CN109327478B - A secure access method for chaotic physical layer - Google Patents

A secure access method for chaotic physical layer Download PDF

Info

Publication number
CN109327478B
CN109327478B CN201811512186.3A CN201811512186A CN109327478B CN 109327478 B CN109327478 B CN 109327478B CN 201811512186 A CN201811512186 A CN 201811512186A CN 109327478 B CN109327478 B CN 109327478B
Authority
CN
China
Prior art keywords
matrix
data
column
chaotic
partition
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201811512186.3A
Other languages
Chinese (zh)
Other versions
CN109327478A (en
Inventor
张崇富
韦涵瀚
黄欢
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
University of Electronic Science and Technology of China
University of Electronic Science and Technology of China Zhongshan Institute
Original Assignee
University of Electronic Science and Technology of China
University of Electronic Science and Technology of China Zhongshan Institute
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by University of Electronic Science and Technology of China, University of Electronic Science and Technology of China Zhongshan Institute filed Critical University of Electronic Science and Technology of China
Priority to CN201811512186.3A priority Critical patent/CN109327478B/en
Publication of CN109327478A publication Critical patent/CN109327478A/en
Application granted granted Critical
Publication of CN109327478B publication Critical patent/CN109327478B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0464Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload using hop-by-hop encryption, i.e. wherein an intermediate entity decrypts the information and re-encrypts it before forwarding it
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L27/00Modulated-carrier systems
    • H04L27/001Modulated-carrier systems using chaotic signals
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L27/00Modulated-carrier systems
    • H04L27/26Systems using multi-frequency codes
    • H04L27/2601Multicarrier modulation systems
    • H04L27/2614Peak power aspects
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/001Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using chaotic signals
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/002Countermeasures against attacks on cryptographic mechanisms

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a chaotic physical layer secret access method, which comprises the steps of firstly obtaining a data matrix of an OFDM signal, then carrying out partition division on the matrix to obtain two matrixes, respectively encrypting the two matrixes by adopting different methods, then restoring the two encrypted matrixes into one matrix according to a partition division reverse method, carrying out subsequent processing and sending on the matrix by a sending end, analyzing the matrix after receiving sent data by a receiving end to obtain the two matrixes, then carrying out decryption by adopting partition division in the same way, and restoring the two decrypted matrixes into one matrix according to the partition division reverse method, wherein the matrix is the recovered data matrix. The invention adopts information partition encryption, and can effectively improve the communication safety.

Description

一种混沌物理层保密接入方法A secure access method for chaotic physical layer

技术领域technical field

本发明属于接入网通信技术领域,更为具体地讲,涉及一种混沌物理层保密接入方法。The invention belongs to the technical field of access network communication, and more particularly, relates to a chaotic physical layer security access method.

背景技术Background technique

随着“互联网+”战略的持续推进,云计算、大数据、工业互联网等产业的高速发展,更多的数据和用户个人信息变为业务共享资源,推动社会经济全球化进程。但与此同时,各类信息安全事件也呈现大规模爆发态势。中国消费者协会最新发布的

Figure BDA0001901063870000011
显示,参与调查人群中遇到过个人信息泄露情况的人数占比为85.2%。因此,如何保证数据和个人信息在网络上安全地存储、传输、管理与共享成为人们的关注热点问题之一。网络信息安全问题不仅影响着个人,还会涉及到企业的运营管理。自2018年3月起,全球化社交网站Facebook共遭遇了两次大规模的用户数据泄露,近5000万用户的账户遭遇黑客入侵、甚至盗用。此类事件的发生直接导致Facebook股票报价持续下跌及受到英国监管部门处以的罚款,国内的微信、阿里、京东等众多全球性平台公司应引以为戒、提高警惕。
Figure BDA0001901063870000012
报告显示,中国内地与香港的企业在网络安全方面的平均投入高出全球数值的近四分之一,72%的中国内地与香港受访企业表示其针对物联网安全的战略已经就位。此外,网络的开放性给不法分子在网络上传播恐怖、色情、反动、分裂等有害信息提供了便利,直接威胁到国家的政治与国防建设等领域。因此,网络信息安全与保密问题已经引起了国家领导的高度重视。2014年2月,成立中央网络安全和信息化领导小组。2016年3月,将“构建泛在高效的信息网络、强化信息安全保障、全面保障信息系统安全”三大重点任务列入了我国十三五规划的纲要中。2016年11月,全国人民代表大会常务委员会发布了《中华人民共和国网络安全法》以保障网络安全,维护网络空间主权和国家安全、社会公共利益,保护公民、法人和其他组织的合法权益,促进经济社会信息化的健康、安全发展。此后,我国政府还发布了《国家网络空间安全战略》和《网络空间国际合作战略》。With the continuous advancement of the "Internet +" strategy and the rapid development of cloud computing, big data, industrial Internet and other industries, more data and user personal information have become business shared resources, promoting the process of social and economic globalization. But at the same time, various information security incidents are also showing a large-scale outbreak. The latest released by the China Consumers Association
Figure BDA0001901063870000011
It shows that 85.2% of the people who participated in the survey have encountered personal information leakage. Therefore, how to ensure the safe storage, transmission, management and sharing of data and personal information on the network has become one of the hot issues that people pay attention to. Network information security issues not only affect individuals, but also involve the operation and management of enterprises. Since March 2018, the global social networking site Facebook has suffered two large-scale user data leaks, and nearly 50 million user accounts have been hacked or even stolen. The occurrence of such incidents directly led to the continuous decline of Facebook's stock price and the fines imposed by the British regulatory authorities. Many global platform companies such as WeChat, Ali, and JD.com in China should take precautions and be more vigilant.
Figure BDA0001901063870000012
According to the report, companies in mainland China and Hong Kong spend on average nearly a quarter higher on cybersecurity than the global figure, and 72% of companies surveyed in mainland China and Hong Kong say their IoT security strategies are in place. In addition, the openness of the Internet provides convenience for lawbreakers to spread harmful information such as terror, pornography, reaction, and separatism on the Internet, which directly threatens the country's political and national defense construction and other fields. Therefore, the issue of network information security and confidentiality has attracted great attention from national leaders. In February 2014, the Central Network Security and Informatization Leading Group was established. In March 2016, the three key tasks of "building a ubiquitous and efficient information network, strengthening information security, and comprehensively ensuring the security of information systems" were included in the outline of my country's 13th Five-Year Plan. In November 2016, the Standing Committee of the National People's Congress promulgated the Cybersecurity Law of the People's Republic of China to ensure cybersecurity, safeguard cyberspace sovereignty and national security, social and public interests, protect the legitimate rights and interests of citizens, legal persons and other organizations, and promote The healthy and safe development of economic and social informatization. Since then, the Chinese government has also issued the National Cyberspace Security Strategy and the Cyberspace International Cooperation Strategy.

接入网作为网络业务接入的“最后一公里”,量大面广,成为影响网络建设的最重要部分之一。其中,正交频分复用无源光网络(Orthogonal Frequency DivisionMultiplexing Passive Optical Network,OFDM-PON)因其能在时/频域中灵活分配资源、频谱利用率高、对光纤色散具有较强的容忍能力等特点得到了普遍应用,被认为是提供宽带和低成本接入服务的一种很有前途的方式。但由于用户数量庞大、服务交互频繁及PON的广播结构使得信息安全传输面临了巨大挑战。综上所述,对接入网安全问题及其安全性增强技术的研究具有重要的学术价值和社会意义。As the "last mile" of network service access, the access network has a large quantity and a wide range, and has become one of the most important parts affecting network construction. Among them, the Orthogonal Frequency Division Multiplexing Passive Optical Network (OFDM-PON) can flexibly allocate resources in the time/frequency domain, has high spectrum utilization, and has a strong tolerance to fiber dispersion. Features such as capability are widely used and are considered a promising way to provide broadband and low-cost access services. However, due to the huge number of users, frequent service interaction and the broadcast structure of PON, information security transmission faces great challenges. To sum up, the research on access network security and its security enhancement technology has important academic value and social significance.

