CN113328857B - Single-chip entrance guard type end-to-end voice cipher machine - Google Patents

Single-chip entrance guard type end-to-end voice cipher machine Download PDF

Info

Publication number
CN113328857B
CN113328857B CN202110742444.2A CN202110742444A CN113328857B CN 113328857 B CN113328857 B CN 113328857B CN 202110742444 A CN202110742444 A CN 202110742444A CN 113328857 B CN113328857 B CN 113328857B
Authority
CN
China
Prior art keywords
voice
encryption
module
bits
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110742444.2A
Other languages
Chinese (zh)
Other versions
CN113328857A (en
Inventor
高平
赵耿
范保连
张垒
高文博
常江
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Chuanglian Yixun Technology Co ltd
Original Assignee
Beijing Chuanglian Yixun Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Chuanglian Yixun Technology Co ltd filed Critical Beijing Chuanglian Yixun Technology Co ltd
Priority to CN202110742444.2A priority Critical patent/CN113328857B/en
Publication of CN113328857A publication Critical patent/CN113328857A/en
Application granted granted Critical
Publication of CN113328857B publication Critical patent/CN113328857B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/001Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using chaotic signals
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0631Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Algebra (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention provides a single-chip gatekeeper type end-to-end voice cipher machine which is in a Bluetooth headset form, the voice of conversation is encrypted through the Bluetooth headset to realize end-to-end encrypted communication, the voice encryption is realized on the end-to-end communication between mobile phones, the user voice is encrypted before being sent to the mobile phones through Bluetooth, a receiving end decrypts the voice after receiving the voice, the encryption terminal compresses and encodes the user voice, a chaotic cipher algorithm with high safety and high speed packet cipher algorithm based on chaotic double-module Feistel structure is used for encrypting voice coded data, finally, an encrypted audio signal is sent to the mobile phones as voice to be sent, and the receiving end can listen to the original voice only through a symmetrical decryption algorithm. The voice cipher machine is an end-to-end voice cipher machine aiming at mobile phone users, meets the encryption requirements of common personnel when using common mobile phones, and can be conveniently carried on business trips and easily placed in a safe place.

