of the password wall, and returning to execute the step S200.

12. A method for decrypting a cryptographic wall, comprising a method for constructing a cryptographic wall according to any one of claims 1 to 8, comprising:

step S100, obtaining information to be decrypted from a server;

step S200, inputting the information to be decrypted into the interwoven layer of the corresponding layer in the password wall;

step S300, performing inverse interleaving transformation on the interleaving layer of the corresponding layer in the step S200, and setting the data backflow direction of each cipher brick of the layer corresponding to the interleaving layer;

step S400, inputting the result of the inverse interleaving transformation in the step S300 into each cipher brick of the cipher brick layer, and performing inverse S transformation;

step S500, judging whether the information to be decrypted traverses each layer of the cipher wall, and outputting the result of the reverse S transformation calculation of the cipher brick as decryption information when the information to be decrypted is finished; otherwise, inputting the result of the reverse S transformation of the cipher brick to the next layer in the cipher wall, and returning to execute the step S200.

13. A construction system capable of executing the construction method of the cipher wall according to any one of claims 1 to 8, comprising:

the information acquisition module is used for acquiring parameter configuration information by the server according to the key information of the user side;

the information distribution module is electrically connected with the information acquisition module, and the server distributes the acquired parameter configuration information to the corresponding parameter components of the password wall; the corresponding parameter parts in the password wall comprise password bricks, data reflux and interwoven layers;

and the server constructs the password wall according to the parameter configuration information configured by the corresponding parameter components in the password wall.

14. The system for constructing a cryptographic wall according to claim 13, wherein the information acquisition module comprises:

the grouping setting submodule is used for carrying out grouping setting according to the key information of the user side;

the initial information generation submodule is electrically connected with the grouping setting submodule, performs multi-round conversion on the key information of the user side after the grouping setting according to a first preset algorithm, and generates initial parameter configuration information;

the initial information transformation submodule is electrically connected with the information generation submodule and generates a multi-element S box according to the initial parameter configuration information;

and the information generation submodule is electrically connected with the initial information conversion submodule and is used for carrying out S conversion according to the multi-element S box and the initial parameter configuration information to generate the parameter configuration information.

15. The system for constructing a cryptographic wall according to claim 13, wherein the information distribution module comprises:

the parameter configuration submodule of the cipher bricks sets the size of the cipher bricks and the number of the cipher bricks according to a first configuration parameter obtained from the parameter configuration information;

the data reflux parameter configuration submodule sets the data information flow direction of the data reflux and the position information in the code wall according to a second configuration parameter obtained from the first configuration parameter;

and the interleaving parameter configuration submodule is used for setting the interleaving parameters of the interleaving layer according to the third configuration parameters obtained from the parameter configuration information.

16. A detection system of a password wall construction system, comprising:

the detection module is used for detecting the generated code wall according to a preset detection rule;

the detection judgment module is electrically connected with the detection module and is used for judging whether the password wall meets a preset detection rule or not;

when the password is not satisfied, regenerating the password wall;

wherein, the preset detection rule comprises:

17. A cryptographic wall encryption system comprising a cryptographic wall encryption method according to claim 11, comprising:

the information to be encrypted acquisition module acquires information to be encrypted from the user side;

the information to be encrypted input module is electrically connected with the information to be encrypted acquisition module and inputs the information to be encrypted into the cipher bricks on the corresponding layer in the cipher wall;

the data backflow direction setting module is electrically connected with the information input module to be encrypted, performs S transformation on each cipher brick in the information input module to be encrypted, and sets the data backflow direction of each cipher brick; (ii) a

The interweaving conversion module is electrically connected with the data backflow direction setting module, and inputs the conversion result of each cipher brick on the corresponding layer in the data backflow direction setting module into the interweaving layer on the corresponding layer for interweaving conversion;

the information processing module to be encrypted is electrically connected with the interweaving conversion module, judges whether the information to be encrypted traverses each layer of the password wall or not, and outputs the calculation result of the interweaving layer as encrypted information when the information to be encrypted is finished; otherwise, inputting the calculation result of the interwoven layer to the next layer in the cipher wall, controlling the information to be encrypted input module, and executing the information to be encrypted to be input to each cipher brick of the corresponding layer in the cipher wall.

18. A decryption system for a cryptographic wall, comprising an encryption method executable by the cryptographic wall of claim 12, comprising:

the information to be decrypted acquiring module acquires the information to be decrypted from the server;

the information to be decrypted input module is electrically connected with the information to be decrypted acquisition module and inputs the information to be decrypted into the interwoven layer of the corresponding layer in the password wall;

the data backflow direction setting module is electrically connected with the information input module to be decrypted, carries out reverse interweaving transformation on the interweaving layer of the corresponding layer in the information input module to be decrypted, and sets the data backflow direction of each cipher brick of the layer corresponding to the interweaving layer;

the reverse S conversion module is electrically connected with the data backflow direction setting module, inputs the result of reverse interweaving conversion in the data backflow direction setting module into each cipher brick of the cipher brick layer, and performs reverse S conversion;

the information processing module to be decrypted is electrically connected with the interweaving transformation reverse module, judges whether the information to be decrypted traverses each layer of the cipher wall, and outputs the result of the reverse S transformation calculation of the cipher brick as decryption information when the information to be decrypted is finished; otherwise, inputting the result of the reverse S conversion of the cipher brick to the next layer in the cipher wall, controlling the information input module to be decrypted, and executing the input of the information to be decrypted to the interwoven layer of the corresponding layer in the cipher wall.