增强接入网安全性的加密技术通常是在媒体访问控制层和应用层上实现的,其主要思路是在层级协议中添加身份验证和加密标准。虽然有些方法保证了高性能安全通信,但其密钥空间是有限的,且该类方法未对数据的控制信息与表头提供安全保护。相比于上层协议加密方式,物理层加密技术不仅能有效保障控制协议数据的安全性,还能抵御来自接入网底层的攻击。近年来,与混沌技术相关的物理层加密算法激起了研究热潮。混沌技术的遍历性、伪随机性、对初始条件和控制参数的敏感性等特性正好与密码体制的混乱及扩散性质相类似。同时,混沌序列产生方便,数量巨大,可以为隐蔽通信提供更好的实现手段。2018年10月,第十一届国际混沌、分形理论与应用研讨会在中国重庆举行,以“发展混沌分形科学,赋能信息安全产业”为主题,紧扣信息安全发展趋势,助力信息安全产业发展。The encryption technology to enhance the security of the access network is usually implemented at the media access control layer and the application layer. The main idea is to add authentication and encryption standards to the layered protocol. Although some methods guarantee high-performance secure communication, their key space is limited, and these methods do not provide security protection for data control information and headers. Compared with the upper layer protocol encryption method, the physical layer encryption technology can not only effectively ensure the security of the control protocol data, but also resist attacks from the bottom layer of the access network. In recent years, physical layer encryption algorithms related to chaotic technology have stimulated a research upsurge. The ergodicity, pseudo-randomness, sensitivity to initial conditions and control parameters of chaotic technology are just similar to the chaotic and diffusion properties of cryptosystems. At the same time, the generation of chaotic sequences is convenient and the number is huge, which can provide a better means of realizing covert communication. In October 2018, the 11th International Symposium on Chaos, Fractal Theory and Application was held in Chongqing, China. With the theme of "Developing Chaos and Fractal Science, Empowering the Information Security Industry", it closely followed the development trend of information security and helped the information security industry. develop.

选择明文攻击(Chosen Plaintext Attack,CPA)是指攻击者首先选择部分明文并通过加密系统获取相对应的密文,再通过对两者间的关系进行分析和比较等方式来获得相关信息的攻击方式。现有的大多数混沌加密方案都无法抵御选择明文攻击,而可抵御选择明文攻击的方案又存在着运算复杂度较高、性能恶化等缺点。2016年11月,上海交通大学研究团队提出了一种结合输入数据随机特征的动态相位旋转方案,该方案可以抵御选择明文攻击。但在加密与解密过程中,由于重复地使用部分错误的OFDM数据导致数据噪声积累,因而引入1dB的误码率性能恶化。2017年2月,他们利用混沌二进制序列、非线性置换盒和混沌恒幅零自相关矩阵对数据进行加密。该方案抵御选择明文攻击的能力较强,但需要进行多次循环异或操作及生成混沌恒幅零自相关矩阵,运算复杂度较高。Chosen Plaintext Attack (CPA) refers to an attack method in which the attacker first selects part of the plaintext and obtains the corresponding ciphertext through the encryption system, and then obtains the relevant information by analyzing and comparing the relationship between the two. . Most of the existing chaotic encryption schemes cannot resist chosen-plaintext attacks, and the schemes that can resist chosen-plaintext attacks have disadvantages such as high computational complexity and performance degradation. In November 2016, a research team from Shanghai Jiao Tong University proposed a dynamic phase rotation scheme that combines random features of input data, which can resist chosen-plaintext attacks. However, in the process of encryption and decryption, due to the accumulation of data noise due to the repeated use of some wrong OFDM data, the performance degradation of the bit error rate of 1 dB is introduced. In February 2017, they encrypted the data using chaotic binary sequences, nonlinear permutation boxes, and chaotic constant-amplitude zero-autocorrelation matrices. This scheme has a strong ability to resist selected plaintext attacks, but it needs to perform multiple cyclic XOR operations and generate a chaotic constant amplitude zero autocorrelation matrix, and the computational complexity is high.

发明内容SUMMARY OF THE INVENTION

本发明的目的在于克服现有技术的不足,提供一种混沌物理层保密接入方法,采用信息分区加密,可以有效提高通信安全性。The purpose of the present invention is to overcome the deficiencies of the prior art, and to provide a chaotic physical layer security access method, which can effectively improve communication security by adopting information partition encryption.

为实现上述发明目的,本发明混沌物理层保密接入方法包括以下步骤:In order to achieve the above object of the invention, the chaotic physical layer security access method of the present invention comprises the following steps:

S1:将经过QAM调制后的OFDM信号通过子载波分配得到a×b的数据矩阵M,其中a表示一个OFDM信号的子载波数,b表示单个子载波内符号数,a<b;S1: The data matrix M of a×b is obtained by subcarrier allocation of the OFDM signal modulated by QAM, where a represents the number of subcarriers of an OFDM signal, b represents the number of symbols in a single subcarrier, a<b;

S2:对矩阵M进行分区划分,得到矩阵P和矩阵Q,分区划分的具体方法如下:S2: Partition the matrix M to obtain the matrix P and the matrix Q. The specific method of partitioning is as follows:

计算从数据矩阵M中提取的数据总列数c=b-a,从数据矩阵M中按照预定的分区规则提取出c列数据,将c列数据按照在数据矩阵M中的列序号拼接得到a×c的矩阵P,剩余数据按照在数据矩阵M中的列序号拼接得到a×a的矩阵Q;Calculate the total number of columns c=b-a of the data extracted from the data matrix M, extract the data in column c from the data matrix M according to the predetermined partition rule, and splicing the data in the c column according to the column number in the data matrix M to obtain a × c The matrix P of , the remaining data is spliced according to the column number in the data matrix M to obtain a matrix Q of a × a;

S3:基于混沌系统,采用不同方式分别对矩阵P和矩阵Q进行加密,得到加密后的矩阵P′和矩阵Q′;S3: Based on the chaotic system, the matrix P and the matrix Q are encrypted in different ways, and the encrypted matrix P' and matrix Q' are obtained;

S4:按照步骤S2中分区划分的逆向方法,将矩阵P′和矩阵Q′还原成为一个矩阵M′;S4: According to the inverse method of partition division in step S2, the matrix P' and the matrix Q' are restored into a matrix M';

S5:发送端对矩阵M′进行后续处理并发送;S5: The sender performs subsequent processing on the matrix M' and sends it;

S6:接收端接收到发送数据后,解析得到矩阵M′,然后按照步骤S2中的分区划分方法,对矩阵M′进行划分得到矩阵P′和矩阵Q′,然后采用对应的解密方法分别对矩阵P′和矩阵Q′进行解密,得到矩阵P和矩阵Q,然后采用分区划分的逆向方法,还原得到矩阵M。S6: After the receiving end receives the transmitted data, it analyzes and obtains the matrix M', and then divides the matrix M' according to the partitioning method in step S2 to obtain the matrix P' and the matrix Q', and then uses the corresponding decryption method to decipher the matrix respectively. Decrypt P' and matrix Q' to obtain matrix P and matrix Q, and then use the reverse method of partition division to restore matrix M.

本发明混沌物理层保密接入方法,首先得到OFDM信号的数据矩阵,然后对该矩阵进行分区划分得到两个矩阵,采用不同方法分别对两个矩阵进行加密,然后再按照分区划分的逆向方法,将加密后的两个矩阵还原成为一个矩阵,发送端对此矩阵进行后续处理并发送,接收端接收到发送数据后,解析得到矩阵,然后同样采用分区划分得到两个矩阵,然后分别采用对应方法进行解密,再将解密后的两个矩阵按照分区划分的逆向方法还原成为一个矩阵,该矩阵即为恢复得到的数据矩阵。The chaotic physical layer security access method of the present invention firstly obtains the data matrix of the OFDM signal, then partitions the matrix to obtain two matrices, adopts different methods to encrypt the two matrices respectively, and then according to the reverse method of partition division, The two encrypted matrices are restored into one matrix. The sender performs subsequent processing on this matrix and sends it. After the receiver receives the sent data, it parses the matrix to obtain the matrix, and then divides the two matrices by partition to obtain two matrices. Decryption is performed, and then the decrypted two matrices are restored into a matrix according to the reverse method of partition division, and the matrix is the recovered data matrix.

