CN112422278A - Byte-oriented random multi-table replacement encryption and decryption method - Google Patents

Byte-oriented random multi-table replacement encryption and decryption method Download PDF

Info

Publication number
CN112422278A
CN112422278A CN202011248734.3A CN202011248734A CN112422278A CN 112422278 A CN112422278 A CN 112422278A CN 202011248734 A CN202011248734 A CN 202011248734A CN 112422278 A CN112422278 A CN 112422278A
Authority
CN
China
Prior art keywords
key
wkey
character
ciphertext
elements
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
CN202011248734.3A
Other languages
Chinese (zh)
Inventor
李春林
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xian Peihua University
Original Assignee
Xian Peihua University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xian Peihua University filed Critical Xian Peihua University
Priority to CN202011248734.3A priority Critical patent/CN112422278A/en
Publication of CN112422278A publication Critical patent/CN112422278A/en
Withdrawn legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/002Countermeasures against attacks on cryptographic mechanisms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to a byte-oriented random multi-table replacement encryption method and a byte-oriented random multi-table replacement decryption method, wherein the whole replacement table is changed when one plaintext character is encrypted, and each replacement table has more than half of difference and essentially has the same security as a one-time pad (OTP) algorithm. A ciphertext feedback mechanism is introduced into the algorithm, and as long as one character of two plaintext messages encrypted by the same key is changed, all ciphertext is changed from then on. If a certain number of random numbers are introduced to change the working key, the same key is used for encrypting the same section of plaintext message for multiple times, and the encryption results of each time are completely different, so that the attack of known plaintext analysis can be effectively resisted. When the encryption system is used in a network communication gateway, as long as the initial key is long enough to resist exhaustive attack, the same key can be used for a long time to encrypt data without influencing the security of the system, thereby greatly reducing the difficulty and security risk of system key management.