Description

Single-chip entrance guard type end-to-end voice cipher machine
Technical Field
The invention relates to the technical field of voice communication, in particular to a single-chip entrance guard type end-to-end voice cipher machine.
Background
Voice communication is the most convenient, simple and widely applied information communication mode, the traffic is large, and the safety problem is incomparable with any other information systems. Ever since foreign countries attach great importance to voice encryption communication, China always focuses on this. Especially, in recent years, the number of mobile phones occupied by people is rapidly increased, and a large amount of information needs to be exchanged through smart phones; in addition, various companies have been built like bamboo shoots in the spring after rain, and the amount of commercial telephone use has been increased rapidly. The voice encryption of the telephone is required urgently whether aiming at the private affairs of an individual user or the trade secret of a company, so that the end-to-end audio encryption machine has a wide user group.
A number of voice encryption devices have been developed, and through extensive search and reference, it has been found that existing devices such as those disclosed in publication nos. KR100603573B1, KR101369114B1, KR101431718B1 and CN104361886B use a method comprising: identifying characters in the voice used for encryption to obtain an encrypted character sequence; extracting characteristic parameters of the voice used for encryption; and encrypting the information to be encrypted by using the encrypted character sequence obtained by identification, and storing the encrypted character sequence and the characteristic parameters for matching with the decrypted character sequence and the characteristic parameters of the voice used for decryption when the information is obtained by decryption. However, the device is not convenient to carry, cannot be popularized and used in common people, is easy to break an encryption algorithm, and is not high enough in safety.
Disclosure of Invention
The invention aims to provide a single-chip entrance guard type end-to-end voice cipher machine aiming at the existing defects,
in order to overcome the defects of the prior art, the invention adopts the following technical scheme:
a single-chip entrance guard type end-to-end voice cipher machine comprises a pickup MIC, an AD/DA conversion module, a local Bluetooth module, a mobile phone Bluetooth module and an SPK playing module, wherein the MIC is used for collecting analog voice signals, the AD/DA conversion module is used for converting the analog voice signals and digital signals into each other, the local Bluetooth module and the mobile phone Bluetooth module are used for modulating the digital signals into Bluetooth signals and transmitting the Bluetooth signals between a mobile phone and a local Bluetooth earphone, and the SPK playing module is used for playing the analog voice signals;
the voice cipher machine is characterized by also comprising a coding and decoding module, an encryption and decryption module and a modulation and demodulation MODEM;
the coding and decoding module comprises two functions of A1 and A2:
a1, adopting low-speed voice coding technique to compress and code the PCM voice signal after A/D conversion;
a2, decoding the decrypted low-speed voice, and sending the decoded low-speed voice to D/A for playing;
the MODEM includes two functions of B1 and B2:
B1, modulating the encrypted voice signal into a PCM voice signal, and sending the PCM voice signal to a Bluetooth module;
b2, demodulating the opposite terminal modulation signal sent by the mobile phone Bluetooth, and sending the opposite terminal modulation signal to the encryption and decryption module for decryption;
the encryption and decryption module comprises two functions of C1 and C2:
c1, encrypting the low-rate voice signal;
c2, decrypting the demodulated encrypted data;
the encryption and decryption algorithm adopts a chaos-based dual-module Feistel structure high-safety high-speed block cipher algorithm;
further, the voice cipher machine comprises a DSP module, an MCU module and a FLASH module, wherein the AD/DA conversion module, the coding and decoding module, the encryption and decryption module and the MODEM are integrated in the DSP module, the Bluetooth module is arranged in the MCU module, the MCU module further comprises a voice logic strategy module, and the voice logic strategy module is used for realizing the functions of volume increase and decrease and channel switching;
further, the encryption and decryption process of the encryption and decryption module comprises the following three steps:
s1, generating random numbers;
s2, encrypting and decrypting by adopting a chaotic encryption algorithm;
s3, performing key transmission by using an ECDH mechanism;