本发明具有以下有益效果:The present invention has the following beneficial effects:

(1)本发明采用数据矩阵分区划分,可以减少信息之间的互相关关系,降低信号峰同相结合的概率,即可降低信号峰均功率比(Peak to Average Power Ratio,PAPR);(1) The present invention adopts the data matrix partition division, which can reduce the cross-correlation relationship between the information, reduce the probability that the signal peaks are combined in the same phase, and can reduce the peak-to-average power ratio (PAPR) of the signal;

(2)本发明通过分区划分与使用两种不同的加密手段进行分开加密,可以增大密钥空间,提高非法攻击者暴力破解的难度;(2) The present invention can increase the key space and improve the difficulty of brute force cracking by illegal attackers by partitioning and using two different encryption means for separate encryption;

(3)本发明可以有效抵御选择明文攻击,攻击者使用该种攻击方式无法破解全部信息,分析如下情景:(3) The present invention can effectively resist the attack of selected plaintext, and the attacker cannot decipher all the information by using this attack method, and the following scenarios are analyzed:

①选择的部分明文只使用一种方法进行加密,攻击者根据所获得的相关信息可获知其加密方法,但无法破译剩余信息,原因在于无法获知数据的分区情况及另一种加密方法;①The selected part of the plaintext is encrypted by only one method. The attacker can know the encryption method according to the relevant information obtained, but cannot decipher the remaining information, because the partition of the data and another encryption method cannot be known;

②选择的部分明文同时使用两种方法进行加密,攻击者获取相关信息的难度增大,即使通过多次分析得到两种加密方法,但依然无法破译剩余信息,原因在于无法获知信息的分区情况;②The selected part of the plaintext is encrypted using two methods at the same time, which increases the difficulty for the attacker to obtain relevant information. Even if the two encryption methods are obtained through multiple analysis, the remaining information cannot be deciphered because the partition of the information cannot be known;

(4)本发明所采用的分区划分方法较为简单,并且本发明的运算复杂度与所选择的两种不同加密手段直接相关,采用性能较好且工作复杂度较低的加密手段可以避免频谱资源利用率的降低,弥补现有技术方案的不足。(4) The partitioning method adopted in the present invention is relatively simple, and the operational complexity of the present invention is directly related to the two different encryption methods selected, and the encryption method with better performance and lower work complexity can avoid spectrum resources. The reduction of the utilization rate makes up for the deficiencies of the existing technical solutions.

附图说明Description of drawings

图1是本发明混沌物理层保密接入方法的具体实施方式流程图;1 is a flow chart of a specific implementation manner of a chaotic physical layer secure access method of the present invention;

图2是本实施例中数据矩阵分区划分的示意图;Fig. 2 is the schematic diagram of data matrix partition division in the present embodiment;

图3是本实施例中数据发送和接收解密的流程图。FIG. 3 is a flow chart of data transmission and reception decryption in this embodiment.

具体实施方式Detailed ways

下面结合附图对本发明的具体实施方式进行描述,以便本领域的技术人员更好地理解本发明。需要特别提醒的是,在以下的描述中,当已知功能和设计的详细描述也许会淡化本发明的主要内容时,这些描述在这里将被忽略。The specific embodiments of the present invention are described below with reference to the accompanying drawings, so that those skilled in the art can better understand the present invention. It should be specially reminded that, in the following description, when the detailed description of known functions and designs may dilute the main content of the present invention, these descriptions will be omitted here.

实施例Example

图1是本发明混沌物理层保密接入方法的具体实施方式流程图。如图1所示,本发明混沌物理层保密接入方法的具体步骤包括:FIG. 1 is a flow chart of a specific implementation manner of a chaotic physical layer secure access method according to the present invention. As shown in Figure 1, the specific steps of the chaotic physical layer security access method of the present invention include:

S101:OFDM信号矩阵化:S101: OFDM signal matrixing:

将经过QAM调制后的OFDM信号通过子载波分配得到a×b的数据矩阵M,其中a表示一个OFDM信号的子载波数,b表示单个子载波内符号数,a<b。也就是将一个OFDM信号表示为一个数据矩阵,每个OFDM符号被看成数据矩阵M中的一个元素。A data matrix M of a×b is obtained by subcarrier allocation of the QAM modulated OFDM signal, where a represents the number of subcarriers of an OFDM signal, b represents the number of symbols in a single subcarrier, a<b. That is, an OFDM signal is represented as a data matrix, and each OFDM symbol is regarded as an element in the data matrix M.

本实施例中以16-QAM调制为例进行说明。在调制方式采用16-QAM时,单个OFDM符号所占比特数为log2(16)=4,因此需要将待发送信号划分为1行a×b×4列的行向量,通过串/并(S/P)转换,将数据由二进制转换为十进制,然后进行16-QAM映射,最后通过子载波分配即可得到数据矩阵M。本实施例中设置a=120,b=200。In this embodiment, 16-QAM modulation is used as an example for description. When the modulation mode adopts 16-QAM, the number of bits occupied by a single OFDM symbol is log 2 (16) = 4, so the signal to be sent needs to be divided into a row vector of 1 row a×b×4 columns, through the serial/parallel ( S/P) conversion, convert the data from binary to decimal, then perform 16-QAM mapping, and finally obtain the data matrix M through subcarrier allocation. In this embodiment, a=120 and b=200 are set.

S102:数据矩阵分区划分:S102: Data matrix partition division:

对数据矩阵M进行分区划分,得到矩阵P和矩阵Q,分区划分的具体方法如下:The data matrix M is partitioned to obtain the matrix P and the matrix Q. The specific method of partitioning is as follows:

计算从数据矩阵M中提取的数据总列数c=b-a,这是为了保证提取后剩余的数据可以组合为方阵。经研究发现,如果提取出的数据总数过小,采用本发明加密方法的实际意义不大,因此优选设置1/5≤c/b≤4/5,也就是b/5≤b-a≤4b/5。从数据矩阵M中按照预定的分区规则提取出c列数据,将c列数据按照在数据矩阵M中的列序号拼接得到a×c的矩阵P,剩余数据按照在数据矩阵M中的列序号拼接得到a×a的矩阵Q。Calculate the total number of columns c=b-a of the data extracted from the data matrix M, this is to ensure that the remaining data after extraction can be combined into a square matrix. It is found through research that if the total number of extracted data is too small, the practical significance of using the encryption method of the present invention is not significant, so it is preferable to set 1/5≤c/b≤4/5, that is, b/5≤b-a≤4b/5 . Extract the data in column c from the data matrix M according to the predetermined partitioning rules, splicing the data in column c according to the column serial number in the data matrix M to obtain a matrix P of a×c, and the remaining data is spliced according to the column serial number in the data matrix M Get an a×a matrix Q.

