CN111934864B - Secret Communication Method Based on Key Fusion Transform - Google Patents
Secret Communication Method Based on Key Fusion Transform Download PDFInfo
- Publication number
- CN111934864B CN111934864B CN202010816358.7A CN202010816358A CN111934864B CN 111934864 B CN111934864 B CN 111934864B CN 202010816358 A CN202010816358 A CN 202010816358A CN 111934864 B CN111934864 B CN 111934864B
- Authority
- CN
- China
- Prior art keywords
- key
- kft
- fusion transformation
- fusion
- function
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 230000004927 fusion Effects 0.000 title claims abstract description 60
- 238000000034 method Methods 0.000 title claims abstract description 42
- 230000006854 communication Effects 0.000 title claims abstract description 30
- 238000004891 communication Methods 0.000 title claims abstract description 28
- 230000009466 transformation Effects 0.000 claims abstract description 55
- 230000007246 mechanism Effects 0.000 claims abstract description 26
- 230000008569 process Effects 0.000 claims abstract description 12
- 230000005540 biological transmission Effects 0.000 claims abstract description 6
- 238000005070 sampling Methods 0.000 claims description 6
- 238000013507 mapping Methods 0.000 claims description 5
- 238000004422 calculation algorithm Methods 0.000 description 6
- 238000010586 diagram Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 4
- 238000011161 development Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000011160 research Methods 0.000 description 2
- 238000012360 testing method Methods 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 230000003321 amplification Effects 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 238000013459 approach Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 230000001010 compromised effect Effects 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 125000004122 cyclic group Chemical group 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000000605 extraction Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000003199 nucleic acid amplification method Methods 0.000 description 1
- IMBHGOLFXVHBMC-UHFFFAOYSA-N potassium;fluorosulfonyl(trifluoromethylsulfonyl)azanide Chemical compound [K+].FC(F)(F)S(=O)(=O)[N-]S(F)(=O)=O IMBHGOLFXVHBMC-UHFFFAOYSA-N 0.000 description 1
- 238000013139 quantization Methods 0.000 description 1
- 238000000844 transformation Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/002—Countermeasures against attacks on cryptographic mechanisms
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
本发明公开基于密钥熔合变换的秘密通信方法,应用于通信领域,针对现有安全编码方法存在密钥易泄露的问题,本发明方法通过将原有密钥替换为密钥熔合变换的输出,从而大大降低单个密钥泄露对信息安全状态的影响;本发明采用的数据传输系统,包括:信源、信道以及信宿,信源与信宿基于密钥生成机制,如物理层密钥生成机制,产生一系列共享的密钥序列;信源利用熔合变换对密钥序列进行处理,然后用其输出结果作为临时密钥对消息进行加密编码,并发送密文给信宿;信宿同样利用熔合变换的结果作为临时密钥对消息进行解码得到明文;由于密钥熔合变换保护了单个密钥的随机性,因而,能够显著降低保密中断概率。
The invention discloses a secret communication method based on key fusion transformation, which is applied to the field of communication. In view of the problem that the key is easily leaked in the existing security coding method, the method of the invention replaces the original key with the output of the key fusion transformation, Thereby, the influence of a single key leak on the information security state is greatly reduced; the data transmission system adopted by the present invention includes: a source, a channel and a sink. The source and sink are based on a key generation mechanism, such as a physical layer key generation mechanism, to generate A series of shared key sequences; the source uses the fusion transform to process the key sequence, and then uses the output result as a temporary key to encrypt and encode the message, and sends the ciphertext to the sink; the sink also uses the result of the fusion transformation as The temporary key decodes the message to obtain the plaintext; since the key fusion transform protects the randomness of a single key, the probability of breaking confidentiality can be significantly reduced.
Description
Technical Field
The invention belongs to the field of communication, and particularly relates to a secret communication technology.