further, the working state of the cipher machine is divided into an open-phone mode and a secret-phone mode, the cipher machine is powered on and started to enter the open-phone mode by default, confirmation is carried out, the identity is confirmed by dialing a telephone, the cipher machine enters the secret-phone mode by pressing a switching key when secret-phone communication needs to be carried out, the encryption terminal starts handshaking and negotiates a secret key, the successful negotiation of the secret key prompts that the link is established, and secret-phone communication can be carried out.
The beneficial effects obtained by the invention are as follows:
at present, commercial encrypted voice communication is mostly realized at a mobile phone terminal, namely encrypted mobile phones of various brands seen in the market, because of wide application of an intelligent mobile phone APP, voice information cannot be divulged secretly more difficultly in other links, the encryption device is completely separated from the mobile phone, the mobile phone is only a channel, equipment is small and exquisite and convenient to carry, the power consumption is low, and one algorithm at a time ensures that the voice information of each link of the mobile phone channel is strictly protected; the equipment is free of maintenance management, does not need to be networked, and is convenient to carry.
Drawings
The invention will be further understood from the following description in conjunction with the accompanying drawings. The components in the figures are not necessarily to scale, emphasis instead being placed upon illustrating the principles of the embodiments. Like reference numerals designate corresponding parts throughout the different views.
Fig. 1 is a schematic diagram of the system.
Fig. 2 is a schematic diagram of a working channel of a secret phone.
Fig. 3 is a schematic illustration of a working channel in the clear.
Fig. 4 is a schematic diagram of a secret conversion process.
Fig. 5 is a schematic view of the configuration S box S1.
Fig. 6 is a schematic diagram of a 5-round encryption scheme.
Fig. 7 is a schematic flow chart of the SM2 elliptic curve encryption algorithm program.
FIG. 8 is a schematic diagram of a SM2 elliptic curve decryption algorithm program flow
Detailed Description
In order to make the objects and advantages of the present invention more apparent, the present invention will be further described in detail with reference to the embodiments thereof; it should be understood that the specific embodiments described herein are merely illustrative of the invention and do not limit the invention. Other systems, methods, and/or features of the present embodiments will become apparent to one with skill in the art upon examination of the following detailed description. It is intended that all such additional systems, methods, features and advantages be included within this description, be within the scope of the invention, and be protected by the accompanying claims. Additional features of the disclosed embodiments are described in, and will be apparent from, the detailed description below.
The same or similar reference numerals in the drawings of the embodiments of the present invention correspond to the same or similar components; in the description of the present invention, it should be understood that if there is an orientation or positional relationship indicated by terms such as "upper", "lower", "left", "right", etc., based on the orientation or positional relationship shown in the drawings, it is only for convenience of description and simplification of description, but it is not indicated or implied that the device or component referred to must have a specific orientation, be constructed and operated in a specific orientation, and therefore, the terms describing the positional relationship in the drawings are only used for illustrative purposes and are not to be construed as limitations of the present patent, and specific meanings of the terms may be understood by those skilled in the art according to specific situations.
The first embodiment.
With reference to fig. 1-3, this embodiment provides a single-chip concierge type end-to-end voice cipher machine, including a pickup MIC, an AD/DA conversion module, a local bluetooth module, a mobile phone bluetooth module, and an SPK playing module, where the MIC is configured to acquire an analog voice signal, the AD/DA conversion module is configured to convert the analog voice signal and a digital signal into each other, the local bluetooth module and the mobile phone bluetooth module are configured to modulate the digital signal into a bluetooth signal and transmit the bluetooth signal between a mobile phone and a local bluetooth headset, and the SPK playing module is configured to play the analog voice signal;