分区划分的具体方法可以采用相邻分区法、交错分区法和随机分区法,三种方法分别详述如下:The specific method of partition division can be adjacent partition method, staggered partition method and random partition method. The three methods are detailed as follows:

·相邻分区法·Adjacent partition method

令数据矩阵M的分区数量d为参数b和c的公约数。如果分区太多,会导致后续处理的复杂度增加,而太少又难以达到较为理想的技术效果,经研究发现,d的取值范围为4≤d≤12时效果较好。当a=120,b=200时,可知c=80,那么分区数量d的可能取值为4,5,8,10。然后将数据矩阵M按列平均划分为d个分区,每个分区包含e列,显然e=b/d,分别从每个分区的相同位置提取出连续的f列数据,f=c/d,记f列数据的起始列在分区中的列序号为g。由于是连续提取,那么存在e-f+1种提取方法。将提取的c列数据按照在数据矩阵M中的列序号拼接得到a×c的矩阵P,剩余数据按照在数据矩阵M中的列序号拼接得到a×a的矩阵Q。Let the number of partitions d of the data matrix M be the common divisor of the parameters b and c. If there are too many partitions, the complexity of subsequent processing will increase, and if too few partitions, it is difficult to achieve a relatively ideal technical effect. After research, it is found that the value range of d is 4≤d≤12. The effect is better. When a=120 and b=200, it can be known that c=80, then the possible values of the number of partitions d are 4, 5, 8, and 10. Then, the data matrix M is divided into d partitions on average by column, each partition contains e column, obviously e=b/d, and consecutive f columns of data are extracted from the same position of each partition, f=c/d, Note that the column number of the starting column of the data in column f in the partition is g. Since it is continuous extraction, there are e-f+1 extraction methods. The extracted c-column data is spliced according to the column sequence number in the data matrix M to obtain a matrix P of a×c, and the remaining data is spliced according to the column sequence number in the data matrix M to obtain the a×a matrix Q.

本实施例中采用相邻分区法进行分区划分。图2是本实施例中基于相邻分区法进行数据矩阵分区划分的示意图。如图2所示,本实施例中设置分区数量d=10,那么显然e=20,f=8,也就是说,将数据矩阵M均分为10个分区,每个分区中有120行20列数据,任意提取每20列数据中的8列连续数据,可见本实施例中共13种取法。图2中以g=5为例,即8列连续数据的定位是在各个分区中的第5列至第12列。按上述方法进行分区划分,可得到120×80的矩阵P和120×120的矩阵Q。In this embodiment, the adjacent partition method is used for partition division. FIG. 2 is a schematic diagram of partitioning a data matrix based on the adjacent partitioning method in this embodiment. As shown in Figure 2, in this embodiment, the number of partitions is set to d=10, then obviously e=20, f=8, that is to say, the data matrix M is divided into 10 partitions, and each partition has 120 rows of 20 Column data, 8 columns of continuous data in every 20 columns of data are arbitrarily extracted, and it can be seen that there are 13 ways of extraction in this embodiment. In FIG. 2, g=5 is taken as an example, that is, the positioning of the 8-column continuous data is from the 5th column to the 12th column in each partition. By partitioning according to the above method, a matrix P of 120×80 and a matrix Q of 120×120 can be obtained.

·交错分区法· Staggered partition method

将数据矩阵M按列划分为c个分区,其中前c-1个分区的单个分区列数为

Figure BDA0001901063870000062
Figure BDA0001901063870000061
表示向下取整,第c个分区的列数为b-(c-1)d,分别从每个分区的相同位置提取出1列数据,将提取的c列数据按照在数据矩阵M中的列序号拼接得到a×c的矩阵P,剩余数据按照在数据矩阵M中的列序号拼接得到a×a的矩阵Q。若需要将数据矩阵M按列均匀划分为c个分区,可以通过参数设置令b为c的整数倍。Divide the data matrix M into c partitions by column, where the number of single partition columns for the first c-1 partitions is
Figure BDA0001901063870000062
Figure BDA0001901063870000061
Indicates rounding down, the number of columns in the c-th partition is b-(c-1)d, and 1 column of data is extracted from the same position in each partition, and the extracted data in column c is based on the data in the data matrix M. The column number is spliced to obtain a matrix P of a × c, and the remaining data is spliced according to the column number in the data matrix M to obtain a matrix Q of a × a. If the data matrix M needs to be evenly divided into c partitions by column, you can set b to be an integer multiple of c through parameter settings.

·随机分区法·Random partition method

在数据矩阵M中随机地提取c列数据,并记录它们的列序号,将提取的c列数据按照在数据矩阵M中的列序号拼接得到a×c的矩阵P,剩余数据按照在数据矩阵M中的列序号拼接得到a×a的矩阵Q。Randomly extract data in column c from the data matrix M, and record their column serial numbers, splicing the extracted data in column c according to the column serial numbers in the data matrix M to obtain a matrix P of a×c, and the remaining data according to the data matrix M The column numbers in s are concatenated to obtain a matrix Q of a×a.

S103:分区加密:S103: Partition encryption:

采用不同的方法分别对矩阵P和矩阵Q进行加密,得到加密后的矩阵P′和矩阵Q′。The matrix P and the matrix Q are encrypted by different methods, and the encrypted matrix P' and matrix Q' are obtained.

在实际应用时,加密方法可以根据实际需要来选择,本实施例中提出了一种基于混沌的分区加密方法,具体方法为:In practical application, the encryption method can be selected according to actual needs. In this embodiment, a chaos-based partition encryption method is proposed, and the specific method is as follows:

生成4个混沌序列X、Y、Z、U,其中混沌序列X的长度为a,混沌序列Y的长度为c,混沌序列Z和U的长度为a,采用混沌序列X、Y对矩阵P进行加密得到矩阵P′,采用混沌序列Z、U对矩阵Q进行加密得到矩阵Q′。Generate four chaotic sequences X, Y, Z, U, where the length of the chaotic sequence X is a, the length of the chaotic sequence Y is c, and the lengths of the chaotic sequences Z and U are a. The matrix P' is obtained by encryption, and the matrix Q' is obtained by encrypting the matrix Q by using the chaotic sequences Z and U.

混沌序列的生成方法可以根据需要选择,本实施例中采用4D超混沌系统生成混沌序列,在实际中也可以用低维混沌系统运行多次来生成4个混沌序列。4D超混沌系统可以采用如下公式表示:The generation method of the chaotic sequence can be selected as required. In this embodiment, a 4D hyper-chaotic system is used to generate the chaotic sequence. In practice, a low-dimensional chaotic system can also be used to run multiple times to generate 4 chaotic sequences. The 4D hyperchaotic system can be expressed by the following formula:

Figure BDA0001901063870000071
Figure BDA0001901063870000071

其中,γ、μ、ε、

Figure BDA0001901063870000072
δ为产生数字混沌序列的参数,x、y、z、u分别为变量,
Figure BDA0001901063870000073
分别为混沌系统的输出。Among them, γ, μ, ε,
Figure BDA0001901063870000072
δ is the parameter to generate the digital chaotic sequence, x, y, z, u are variables respectively,
Figure BDA0001901063870000073
are the outputs of the chaotic system, respectively.

设定参数确保系统工作于良好的混沌状态中,在本实施例中,输入混沌序列初始值x0、y0、z0、u0,使用MATLAB中的龙格-库塔(Runge-Kutta)算法求解上述微分方程得到混沌序列

Figure BDA0001901063870000074
在混沌序列
Figure BDA0001901063870000075
中截取长度为a的序列作为混沌序列X,在混沌序列
Figure BDA0001901063870000076
中截取长度为c的序列作为混沌序列Y,在混沌序列
Figure BDA0001901063870000077
中截取长度为a的序列作为混沌序列Z,混沌序列
Figure BDA0001901063870000078
中截取长度为a的序列作为混沌序列U。Set parameters to ensure that the system works in a good chaotic state. In this embodiment, input the initial values of chaotic sequence x 0 , y 0 , z 0 , u 0 , and use Runge-Kutta in MATLAB The algorithm solves the above differential equation to get the chaotic sequence
Figure BDA0001901063870000074
in chaotic sequence
Figure BDA0001901063870000075
intercept the sequence of length a as the chaotic sequence X, in the chaotic sequence
Figure BDA0001901063870000076
intercept the sequence of length c as the chaotic sequence Y, in the chaotic sequence
Figure BDA0001901063870000077
intercept the sequence of length a as the chaotic sequence Z, the chaotic sequence
Figure BDA0001901063870000078
The sequence of length a is intercepted as the chaotic sequence U.

就具体的加密方式而言,也可以根据需要进行选择,下面分别对两个矩阵的加密方法进行详细说明。As far as the specific encryption method is concerned, it can also be selected as required, and the encryption methods of the two matrices will be described in detail below.

·矩阵P加密:Matrix P encryption:

分别对混沌序列X、Y中的元素进行排列,得到索引向量

Figure BDA0001901063870000079
Figure BDA00019010638700000710
Figure BDA00019010638700000711
表示排列后序号为i的元素在原混沌序列X中的序号,i=1,2,…,a,
Figure BDA00019010638700000712
表示排列后序号为j的元素在原混沌序列Y中的序号,j=1,2,…,c。采用索引向量DX对矩阵P进行行扰乱,即将第
Figure BDA00019010638700000713
行数据移动至第i行,然后采用索引向量DY对经行扰乱处理后的矩阵进行列扰乱,即将第
Figure BDA00019010638700000714
列数据移动至第j列,得到矩阵P′。Arrange the elements in the chaotic sequence X and Y respectively to get the index vector
Figure BDA0001901063870000079
and
Figure BDA00019010638700000710
Figure BDA00019010638700000711
Indicates the sequence number of the element with sequence number i in the original chaotic sequence X, i=1,2,...,a,
Figure BDA00019010638700000712
Represents the sequence number of the element with sequence number j in the original chaotic sequence Y, j=1,2,...,c. Use the index vector D X to scramble the matrix P, that is, the first
Figure BDA00019010638700000713
The row data is moved to the ith row, and then the index vector D Y is used to perform column scramble on the matrix after row scramble processing.
Figure BDA00019010638700000714
The column data is moved to the jth column, and the matrix P' is obtained.

排列方法可以根据实际需要进行设置,本实施例中采用基于快速排序算法的排列方法。基于快速排序算法的排列方法可以简述如下:首先确定临界点C,数据的中点即临界点C,以此点的值作为排列基准。先不改变临界点C的位置,将小于临界点C的数据放在临界点前面,大于临界点C的数据放在临界点后面,再将临近点C放置序列最前方即完成数据排列。如行序列为{0.8,0.6,0.5,0.1,0.7,0.3},选取0.5为临界点,运用该方案进行扰乱后,序列变为{0.5,0.1,0.3,0.8,0.6,0.7},那么据此得到的索引向量从[1 2 3 4 5 6]变为[34 6 12 5]。假设以此索引向量进行行扰乱,则会将第3行的数据放置于第1行,第4行的数据放置于第2行,以此类推。The arrangement method can be set according to actual needs, and an arrangement method based on a quick sort algorithm is adopted in this embodiment. The arrangement method based on the quick sort algorithm can be briefly described as follows: First, determine the critical point C, the midpoint of the data is the critical point C, and the value of this point is used as the arrangement benchmark. Do not change the position of the critical point C first, place the data smaller than the critical point C in front of the critical point, and place the data larger than the critical point C behind the critical point, and then place the adjacent point C at the front of the sequence to complete the data arrangement. If the row sequence is {0.8, 0.6, 0.5, 0.1, 0.7, 0.3}, and 0.5 is selected as the critical point, after scrambling with this scheme, the sequence becomes {0.5, 0.1, 0.3, 0.8, 0.6, 0.7}, then according to This resulting index vector changes from [1 2 3 4 5 6] to [34 6 12 5]. Assuming row shuffling with this index vector, the data in row 3 is placed in row 1, the data in row 4 is placed in row 2, and so on.

·矩阵Q加密:Matrix Q encryption:

本实施例中对于矩阵Q的加密,采用混沌序列Z、U生成基于离散傅里叶变换(Discrete Fourier Transformation,DFT)的可重构矩阵,对矩阵Q进行预编码实现。For the encryption of the matrix Q in this embodiment, the chaotic sequences Z and U are used to generate a reconfigurable matrix based on discrete Fourier transformation (Discrete Fourier Transformation, DFT), and the matrix Q is implemented by precoding.

设F是a×a的标准DFT矩阵,其表达式如下:Let F be a standard DFT matrix of a × a whose expression is as follows:

Figure BDA0001901063870000081
Figure BDA0001901063870000081

其中,Fα,β表示标准DFT矩阵F的元素,α、β分别表示元素的行序号和列序号,α,β=0,1,…,a-1。Among them, F α, β represent the elements of the standard DFT matrix F, α, β represent the row number and column number of the element, respectively, α, β=0,1,...,a-1.

设F′是a×a的基于DFT的可重构矩阵,其表达式如下:Let F' be a DFT-based reconfigurable matrix of a × a, whose expression is as follows:

Figure BDA0001901063870000082
Figure BDA0001901063870000082

其中,F′α,β表示基于DFT的可重构矩阵F′的元素,Z[α]表示混沌序列Z中的第α个元素,U[β]表示混沌序列U中的第β个元素。Among them, F' α, β represent the elements of the DFT-based reconfigurable matrix F', Z[α] represents the α-th element in the chaotic sequence Z, and U[β] represents the β-th element in the chaotic sequence U.

采用基于DFT的可重构矩阵F′对矩阵Q进行预编码,可以采用如下公式表示:The matrix Q is precoded by the DFT-based reconfigurable matrix F′, which can be expressed by the following formula:

Q′=F′·QQ'=F'·Q

其中,·表示矩阵的点乘。where · represents the dot product of the matrix.

在实际应用中,由于混沌序列Z、U中的元素小数点后位数较多,不易计算,且为了提高元素的随机性,还可以对混沌序列Z、U进行预处理,预处理可以采用公式表示如下:In practical applications, since the elements in the chaotic sequences Z and U have many digits after the decimal point, it is not easy to calculate, and in order to improve the randomness of the elements, the chaotic sequences Z and U can also be preprocessed, and the preprocessing can be expressed by the formula as follows:

Figure BDA0001901063870000083
Figure BDA0001901063870000083

Figure BDA0001901063870000084
Figure BDA0001901063870000084

其中,k表示小数点后的位数,k=1,2,…,K,K根据实际需要设置,ω[α]k表示原始混沌序列Z中第α个元素小数点后第k位数字,υ[β]k表示原始混沌序列U中第β个元素小数点后第k位数字,λk、ρk分别表示混沌序列Z、U进行预处理时对应于小数点后第k位数字的系数,一般来说,λk、ρk均为整数,可根据实际需要设置。Among them, k represents the number of digits after the decimal point, k=1,2,…,K, K is set according to actual needs, ω[α] k represents the kth number after the decimal point of the αth element in the original chaotic sequence Z, υ[ β] k represents the kth digit after the decimal point of the βth element in the original chaotic sequence U, and λ k and ρ k represent the coefficients corresponding to the kth digit after the decimal point when the chaotic sequences Z and U are preprocessed respectively. Generally speaking , λ k and ρ k are integers, which can be set according to actual needs.

S104:加密信息合成:S104: Encrypted information synthesis:

按照步骤S102中分区划分的逆向方法,将矩阵P′和矩阵Q′还原成为一个矩阵M′,该矩阵即为加密后的矩阵。According to the inverse method of partition division in step S102, the matrix P' and the matrix Q' are restored into a matrix M', which is the encrypted matrix.

以本实施例中a=120,b=200,c=80,d=10,e=20,f=8,g=5为例进行说明:将矩阵P′和矩阵Q′分别以列均分的方式分为10个分区,然后以矩阵Q′为基准,将矩阵P′中分区①的8列数据插入矩阵Q′中分区①的第4列与第5列数据之间,以此类推,最后得到加密后的数据矩阵M′。Taking a=120, b=200, c=80, d=10, e=20, f=8, and g=5 in this embodiment as an example for illustration: divide the matrix P' and matrix Q' into equal columns respectively. The method is divided into 10 partitions, and then based on matrix Q', the 8-column data of partition ① in matrix P' is inserted between the 4th and 5th columns of partition ① in matrix Q', and so on. Finally, the encrypted data matrix M' is obtained.

一般来说,可以采用密钥空间的大小来定量评价加密方案的鲁棒性,密钥空间越大,则加密算法抵抗穷举攻击的能力越强。对于本发明而言,不同的分区划分参数d、g会产生不同大小的密钥空间,选定最优d、g值将会得到更大的密钥空间。Generally speaking, the size of the key space can be used to quantitatively evaluate the robustness of the encryption scheme. The larger the key space, the stronger the ability of the encryption algorithm to resist exhaustive attacks. For the present invention, different partition parameters d and g will generate key spaces of different sizes, and selecting optimal d and g values will result in a larger key space.

以本实施例中的参数为例,基于本发明一种混沌物理层保密接入方法所获得的密钥空间大小为13×120!×80!×1015×1015×1015×1015~10379。其中,13表示8列连续数据的取法种数,120!×80!表示矩阵P进行独立的行、列扰乱产生的密钥空间,而每个混沌序列所提供的保守密钥空间为1015。可见,本发明在密钥空间方面具有良好的表现。Taking the parameters in this embodiment as an example, the size of the key space obtained based on a chaotic physical layer security access method of the present invention is 13×120! ×80! ×10 15 ×10 15 ×10 15 ×10 15 to 10 379 . Among them, 13 represents the number of ways to take 8 columns of continuous data, 120! ×80! It represents the key space generated by independent row and column scrambling of matrix P, and the conservative key space provided by each chaotic sequence is 10 15 . It can be seen that the present invention has good performance in key space.

S105:数据发送:S105: Data sending:

发送端对矩阵M′进行后续处理并发送。数据发送的具体处理过程可以根据实际需要进行设置,目前OFDM-PON的常用处理过程如下:The sending end performs subsequent processing on the matrix M' and sends it. The specific processing process of data transmission can be set according to actual needs. At present, the common processing process of OFDM-PON is as follows:

第一步:矩阵M′通过厄米共轭转换得到同样大小的共轭矩阵M″。Step 1: The matrix M' is transformed by Hermitian conjugate to obtain a conjugate matrix M" of the same size.

第二步:将矩阵M′、M″按行排列,即矩阵M′的数据排在前a行,矩阵M″的数据排在后a行,然后填充B-2a行全零数据得到矩阵N。其中,B表示快速傅里叶逆变换(Inverse FastFourier Transform,IFFT)矩阵的行数。此时子载波数由2a扩展到B,使用快速傅里叶逆变换法将OFDM符号矩阵N从频域转换为时域,得到矩阵N′。Step 2: Arrange the matrices M' and M" in rows, that is, the data of the matrix M' is arranged in the first row a, the data of the matrix M" is arranged in the last row a, and then fill the B-2a row with all zero data to obtain the matrix N . Wherein, B represents the number of rows of an Inverse Fast Fourier Transform (IFFT) matrix. At this time, the number of subcarriers is extended from 2a to B, and the OFDM symbol matrix N is converted from the frequency domain to the time domain by using the inverse fast Fourier transform method, and the matrix N' is obtained.

第三步:矩阵N′进行并/串行(P/S)转换后,数据序列变为1行B×b列的行向量。The third step: After the parallel/serial (P/S) conversion of the matrix N', the data sequence becomes a row vector of 1 row B×b column.

第四步:加入循环前缀(Cyclic Prefix,CP)。The fourth step: adding a cyclic prefix (Cyclic Prefix, CP).

S106:接收解密:S106: Receive decryption:

接收端接收到发送数据后,解析得到矩阵M′。解析过程包括去CP、串/并(S/P)转换、快速傅里叶变换(FFT)处理及子载波分配,即可提取得到矩阵M′。然后按照步骤S102中的分区划分方法,对矩阵M′进行划分得到矩阵P′和矩阵Q′。显然,发送端和接收端需要提前共享分区划分及混沌系统的相关参数才能实现解密。然后采用对应的解密方法分别对矩阵P′和矩阵Q′进行解密,得到矩阵P和矩阵Q,然后采用分区划分的逆向方法,还原得到矩阵M。After the receiving end receives the transmitted data, it analyzes and obtains the matrix M'. The analysis process includes de-CP, serial/parallel (S/P) conversion, fast Fourier transform (FFT) processing and sub-carrier allocation, and the matrix M' can be extracted. Then, according to the partitioning method in step S102, the matrix M' is divided to obtain the matrix P' and the matrix Q'. Obviously, the sender and the receiver need to share the partition division and the relevant parameters of the chaotic system in advance to achieve decryption. Then the corresponding decryption method is used to decrypt the matrix P' and the matrix Q' respectively to obtain the matrix P and the matrix Q, and then the reverse method of partition division is used to restore the matrix M.

图3是本实施例中数据发送和接收解密的流程图。如图3所示,矩阵划分、分区加密、矩阵重组即为本发明中对于数据矩阵分区划分和加密过程,矩阵划分、分区解密、矩阵重组即为本发明中数据解密过程。FIG. 3 is a flow chart of data transmission and reception decryption in this embodiment. As shown in Figure 3, matrix division, partition encryption, and matrix reorganization are the process of data matrix partition division and encryption in the present invention, and matrix division, partition decryption, and matrix reorganization are the data decryption process in the present invention.

就本实施例中采用的基于混沌的加密方法而言,在解密时采用相同的混沌系统和混沌序列初始值生成4个混沌序列X、Y、Z、U,然后分别对混沌序列X、Y中的元素进行排列,得到两个索引向量,根据索引向量对矩阵P′进行行扰乱、列扰乱的恢复。如根据混沌序列X得到行索引向量为[3 4 6 1 2 5],即代表着现矩阵P′中第1行的数据应位于原矩阵P中的第3行,现矩阵P′中第2行的数据应位于原矩阵P中的第4行,以此类推。As far as the encryption method based on chaos adopted in this embodiment is concerned, the same chaotic system and initial value of chaotic sequence are used to generate 4 chaotic sequences X, Y, Z, U during decryption, and then the chaotic sequences X and Y are respectively analyzed. Arrange the elements of , to obtain two index vectors, and recover the row and column disturbances of the matrix P' according to the index vectors. If the row index vector obtained according to the chaotic sequence X is [3 4 6 1 2 5], it means that the data in the first row in the current matrix P' should be located in the third row in the original matrix P, and the second row in the current matrix P' The data for the row should be in row 4 in the original matrix P, and so on.

然后采用混沌序列Z、U生成矩阵F″,其表达式如下:Then the chaotic sequence Z, U is used to generate the matrix F", and its expression is as follows:

Figure BDA0001901063870000101
Figure BDA0001901063870000101

其中,F″α,β表示矩阵F″的元素。F″·F′=E,E表示单位矩阵。Among them, F″ α, β represent the elements of the matrix F″. F"·F'=E, where E represents the identity matrix.

解密过程是将经过矩阵F′预编码的方阵Q′与矩阵F″进行点乘,解密的表达式如下:The decryption process is to multiply the square matrix Q' precoded by the matrix F' with the matrix F". The decryption expression is as follows:

F″·Q′=F″·F′·Q=QF″·Q′=F″·F′·Q=Q

尽管上面对本发明说明性的具体实施方式进行了描述,以便于本技术领域的技术人员理解本发明,但应该清楚,本发明不限于具体实施方式的范围,对本技术领域的普通技术人员来讲,只要各种变化在所附的权利要求限定和确定的本发明的精神和范围内,这些变化是显而易见的,一切利用本发明构思的发明创造均在保护之列。Although the illustrative specific embodiments of the present invention have been described above to facilitate the understanding of the present invention by those skilled in the art, it should be clear that the present invention is not limited to the scope of the specific embodiments. For those skilled in the art, As long as various changes are within the spirit and scope of the present invention as defined and determined by the appended claims, these changes are obvious, and all inventions and creations utilizing the inventive concept are included in the protection list.

Claims (6)

1.一种混沌物理层保密接入方法,其特征在于,包括以下步骤:1. a chaotic physical layer security access method, is characterized in that, comprises the following steps: S1:将经过QAM调制后的OFDM信号通过子载波分配得到a×b的数据矩阵M,其中a表示一个OFDM信号的子载波数,b表示单个子载波内符号数,a<b;S1: The data matrix M of a×b is obtained by subcarrier allocation of the OFDM signal modulated by QAM, where a represents the number of subcarriers of an OFDM signal, b represents the number of symbols in a single subcarrier, a<b; S2:对矩阵M进行分区划分,得到矩阵P和矩阵Q,分区划分的具体方法如下:S2: Partition the matrix M to obtain the matrix P and the matrix Q. The specific method of partitioning is as follows: 计算从数据矩阵M中提取的数据总列数c=b-a,从数据矩阵M中按照预定的分区规则提取出c列数据,将c列数据按照在数据矩阵M中的列序号拼接得到a×c的矩阵P,剩余数据按照在数据矩阵M中的列序号拼接得到a×a的矩阵Q;Calculate the total number of columns c=b-a of the data extracted from the data matrix M, extract the data in column c from the data matrix M according to the predetermined partition rule, and splicing the data in the c column according to the column number in the data matrix M to obtain a × c The matrix P of , the remaining data is spliced according to the column number in the data matrix M to obtain a matrix Q of a × a; S3:基于混沌系统,采用不同方式分别对矩阵P和矩阵Q进行加密,得到加密后的矩阵P′和矩阵Q′;所述矩阵P和矩阵Q的加密方法如下:S3: Based on the chaotic system, the matrix P and the matrix Q are encrypted in different ways to obtain the encrypted matrix P' and the matrix Q'; the encryption methods of the matrix P and the matrix Q are as follows: 生成4个混沌序列X、Y、Z、U,其中混沌序列X的长度为a,混沌序列Y的长度为c,混沌序列Z和U的长度为a,采用混沌序列X、Y对矩阵P进行加密得到矩阵P′,采用混沌序列Z、U对矩阵Q进行加密得到矩阵Q′;Generate four chaotic sequences X, Y, Z, U, where the length of the chaotic sequence X is a, the length of the chaotic sequence Y is c, and the lengths of the chaotic sequences Z and U are a. The matrix P' is obtained by encryption, and the matrix Q is encrypted by using the chaotic sequences Z and U to obtain the matrix Q'; 其中,矩阵P的加密方法如下:分别对混沌序列X、Y中的元素进行排列,得到索引向量
Figure FDA0002679855730000011
Figure FDA0002679855730000012
Figure FDA0002679855730000013
表示排列后序号为i的元素在原混沌序列X中的序号,i=1,2,…,a,
Figure FDA0002679855730000014
表示排列后序号为j的元素在原混沌序列X中的序号,j=1,2,…,c;采用索引向量DX对矩阵P进行行扰乱,即将第
Figure FDA0002679855730000015
行数据移动至第i行,然后采用索引向量DY对经行扰乱处理后的矩阵进行列扰乱,即将第
Figure FDA0002679855730000016
列数据移动至第j列,得到矩阵P′;Among them, the encryption method of the matrix P is as follows: Arrange the elements in the chaotic sequences X and Y respectively to obtain the index vector
Figure FDA0002679855730000011
and
Figure FDA0002679855730000012
Figure FDA0002679855730000013
Indicates the sequence number of the element with sequence number i in the original chaotic sequence X, i=1,2,...,a,
Figure FDA0002679855730000014
Represents the sequence number of the element with sequence number j in the original chaotic sequence X after arrangement, j=1,2,...,c; the matrix P is scrambled by the index vector D X , that is, the first
Figure FDA0002679855730000015
The row data is moved to the ith row, and then the index vector D Y is used to perform column scramble on the matrix after row scramble processing.
Figure FDA0002679855730000016
The column data is moved to the jth column, and the matrix P' is obtained; 矩阵Q的加密方法如下:The encryption method of matrix Q is as follows: 首先对混沌序列Z、U采用以下方法进行预处理:First, the chaotic sequences Z and U are preprocessed by the following methods:
Figure FDA0002679855730000017
Figure FDA0002679855730000017
Figure FDA0002679855730000018
Figure FDA0002679855730000018
 其中,k表示小数点后的位数,k=1,2,…,K,K根据实际需要设置,ω[α]k表示原始混沌序列Z中第α个元素小数点后第k位数字,υ[β]k表示原始混沌序列U中第β个元素小数点后第k位数字,λk、ρk分别表示混沌序列Z、U进行预处理时对应于小数点后第k位数字的系数;Among them, k represents the number of digits after the decimal point, k=1,2,…,K, K is set according to actual needs, ω[α] k represents the kth number after the decimal point of the αth element in the original chaotic sequence Z, υ[ β] k represents the kth digit after the decimal point of the βth element in the original chaotic sequence U, and λ k and ρ k represent the coefficients corresponding to the kth digit after the decimal point when the chaotic sequences Z and U are preprocessed respectively; 采用混沌序列Z、U生成基于DFT的可重构矩阵F′,其表达式为:The chaotic sequence Z, U is used to generate a DFT-based reconfigurable matrix F', and its expression is:
Figure FDA0002679855730000021
Figure FDA0002679855730000021
 其中,F′α,β表示基于DFT的可重构矩阵F′的元素,α、β分别表示元素的行序号和列序号,α,β=0,1,…,a-1,Z[α]表示混沌序列Z中的第α个元素,U[β]表示混沌序列U中的第β个元素;Among them, F' α, β represent the elements of the DFT-based reconfigurable matrix F', α, β represent the row number and column number of the element, respectively, α, β=0,1,...,a-1, Z[α ] represents the αth element in the chaotic sequence Z, and U[β] represents the βth element in the chaotic sequence U; 采用以下公式计算得到矩阵Q′:The matrix Q' is calculated by the following formula: Q′=F′·QQ'=F'·Q S4:按照步骤S2中分区划分的逆向方法,将矩阵P′和矩阵Q′还原成为一个矩阵M′;S4: According to the inverse method of partition division in step S2, the matrix P' and the matrix Q' are restored into a matrix M'; S5:发送端对矩阵M′进行后续处理并发送;S5: The sender performs subsequent processing on the matrix M' and sends it; S6:接收端接收到发送数据后,解析得到矩阵M′,然后按照步骤S2中的分区划分方法,对矩阵M′进行划分得到矩阵P′和矩阵Q′,然后采用对应的解密方法分别对矩阵P′和矩阵Q′进行解密,得到矩阵P和矩阵Q,然后采用分区划分的逆向方法,还原得到矩阵M。S6: After the receiving end receives the transmitted data, it analyzes and obtains the matrix M', and then divides the matrix M' according to the partitioning method in step S2 to obtain the matrix P' and the matrix Q', and then uses the corresponding decryption method to decipher the matrix respectively. Decrypt P' and matrix Q' to obtain matrix P and matrix Q, and then use the reverse method of partition division to restore matrix M. 2.根据权利要求1所述的混沌物理层保密接入方法,其特征在于,所述参数a、b满足以下关系b/5≤b-a≤4b/5。2 . The chaotic physical layer secure access method according to claim 1 , wherein the parameters a and b satisfy the following relationship: b/5≤b-a≤4b/5. 3 . 3.根据权利要求1所述的混沌物理层保密接入方法,其特征在于,所述步骤S2中分区划分采用相邻分区法,具体方法为:令数据矩阵M的分区数量d为参数b和c的公约数,将数据矩阵M按列平均划分为d个分区,分别从每个分区的相同位置提取出连续的f列数据,f=c/d,记f列数据的起始列在分区中的列序号为g,将提取的c列数据按照在数据矩阵M中的列序号拼接得到a×c的矩阵P,剩余数据按照在数据矩阵M中的列序号拼接得到a×a的矩阵Q。3. chaotic physical layer security access method according to claim 1, is characterized in that, in described step S2, partition is divided and adopts adjacent partition method, and concrete method is: make the number of partitions d of data matrix M be parameter b and The common divisor of c, the data matrix M is divided into d partitions on average by column, and the continuous f-column data is extracted from the same position in each partition, f=c/d, and the starting column of the f-column data is in the partition. The column serial number in the data matrix is g, and the extracted data in column c is spliced according to the column serial number in the data matrix M to obtain a matrix P of a × c, and the remaining data is spliced according to the column serial number in the data matrix M to obtain a matrix Q of a × a . 4.根据权利要求1所述的混沌物理层保密接入方法,其特征在于,所述步骤S2中分区划分采用交错分区法,具体方法为:将数据矩阵M按列划分为c个分区,其中前c-1个分区的单个分区的列数为
Figure FDA0002679855730000022
Figure FDA0002679855730000023
表示向下取整,第c个分区的列数为b-(c-1)d,分别从每个分区的相同位置提取出1列数据,将提取的c列数据按照在数据矩阵M中的列序号拼接得到a×c的矩阵P,剩余数据按照在数据矩阵M中的列序号拼接得到a×a的矩阵Q。4. The chaotic physical layer security access method according to claim 1, characterized in that, in the step S2, the partition division adopts the staggered partition method, and the specific method is: the data matrix M is divided into c partitions by column, wherein The number of columns for a single partition of the first c-1 partitions is
Figure FDA0002679855730000022
Figure FDA0002679855730000023
Indicates rounding down, the number of columns in the c-th partition is b-(c-1)d, and 1 column of data is extracted from the same position in each partition, and the extracted data in column c is based on the data in the data matrix M. The column number is spliced to obtain a matrix P of a × c, and the remaining data is spliced according to the column number in the data matrix M to obtain a matrix Q of a × a. 5.根据权利要求1所述的混沌物理层保密接入方法,其特征在于,所述步骤S2中分区划分采用随机分区法,具体方法为:在数据矩阵M中随机地提取c列数据,并记录它们的列序号,将提取的c列数据按照在数据矩阵M中的列序号拼接得到a×c的矩阵P,剩余数据按照在数据矩阵M中的列序号拼接得到a×a的矩阵Q。5. The chaotic physical layer security access method according to claim 1, wherein in the step S2, the partitioning adopts a random partitioning method, and the specific method is: randomly extracting the data of column c in the data matrix M, and Record their column numbers, splicing the extracted c-column data according to the column numbers in the data matrix M to obtain an a×c matrix P, and splicing the remaining data according to the column numbers in the data matrix M to obtain a×a matrix Q. 6.根据权利要求1所述的混沌物理层保密接入方法,其特征在于,所述4个混沌序列采用4D超混沌系统生成。6. The chaotic physical layer security access method according to claim 1, wherein the 4 chaotic sequences are generated by using a 4D hyperchaotic system.
CN201811512186.3A 2018-12-11 2018-12-11 A secure access method for chaotic physical layer Expired - Fee Related CN109327478B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811512186.3A CN109327478B (en) 2018-12-11 2018-12-11 A secure access method for chaotic physical layer

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811512186.3A CN109327478B (en) 2018-12-11 2018-12-11 A secure access method for chaotic physical layer

Publications (2)

Publication Number Publication Date
CN109327478A CN109327478A (en) 2019-02-12
CN109327478B true CN109327478B (en) 2020-11-20

Family

ID=65256148

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811512186.3A Expired - Fee Related CN109327478B (en) 2018-12-11 2018-12-11 A secure access method for chaotic physical layer

Country Status (1)

Country Link
CN (1) CN109327478B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111447054B (en) * 2020-05-28 2021-05-14 北京邮电大学 FBMC passive optical network physical layer encryption method and device based on five-dimensional hyperchaos

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103401674A (en) * 2013-06-21 2013-11-20 电子科技大学 Encryption method for broadband access network
US8645678B2 (en) * 2011-12-19 2014-02-04 Khalifa University of Science, Technology & Research (KUSTAR) Chaotic cryptography for OFDM based communications systems
CN105933103A (en) * 2016-04-28 2016-09-07 上海交通大学 Light DFT-S-OFDM secure transmission system based on digital chaos
CN107360479A (en) * 2017-07-17 2017-11-17 电子科技大学 A kind of encryption method of multiple access access EPON
CN107949997A (en) * 2015-04-30 2018-04-20 法国矿业电信学校联盟 Space Time Coding for communication system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8645678B2 (en) * 2011-12-19 2014-02-04 Khalifa University of Science, Technology & Research (KUSTAR) Chaotic cryptography for OFDM based communications systems
CN103401674A (en) * 2013-06-21 2013-11-20 电子科技大学 Encryption method for broadband access network
CN107949997A (en) * 2015-04-30 2018-04-20 法国矿业电信学校联盟 Space Time Coding for communication system
CN105933103A (en) * 2016-04-28 2016-09-07 上海交通大学 Light DFT-S-OFDM secure transmission system based on digital chaos
CN107360479A (en) * 2017-07-17 2017-11-17 电子科技大学 A kind of encryption method of multiple access access EPON

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
"OFDM-PON系统中基于混沌映射的密钥保护和PAPR降低的加密算法";陈瑞兰 等;《光电子·激光》;20181115;全文 *
"光接入网络的安全性及其增强技术研究";张位;《中国博士学位论文全文数据库-信息科技辑》;20180215;全文 *
Xiaosong Fu 等."A chaotic modified-DFT encryption scheme for physical layer security and PAPR reduction in OFDM-PON".《Optical Fiber Technology》.2018, *

Also Published As

Publication number Publication date
CN109327478A (en) 2019-02-12

Similar Documents

Publication Publication Date Title
Zhang An overview and analysis of hybrid encryption: the combination of symmetric encryption and asymmetric encryption
Qiu et al. A user-centric data protection method for cloud storage based on invertible DWT
Ganapathy A secured storage and privacy-preserving model using CRT for providing security on cloud and IoT-based applications
CN110851845B (en) Full homomorphic data encapsulation method for lightweight single-user multi-data
Siahaan An overview of the RC4 algorithm
CN112737764B (en) Lightweight multi-user multi-data all-homomorphic data encryption packaging method
Mohamed et al. Hybrid cryptographic approach for internet ofhybrid cryptographic approach for internet ofthings applications: A review
CN104917617A (en) Confounding method of encrypted group signatures
Mousavi et al. Security of Internet of Things using RC4 and ECC algorithms (case study: smart irrigation systems)
CN105846947A (en) Physical layer encryption method introducing Latin array
Mishra et al. A compendium over cloud computing cryptographic algorithms and security issues
Abusukhon et al. Secure network communication based on text-to-image encryption
Prajapati et al. Comparative analysis of DES, AES, RSA encryption algorithms
Azougaghe et al. An efficient algorithm for data security in cloud storage
CN107645488A (en) Web data storage and data transmission method based on U-shield
Sultana et al. Keyless lightweight encipher using homomorphic and binomial coefficients for smart computing applications
CN109327478B (en) A secure access method for chaotic physical layer
Thapar et al. A study of data threats and the role of cryptography algorithms
Mateescu et al. A hybrid approach of system security for small and medium enterprises: Combining different cryptography techniques
Ni et al. PHY‐Aided Secure Communication via Weighted Fractional Fourier Transform
WO2016124469A1 (en) System and method for performing block cipher cryptography by implementing a mixer function that includes a substitution-box and a linear transformation using a lookup-table
Nagaraj et al. Image security using ECC approach
Siva et al. Hybrid cryptography security in public cloud using TwoFish and ECC algorithm
Yassir et al. Hybrid Image Encryption Technique for Securing Color Images Transmitted Over Cloud Networks.
Acharya et al. Encryption and decryption of informative image by key image using modified Hill cipher technique based on non-invertible matrices

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20201120