Description

Byte-oriented random multi-table replacement encryption and decryption method
Technical Field
The invention belongs to the technical field of information security, relates to data encryption and decryption, in particular to a data encryption and decryption technology based on multi-table replacement, and discloses a byte-oriented random multi-table replacement encryption and decryption method.
Background
Substitution is a method often used in encryption technology, that is, replacing one character with another. The classical single table replaces the password, and because the redundancy of information in the plaintext message cannot be changed, only ciphertext cracking can be carried out by using a character frequency analysis method. The famous Vigene password is a typical representative of a multi-table password, and the same plaintext character can correspond to a plurality of ciphertext characters, so that the attack of a character frequency analysis method can be effectively resisted. However, since the same key is used repeatedly to encrypt the plaintext message periodically, if the length of the key is N, the ciphertext can be regarded as the result of N single-table encryptions, so that the length of the key can be determined by a method of calculating the coincidence index ic (index of coincidence) or Kasiski test, thereby cracking the ciphertext encrypted by the multi-table password. It can be seen that reusing substitution tables is a fundamental weakness of multi-table passwords. If one were able to find a way to change the entire substitution table for each plaintext character encrypted, i.e., to generate as many substitution tables as there are plaintext characters, such a multi-table substitution cipher would have the same security as a one-time-pad (OTP) algorithm.
Existing stream cipher algorithms essentially mimic the one-time pad algorithm, and it is desirable to use a short user key to generate a sufficiently long, sufficiently random key stream that is exclusive-or (XOR) operated with plaintext characters to obtain ciphertext characters. The stream cipher has the advantages of high encryption speed and completely same encryption and decryption algorithms, and is widely applied to data encryption of network communication. However, in a specific using process, the algorithm has a weakness that a plurality of messages cannot be encrypted by the same key, because once an attacker obtains one plaintext message, all messages encrypted by the same key are cracked. This adds to the difficulty of key management for a secure and confidential system using such a stream cipher algorithm, requiring frequent key updates.
Disclosure of Invention
To overcome the above-mentioned shortcomings of the prior art, the present invention provides a byte-oriented random multiple table substitution encryption and decryption method, which changes the whole substitution table every time a plaintext character is encrypted, and each substitution table has more than half of the difference, and has essentially the same security as the one-time pad (OTP) algorithm. A ciphertext feedback mechanism is introduced into the algorithm, and as long as one character of two plaintext messages encrypted by the same key is changed, all ciphertext is changed from then on. And then a certain number of random numbers are introduced to change the working key, so that the same key is used for encrypting the same section of plaintext message for multiple times, and the encryption results of each time are completely different, thereby effectively resisting the attack of known plaintext analysis. When the encryption system is used in a network communication gateway, as long as the length of an initial key is enough to resist exhaustive attack, the same key can be repeatedly used for encrypting data within a long time range without influencing the security of the system, so that the difficulty and the security risk of system key management are greatly reduced. Meanwhile, the algorithm is simple to implement, needs less computing resources and belongs to a lightweight cryptographic algorithm, so that the algorithm can be used in systems such as the Internet of things and a sensor network.
In order to achieve the purpose, the invention adopts the technical scheme that:
byte-oriented random multi-table replacement encryption method, wherein plaintext, ciphertext and key are all finite fields GF (2)8) The replacing table S has 256 elements, the work Key WKey has 256 elements, the number of the elements of the user Key Key is variable, at least one element and at most 256 elements are generated through a Key expansion algorithm, and the encryption steps are as follows:
the step (1): generating a substitution table S and a work key WKey, generating M random numbers for changing the work key WKey, and generating a ciphertext feedback character FC, wherein the method specifically comprises the following steps:
step (101): generating a replacement table S, and setting the values of 256 elements in the replacement table S to be 0-255 respectively, namely S (i) is equal to i, and i is equal to 0-255;
step (102): expanding a user Key Key into a work Key WKey;
step (103): respectively generating 8, 16 or 32 GF (2) according to different requirements of users on security level8) And (3) performing addition operation of mod256 on the random number Rnd after cycle expansion and the work key WKey generated in the step (102), namely: wkey (i) + rnd (j)) mod256, i ═ 0 to 255, j ═ i mod M, where M is set by the system according to the security levelDetermining the number of random numbers, and directly outputting the M random numbers to a ciphertext file;
step (104): selecting partial elements in the work key WKey to perform mod256 addition operation to generate an initial secret character iniSecChar, and setting a ciphertext feedback character FC as the initial secret character, namely FC ═ iniSecChar;