the voice cipher machine is characterized by also comprising a coding and decoding module, an encryption and decryption module and a modulation and demodulation MODEM;
the coding and decoding module comprises two functions of A1 and A2:
a1, adopting low-speed voice coding technique to compress and code the PCM voice signal after A/D conversion;
a2, decoding the decrypted low-speed voice, and sending the low-speed voice to D/A for playing;
the MODEM includes two functions of B1 and B2:
b1, modulating the encrypted voice signal into a PCM voice signal, and sending the PCM voice signal to a Bluetooth module;
b2, demodulating the opposite-end modulation signal sent by the mobile phone Bluetooth, and sending the opposite-end modulation signal to an encryption and decryption module for decryption;
The encryption and decryption module comprises two functions of C1 and C2:
c1, encrypting the low-rate voice signal;
c2, decrypting the demodulated encrypted data;
the voice cipher machine adopts a DSP module, an MCU module and a FLASH module, the AD/DA conversion module, the coding and decoding module, the encryption and decryption module and the modulation and demodulation MODEM are concentrated in the DSP module, the Bluetooth module is arranged in the MCU module, the MCU module also comprises a voice logic strategy module, and the voice logic strategy module is used for realizing the functions of volume increase and decrease and channel switching;
the encryption and decryption process of the encryption and decryption module comprises the following three steps:
s1, generating random numbers;
s2, encrypting and decrypting by adopting a chaotic encryption algorithm;
s3, performing key transmission by using an ECDH mechanism;
with reference to fig. 4, the operating state of the cipher machine is divided into an open-phone mode and a secret-phone mode, the cipher machine is powered on and powered on to enter the open-phone mode by default, the cipher machine confirms the identity, the cipher machine is dialed to confirm the identity, the cipher machine enters the secret-phone mode by pressing a switching key when a secret-phone call needs to be performed, the encryption terminal starts handshaking and negotiates a secret key, the successful negotiation of the secret key prompts that the link is established, and secret-phone communication can be performed.
Example two.
The embodiment contains all contents in the embodiment, and the encryption algorithm in the embodiment is a chaos-based high-security high-speed packet cipher algorithm with a dual-module Feistel structure, and comprises three parts, namely algorithm agreement, algorithm preparation and encryption and decryption;
The algorithm contract comprises the following four contract contents:
y1, 1 byte/byte ═ 8 bits/bit;
y2, encryption system is 64 bits, using double precision floating point number operation, i.e. 1 bit sign bit, 11 bit exponent bit, 52 bit decimal bit;
y3, the sequence and the vector all refer to row vectors;
y4, vector x of length n may be written as x ═ x (0) x (1)]The matrix X of the matrix n X m can be written as
Figure BDA0003143183500000051
The space-time chaotic system is a chaotic system with more complex dynamic behaviors by taking low-dimensional chaotic mapping as a local function, has a longer period and a plurality of positive Lyapunov indexes relative to a common chaotic system, and ensures the more complex dynamic behaviors and higher randomness;
the one-way coupling mapping network is a spatiotemporal chaotic system, is widely applied to spatiotemporal chaotic research due to the advantages of easy generation, parallel computation support and the like, and is defined as follows:
xn+1(i)=(1-ε)f(xn(i))+εf(xn(i+1));
where n is 0, 1, 2.. is a discrete time coordinate, i is 1, 2, 3.. L is a discrete space coordinate, and x is a discrete time coordinaten(i) The state value of the ith lattice point at the time n is shown, L represents the number of lattices, and epsilon is the coupling strength;
the boundary conditions of the above formula are:
xn(i+L)=xn(i).;
subsystem f uses Logistic mapping, i.e.:
f(xn(i))=4xn(i)(1-xn(i));
The algorithm preparation comprises three parts of generating a sequence by a space-time chaotic system, generating a key stream and a sub key and generating an S box;
the processing function of the sequence generated by the space-time chaotic system is seqM-chaosGenFun (K, n)0,n);
Where K is a secret key, n0N isThe output length, key K, is a length-8 vector, i.e. (K (0), K (1), K (2), …, K (7)), and the input of the key has five selectable modes: defining the key k (i ═ 0,1,2, …,7) as 2 bytes, 3 bytes, 4 bytes, 5 bytes, and 6 bytes, and the following algorithm process is explained by taking a key of 6 bytes as an example; n is0Expressing the initial number of chaotic iterations, and expressing the subsequent iteration number;
seqM is a space-time chaos sequence, is a matrix, the size of the matrix is n multiplied by 8, and the number stored is 64-bit double-precision floating point number;