Background
In an existing communication network, in order to avoid leakage or eavesdropping of sensitive data in a communication transmission process, data is usually encrypted by adopting a public key encryption, symmetric encryption and other security coding methods and then transmitted in a channel, however, with the development of a quantum computer, the traditional security coding methods all face the danger of being cracked. Although post-quantum cryptography, quantum cryptography and the like have the potential of resisting quantum computer attacks, the challenges of overlarge computational overhead, time delay and the like exist, so that resistance exists in the general popularization of the post-quantum cryptography, the quantum cryptography and the like. The existing cryptography methods comprise a public key encryption system, symmetric encryption, post-quantum encryption, homomorphic encryption and the like, and the effectiveness of the existing cryptography methods depends on the privacy of a secret key, so that the problem of secret key exposure is mostly faced.
Currently, there are a large number of key generation mechanisms, including physical layer key generation mechanism (PLKG) -based key cryptography (e.g., grid-based cryptography, quantum cryptography, or quantum key distribution), but there is a problem that the key may be leaked during the key generation, distribution, or storage process. Physical layer key generation is a promising wireless security technique that exploits the inherent characteristics of the wireless channel to generate shared keys for legitimate users. Especially, the development of 5G and the related technology thereof enables the physical layer key generation technology to have more application scenes. For example, massive MIMO-based beamforming, employed in the 5G standard, may enable higher radio frequency directivity, which may be utilized to defend against co-located eavesdropping during key generation. But theoretically the physical layer key generation mechanism can only work safely if there is no eavesdropper within half the wavelength radius of the legitimate user. Moreover, the concealment and unpredictability of eavesdropping behavior makes it difficult to locate the eavesdropper, and thus the key exposure problem cannot be completely avoided. In general, the key exposure problem can be expressed as a single attack or continuous leakage model, and the existing main countermeasure is to update the key with the potential leakage problem with a fresh key at a high frequency, but this wastes a large amount of valuable entropy resources.
Disclosure of Invention
In order to solve the technical problem, the invention provides a secret communication method based on key fusion transformation, which replaces the original key with the output of the key fusion transformation, thereby greatly reducing the influence of single key leakage on the information security state.
The technical scheme adopted by the invention is as follows: secret communication method based on key fusion transformation, and data transmission system adopted by the secret communication method comprises: the system comprises an information source, a channel and an information sink, wherein the information source and the information sink generate a series of shared key sequences based on a key generation mechanism; the information source and the information sink utilize the same fusion transformation to process the key sequence, then the information source uses the output result of the fusion transformation as a temporary key to encrypt and encode the message, and sends a ciphertext to the information sink; the sink decodes the message with the output of the fused transform as a temporary key to obtain plaintext.
The fused transform corresponds to a function that receives a sequence of keys as input, outputs a new key as a temporary key, and the minimum entropy of the temporary key is always greater than or equal to the minimum entropy of any input key. The key sequence with length w is X1,X2,...,XwIf the keys are independent of each other, a function KFT that always satisfies the condition (0,1)n×(0,1)n×...×(0,1)n→(0,1)nReferred to as key fusion transformation.
H∞(KFT(X1,X2,...,Xw))≥H∞(Xi),i=1,2,...,w
Where n is the key bit length, (0,1)nIs the value space of the key, H∞(X) represents the minimum entropy of X, also called key entropy, and is calculated as:
where min denotes the minimum value, X ← X denotes randomly sampling one X from a random variable X, log is a logarithmic function, and Pr [ X ═ X ] denotes the probability of sampling X from X.
In the secret communication method based on the key fusion transformation, the keys in the key sequence can be generated by one or more key generation mechanisms, and the key generation mechanisms work in a mode meeting the following assumed conditions of an ideal model:
t1: each generated key is a random variable extracted from an (n; l) -key source;
t2: the keys are independent of each other;
t3: if H is present∞(X) ≧ l, then the symmetric encryption used for encryption and decryption is absolutely secure.