step (2): circularly encrypting all plaintext characters until all the plaintext characters are completely encrypted, and the specific steps are as follows:
step (201): changing the position of an element in a replacement table S by using a work key WKey, i and j are numbers of the element in the replacement table S, the initial value of j is 0, i is increased by 1 from 0 to 255, a value j exchanged with a current value i is calculated, j is (j + WKey (i) + S (i)) mod256, and then the values of S (i) and S (j) are exchanged;
step (202): replacing the plaintext character Pchar by the replacement table S to generate a corresponding ciphertext character Cchar, namely Cchar is S (Pchar), and outputting the ciphertext character Cchar;
step (203): changing the value of the ciphertext feedback character FC according to the value of the ciphertext character Cchar, i.e., (s (Cchar) + iniSecChar) mod 256;
step (204): and changing the value of the work key WKey according to the value of the substitution table S and the ciphertext feedback character FC, namely WKey (i) ═ (WKey (i) + S (WKey (i) + FC) mod256, and i ═ 0-255.
The method for expanding the user Key to the work Key WKey in the step (102) is as follows: first, the user Key is periodically expanded until the Key length is 256, and then the expanded partial Key value is sequentially increased by 1, and Mod256 operation is performed, that is, wkey (i) ═ Key (i), i ═ 0 to N-1, wkey (i) ═ Key (j) + i-N +1) Mod256, i ═ N to 255, j ═ i Mod N, and N is the number of elements of the user Key.
The method of generating the initial secret character iniSecChar of step (104): in the algorithm, the sequence number of the selected element is directly set, or the element of the user Key is selected as the selected sequence number, that is, iniSecChar ═ (WKey (Key (1)) + WKey (Key (2)) + … + WKey (Key (N))) mod256, where N is the number of elements of the user Key and Key (1) is the first element of the user Key.
The invention also provides a decryption algorithm corresponding to the byte-oriented random multi-table replacement encryption method, and the plaintext, the ciphertext and the secret key are all finite fields GF (2)8) The internal elements, the substitution table S and the decryption substitution table DS both have 256 elements, the work Key WKey also has 256 elements, the number of the elements of the user Key Key is variable, at least one element and at most 256 elements are generated through a Key expansion algorithm, and the decryption method is characterized in that the decryption steps are as follows:
step (D1): generating a substitution table S, a work key WKey and a ciphertext feedback character FC, and specifically comprising the following steps:
the (D101) step: generating a replacement table S, and setting the values of 256 elements in the replacement table S to be 0-255 respectively, namely S (i) is equal to i, and i is equal to 0-255;
the (D102) step: expanding a user Key Key into a work Key WKey;
the (D103) step: reading the former M random numbers Rnd from the encrypted file, performing addition operation of mod256 with the work key WKey generated in the step (D102) after cycle expansion, and changing the value of the work key WKey element, namely: wkey (i) ((i) + rnd (j)) mod256, i ═ 0 to 255, j ═ i mod M, where M is the number of random numbers set by the system according to the security level;
the step (D104): selecting partial elements in the work key WKey to perform mod256 addition operation to generate an initial secret character iniSecChar, and setting a ciphertext feedback character FC as the initial secret character, namely FC ═ iniSecChar;
step (D2): circularly decrypting all the ciphertext characters until all the ciphertext characters are decrypted, and the method specifically comprises the following steps:
the (D201) step: changing the position of an element in a replacement table S by using a work key WKey, i and j are numbers of the element in the replacement table S, the initial value of j is 0, i is increased by 1 from 0 to 255, a value j exchanged with a current value i is calculated, j is (j + WKey (i) + S (i)) mod256, and then the values of S (i) and S (j) are exchanged;
the (D202) step: calculating a decryption substitution table DS, wherein DS (S (i)) is i, and i is 0-255;
the (D203) step: replacing the ciphertext character Cchar with a plaintext character Pchar by decrypting the substitution table DS, namely Pchar ═ DS (Cchar), and outputting the plaintext character Pchar;
the (D204) step: changing the value of the ciphertext feedback character FC according to the value of the ciphertext character Cchar, i.e., (s (Cchar) + iniSecChar) mod 256;
the (D205) step: and changing the value of the work key according to the substitution table S and the value of the ciphertext feedback character FC, namely WKey (i) ═ (WKey (i) + S (WKey (i) + FC) mod256, wherein i ═ 0-255.
Compared with the prior art, the whole substitution table is changed when one plaintext character is encrypted, and each substitution table has more than half of difference, and has the same safety as a one-time pad (OTP) algorithm essentially. A ciphertext feedback mechanism is introduced into the algorithm, and as long as one character of two plaintext messages encrypted by the same key is changed, all ciphertext is changed from then on. If a certain number of random numbers are introduced to change the working key, the same key is used for encrypting the same section of plaintext message for multiple times, and the encryption results of each time are completely different, so that the attack of known plaintext analysis can be effectively resisted. When the encryption system is used in a network communication gateway, as long as the initial key is long enough to resist exhaustive attack, the same key can be used for a long time to encrypt data without influencing the security of the system, thereby greatly reducing the difficulty and security risk of system key management.
Drawings
FIG. 1 is a schematic diagram of the algorithm of the present invention
Fig. 2 is a schematic diagram of the encryption process of the present invention.
Fig. 3 is a schematic diagram of the decryption process of the present invention.
Detailed Description
The embodiments of the present invention will be described in detail below with reference to the drawings and examples.
The invention relates to a byte-oriented random multi-table replacement encryption and decryption method.
Referring to fig. 1 and 2, in the encryption algorithm, the plaintext, the ciphertext and the key are all finite fields GF (2)8) The inner element, the replacement table S has 256 elements, and the work key WKey has 256 elementsThe element number of the user Key is variable, at least one element and at most 256 elements are generated into a work Key WKey through a Key expansion algorithm, and the encryption steps are as follows:
the step (1): generating a substitution table S and a work key WKey, generating M random numbers for changing the work key WKey, and generating a ciphertext feedback character FC, wherein the method specifically comprises the following steps:
step (101): and generating a replacement table S, and setting the values of 256 elements in the replacement table S to be 0-255 respectively, namely S (i) is equal to i, and i is equal to 0-255.
Step (102): and expanding the user Key Key into a work Key WKey. First, the user Key is periodically expanded until the Key length is 256, and then the expanded partial Key value is sequentially increased by 1, and Mod256 operation is performed, that is, wkey (i) ═ Key (i), i ═ 0 to N-1, wkey (i) ═ Key (j) + i-N +1) Mod256, i ═ N to 255, j ═ i Mod N, and N is the number of elements of the user Key.
Step (103): respectively generating 8, 16 or 32 GF (2) according to different requirements of users on security level8) And (3) performing addition operation of mod256 on the random number Rnd after cycle expansion and the work key WKey generated in the step (102), namely: wkey (i) ((i) + rnd (j)) mod256, i ═ 0 to 255, j ═ i mod M, where M is the number of random numbers set by the system according to the different security levels, and the M random numbers are directly output to the ciphertext file.
Step (104): part of elements in the work key WKey are selected to perform mod256 addition operation, an initial secret character iniSecChar is generated, and a ciphertext feedback character FC is set as the initial secret character, namely FC ═ iniSecChar. Specifically, the sequence number of the selected element may be directly set in the algorithm, or an element of the user Key may be selected as the selected sequence number, that is, iniSecChar ═ (WKey (Key (1)) + WKey (Key (2)) + … + WKey (Key (N))) mod256, where N is the number of elements of the user Key, and Key (1) is the first element of the user Key.
Step (2): circularly encrypting all plaintext characters until all the plaintext characters are completely encrypted, and the specific steps are as follows:
step (201): the position of an element in a substitution table S is changed by using a work key WKey, i and j are numbers of the elements in the substitution table S, the initial value of j is 0, i is increased by 1 from 0 to 255, a value j which is exchanged with a current value i is calculated, j is (j + WKey (i) + S (i)) mod256, and then the values of S (i) and S (j) are exchanged.
Step (202): and replacing the plaintext character Pchar by the replacing table S to generate a corresponding ciphertext character Cchar, namely Cchar is S (Pchar), and outputting the ciphertext character Cchar.
Step (203): the value of the ciphertext feedback character FC is changed according to the value of the ciphertext character Cchar, i.e. FC ═ m (s (Cchar) + iniSecChar) mod 256.
Step (204): and changing the value of the work key WKey according to the value of the substitution table S and the ciphertext feedback character FC, namely WKey (i) ═ (WKey (i) + S (WKey (i) + FC) mod256, and i ═ 0-255.
Referring to fig. 1 and 3, in the decryption method, the plaintext, the ciphertext and the key are all finite fields GF (2)8) The internal elements, the substitution table S and the decryption substitution table DS both have 256 elements, the work Key WKey also has 256 elements, the number of the elements of the user Key Key is variable, at least one element and at most 256 elements are generated through a Key expansion algorithm, and the decryption method is characterized in that the decryption steps are as follows:
step (D1): generating a substitution table S, a work key WKey and a ciphertext feedback character FC, and specifically comprising the following steps:
the (D101) step: and generating a replacement table S, and setting the values of 256 elements in the replacement table S to be 0-255 respectively, namely S (i) is equal to i, and i is equal to 0-255.
The (D102) step: and expanding the user Key Key into a work Key WKey, and referring to the step (102).
The (D103) step: reading the former M random numbers Rnd from the encrypted file, performing addition operation of mod256 with the work key WKey generated in the step (D102) after cycle expansion, and changing the value of the work key WKey element, namely: wkey (i) ((i) + rnd (j)) mod256, i ═ 0 to 255, j ═ i mod M, where M is the number of random numbers set by the system according to the security level.
The step (D104): part of elements in the work key WKey are selected to perform mod256 addition operation, an initial secret character iniSecChar is generated, and a ciphertext feedback character FC is set as the initial secret character, namely FC ═ iniSecChar. The concrete method refers to the step (104).
Step (D2): circularly decrypting all the ciphertext characters until all the ciphertext characters are decrypted, and the method specifically comprises the following steps:
the (D201) step: the position of an element in a substitution table S is changed by using a work key WKey, i and j are numbers of the elements in the substitution table S, the initial value of j is 0, i is increased by 1 from 0 to 255, a value j which is exchanged with a current value i is calculated, j is (j + WKey (i) + S (i)) mod256, and then the values of S (i) and S (j) are exchanged.
The (D202) step: and calculating a decryption substitution table DS, wherein DS (S (i)) is i, and i is 0-255.
The (D203) step: the ciphertext character Cchar is replaced by a plaintext character Pchar by decrypting the substitution table DS, i.e. Pchar ═ DS (Cchar), and the plaintext character Pchar is output.
The (D204) step: the value of the ciphertext feedback character FC is changed according to the value of the ciphertext character Cchar, i.e. FC ═ m (s (Cchar) + iniSecChar) mod 256.
The (D205) step: and changing the value of the work key according to the substitution table S and the value of the ciphertext feedback character FC, namely WKey (i) ═ (WKey (i) + S (WKey (i) + FC) mod256, wherein i ═ 0-255.
In the specific implementation process of the algorithm, a specific number of random numbers are not introduced, so that the byte number of the ciphertext is ensured to be completely the same as the byte number of the plaintext, and the algorithm can be ensured to be applied to communication protocols with fixed formats. Two different specific embodiments will be given below, and a piece of plaintext information that differs by only one character is encrypted, and how different the encryption result is.
In the first case: no random number is introduced. Steps (101) and (102) are performed as described above to generate the substitution table S and the work key WKey. The step (103) is not performed. And (104) selecting 8 elements from the working key to perform modulo 256 addition to obtain the initial secret character, wherein the specifically selected 8 elements are the first 4 elements and the last 4 elements, namely iniSecChar ═ i (WKey (0) + WKey (1) + WKey (2) + WKey (3) + WKey (255) + WKey (254) + WKey (253)) + WKey (252)) Mod 256. The ciphertext feedback character FC is set to the initial secret character, i.e. FC ═ iniSecChar. The next step (201) is executed, the position of the element in the substitution table S is changed using the work key WKey, and a new substitution table is formed. And (202) obtaining a ciphertext character from the plaintext character, wherein the plaintext character is Pchar, and the ciphertext character Cchar is s (Pchar). Step (203) is executed to change the value of the ciphertext feedback character FC, i.e. FC ═ (s (cchar) + iniSecChar) mod 256. And (204) changing the value of each element of the work key WKey according to the values of the substitution table S and the ciphertext feedback character FC. Then, go to step (201) to encrypt the next plaintext character until all the plaintext is encrypted. In this way, each time a plaintext character is encrypted, the values of all the elements of the work key WKey are changed, and the change of the element values is related to the ciphertext feedback value FC, which is related to the ciphertext character (and thus the plaintext character) obtained just encrypted. The changed values of the work key WKey are used for changing the positions of elements in the substitution table S, so that each plaintext character corresponds to a completely different substitution table, and the multi-table substitution password has the same security as a one-time pad (OTP) algorithm.
The following is a ciphertext information comparison table obtained by encrypting a piece of information only changing one plaintext character at a time by using the same key. (Note: the plaintext character is the ASCII value of the character in parentheses, the ciphertext column is also the ASCII value, and the user key used for each encryption is "1234567890")
Figure BDA0002770904890000081
Figure BDA0002770904890000091
As can be seen from the above table, from the 2 nd time, the 3 rd plaintext character is changed, and the following plaintext characters are not changed, but the corresponding ciphertexts are completely different, which indicates that the introduced ciphertext feedback mechanism produces a good effect, and even if the same key is used for encryption, the generated ciphertext characters are different for two plaintext characters at the same position, which is greatly different from a general stream cipher algorithm.
In the second case: a random number is introduced. For ease of presentation in the table, only 2 random numbers are introduced here. The selection method of the initial secret character is the same as the above, the rest selection and setting are the same as the above, and then the result of encrypting the same plaintext by the same secret key for multiple times is seen. (Note: the first 2 ciphertext values are the values of the introduced random number, so that the number of ciphertext characters is 2 more than the number of plaintext characters, and the user key used for each encryption is "1234567890")
Figure BDA0002770904890000101
The same cipher key is used to encrypt the same plaintext sequence in the first 5 times, so that the ciphertexts in each time are different, and the same cipher key is used to encrypt the other plaintext sequence in the last 5 times, so that the encryption results are different in each time. Meanwhile, it can be seen that the two plaintext sequences are different by only one character. Therefore, after random numbers are introduced to change the working key, even if an attacker uses known plaintext to attack, the key is difficult to analyze, and the algorithm has high safety.

Claims (4)

1. Byte-oriented random multi-table replacement encryption method, wherein plaintext, ciphertext and key are all finite fields GF (2)8) The element in the substitution table S has 256 elements, the work Key WKey has 256 elements, the number of the elements of the user Key Key is variable, at least one element and at most 256 elements are generated through a Key expansion algorithm, and the encryption steps are as follows:
the step (1): generating a substitution table S and a work key WKey, generating M random numbers for changing the work key WKey, and generating a ciphertext feedback character FC, wherein the method specifically comprises the following steps:
step (101): generating a replacement table S, and setting the values of 256 elements in the replacement table S to be 0-255 respectively, namely S (i) is equal to i, and i is equal to 0-255;
step (102): expanding a user Key Key into a work Key WKey;
step (103): respectively generating 8, 16 or 32 GF (2) according to different requirements of users on security level8) And (3) performing addition operation of mod256 on the random number Rnd after cycle expansion and the work key WKey generated in the step (102), namely: wkey (i) ((i) + rnd (j)) mod256, i ═ 0 to 255, j ═ i mod M, where M is the number of random numbers set by the system according to different security levels, and the M random numbers are directly output to the ciphertext file;
step (104): selecting partial elements in the work key WKey to perform mod256 addition operation to generate an initial secret character iniSecChar, and setting a ciphertext feedback character FC as the initial secret character, namely FC ═ iniSecChar;
step (2): circularly encrypting all plaintext characters until all the plaintext characters are completely encrypted, and the specific steps are as follows:
step (201): changing the position of an element in a replacement table S by using a work key WKey, i and j are numbers of the element in the replacement table S, the initial value of j is 0, i is increased by 1 from 0 to 255, a value j exchanged with a current value i is calculated, j is (j + WKey (i) + S (i)) mod256, and then the values of S (i) and S (j) are exchanged;
step (202): replacing the plaintext character Pchar by the replacement table S to generate a corresponding ciphertext character Cchar, namely Cchar is S (Pchar), and outputting the ciphertext character Cchar;
step (203): changing the value of the ciphertext feedback character FC according to the value of the ciphertext character Cchar, i.e., (s (Cchar) + iniSecChar) mod 256;
step (204): and changing the value of the work key WKey according to the value of the substitution table S and the ciphertext feedback character FC, namely WKey (i) ═ (WKey (i) + S (WKey (i) + FC) mod256, and i ═ 0-255.
2. The byte-oriented random multiple table replacement encryption method according to claim 1, wherein the step (102) of expanding the user Key to the work Key WKey is to: first, the user Key is periodically expanded until the Key length is 256, and then the expanded partial Key value is sequentially increased by 1, and Mod256 operation is performed, that is, wkey (i) ═ Key (i), i ═ 0 to N-1, wkey (i) ═ Key (j) + i-N +1) Mod256, i ═ N to 255, j ═ i Mod N, and N is the number of elements of the user Key.
3. The byte-oriented random multiple table substitution encryption method of claim 1, wherein the step (104) is a method of generating an initial secret character iniSecChar: in the algorithm, the sequence number of the selected element is directly set, or the element of the user Key is selected as the selected sequence number, that is, iniSecChar ═ (WKey (Key (1)) + WKey (Key (2)) + … + WKey (Key (N))) mod256, where N is the number of elements of the user Key and Key (1) is the first element of the user Key.
4. Decryption algorithm corresponding to the byte-oriented random multi-table replacement encryption method of claim 1, wherein the plaintext, the ciphertext and the secret key are all finite fields GF (2)8) The internal elements, the substitution table S and the decryption substitution table DS both have 256 elements, the work Key WKey also has 256 elements, the number of the elements of the user Key Key is variable, at least one element and at most 256 elements are generated through a Key expansion algorithm, and the decryption method is characterized in that the decryption steps are as follows:
step (D1): generating a substitution table S, a work key WKey and a ciphertext feedback character FC, and specifically comprising the following steps:
the (D101) step: generating a replacement table S, and setting the values of 256 elements in the replacement table S to be 0-255 respectively, namely S (i) is equal to i, and i is equal to 0-255;
the (D102) step: expanding a user Key Key into a work Key WKey;
the (D103) step: reading the former M random numbers Rnd from the encrypted file, performing addition operation of mod256 with the work key WKey generated in the step (D102) after cycle expansion, and changing the value of the work key WKey element, namely: wkey (i) ((i) + rnd (j)) mod256, i ═ 0 to 255, j ═ i mod M, where M is the number of random numbers set by the system according to the security level;
the step (D104): selecting partial elements in the work key WKey to perform mod256 addition operation to generate an initial secret character iniSecChar, and setting a ciphertext feedback character FC as the initial secret character, namely FC ═ iniSecChar;
step (D2): circularly decrypting all the ciphertext characters until all the ciphertext characters are decrypted, and the method specifically comprises the following steps:
the (D201) step: changing the position of an element in a replacement table S by using a work key WKey, i and j are numbers of the element in the replacement table S, the initial value of j is 0, i is increased by 1 from 0 to 255, a value j exchanged with a current value i is calculated, j is (j + WKey (i) + S (i)) mod256, and then the values of S (i) and S (j) are exchanged;
the (D202) step: calculating a decryption substitution table DS, wherein DS (S (i)) is i, and i is 0-255;
the (D203) step: replacing the ciphertext character Cchar with a plaintext character Pchar by decrypting the substitution table DS, namely Pchar ═ DS (Cchar), and outputting the plaintext character Pchar;
the (D204) step: changing the value of the ciphertext feedback character FC according to the value of the ciphertext character Cchar, i.e., (s (Cchar) + iniSecChar) mod 256;
the (D205) step: and changing the value of the work key according to the substitution table S and the value of the ciphertext feedback character FC, namely WKey (i) ═ (WKey (i) + S (WKey (i) + FC) mod256, wherein i ═ 0-255.
CN202011248734.3A 2020-11-10 2020-11-10 Byte-oriented random multi-table replacement encryption and decryption method Withdrawn CN112422278A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011248734.3A CN112422278A (en) 2020-11-10 2020-11-10 Byte-oriented random multi-table replacement encryption and decryption method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011248734.3A CN112422278A (en) 2020-11-10 2020-11-10 Byte-oriented random multi-table replacement encryption and decryption method

Publications (1)

Publication Number Publication Date
CN112422278A true CN112422278A (en) 2021-02-26

Family

ID=74781780

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011248734.3A Withdrawn CN112422278A (en) 2020-11-10 2020-11-10 Byte-oriented random multi-table replacement encryption and decryption method

Country Status (1)

Country Link
CN (1) CN112422278A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115085924A (en) * 2022-08-22 2022-09-20 锐创软件技术(启东)有限公司 Computer information transmission encryption system based on Huffman coding

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115085924A (en) * 2022-08-22 2022-09-20 锐创软件技术(启东)有限公司 Computer information transmission encryption system based on Huffman coding
CN115085924B (en) * 2022-08-22 2022-12-27 锐创软件技术(启东)有限公司 Computer information transmission encryption system based on Huffman coding

Similar Documents

Publication Publication Date Title
CN106656475B (en) Novel symmetric key encryption method for high-speed encryption
US20020048364A1 (en) Parallel block encryption method and modes for data confidentiality and integrity protection
KR19990087103A (en) How to share encryption key
WO2001030020A1 (en) Variable length key encrypting system
Zhao et al. Block cipher design: generalized single-use-algorithm based on chaos
Aung et al. A complex polyalphabetic cipher technique Myanmar polyalphabetic cipher
CN112422278A (en) Byte-oriented random multi-table replacement encryption and decryption method
Akanksha et al. A hybrid cryptosystem based on modified vigenere cipher and polybius cipher
Perez et al. A Modified Key Generation Scheme of Vigenère Cipher Algorithm using Pseudo-Random Number and Alphabet Extension
Sagun et al. Devising a method for improving crypto resistance of the symmetric block cryptosystem RC5 using nonlinear shift functions
Arunkumar et al. Nonce reuse/misuse resistance authentication encryption schemes for modern TLS cipher suites and QUIC based web servers
Villafuerte et al. An improved 3d playfair cipher key matrix with dual cipher block chaining method
Neri et al. An XBOX-based key generation technique for vigenere algorithm
Meng et al. A multi-connection encryption algorithm applied in secure channel service system
JP2886517B2 (en) Common key communication system
Zenner Why IV setup for stream ciphers is difficult
Handschuh et al. On the security of double and 2-key triple modes of operation
Sekhar et al. Data Encryption technique using Random number generator
Bouchkaren et al. CAES Cryptosystem: Advanced Security Tests and Results.
JP2000004223A (en) Encryption/authentication system
Sari et al. Hybrid encryption technique using cyclic bit shift and RC4
Das et al. Statistical Cryptanalysis of ElGamal Cryptosystem for measuring security in disruptive technology
CN111835506B (en) Information security digital encryption method based on one-time use codebook
Huang et al. A true random-number encryption method employing block cipher and PRNG
Rajesh et al. A novel multiplicative substitution cryptosystem

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WW01 Invention patent application withdrawn after publication

Application publication date: 20210226

WW01 Invention patent application withdrawn after publication