the specific content of the processing function comprises the following steps:
s1, the key is converted into chaotic initial values which are double-precision floating point numbers, and the conversion rule is as follows:
Figure BDA0003143183500000061
s2, using x obtained in step S10As an initial value, the space-time chaotic system n is iterated according to the formula set in S10+ n times, the system parameter epsilon is 0.2, and L is 8;
s3 discarding the front n of the spatiotemporal chaotic system0The state value of the next time, the state value seqM of the n times after storage, the size of which is n × 8;
The processing function for generating the key stream and the subkey is [ KS, SK ]]=ksGenFun(seqM,nks);
Wherein n isksRepresenting the total length of all sub-keys used in the encryption process, KS being a vector of length nks
The specific content of the processing function comprises the following steps:
s21, converting the seqM into a vector seqV, wherein the size of the vector seqV is 8 n;
s22, converting seqV into a key stream sequence of 8 bits through the following rules:
KS=floor(seqV×1015)mod 256;
s23, taking the top n of seqVksOne element as a subkey, SK ═ seqV (0: n)ks-1);
The S-box generation process function is [ S1, S2] ═ sboxgenfun (ks);
wherein, the double S boxes S1 and S2 are bijective tables of 16 × 16, and the S boxes and the key stream respectively use different parts of the same spatio-temporal chaotic sequence;
the specific content of the processing function comprises the following steps:
s31, initializing S boxes S1 and S2, assigning values of 0-255, and the specific rules are as follows
Figure BDA0003143183500000071
S2=S1;
S32, constructing two random matrices RM1, RM2 of 16 × 16, taking 256 elements of KS, RV1 ═ KS (n), respectivelyks,nks+255);RV2=KS(nks+256,nks+511), the form of the two scans line by line is converted into a random matrix RM1, RM2 of 16 × 16;
s33, randomizing the original S1, S2 by RM1, RM2, to achieve this goal, exchanging the elements of S1, S2 two by two, defined as:
Figure BDA0003143183500000072
wherein i, j ═ 0,2, 3.. 15, (x)MSB,(x)LSBRespectively representing the highest 4 bits and the lowest 4 bits of x.8 bit number, and is combined with the accompanying figure 5, swap s1The operation of (RM1(i, j)) indicates that two numbers of positions (i, j) and (i, j) are swapped on S-box S1, and the swap is sequentially performed 256 timess1(RM1(i, j)) operation, noting that S1 will automatically update after each swap, eventually obtaining randomized S1, and similarly, with swaps2(RM2(i, j)) may obtain randomized S2;
the encryption and decryption comprise two parts of encryption and decryption, and the processing function of the encryption part is C ═ FLEnc (M, S1, S2, ble, round);
wherein M is a plaintext block, ble is a block length, round is an encryption round number, and C is a ciphertext block;
the plaintext block supports two modes of 128 bits and 256 bits, corresponding to 16 bytes and 32 bytes, and the subkey length is 7 × blen;
with reference to fig. 6, the following explains the encryption process by taking 128-bit encryption and 5-round encryption as an example, and includes the following steps:
s41, sub-key division, and equally dividing SK into 7 sub-keys SK0, SK1,. SK 6;
s42, initial encryption, 16 bytes of plaintext and 16 bytes of key SK0 are encrypted bit by bit,
Figure BDA0003143183500000081
s43, round encryption, wherein C0 is divided into two parts, namely L0 and R0, which are 64 bits, and the following processes are carried out:
Figure BDA0003143183500000082
s44, repeating the step S43 for 5 times, namely repeating the encryption for 5 rounds, and obtaining L5 and R5;
s45, synthesizing and finally encrypting, connecting L5 and R5 to form C5, and carrying out final exclusive-OR encryption
Figure BDA0003143183500000083
The internal design of the F () function in the step S43 is a characteristic of the scheme, and is also a key for achieving higher security under the condition of less encryption rounds;
the processing procedure of F (R0, SK1) is as follows:
s51, R0 signature is calculated, where R0 ═ R0(0), R0(1),. lam., R0(7), the exclusive or is performed, and the lowest bit is taken, so that a signature v:
Figure BDA0003143183500000084
s52, forward diffusion, SK1 is expressed as byte vector SK1 ═ SK1(0), SK1(1),.., SK1(7) ], and the forward diffusion rule is as follows:
Figure BDA0003143183500000085
s53, reversely diffusing, wherein the rule of reversely diffusing is as follows:
Figure BDA0003143183500000091
s54, selecting and replacing S sum, if v is 0, selecting S1, otherwise selecting S2, and according to the obtained S box, performing S box table lookup on CR0(i) (i is 0, 1.. 7) and replacing, namely completing the processing procedure of the F function;