Wherein, T1 regards each key as a random variable, where n is the key length, l is the security threshold, and the closer l is to n, the better the randomness of the key. For an (n; l) -key source, if key X is revealed to an eavesdropper, it is equivalent to H∞(X)<l; otherwise, H∞(X) is not less than l. Whereas T2 is reasonable in that almost all key generation mechanisms, such as PLKG, related research work requires testing the statistical independence of keys. It is generally considered that a symmetric encryption algorithm, such as AES, is strong enough to even resist attack by a quantum computer as long as the key length is large enough, and therefore T3 is also a reasonable assumption.
The invention has the beneficial effects that: aiming at the problem that the existing security coding method has the key easy to leak, the secret communication method based on the key fusion transformation provided by the invention processes a plurality of keys to protect the privacy of a single key by using the key fusion transformation; the method has compatibility with various existing key generation mechanisms, such as PLKG, can greatly reduce the probability of secret interruption, has wide universality and has great application potential in secret data communication occasions.
Drawings
FIG. 1 is a schematic diagram of the working process of the secret communication method based on the key fusion transformation provided by the present invention;
fig. 2 is a schematic diagram of a typical key leakage scenario of the PLKG provided in the present invention;
FIG. 3 is a schematic diagram illustrating the correctness and validity of a fused transform using a 2-bit key verification key provided by the present invention;
fig. 4 is a numerical result of the key fusion transformation provided by the present invention significantly reducing the probability of privacy disruption.
Detailed Description
In order to facilitate the understanding of the technical contents of the present invention by those skilled in the art, the present invention will be further explained with reference to the accompanying drawings.
The invention provides a secret communication method based on key fusion transformation, a data transmission system, comprising: the system comprises an information source, a channel and an information sink, wherein the information source and the information sink generate a series of key sequences shared by both parties based on one or more key generation mechanisms; the information source processes the key sequence by fusion transformation, then uses the output result as a temporary key to encrypt and encode the message, and sends the ciphertext to the information sink; the sink decodes the message to obtain plaintext, again using the result of the fused transform as a temporary key. Since the key fusion transformation protects the randomness of the individual keys, the probability of privacy disruption can be significantly reduced. The key generation mechanism includes: based on physical layer key generation mechanisms, public key cryptography (e.g., trellis-based cryptography, quantum cryptography, or quantum key distribution, etc.). (e.g., physical-layer key generation, PLKG)
The keys in the key sequence of the present invention may be generated by various key generation algorithms. Using the common physical layer key generation mechanism PLKG (physical layer cipher) in the fieldA Key generation mechanism, physical-layer Key generation) as an example, in an implementation manner of managing Key sequences at an information source and an information sink, a Key fusion Transformation sliding window (KFT sliding window, Key-Fusing Transformation) is respectively set in each system, and a specific implementation manner is that the information source and the information sink respectively maintain a first-in first-out queue data structure, the window can continuously slide or slide once per m keys (m is less than or equal to w), the window length w can be preset, w is an integer, and the value range is 1 to infinity; the larger w is, the higher the security level is, but the calculation, storage and synchronization overhead is increased; the source and the sink select a same key fusion transformation, the fusion transformation is a special function called KFT (), and the KFT () is characterized in that: a key sequence is received, a new key, called a temporary key, is output, and the minimum entropy (also called key entropy) of the output key is always greater than or equal to the minimum entropy of any input key. The key can be viewed as a random variable X e (0,1)nIts minimum entropy is defined as:
where min denotes the minimum value, X ← X denotes randomly sampling X from X, log is a logarithmic function, and Pr [ X ═ X]Representing the probability of sampling X from X,
the expression is defined as∞(X) is defined as
The specific working process of the present invention is described below by taking the implementation mode based on PLKG as an example:
s1, managing shared key sequence generated by PLKG by first-in first-out queue structure
S11, adopting PLKG between the information source and the information sink, and extracting the key shared by the two parties by using the unique characteristics of the wireless channel;
and S12, the source and the sink respectively store the generated keys into own KFT sliding windows.
S2, the source processes the key sequence based on the key fusion transformation KFT for encrypting the message
S21, the signal source takes the key sequence in the KFT sliding window as input, calls a KFT function and generates a temporary key;
s22, the source encrypts and encodes the plaintext with the temporary key, and then transmits the output ciphertext to the sink.
S3, the source processes the key sequence based on the key fusion transformation KFT for decrypting the message
S31, the signal sink takes the key sequence in the KFT sliding window as input, calls a KFT function and generates a temporary key;
s32, the sink decrypts the received message by the temporary key to obtain the plaintext.
Fig. 1 shows a work flow diagram of a secret communication method based on key fusion transformation. Under the mechanism of PLKG, the source and the sink can acquire a series of keys by performing 5 steps of channel exploration, random sequence extraction, quantization, information coordination and privacy amplification. Before the keys are used for encryption/decryption, key fusion transformation is carried out on the keys by calling a KFT () function so as to promote key entropy as much as possible and further improve the safety of a data transmission system.
The key fusion transformation can be regarded as a special multivariate function called KFT (), and the KFT () is characterized in that: receiving a key sequence, a new key, called a temporary key, is output, and the minimum entropy (also called key entropy) of the output key is always greater than or equal to the minimum entropy of any input key. The key sequence with length w is X1,X2,...,XwThen, a function KFT (0,1) satisfying the following conditionn×(0,1)n×...×(0,1)n→(0,1)nReferred to as key fusion transformation.
H∞(KFT(X1,X2,...,Xw))≥H∞(Xi),i=1,2,...,w
→ is the function mapping notation for function definition, front is the definition domain and back is the value domain.
The key fusion transformation is a multivariate function and can be realized by iteration of a binary KFT function, and the specific realization mode is that two keys are taken according to any specified sequence for a key sequence with the length of w, binary KFT () transformation is applied, and the output temporary key is put back to the sequence, so that the length of the sequence becomes w-1; this process continues until only one key remains in the sequence, which is the temporary key output by the key fusion transformation, and can be used for encryption and decryption.
The binary KFT function is defined as KFT (0,1)n×(0,1)n→(0,1)nAnd simultaneously satisfies the following two conditions.
H∞(KFT(X,Y))≥H∞(X)
And H∞(KFT(X,Y))≥H∞(Y)
Wherein X and Y are 2 mutually independent random variables, and X belongs to (0,1)n,Y∈(0,1)n. The simplest existing binary key fusion transformations are MOD addition (modular Operation) and bitwise xor [. alpha. ]), which are primitives widely used in modern encryption technology. Note that applying a one-to-one mapping on a random variable does not change its key entropy, so a typical way to construct a key fusion transform is to combine modulo addition (MOD), bitwise xor, and one-to-one mapping to generate KFT instances. In this way we can get at least (2) under the key space of n-bitn| A ) A KFT instance. Moreover, even if the order of the input key sequence is disturbed, the output result will remain unchanged as long as the chosen KFT instance satisfies the commutative and associative laws.
A typical construction method of a binary key fusion transformation can be defined in an iterative manner as follows:
1)g(x,y)=x⊕y⊕b
2)g(x,y)=(x+y+b)MOD 2n
3)g(x,y)=>KFT
4)g(h(x),y)=>KFT
5)g(x,h(y))=>KFT
6)h(KFT(x,y))=>KFT
wherein X ← X ∈ (0,1)nAnd Y ← Y ∈ (0,1)nIs 2 mutually independent keys, b is belonged to (0,1)nIs a constant; g (,) represents binary modulo addition (MOD) or bitwise XOR (#), defined as g (0,1)n×(0,1)n→(0,1)nThe implementation mode is as the above formula 1) 2); h (.) is a one-to-one mapping defined as h (0,1)n→(0,1)nTypical implementations include MOD, bitwise xor, cyclic shift, etc.; equation 3 above) illustrates that the function g (,) is a binary key fusion transformation; the above formula 4)5) shows that the function obtained by applying h () and then g () to one of x and y is a binary key fusion transformation; equation 6) above illustrates that the function obtained by applying h (·) to the output of the key fusion transform KFT remains a binary key fusion transform.
In the secret communication method based on key fusion transformation, the keys in the key sequence can be generated by various key generation algorithms, and typical key generation algorithms include a physical layer-based key generation mechanism, a grid-based cryptography, quantum cryptography, or Quantum Key Distribution (QKD). In order to strictly verify the correctness of the proposed scheme, the present invention designs an ideal model to abstract various key generation mechanisms, including PLKG. These key generation mechanisms work in a way that satisfies the following assumptions of an ideal model:
t1: each generated key is a random variable extracted from an (n; l) -key source;
t2: the keys are independent of each other;
t3: if H is present∞(X) ≧ l, then the symmetric encryption used for encryption and decryption is absolutely secure, i.e., as long as key X is not revealed, the eavesdropper can neither break the key from the ciphertext nor decrypt the ciphertext directly.
T1 considers each key as a random variable, where n is the key length, l is the security threshold, and the closer l is to n, the better the randomness of the key. The specific value of l depends on the computational power estimate for the eavesdropper. Typical conditionsUnder the condition, the eavesdropper needs to do average 2lThe next brute force guess can be made to guess a correct key. For an (n; l) -key source, if a key X of n-bit length is leaked to an eavesdropper, it is equivalent to H∞(X)<l; otherwise, H∞(X) is not less than l. Whereas T2 is reasonable in that almost all key generation mechanisms, such as PLKG, related research work requires testing the statistical independence of keys. It is generally considered that a symmetric encryption algorithm, such as AES, is strong enough to even resist attack by a quantum computer as long as the key length is large enough, and therefore T3 is also a reasonable assumption.
Considering a typical key leakage scenario of PLKG, as shown in fig. 2, the source and the sink generate 3 keys using the PLKG mechanism: k is a radical ofA,kBAnd kCAnd assume kBIs revealed to the eavesdropper. From the hypothesis T1, we can obtain H∞(kA)≥l,H∞(kB)<l, and H∞(kC) Not less than l. According to the hypothesis T3, with kAAnd kCEncrypted communication is secure but with kBThe security of encrypted communications is compromised. The main problem is that eavesdropping may be done by eavesdropping, and neither the sender nor the receiver may even know kBHas already leaked out.
To solve this problem, our solution is to transform k by using key fusion KFTA,kBAnd kCAnd (4) carrying out fusion. Specifically, we start from kA,kBTo obtain kABThen from kABAnd kCTo obtain kABC. According to the assumption T3, only H needs to be certified∞(kABC) When l is greater than or equal to l, k is usedABCIn place of kA,kBAnd kCIt is secure for encryption and decryption.
The present embodiment uses a key of length 2 to verify the correctness of the model, and as a result, the conclusion is shown in fig. 3, which is applicable to any key of any bit length. An example of KFT selected in this embodiment is
Where n is 2, then k isAB=f(kA,kB) And kABC=f(kAB,kC). Since the keys are 2-bit in length, each key can take one of four values, 0,1, 2, 3, with different probabilities. The distribution probabilities respectively set in the embodiment are {1/3, 1/4, 1/6, 1/4}, kCThe distribution probability of (a) is (1/2, 1/5, 1/6, 2/15). Because k isBThe probability of the distribution is {0, 0, 0, 1} assuming that it is 3. Because k isBHas been leaked out, so kBThe key entropy of (a) is zero. Accordingly, kABHas a and kAThe same key entropy is 1.58 but with a different probability distribution (note: real numbers in the figure retain only two decimal degrees of precision). Can be verified by computer programs or manuallyABCIs always greater than or equal to kA,kBAnd kCKey entropy of (1), which represents H∞(kABC) More than or equal to l is proved. And no matter kAOr kCWith any random distribution of how much, this conclusion is always true.
For a key X, its exposure probability is defined as H∞(X)<Probability of l, and probability of a secret interruption (SOP) means that at least one key V for encryption and decryption satisfies H during communication∞(V)<l probability of the signal. Fig. 4 shows the effect of the key fusion transformation KFT on the probability of a privacy disruption of the whole communication process, where a total of 60 keys are extracted, the size w of the KFT window being 1 to 10, respectively. The approach to using KFT is to replace every w keys in the key sequence with a corresponding KFT output. In fig. 4, two legends "no fusion transformation" and "with fusion transformation" correspond to the privacy disruption probability of the entire communication process when KFT is not applied and KFT is applied, respectively. By changing the size (w) of the KFT sliding window and the key exposure probability (p), it can be seen that when p is 0.1 and w is 10, the secret break probability when applying KFT is less than 10-8And approximately 0.998 without the application of KFT. Applying KFT and setting w to 10 may reduce the privacy disruption probability below 0.057 even at a fairly high key exposure probability, e.g., p ═ 0.5.
The above examples and analysis are only intended to illustrate the feasibility of the secret communication method based on the key fusion transformation, and in fact, any method satisfying the technical feature requirements of the 3 assumption conditions of the above ideal model can be used as the secret communication method based on the key fusion transformation. The key fusion transformation implemented by using binary KFT function iteration in the above example is only for convenience of description, and typical key generation algorithms include physical layer-based key generation mechanisms, public key cryptography (such as grid-based cryptography, quantum cryptography, or quantum key distribution), etc., without excluding other implementations. It is to be understood that the scope of the invention is not to be limited to such specific statements and examples. Various modifications and alterations to this invention will become apparent to those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the scope of the claims of the present invention.
Claims (5)
1. Secret communication method based on key fusion transformation, characterized in that, the adopted data transmission system comprises: the system comprises an information source, a channel and an information sink, wherein the information source and the information sink generate a series of shared key sequences based on a key generation mechanism; the information source and the information sink utilize the same fusion transformation to process the key sequence, then the information source uses the output result of the fusion transformation as a temporary key to encrypt and encode the message, and sends a ciphertext to the information sink; the information sink uses the output result of the fusion transformation as a temporary key to decode the ciphertext to obtain a plaintext;
the fusion transformation corresponds to a function that receives a sequence of keys as input, outputs a new key as a temporary key, and the minimum entropy of the temporary key is always greater than or equal to the minimum entropy of any input key; the function is defined as: the key sequence with length w is X1,X2,...,XwIf these keys are independent of each other, the function KFT satisfies the following condition: (0,1)n×(0,1)n×...×(0,1)n→(0,1)nCalled key fusion transformation:
H∞(KFT(X1,X2,...,Xw))≥H∞(Xi),i=1,2,...,w
where n is the key bit length, (0,1)nIs the value space of the key, → the function mapping sign, H∞() Expressing minimum entropy;
the minimum entropy is calculated as:
wherein, min represents taking the minimum value,
the expression is defined as X ← X denotes randomly sampling one X from a random variable X, log is a logarithmic function, Pr [ X ═ X]Representing the probability of sampling X from X;
the key fusion transformation is realized by iteration of a binary KFT function, and the specific realization mode is as follows: for the key sequence with the length of w, two keys are taken according to any specified sequence, binary KFT function transformation is applied, and the temporary key output by the binary KFT function is put back to the key sequence, so that the length of the key sequence is updated to w-1; this process is repeated until only one key remains in the key sequence, which is the temporary key output by the key fusion transformation.
2. The secret communication method based on key fusion transformation according to claim 1, wherein the binary KFT function is defined as KFT: (0,1)n×(0,1)n→(0,1)nAnd simultaneously satisfies the following two conditions:
H∞(KFT(X,Y))≥H∞(X)
and H∞(KFT(X,Y))≥H∞(Y)
Wherein X and Y are 2 mutually independent random variables, and X belongs to (0,1)n,Y∈(0,1)n,H∞( )The minimum entropy is calculated, and X represents a random variable.
3. The secret communication method based on key fusion transformation according to claim 1, wherein the key generation mechanism operates in a manner satisfying the following condition:
t1: each generated key is a random variable extracted from an (n; l) -key source;
t2: the keys are independent of each other;
t3: if H is present∞(X) is greater than or equal to l, then the symmetric encryption for encryption and decryption is absolutely secure;
wherein H∞() The minimum entropy is calculated, X represents a random variable, n is the key bit length, l is a safety threshold, and for an (n; l) -key source, if the key X with the n bit length is leaked to an eavesdropper, the method is equivalent to H∞(X) < l; otherwise, H∞(X)≥l。
4. The secret communication method based on key fusion transformation according to claim 3, wherein the key generation mechanism employs: based on at least one of a physical layer key generation mechanism and public key cryptography.
5. The secret communication method based on key fusion transformation according to claim 4, wherein the public key cryptography includes: grating-based cryptography, quantum cryptography.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010816358.7A CN111934864B (en) | 2020-08-14 | 2020-08-14 | Secret Communication Method Based on Key Fusion Transform |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010816358.7A CN111934864B (en) | 2020-08-14 | 2020-08-14 | Secret Communication Method Based on Key Fusion Transform |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111934864A CN111934864A (en) | 2020-11-13 |
| CN111934864B true CN111934864B (en) | 2021-07-06 |
Family
ID=73310902
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010816358.7A Active CN111934864B (en) | 2020-08-14 | 2020-08-14 | Secret Communication Method Based on Key Fusion Transform |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111934864B (en) |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101626364A (en) * | 2008-07-08 | 2010-01-13 | 赵运磊 | Method for authentication for resisting secrete data disclosure and key exchange based on passwords |
| EP3605940B1 (en) * | 2011-11-30 | 2021-06-02 | BlackBerry Limited | Assessing cryptographic entropy |
| CN109768948A (en) * | 2017-11-10 | 2019-05-17 | 中国电信股份有限公司 | Information push method, system and messaging device |
-
2020
- 2020-08-14 CN CN202010816358.7A patent/CN111934864B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN111934864A (en) | 2020-11-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8687800B2 (en) | Encryption method for message authentication | |
| EP1834438B1 (en) | Cryptography related to keys | |
| KR102304831B1 (en) | Encryption systems and method using permutaion group based cryptographic techniques | |
| Lakshmi et al. | Comparison of classical and quantum cryptography using QKD simulator | |
| Fay et al. | Compressive sensing encryption modes and their security | |
| Sengupta et al. | Message mapping and reverse mapping in elliptic curve cryptosystem | |
| EP1790115A1 (en) | A method and system for computational transformation | |
| RU2459276C1 (en) | Method for coding of m message represented as multidigit binary number | |
| Al-Arjan et al. | Intelligent security in the era of AI: The key vulnerability of RC4 algorithm | |
| Hooshmand et al. | Efficient polar code-based physical layer encryption scheme | |
| CN118337498B (en) | A data transmission method based on symmetric key pool | |
| CN107317669B (en) | Noiseless full homomorphism public key encryption method based on binary Representation theorem ring | |
| JP3517663B2 (en) | Encryption communication method and encryption communication system | |
| Nissar et al. | Implementation of security enhancement in AES by inducting dynamicity in AES s-box | |
| Srikantaswamy et al. | Enhanced onetime pad cipher with morearithmetic and logical operations with flexible key generation algorithm | |
| CN111934864B (en) | Secret Communication Method Based on Key Fusion Transform | |
| WO2023198877A1 (en) | Methods and systems for performing secure transactions | |
| KR100388059B1 (en) | Data encryption system and its method using asymmetric key encryption algorithm | |
| Rao et al. | A review on combined attacks on security systems | |
| Harrison et al. | Equivocations for the simple substitution cipher with erasure-prone ciphertext | |
| Memon et al. | Randomized text encryption: A new dimension in cryptography | |
| Kumar et al. | A novel stream cipher based on quasigroups and QG-PRNG | |
| Kulkarni et al. | Neural Crypto-Coding Based Approach to Enhance the Security of Images over the Untrusted Cloud Environment. Cryptography 2023, 7, 23 | |
| Archana et al. | Overview of Cryptography | |
| BC et al. | Data encryption and decryption using DNA and embedded technology |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |