CN112260840A - Disturbance encryption method based on sm4 encryption algorithm - Google Patents
Disturbance encryption method based on sm4 encryption algorithm Download PDFInfo
- Publication number
- CN112260840A CN112260840A CN202011130539.0A CN202011130539A CN112260840A CN 112260840 A CN112260840 A CN 112260840A CN 202011130539 A CN202011130539 A CN 202011130539A CN 112260840 A CN112260840 A CN 112260840A
- Authority
- CN
- China
- Prior art keywords
- encryption
- plaintext
- encryption algorithm
- perturbation
- method based
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/168—Implementing security features at a particular protocol layer above the transport layer
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to a disturbance encryption method based on sm4 encryption algorithm, which comprises the following steps: acquiring a plaintext to be encrypted; disturbing the sensitive part in the plaintext to be encrypted; encrypting the sensitive part subjected to disturbance processing by adopting an sm4 encryption algorithm; carrying out digital signature on the encrypted plaintext; the encryption is completed. The invention solves the problem that the secret key is easy to be cracked under the condition of losing the secret key by adopting a disturbance processing encryption mode, and realizes the high safety encryption level of the sm4 encryption algorithm and the basic precaution capacity of secret key leakage by carrying out disturbance encryption based on the sm4 encryption algorithm.
Description
Technical Field
The invention relates to the technical field of encryption, in particular to a disturbance encryption method based on sm4 encryption algorithm.
Background
The sm4 encryption algorithm is a 32-round iterative unbalanced Feistel structured packet encryption algorithm used in wireless lan products. The sm4 encryption algorithm is officially approved by the national code administration in 2012, and the first commercial encryption algorithm for the wireless local area network in China has the characteristics of simplicity, safety and quickness. The packet length of the algorithm is 128 bits and the symmetric key length is 128 bits. Both the encryption algorithm and the key expansion algorithm adopt 32-round nonlinear iteration structures. The decryption algorithm has the same structure as the encryption algorithm, but the use sequence of the round keys is opposite, and the decryption round keys are the reverse sequence of the encryption round keys.
The sm4 encryption algorithm is a latest state cipher scheme and has a high security level, but the standard sm4 encryption algorithm is easy to crack under the condition that a key is lost.
Therefore, a perturbation encryption method based on the sm4 encryption algorithm is needed to be provided, so that the problem that the encryption is easy to crack under the condition that the secret key is lost is solved, and the high security encryption level of the sm4 encryption algorithm and the basic precaution capacity of secret key leakage are considered at the same time.
Disclosure of Invention
The invention aims to provide a perturbation encryption method based on an sm4 encryption algorithm, which aims to solve the problem that a secret key is easy to crack under the condition of losing the secret key and realize the high security encryption level of the sm4 encryption algorithm and the basic precaution capacity of secret key leakage.
In order to solve the problems in the prior art, the invention provides a disturbance encryption method based on sm4 encryption algorithm, which comprises the following steps:
acquiring a plaintext to be encrypted;
disturbing the sensitive part in the plaintext to be encrypted;
encrypting the sensitive part subjected to disturbance processing by adopting an sm4 encryption algorithm;
carrying out digital signature on the encrypted plaintext;
the encryption is completed.
Optionally, in the disturbance encryption method based on the sm4 encryption algorithm, the disturbance processing mode is as follows: and (4) carrying out disturbance in an exclusive-or mode to shift the bytes of the sensitive part.
Optionally, in the perturbation encryption method based on the sm4 encryption algorithm, the plaintext includes a plaintext in a message.
Optionally, in the perturbation encryption method based on the sm4 encryption algorithm,
the sensitive parts in the plain text are classified according to label fields.
Optionally, in the perturbation encryption method based on the sm4 encryption algorithm,
the digital signature adopts SSL protocol.
Optionally, in the perturbation encryption method based on sm4 encryption algorithm, after encryption is performed by using sm4 encryption algorithm, before digital signature, the method further includes the following steps:
and carrying out full-text symmetric encryption on the plaintext to be encrypted.
Optionally, in the perturbation encryption method based on sm4 encryption algorithm, the perturbation encryption method further includes a decryption process, and the decryption process includes the following steps:
checking the label of the plaintext to be decrypted;
decrypting the sensitive part in the plaintext to be decrypted;
carrying out disturbance homing processing on a sensitive part in a plaintext to be decrypted;
the decryption is completed.
Optionally, in the perturbation encryption method based on the sm4 encryption algorithm, the method for decrypting the sensitive part in the plaintext to be decrypted is as follows: decryption is performed by adopting sm4 decryption algorithm.
Optionally, in the perturbation encryption method based on the sm4 encryption algorithm, after the signature verification and before the decryption is performed on the sensitive part in the plaintext to be decrypted, the method further includes the following steps:
a tag identifying the sensitive part in plain text to be decrypted.
Optionally, in the perturbation encryption method based on the sm4 encryption algorithm, after the signature verification, before the tag of the sensitive part in the plain text to be decrypted is identified, the method further includes the following steps:
and carrying out full-text symmetric decryption on the plaintext to be decrypted.
In the disturbance encryption method based on the sm4 encryption algorithm, the problem that the secret key is easy to crack under the condition of losing the secret key is solved by adopting a disturbance processing encryption mode, and the disturbance encryption based on the sm4 encryption algorithm realizes the high safety encryption level of the sm4 encryption algorithm and the basic prevention capability of secret key leakage.
Drawings
Fig. 1 is an encryption flow chart of a perturbation encryption method according to an embodiment of the present invention;
fig. 2 is a decryption flowchart of a perturbation encryption method according to an embodiment of the present invention.
Detailed Description
The following describes in more detail embodiments of the present invention with reference to the schematic drawings. The advantages and features of the present invention will become more apparent from the following description. It is to be noted that the drawings are in a very simplified form and are not to precise scale, which is merely for the purpose of facilitating and distinctly claiming the embodiments of the present invention.
Hereinafter, if the method described herein comprises a series of steps, the order of such steps presented herein is not necessarily the only order in which such steps may be performed, and some of the described steps may be omitted and/or some other steps not described herein may be added to the method.
In the prior art, the sm4 encryption algorithm is a latest state secret scheme and has a high security level, but the standard sm4 encryption algorithm is still easy to crack under the condition of key loss.
In order to solve the problems in the prior art, the present invention provides a perturbation encryption method based on sm4 encryption algorithm, as shown in fig. 1, fig. 1 is an encryption flow chart of the perturbation encryption method provided by the embodiment of the present invention, and the perturbation encryption method includes the following steps:
acquiring a plaintext to be encrypted;
disturbing the sensitive part in the plaintext to be encrypted;
encrypting the sensitive part subjected to disturbance processing by adopting an sm4 encryption algorithm;
carrying out digital signature on the encrypted plaintext;
the encryption is completed.
The invention solves the problem that the secret key is easy to be cracked under the condition of losing the secret key by adopting a disturbance processing encryption mode, and realizes the high safety encryption level of the sm4 encryption algorithm and the basic precaution capacity of secret key leakage by carrying out disturbance encryption based on the sm4 encryption algorithm.
Preferably, in the disturbance encryption method based on the sm4 encryption algorithm, the disturbance processing mode is as follows: and (4) carrying out disturbance in an exclusive-or mode to shift the bytes of the sensitive part. Specifically, the xor operation is an operation performed in various computer languages, such as C, C + + and java, using the idea of bitwise xor. The xor operation satisfies the combination law and the exchange law, and it is known from the nature that in a computer language, it is very simple to use the xor operation to implement some functions, such as byte displacement, parity judgment, and the like. According to the invention, the data encrypted by the sm4 encryption algorithm is scrambled, recombined and the like by adopting a disturbance processing encryption mode, so that even if the password is leaked, the data original text cannot be obtained by decryption through the sm4 decryption algorithm, and the data safety is ensured to the maximum extent.
Generally, the plaintext includes plaintext in a message, and for the plaintext in the message, when performing perturbation processing encryption, the whole message needs to be matched to perform perturbation processing on the sensitive part.
Optionally, in the perturbation encryption method based on the sm4 encryption algorithm, the sensitive parts in the plain text are listed according to the label domain, and the label of the sensitive part in the plain text to be decrypted needs to be identified during decryption.
Further, the digital signature adopts an SSL protocol. Generally, a digital signature (also called a public key digital signature) is a digital string which can be generated only by a sender of information and cannot be forged by others, and the digital string is also a valid proof of the authenticity of the information sent by the sender of the information. It is a method for authenticating digital information that is similar to a common physical signature written on paper, but is implemented using techniques in the field of public key cryptography. A set of digital signatures typically defines two complementary operations, one for signing and the other for verification. The digital signature is an application of asymmetric key encryption technology and digital digest technology. Ssl (secure Socket layer) is an encryption technique that can provide both symmetric encryption and asymmetric encryption.
Optionally, in the perturbation encryption method based on sm4 encryption algorithm, after encryption is performed by using sm4 encryption algorithm, before digital signature, the method further includes the following steps: and carrying out full-text symmetric encryption on the plaintext to be encrypted. Specifically, encryption and decryption in full-text symmetric encryption use the same key encryption algorithm. Symmetric encryption is also referred to as key encryption. The invention reduces the encryption time, increases the decryption complexity and enhances the algorithm reliability by adopting full-text symmetric encryption.
In one embodiment, the encryption method in the perturbation encryption method based on the sm4 encryption algorithm is as follows:
acquiring a plaintext to be encrypted;
sorting the sensitive parts in the plaintext to be encrypted according to label domains;
disturbing the sensitive part in the plaintext to be encrypted;
encrypting the sensitive part subjected to disturbance processing by adopting an sm4 encryption algorithm;
carrying out full-text symmetric encryption on the plaintext to be encrypted;
carrying out digital signature on the encrypted plaintext;
the encryption is completed.
Further, in the perturbation encryption method based on sm4 encryption algorithm, the perturbation encryption method further includes a decryption process, as shown in fig. 2, fig. 2 is a decryption flow chart of the perturbation encryption method according to the embodiment of the present invention, where the decryption process includes the following steps:
checking the label of the plaintext to be decrypted;
decrypting the sensitive part in the plaintext to be decrypted;
carrying out disturbance homing processing on a sensitive part in a plaintext to be decrypted;
the decryption is completed.
Optionally, in the perturbation encryption method based on the sm4 encryption algorithm, the method for decrypting the sensitive part in the plaintext to be decrypted is as follows: decryption is performed by adopting sm4 decryption algorithm.
Preferably, after the signature verification and before the decryption of the sensitive part in the plaintext to be decrypted, the method further comprises the following steps: a tag identifying the sensitive part in plain text to be decrypted.
Further, after the signature verification and before the label of the sensitive part in the plain text to be decrypted is identified, the method further comprises the following steps: and carrying out full-text symmetric decryption on the plaintext to be decrypted.
In one embodiment, the decryption method in the perturbation encryption method based on the sm4 encryption algorithm is as follows:
checking the label of the plaintext to be decrypted;
carrying out full-text symmetric decryption on a plaintext to be decrypted;
identifying a tag of the sensitive part in the plaintext to be decrypted;
decrypting the sensitive part in the plaintext to be decrypted;
carrying out disturbance homing processing on a sensitive part in a plaintext to be decrypted;
the decryption is completed.
In conclusion, in the disturbance encryption method based on the sm4 encryption algorithm provided by the invention, the problem that the secret key is easy to crack under the condition of losing the secret key is solved by adopting a disturbance processing encryption mode, and the disturbance encryption based on the sm4 encryption algorithm realizes the high security encryption level of the sm4 encryption algorithm and the basic prevention capability of secret key leakage.
Furthermore, the invention simultaneously adopts disturbance processing encryption, sm4 encryption algorithm encryption, full-text symmetric encryption and digital signature encryption modes, thereby realizing a mixed multiple encryption method and enhancing the reliability of the algorithm.
The above description is only a preferred embodiment of the present invention, and does not limit the present invention in any way. It will be understood by those skilled in the art that various changes, substitutions and alterations can be made herein without departing from the spirit and scope of the invention as defined by the appended claims.
Claims (10)
1. A disturbance encryption method based on sm4 encryption algorithm is characterized by comprising the following steps:
acquiring a plaintext to be encrypted;
disturbing the sensitive part in the plaintext to be encrypted;
encrypting the sensitive part subjected to disturbance processing by adopting an sm4 encryption algorithm;
carrying out digital signature on the encrypted plaintext;
the encryption is completed.
2. A perturbation encryption method based on an sm4 encryption algorithm, as claimed in claim 1,
the disturbance processing mode is as follows: and (4) carrying out disturbance in an exclusive-or mode to shift the bytes of the sensitive part.
3. A perturbation encryption method based on an sm4 encryption algorithm as claimed in claim 1, wherein said plaintext comprises plaintext in a message.
4. A perturbation encryption method based on an sm4 encryption algorithm, as claimed in claim 1,
the sensitive parts in the plain text are classified according to label fields.
5. A perturbation encryption method based on an sm4 encryption algorithm, as claimed in claim 1,
the digital signature adopts SSL protocol.
6. A perturbation encryption method based on sm4 encryption algorithm as claimed in claim 1, further comprising the following steps after encryption with sm4 encryption algorithm and before digital signature:
and carrying out full-text symmetric encryption on the plaintext to be encrypted.
7. A perturbation encryption method based on an sm4 encryption algorithm as claimed in claim 6, wherein the perturbation encryption method further comprises a decryption process comprising the steps of:
checking the label of the plaintext to be decrypted;
decrypting the sensitive part in the plaintext to be decrypted;
carrying out disturbance homing processing on a sensitive part in a plaintext to be decrypted;
the decryption is completed.
8. A perturbation encryption method based on sm4 encryption algorithm as claimed in claim 7, wherein the way to decrypt sensitive parts in the plaintext to be decrypted is: decryption is performed by adopting sm4 decryption algorithm.
9. A perturbation encryption method based on sm4 encryption algorithm as claimed in claim 7, characterized in that after the signature verification and before the decryption of the sensitive part in the plaintext to be decrypted, it further comprises the following steps:
a tag identifying the sensitive part in plain text to be decrypted.
10. A method as claimed in claim 9 wherein said method of perturbation encryption based on an sm4 encryption algorithm further comprises the steps of, after signature verification and before identification of the signature of the sensitive part of the plaintext to be decrypted:
and carrying out full-text symmetric decryption on the plaintext to be decrypted.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011130539.0A CN112260840A (en) | 2020-10-21 | 2020-10-21 | Disturbance encryption method based on sm4 encryption algorithm |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011130539.0A CN112260840A (en) | 2020-10-21 | 2020-10-21 | Disturbance encryption method based on sm4 encryption algorithm |
Publications (1)
Publication Number | Publication Date |
---|---|
CN112260840A true CN112260840A (en) | 2021-01-22 |
Family
ID=74264406
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202011130539.0A Pending CN112260840A (en) | 2020-10-21 | 2020-10-21 | Disturbance encryption method based on sm4 encryption algorithm |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112260840A (en) |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050172132A1 (en) * | 2004-01-30 | 2005-08-04 | Chen Sherman (. | Secure key authentication and ladder system |
CN105871918A (en) * | 2016-06-08 | 2016-08-17 | 美的集团股份有限公司 | Household appliance, communication system and method between household appliance and cloud server as well as cloud server |
CN107147488A (en) * | 2017-03-24 | 2017-09-08 | 广东工业大学 | A kind of signature sign test system and method based on SM2 enciphering and deciphering algorithms |
CN108023724A (en) * | 2016-11-04 | 2018-05-11 | 北京展讯高科通信技术有限公司 | Data transmission method and device |
CN109672523A (en) * | 2018-09-25 | 2019-04-23 | 平安科技(深圳)有限公司 | Information ciphering method, device, equipment and readable storage medium storing program for executing based on filter |
CN109787764A (en) * | 2019-03-25 | 2019-05-21 | 四川九洲空管科技有限责任公司 | A kind of encryption method based on cipher key delivery equipment |
-
2020
- 2020-10-21 CN CN202011130539.0A patent/CN112260840A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050172132A1 (en) * | 2004-01-30 | 2005-08-04 | Chen Sherman (. | Secure key authentication and ladder system |
CN105871918A (en) * | 2016-06-08 | 2016-08-17 | 美的集团股份有限公司 | Household appliance, communication system and method between household appliance and cloud server as well as cloud server |
CN108023724A (en) * | 2016-11-04 | 2018-05-11 | 北京展讯高科通信技术有限公司 | Data transmission method and device |
CN107147488A (en) * | 2017-03-24 | 2017-09-08 | 广东工业大学 | A kind of signature sign test system and method based on SM2 enciphering and deciphering algorithms |
CN109672523A (en) * | 2018-09-25 | 2019-04-23 | 平安科技(深圳)有限公司 | Information ciphering method, device, equipment and readable storage medium storing program for executing based on filter |
CN109787764A (en) * | 2019-03-25 | 2019-05-21 | 四川九洲空管科技有限责任公司 | A kind of encryption method based on cipher key delivery equipment |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US6851049B1 (en) | Method and apparatus for facilitating secure anonymous email recipients | |
Krovetz et al. | The OCB authenticated-encryption algorithm | |
CN109559122A (en) | Block chain data transmission method and block chain data transmission system | |
CN102904712B (en) | Information ciphering method | |
US20030123667A1 (en) | Method for encryption key generation | |
US20060265595A1 (en) | Cascading key encryption | |
US8744078B2 (en) | System and method for securing multiple data segments having different lengths using pattern keys having multiple different strengths | |
CN107896223A (en) | A kind of data processing method and system, data collecting system and data receiving system | |
US20210165914A1 (en) | Cryptographic method for verifying data | |
CN108090370A (en) | Instant messaging encryption method and system based on index | |
CN112564906A (en) | Block chain-based data security interaction method and system | |
CN113312608A (en) | Electric power metering terminal identity authentication method and system based on timestamp | |
CN114499857A (en) | Method for realizing data correctness and consistency in big data quantum encryption and decryption | |
Kasodhan et al. | A new approach of digital signature verification based on BioGamal algorithm | |
CN103117850A (en) | Cryptosystem based on random sequence database | |
Maury et al. | Format oracles on OpenPGP | |
CN112800462A (en) | Method for storing confidential information in cloud computing environment | |
US7436966B2 (en) | Secure approach to send data from one system to another | |
Patni | A poly-alphabetic approach to Caesar cipher algorithm | |
Pushpa | Enhancing Data Security by Adapting Network Security and Cryptographic Paradigms | |
Kaushik et al. | Block encryption standard for transfer of data | |
CN112260840A (en) | Disturbance encryption method based on sm4 encryption algorithm | |
Hayden et al. | Multi-channel security through data fragmentation | |
CN102647428A (en) | Encrypting and decrypting system and method adopting trusteeship control based on communication network | |
Gohel | Introduction to Network & Cybersecurity |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210122 |
|
RJ01 | Rejection of invention patent application after publication |