because the structure of this scheme is strict and symmetrical, therefore need to adjust the order of cipher key to use the converse Feistel network to accomplish the deciphering, decipher and carry out the following formula:
Figure BDA0003143183500000092
the encryption process adopts end-to-end encryption and one algorithm at a time, so that various trojan viruses and APP of the communication terminal can be prevented from stealing voice communication information, and terminal recording is effectively avoided.
Example three.
The present embodiment includes all the contents of the first embodiment, the key exchange encryption algorithm adopted in the present embodiment is an SM2 elliptic curve encryption algorithm, when a bit string M with a bit length of klen is sent, and with reference to fig. 7, the encryption process includes the following steps:
S61, generating a random number k epsilon [1, n-1] by using a random number generator;
s62, calculating an elliptic curve point C1 ═ k ] G ═(x1, y1), converting the data type of C1 into a bit string, where the base point G ═ e (fp), G ═ O, and [ k ] G is a point on the elliptic curve;
s63, calculating an elliptic curve point S ═ h ] PB, if S is an infinite point, reporting an error and quitting, wherein PB is a public key, and h PB is a point on the elliptic curve;
s64, calculating an elliptic curve point [ k ] PB (x2, y2), converting the data type of coordinates x2 and y2 into a bit string, where [ k ] PB is a point on the elliptic curve;
s65, calculating t ═ KDF (x 2/y 2, klen), if t is all 0 bit string, returning to a1, where KDF is key derivation function and klen is plaintext byte length;
s66, calculating C2 ═ M ^ t;
s67, calculate C3 ═ Hash (x 2/M/y 2);
s68, outputting ciphertext C1/C2/C3;
with reference to fig. 8, the decryption process performed on the ciphertext C includes the following steps:
s71, taking out the bit string C1 from C, converting the data type of C1 into a point on an elliptic curve, verifying whether C1 meets an elliptic curve equation, and if not, reporting an error and exiting;
s72, calculating an elliptic curve point S ═ h ] C1, and if S is an infinite point, reporting an error and exiting;
S73, calculating [ dB ] C1 ═ x2, y2, and converting the data type of coordinates x2 and y2 into a bit string;
s74, calculating t ═ KDF (x 2/y 2, klen), and if t is all 0 bit string, reporting an error and exiting;
s75, extracting the bit string C2 from C, and calculating M' ═ C2 ≦ t;
s76, calculating u ═ Hash (x 2/M'/y 2), extracting bit string C3 from C, and if u ═ C3, reporting an error and exiting;
s77, outputting a plaintext M';
the encryption and decryption processes are written in a chip in a code form, and the functions of voice encryption and decryption are realized by calling the codes.
Although the invention has been described above with reference to various embodiments, it should be understood that many changes and modifications may be made without departing from the scope of the invention. That is, the methods, systems, and devices discussed above are examples. Various configurations may omit, substitute, or add various procedures or components as appropriate. For example, in alternative configurations, the methods may be performed in an order different than that described, and/or various components may be added, omitted, and/or combined. Moreover, features described with respect to certain configurations may be combined in various other configurations, as different aspects and elements of the configurations may be combined in a similar manner. Further, elements therein may be updated as technology evolves, i.e., many elements are examples and do not limit the scope of the disclosure or claims.
Specific details are given in the description to provide a thorough understanding of example configurations, including implementations. However, configurations may be practiced without these specific details, for example, well-known circuits, processes, algorithms, structures, and techniques have been shown without unnecessary detail in order to avoid obscuring the configurations. This description provides example configurations only, and does not limit the scope, applicability, or configuration of the claims. Rather, the foregoing description of the configurations will provide those skilled in the art with an enabling description for implementing the described techniques. Various changes may be made in the function and arrangement of elements without departing from the spirit or scope of the disclosure.
In conclusion, it is intended that the foregoing detailed description be regarded as illustrative rather than limiting, and that it be understood that these examples are illustrative only and are not intended to limit the scope of the invention. After reading the description of the invention, the skilled person can make various changes or modifications to the invention, and these equivalent changes and modifications also fall into the scope of the invention defined by the claims.

Claims (2)

1. A single-chip entrance guard type end-to-end voice cipher machine comprises a pickup MIC, an AD/DA conversion module, a local Bluetooth module, a mobile phone Bluetooth module and an SPK playing module, wherein the MIC is used for collecting analog voice signals, the AD/DA conversion module is used for converting the analog voice signals and digital signals into each other, the local Bluetooth module and the mobile phone Bluetooth module are used for modulating the digital signals into Bluetooth signals and transmitting the Bluetooth signals between a mobile phone and a local Bluetooth earphone, and the SPK playing module is used for playing the analog voice signals;
The voice cipher machine is characterized by also comprising a coding and decoding module, an encryption and decryption module and a modulation and demodulation MODEM;
the coding and decoding module comprises two functions of A1 and A2:
a1, adopting low-speed voice coding technique to compress and code the PCM voice signal after A/D conversion;
a2, decoding the decrypted low-speed voice, and sending the decoded low-speed voice to D/A for playing;
the MODEM includes two functions of B1 and B2:
b1, modulating the encrypted voice signal into a PCM voice signal, and sending the PCM voice signal to a Bluetooth module;
b2, demodulating the opposite terminal modulation signal sent by the mobile phone Bluetooth, and sending the opposite terminal modulation signal to the encryption and decryption module for decryption;
the encryption and decryption module comprises two functions of C1 and C2:
c1, encrypting the low-rate voice signal;
c2, decrypting the demodulated encrypted data;
the encryption and decryption algorithm adopts a chaos-based dual-module Feistel structure high-safety high-speed block cipher algorithm, and comprises three parts, namely algorithm agreement, algorithm preparation and encryption and decryption;
the algorithm contract comprises the following four contract contents:
y1, 1 byte/byte =8 bits/bit;
y2, the encryption system is 64 bits, and double-precision floating point number operation is used, namely 1 bit sign bit, 11 bit exponent bits and 52 bit decimal bits;
Y3, the sequence and the vector all refer to row vectors;
y4, vector x of length n is written as
Figure DEST_PATH_IMAGE001
Matrix X of matrix n X m is written as
Figure 210089DEST_PATH_IMAGE002
Defining a unidirectional coupled mapping network:
Figure DEST_PATH_IMAGE003
wherein n =0, 1, 2.. is a discrete time coordinate, i =1, 2, 3.. L is a discrete space coordinate,
Figure 669932DEST_PATH_IMAGE004
represents the state value of the ith lattice point in discrete space at time n, L represents the number of lattices,
Figure DEST_PATH_IMAGE005
is the coupling strength;
the boundary conditions of the above formula are:
Figure 806515DEST_PATH_IMAGE006
sub-system
Figure 475394DEST_PATH_IMAGE008
Adopting Logistic mapping:
Figure DEST_PATH_IMAGE009
the algorithm preparation comprises three parts of generating a sequence by a space-time chaotic system, generating a key stream and a sub key and generating an S box;
the space-time chaotic system generates a sequence with a processing function of
Figure 655708DEST_PATH_IMAGE010
Where K is a secret key, n0N is the output length, the key K is a length 8 vector:
Figure DEST_PATH_IMAGE011
;n0expressing the initial number of chaotic iterations, and expressing the subsequent iteration number;
seqM is space-timeThe chaotic sequence is a matrix of size
Figure 347721DEST_PATH_IMAGE012
The stored number is a 64-bit double-precision floating point number;
the specific content of the processing function of the space-time chaotic system generating sequence comprises the following steps:
s1, the key is converted into chaotic initial values which are double-precision floating point numbers, and the conversion rule is as follows:
Figure DEST_PATH_IMAGE013
s2, using x obtained in step S10As an initial value, the space-time chaotic system n is iterated according to the formula set in S1 0+ n times, system parameters
Figure 271683DEST_PATH_IMAGE014
,L=8;
S3, discarding the front n of the space-time chaotic system0The next state value, the state value seqM stored n times, has the size of
Figure DEST_PATH_IMAGE015
The processing function for generating the key stream and the subkey is
Figure 732752DEST_PATH_IMAGE016
Wherein n isksDenotes the total length of all subkeys used in the encryption process, KS being a vector of length nks
The specific content of the processing function for generating the key stream and the subkey comprises the following steps:
s21, converting the seqM into a vector seqV, wherein the size of the vector seqV is 8 n;
s22, converting seqV into a key stream sequence of 8 bits through the following rules:
Figure DEST_PATH_IMAGE017
s23, taking the top n of seqVksThe individual elements are used as sub-keys,
Figure 349547DEST_PATH_IMAGE018
the processing function for generating the S-box is
Figure DEST_PATH_IMAGE019
Wherein, the double S boxes S1 and S2 are bijective tables of 16 × 16, and the S boxes and the key stream respectively use different parts of the same spatio-temporal chaotic sequence;
the specific content of the processing function for generating the S-box includes the following steps:
s31, initializing S boxes S1 and S2, and assigning values to 0-255, wherein the specific rules are as follows:
Figure 528855DEST_PATH_IMAGE020
S2=S1;
s32, constructing two random matrixes RM1 and RM2 of 16 × 16, respectively taking 256 elements of KS,
Figure DEST_PATH_IMAGE021
the form of the two scans line by line is converted into a random matrix RM1, RM2 of 16 × 16;
s33, randomizing the original S1, S2 by RM1, RM2, to achieve this goal, exchanging the elements of S1, S2 two by two, defined as:
Figure 990930DEST_PATH_IMAGE022
Wherein i, j =0,1,2, 3.. 15,
Figure 572084DEST_PATH_IMAGE024
respectively represent to get
Figure DEST_PATH_IMAGE025
The highest 4 bits and the lowest 4 bits of the number of bits,
Figure 94201DEST_PATH_IMAGE026
the operation of (2) shows that the two numbers of the position (i, j) and the position (j, i) are exchanged in the S box S1 and are sequentially performed 256 times
Figure DEST_PATH_IMAGE027
In operation, note that S1 will be automatically updated after each swap, eventually obtaining a randomized S1, likewise, by
Figure 760805DEST_PATH_IMAGE028
A randomized S2 can be obtained;
the encryption and decryption comprises two parts of encryption and decryption, and the processing function of the encryption part is
Figure DEST_PATH_IMAGE029
Wherein M is a plaintext block, ble is a block length, round is an encryption round number, and C is a ciphertext block;
the plaintext block supports two modes of 128 bits and 256 bits, corresponding to 16 bytes and 32 bytes, and the subkey length is 7 × blen;
the encryption process employs end-to-end encryption, one algorithm at a time.
2. The single-chip gatekeeper type end-to-end voice password machine according to claim 1, wherein the operating state of the password machine is divided into an open-phone mode and a secret-phone mode, the password machine is powered on and powered on to enter the open-phone mode by default, confirmation is performed, identity is confirmed by dialing a telephone, the password machine enters the secret-phone mode by pressing a switching key when secret-phone communication needs to be performed, the encryption terminal starts handshaking and negotiates a secret key, the successful negotiation of the secret key prompts that a link is established, and secret-phone communication can be performed.
CN202110742444.2A 2021-07-01 2021-07-01 Single-chip entrance guard type end-to-end voice cipher machine Active CN113328857B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110742444.2A CN113328857B (en) 2021-07-01 2021-07-01 Single-chip entrance guard type end-to-end voice cipher machine

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110742444.2A CN113328857B (en) 2021-07-01 2021-07-01 Single-chip entrance guard type end-to-end voice cipher machine

Publications (2)

Publication Number Publication Date
CN113328857A CN113328857A (en) 2021-08-31
CN113328857B true CN113328857B (en) 2022-05-24

Family

ID=77425344

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110742444.2A Active CN113328857B (en) 2021-07-01 2021-07-01 Single-chip entrance guard type end-to-end voice cipher machine

Country Status (1)

Country Link
CN (1) CN113328857B (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5048086A (en) * 1990-07-16 1991-09-10 Hughes Aircraft Company Encryption system based on chaos theory
CN102546148A (en) * 2011-12-14 2012-07-04 华中科技大学 Generation method of chaos key stream
CN103944712A (en) * 2014-05-16 2014-07-23 西北大学 Method for generating MBE-SSP (Multi Band Excitation-Service Switching Point) control code sequence
CN105338475A (en) * 2015-10-14 2016-02-17 公安部第三研究所 Bluetooth-based safety conversation system and method
CN105681310A (en) * 2016-01-26 2016-06-15 重庆邮电大学 Bluetooth based voice source real-time voice encryption method
CN109981247A (en) * 2019-03-25 2019-07-05 哈尔滨工业大学(威海) A kind of dynamic S-box generation method based on integer chaotic maps
CN110572804A (en) * 2019-08-27 2019-12-13 暨南大学 bluetooth communication authentication request, receiving and communication method, mobile terminal and equipment terminal

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5048086A (en) * 1990-07-16 1991-09-10 Hughes Aircraft Company Encryption system based on chaos theory
CN102546148A (en) * 2011-12-14 2012-07-04 华中科技大学 Generation method of chaos key stream
CN103944712A (en) * 2014-05-16 2014-07-23 西北大学 Method for generating MBE-SSP (Multi Band Excitation-Service Switching Point) control code sequence
CN105338475A (en) * 2015-10-14 2016-02-17 公安部第三研究所 Bluetooth-based safety conversation system and method
CN105681310A (en) * 2016-01-26 2016-06-15 重庆邮电大学 Bluetooth based voice source real-time voice encryption method
CN109981247A (en) * 2019-03-25 2019-07-05 哈尔滨工业大学(威海) A kind of dynamic S-box generation method based on integer chaotic maps
CN110572804A (en) * 2019-08-27 2019-12-13 暨南大学 bluetooth communication authentication request, receiving and communication method, mobile terminal and equipment terminal

Also Published As

Publication number Publication date
CN113328857A (en) 2021-08-31

Similar Documents

Publication Publication Date Title
US7113601B2 (en) Method and apparatus for performing secure communications
US7174020B2 (en) System and method for real-time secure communication based on multi-level transform and encryption
KR20020016620A (en) Method for encrypting information and device for realization of the method
CN1211976C (en) Method for negotiating weakened keys in encryption systems
Singh et al. DNA and KAMLA Approaches in Metamorphic Cryptography: An Evaluation
US8458452B1 (en) System and method for encryption and decryption of data transferred between computer systems
CN1688171A (en) Apparatus and method for implementing data safety transmission of mobile communication apparatus
CN113795023A (en) Bluetooth data transmission encryption method based on chaotic sequence and block encryption
CN106789971A (en) A kind of encrypted transmission method of power carrier data
CN113328857B (en) Single-chip entrance guard type end-to-end voice cipher machine
JP3466204B2 (en) Method and apparatus for enhanced CMEA using enhanced transformation
JP3459074B2 (en) Method and apparatus for enhanced security enhancement of a private key to a lookup table to improve security of wireless telephone messages
Kumar et al. A novel approach for enciphering data of smaller bytes
RU2132597C1 (en) Method for encryption and transmission of encrypted voice data in gsm-900 and dcs-1800 cellular mobile communication networks
JP2002252610A (en) Encryption device and decryption device, and public key encryption system and public key decryption system
CN116633529B (en) Method and equipment for enhancing white-box SM4 cryptographic algorithm by adopting derivative key
Garba et al. An asymptotic lower bound on the capacity of M-ary CDMA transmission with non-Gaussian multi-user interference
Oggier et al. An information-theoretic analysis of the security of communication systems employing the encoding-encryption paradigm
JP2001203688A (en) Voice communication terminal
JP3478839B2 (en) Method and apparatus for enhanced CMEA including CMEA iterations before and after transformation using involuntary lookup
Dai et al. Feedback Coding Schemes for the Broadcast Channel with Mutual Secrecy Requirement
CN117768455A (en) Remote communication method and system for intelligent ring
Zhao et al. Secret communications over semi-deterministic broadcast channels
JPH0837547A (en) Digital processing circuit for radio equipment
CN113094721A (en) Post-quantum password authentication key exchange method based on modular error learning

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant