CN113660620B - Data anti-counterfeiting encryption method and device, computer equipment and storage medium - Google Patents

Data anti-counterfeiting encryption method and device, computer equipment and storage medium Download PDF

Info

Publication number
CN113660620B
CN113660620B CN202111219274.6A CN202111219274A CN113660620B CN 113660620 B CN113660620 B CN 113660620B CN 202111219274 A CN202111219274 A CN 202111219274A CN 113660620 B CN113660620 B CN 113660620B
Authority
CN
China
Prior art keywords
data
key
encrypted data
new
encrypted
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202111219274.6A
Other languages
Chinese (zh)
Other versions
CN113660620A (en
Inventor
李石峰
温介邦
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Longzhi Digital Technology Service Co Ltd
Original Assignee
Shanghai Zhuohan Technology Co ltd
Beijing Zhuojianzhihan Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Zhuohan Technology Co ltd, Beijing Zhuojianzhihan Technology Co ltd filed Critical Shanghai Zhuohan Technology Co ltd
Priority to CN202111219274.6A priority Critical patent/CN113660620B/en
Publication of CN113660620A publication Critical patent/CN113660620A/en
Application granted granted Critical
Publication of CN113660620B publication Critical patent/CN113660620B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/06Selective distribution of broadcast services, e.g. multimedia broadcast multicast service [MBMS]; Services to user groups; One-way selective calling services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/033Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/047Key management, e.g. using generic bootstrapping architecture [GBA] without using a trusted network node as an anchor
    • H04W12/0471Key exchange
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/80Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Multimedia (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The disclosure relates to the technical field of data transmission, and provides a data anti-counterfeiting encryption method and device, computer equipment and a storage medium. The method comprises the following steps: splitting original data into first data and second data; expanding the second data, and encrypting the expanded second data by using a first key to obtain second encrypted data; exchanging the position of the second encrypted data and the first data, and determining the first data as new second data; expanding the new second data, and encrypting the expanded new second data by using a second key to obtain new second encrypted data; and exchanging and splicing the new second encrypted data and the second encrypted data, and performing reverse replacement to obtain target encrypted data. The method can effectively prevent the original data from being copied maliciously, has high safety and small calculation amount, and can be suitable for single-chip equipment.

Description

Data anti-counterfeiting encryption method and device, computer equipment and storage medium
Technical Field
The present disclosure relates to the field of data transmission technologies, and in particular, to a data anti-counterfeiting encryption method and apparatus, a computer device, and a storage medium.
Background
Bluetooth Beacon (Beacon) positioning is widely used in various positioning scenarios as a low-cost area positioning technology. In general, bluetooth beacon data, including MAC addresses (also called local area network addresses, ethernet addresses, physical addresses, interpreted as MAC addresses, addresses for confirming the location of network devices), UUIDs (bluetooth beacon id 1), Major (bluetooth beacon id 2), Minor (bluetooth beacon id 3), and Tx power (bluetooth beacon transmission power), may be periodically transmitted to surrounding devices by broadcasting.
However, since no encryption measure is taken in the process of transmitting the bluetooth beacon data to the peripheral devices by the bluetooth device in the broadcast manner, any device (including the security device and the illegal device) can freely receive the bluetooth beacon data transmitted by the bluetooth device. Therefore, some illegal devices can illegally copy the Bluetooth beacon data at a very low cost, and achieve bad purposes (such as positioning cheating) by using the copied Bluetooth beacon data, so that not only is the stable operation of the Bluetooth positioning system seriously interfered, but also huge potential safety hazards are brought to the Bluetooth positioning system.
Disclosure of Invention
In view of this, embodiments of the present disclosure provide a data anti-fake encryption method and apparatus, a computer device, and a storage medium, so as to solve the problems in the prior art that data broadcast by a positioning bluetooth device is not encrypted, is easily copied and utilized randomly or maliciously by an illegal device, and has low security.
In a first aspect of the embodiments of the present disclosure, a data anti-fake encryption method is provided, including:
acquiring original data to be broadcasted, and splitting the original data into first data and second data;
expanding the second data to obtain second expanded data; encrypting the second expanded data by using a preset first key to obtain second encrypted data;
exchanging the position of the second encrypted data and the first data, and determining the first data as new second data;
expanding the new second data to obtain new second expanded data; encrypting the new second expanded data by using a preset second key to obtain new second encrypted data;
and carrying out left-right position exchange on the new second encrypted data and the second encrypted data, splicing the new second encrypted data and the second encrypted data together, and carrying out reverse replacement processing to obtain target encrypted data and outputting the target encrypted data.
In a second aspect of the embodiments of the present disclosure, a data anti-counterfeiting encryption device is provided, which includes:
the data acquisition module is used for acquiring original data to be broadcasted and splitting the original data into first data and second data;
the first encryption module is used for expanding the second data to obtain second expanded data; encrypting the second expanded data by using a preset first key to obtain second encrypted data;
the exchange module is used for exchanging the position of the second encrypted data with the first data and determining the first data as new second data;
the second encryption module is used for expanding the new second data to obtain new second expanded data; encrypting the new second expanded data by using a preset second key to obtain new second encrypted data;
and the output module is used for splicing the new second encrypted data and the second encrypted data together after performing left-right position exchange, and obtaining and outputting target encrypted data through reverse replacement processing.
In a third aspect of the embodiments of the present disclosure, a computer device is provided, which includes a memory, a processor, and a computer program stored in the memory and executable on the processor, and the processor implements the steps of the above method when executing the computer program.
In a fourth aspect of the embodiments of the present disclosure, a computer-readable storage medium is provided, which stores a computer program, which when executed by a processor, implements the steps of the above-mentioned method.
Compared with the prior art, the embodiment of the disclosure has the advantages that at least: in the process that a data sending device (such as a positioning device like a Bluetooth device) sends device data (such as Bluetooth beacon data) in a broadcasting mode, original data to be broadcasted are divided into first data and second data; expanding the second data to obtain second expanded data; encrypting the second expanded data by using a preset first key to obtain second encrypted data; exchanging the position of the second encrypted data and the first data, and determining the first data as new second data; expanding the new second data to obtain new second expanded data; encrypting the new second expanded data by using a preset second key to obtain new second encrypted data; the new second encrypted data and the second encrypted data are spliced together after being subjected to left-right position exchange, and then are subjected to reverse replacement processing to obtain target encrypted data and output, so that the encryption processing of the original data is completed, the difficulty of cracking the original data by other receiving equipment is greatly increased in the encryption process, the broadcasted data can be effectively prevented from being randomly or maliciously copied by other receiving equipment, and the safety is high. In addition, compared with other existing encryption algorithms (such as AES, 3DES, RCA, ECC and the like), the encryption method disclosed by the invention is smaller in calculation amount, can be suitable for being used by single-chip equipment and has a better market prospect.
Drawings
To more clearly illustrate the technical solutions in the embodiments of the present disclosure, the drawings needed for the embodiments or the prior art descriptions will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present disclosure, and other drawings can be obtained by those skilled in the art without inventive efforts.
Fig. 1 is a flowchart of a data anti-counterfeiting encryption method provided by an embodiment of the present disclosure;
fig. 2 is a schematic diagram illustrating a format of bluetooth beacon data according to an embodiment of the disclosure;
fig. 3 is a schematic diagram of a data structure of a UUID in bluetooth beacon data according to an embodiment of the present disclosure;
fig. 4 is a block diagram of a data anti-counterfeiting encryption device provided by an embodiment of the present disclosure;
fig. 5 is a schematic diagram of a computer device provided by an embodiment of the present disclosure.
Detailed Description
In the following description, for purposes of explanation and not limitation, specific details are set forth, such as particular system structures, techniques, etc. in order to provide a thorough understanding of the disclosed embodiments. However, it will be apparent to one skilled in the art that the present disclosure may be practiced in other embodiments that depart from these specific details. In other instances, detailed descriptions of well-known systems, devices, circuits, and methods are omitted so as not to obscure the description of the present disclosure with unnecessary detail.
A data anti-counterfeit encryption method and apparatus according to an embodiment of the present disclosure will be described in detail below with reference to the accompanying drawings.
Fig. 1 is a flowchart of a data anti-fake encryption method provided in an embodiment of the present disclosure. As shown in fig. 1, the data anti-counterfeiting encryption method includes:
s101, acquiring original data to be broadcasted, and splitting the original data into first data and second data.
Specifically, the raw data to be broadcast may be device data to be broadcast by a bluetooth device (e.g., iBeacon bluetooth device, etc.), for example, plaintext data in bluetooth beacon data. In general, the format of bluetooth beacon data is shown in fig. 2, and includes a broadcast data Length (AD Field Length) of 1 byte; broadcast Type (Type), length 1 byte; beacon manufacturer id (company id), 2 bytes in length; an iBeacon data Type (iBeacon Type) with a length of 1 byte; the UUID is a Bluetooth beacon identifier 1, and the length is 16 bytes; major is a Bluetooth beacon identifier 2, and the length is 2 bytes; minor is a bluetooth beacon identifier 3, and the length is 2 bytes; bluetooth beacon transmit Power (Tx Power) is 1 byte in length. As shown in fig. 3, the UUID is divided into 3 parts, namely, a customized part of 6 bytes, an anti-counterfeit encrypted part of 8 bytes, and a verification part of 2 bytes. The plaintext data in the bluetooth beacon data is the anti-counterfeiting encryption part of 8 bytes of the UUID.
As an example, the original data is split into the first data and the second data, and specifically, the anti-counterfeiting encryption portion (i.e., the security check data frame) of 8 bytes (64 bits) is split into two portions of the first data and the second data of 32 bits.
S102, expanding the second data to obtain second expanded data; and encrypting the second expanded data by using a preset first secret key to obtain second encrypted data.
In some exemplary embodiments, the preset keys (including the first key and the second key) may be pre-stored in the data sending device, may also be pre-stored in the server, and may also be pre-stored in the cloud database. When data needs to be broadcast, a first key and a second key stored in the data sending equipment are directly called, or a request is sent to the server through the data sending equipment, so that the first key and the second key sent by the server are obtained. Specifically, in order to quickly and accurately find the key corresponding to the data sending device for encryption and facilitate subsequent decryption operation, the key and the MAC address corresponding thereto may be bound together and stored in the data sending device or the server or the cloud database.
S103, exchanging the position of the second encrypted data and the first data, and determining the first data as new second data.
As an example, the position exchange of the second encrypted data with the first data is a left-right position exchange of the second encrypted data with the first data.
S104, expanding the new second data to obtain new second expanded data; and encrypting the new second expansion data by using a preset second secret key to obtain new second encryption data.
And S105, carrying out left-right position exchange on the new second encrypted data and the second encrypted data, splicing the two together, carrying out reverse replacement processing to obtain target encrypted data and outputting the target encrypted data.
The technical scheme provided by the embodiment of the disclosure can be applied to data sending equipment (such as positioning equipment like Bluetooth equipment), and the data sending equipment can split original data to be broadcasted into first data and second data in the process of sending equipment data in a broadcasting manner; expanding the second data to obtain second expanded data; encrypting the second expanded data by using a preset first key to obtain second encrypted data; exchanging the position of the second encrypted data and the first data, and determining the first data as new second data; expanding the new second data to obtain new second expanded data; encrypting the new second expanded data by using a preset second key to obtain new second encrypted data; and carrying out left-right position exchange on the new second encrypted data and the second encrypted data, splicing the new second encrypted data and the second encrypted data together, and carrying out reverse replacement processing to obtain and output target encrypted data. On one hand, the difficulty of cracking the original data processed by the anti-counterfeiting encryption by other receiving equipment is higher, so that the broadcasted data can be effectively prevented from being randomly or maliciously copied by other illegal receiving equipment, the safety is high, the stable operation of the Bluetooth positioning system is favorably ensured, and the safety coefficient of the whole Bluetooth system is improved; on the other hand, the broadcast data can be effectively prevented from being maliciously copied by illegal equipment, and the phenomenon that the copied broadcast data is utilized to achieve the undesirable purposes of positioning cheating and the like is avoided.
In some embodiments, the splitting the original data into the first data and the second data in step S101 includes:
carrying out replacement processing on the original data according to a preset replacement rule to obtain initial replacement data;
and splitting the initial replacement data into left half data and right half data, wherein the left half data corresponds to the first data, and the right half data corresponds to the second data.
The preset replacement rule may be a replacement table that is preset and replaces the order and position of the original data in units of bits, for example, the replacement table shown in table 1 below.
Table 1 substitution table for substitution processing of original data
2 56 42 34 26 20 16 58
3 52 44 36 28 18 10 4
62 54 46 38 30 22 14 6
8 50 40 48 32 24 12 64
1 49 41 9 25 23 39 57
11 51 43 35 27 19 59 63
61 53 45 37 29 21 13 5
63 55 47 33 31 17 7 15
The data in table 1 above indicates that the designated position of the original data is shifted and replaced to the bit, for example, the 1 st bit of the original data is replaced to the 2 nd bit, the 2 nd bit of the original data is replaced to the 56 th bit, and the 3 rd bit of the original data is replaced to the 42 th bit.
The original data is subjected to replacement processing according to the table 1 above to obtain initial replacement data, and the initial replacement data is split into 32-bit first data and 32-bit second data. The first data may be the first 32 bits of data in the initial replacement data, and the second data may be the second 32 bits of data in the initial replacement data.
According to the technical scheme provided by the embodiment of the disclosure, the original data is initially replaced, so that the sequence and the position of the original data are changed, and the original data is split into the left part and the right part, so that the difficulty in cracking the original data by subsequent data receiving equipment can be increased, the original data can be effectively protected, and the original data can be prevented from being copied maliciously.
In some embodiments, in step S102, the expanding the second data to obtain second expanded data includes:
and adjusting the order of the second data, and repeating the data at the preset position in the second data to obtain second extended data.
As an example, the second data may be subjected to extension permutation according to a preset extension permutation rule, so that the 32-bit second data is extended to 48-bit second extension data. The extended permutation rule may be an extended permutation table as shown in table 2 below.
TABLE 2 extended substitution table for extending second data
17 1 30 3 4 2
4 5 6 7 8 9
8 9 10 11 16 13
12 13 14 15 28 32
12 17 18 19 16 21
20 21 22 23 24 25
24 25 26 27 28 29
20 29 5 31 32 1
The order of the second data is permutated and adjusted by following the extended permutation table of table 2 above, and some bits are repeated, resulting in 48 bits of second extended data.
In some embodiments, before the step S102 encrypts the second extension data by using the preset first key to obtain the second encrypted data, the method further includes:
acquiring an original key, and splitting the original key into a first sub-key and a second sub-key;
performing circular right shift transformation on the first sub-secret key to obtain a first transformation sub-secret key; performing circular right shift transformation on the second sub-secret key to obtain a second transformed sub-secret key;
combining the first transformation subkey and the second transformation subkey to obtain a first combined key;
and carrying out selective replacement on the first combined key to generate a first key.
In some embodiments, the splitting the original key into the first sub-key and the second sub-key includes:
carrying out bit reduction processing on the original key to obtain a bit reduction key;
and performing position replacement on the bit-reduced key to obtain a replacement key, and splitting the replacement key into a first sub-key and a second sub-key.
Specifically, the original key is a 64-bit data. Before splitting the original key, neglecting the parity check bit (the 0 th bit of each byte is the parity check bit), namely the parity check bit of the original key does not participate in the calculation, right-aligning the original key, and reducing the 64-bit original key to the 56-bit reduced key. Next, the position of the reduced key is replaced according to a preset reduction selection replacement table (as shown in table 3 below) to obtain a replacement key, and the replacement key is split into a 28-bit first sub-key and a 28-bit second sub-key. For example, the first 28 bits (i.e., data corresponding to K39, K4, and K41 … … K36 in table 3 below) of the replacement key are divided into a first sub-key, and the second 28 bits (i.e., data corresponding to K63, K29, and K47 … … K12 in table 3 below) are divided into a second sub-key.
TABLE 3 reduced selection substitution Table for substituting positions of reduced keys
39 4 41 45 7 17 28 30
58 50 42 34 26 18 10 2
59 51 43 35 27 19 11 60
3 52 44 36 63 29 47 52
31 23 15 25 62 54 46 38
1 22 14 6 61 53 33 37
55 21 13 5 9 20 49 12
In some embodiments, the above steps perform circular right shift transformation on the first sub-key to obtain a first transformed sub-key; performing circular right shift transformation on the second sub-secret key to obtain a second transformed sub-secret key, including:
circularly moving the first sub-secret key to the right by preset digits to obtain a first transformation sub-secret key;
and circularly moving the second sub-secret key to the right by preset digits to obtain a second transformation sub-secret key.
The preset number of bits may be specifically set according to actual situations, and may be 1 bit or 3 bits, for example. For example, the first subkey may be circularly shifted by 3 bits to the right according to the first right shift table shown in table 4 below to obtain a first transformed subkey; and the second sub-key is circularly moved by 3 bits to the right according to a second right displacement table shown in the following table 5 to obtain a second transformation sub-key.
TABLE 4 first Right Shift Table
52 44 36 39 4 41 45
7 17 28 30 58 50 42
34 26 18 10 2 59 51
43 35 27 19 11 60 3
TABLE 5 second Right Shift Table
20 49 12 63 29 47 52
31 23 15 25 62 54 46
38 1 22 14 6 61 53
33 37 55 21 13 5 9
Combining the first transformed sub-key and the second transformed sub-key to obtain a 56-bit first combined key, removing the data of bits 1, 14, 27, 28, 36, 41, 49, 52 in the first combined key, and then adjusting the order and position of the first combined key according to the replacement selection table shown in table 6 below to generate a 48-bit first key.
Table 6 substitution selection table
48 17 34 56 1 8
3 28 15 6 21 10
23 19 12 32 26 5
16 7 27 20 13 41
2 52 31 37 47 55
30 51 40 45 33 41
44 49 39 24 11 53
50 42 46 36 29 4
By generating the first key in the manner, even if the original key is leaked, the cracking party cannot easily crack the first key to obtain the first key without disclosing the generation rule of the first key, so that the security of the first key is improved, and the anti-counterfeiting security of the second extended data of the original data by using the first key is further improved.
In some embodiments, in step S102, encrypting the second extension data by using a preset first key to obtain second encrypted data includes:
performing XOR operation on the second expanded data and the first key to obtain a first XOR operation result;
performing substitution operation on the first exclusive-or operation result to obtain a first substitution operation result, and performing substitution operation on the substitution operation result to obtain a first substitution result;
and carrying out XOR operation on the first replacement result and the second data to obtain second encrypted data.
In some embodiments, the performing a substitution operation on the first exclusive-or operation result to obtain a first substitution operation result includes:
and inputting the first XOR operation result into the S box to perform bit reduction on the first XOR operation result to obtain a first substitution operation result with the same number of bits as the first key.
Where XOR is a mathematical operator. It is applied to logical operations. The mathematical sign of the exclusive or is ″, and the computer sign is 'xor'. The algorithm is as follows: a ^ b = (^ b) (a ^ b) if a, b two values are not the same, then XOR result is 1. If the values of a and b are the same, the XOR result is 0. XOR is also called half-add, and the algorithm is equivalent to binary addition without carry.
As an example, the 48-bit second extension data is xor-operated with the 48-bit first key, resulting in a 48-bit first xor-operated result. And inputting the first exclusive-OR operation result into an S box for substitution operation to obtain a 32-bit first substitution operation result.
The substitution operation is performed by 8 different substitution boxes (S-boxes). Wherein each S-box has 6 bits input and 4 bits output. Therefore, the 48-bit first xor operation result is input into the 8S boxes, and is divided into 8 groups of 6 bits, each group corresponds to one S box replacing operation, and 8 groups of 4 bits are formed through S box replacing, that is, 32-bit output results are obtained. I.e. each S-box is itself 64 bits, the input data for each S-box is 6 bits and the output data is 4 bits. Each S-box is in a format of 4 rows and 16 columns, since binary 4 bits are 0-15. The value generation algorithm for the 8S boxes is as follows:
(a) initial arrangements 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 are defined.
(b) And setting the nth S box as Sn, wherein the value of n is 1-8.
(c)SnThe determinant generation formula (2) is shown in (1).
P>>((n*1)-1)
P>>((n*2)-1)
P>>((n*3)-1)
P>>((n*4)-1) (1)。
In the above formula (1), P represents the initial arrangement matrix in (a), > > represents the cyclic right shift, and n represents the index of the S box. Among them, the S1 box can be expressed as shown in table 7 below.
TABLE 7S 1 Box
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
15 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14
14 15 0 1 2 3 4 5 6 7 8 9 10 11 12 13
13 14 15 0 1 2 3 4 5 6 7 8 9 10 11 12
The calculation process of the S-box will be described below with an example of the S8 box position. Assuming that the input (i.e. 43 th to 18 th bits of the exclusive-or function) 110011 of the S8 box, the combination of the first bit and the sixth bit (the highest bit and the lowest bit) is 11 (binary), and the conversion is 3, the line number in the S8 box is 3, i.e. the 3 rd line of the S8 box is corresponded; the second bit to the fifth bit of the original data are 1001 (binary), and are converted into decimal 9, then the column number is 9 in the S8 box, that is, the number of the 9 th column of the corresponding S8 box is 12 in the 9 th row of the S8 box, and is converted into binary 1100, therefore, 110011 is replaced by binary 1100, that is, 1100 (binary) is output by the S box.
Next, the 32-bit first substitution operation result is input into the T-box, and each bit input bit is mapped to an output bit according to the T-box permutation table shown in table 8 below, so as to obtain a 32-bit first permutation result.
TABLE 8T Box substitution Table
1 21 23 25 26 7 8 12
30 31 2 27 5 6 9 13
20 32 22 3 4 17 10 11
19 29 28 24 18 16 15 14
And finally, carrying out exclusive OR operation on the first replacement result and the original second data to obtain 32-bit second encrypted data.
In some embodiments, before the step S104 encrypts the new second extension data by using the preset second key to obtain the new second encrypted data, the method further includes:
performing circular right shift transformation on the first transformation subkey to obtain a third transformation subkey; performing circular right shift transformation on the second transformation subkey to obtain a fourth transformation subkey;
combining the third transformation subkey and the fourth transformation subkey to obtain a second combined key;
and replacing and selecting the second combined key to generate a second key.
As an example, the first transform subkey may be circularly right-shifted (right-shifted by 3 bits) according to the first transform subkey substitution table shown in table 9 below to obtain a third transform subkey; the second transformed subkey is circularly right-shifted (right-shifted by 3 bits) according to the second transformed subkey substitution table shown in the following table 10 to obtain a fourth transformed subkey.
TABLE 9 first transform subkey permutation Table
52 44 36 39 4 41 45
7 17 28 30 58 50 42
34 26 18 10 2 59 51
43 35 27 19 11 60 3
TABLE 10 second transform subkey permutation Table
20 49 12 63 29 47 52
31 23 15 25 62 54 46
38 1 22 14 6 61 53
33 37 55 21 13 5 9
Then, the third transformed subkey and the fourth transformed subkey are combined to obtain a second combined key, and the order and position of the second combined key are adjusted according to the replacement selection table shown in table 6 above to generate a 48-bit second key.
In some embodiments, in the step S104, encrypting the new second extension data by using a preset second key to obtain new second encrypted data includes:
carrying out XOR operation on the new second expanded data and a second key to obtain a second XOR operation result;
performing substitution operation on the second exclusive-or operation result to obtain a second substitution operation result, and performing substitution operation on the second substitution operation result to obtain a second substitution result;
and carrying out XOR operation on the second replacement result and the new second data to obtain new second encrypted data.
Specifically, the specific implementation process of encrypting the new second extension data by using the preset second key to obtain the new second encrypted data is similar to the process of encrypting the second extension data by using the preset first key to obtain the second encrypted data, and is not described herein again.
In some embodiments, in step S105, after performing position exchange on the new second encrypted data and the second encrypted data, splicing the new second encrypted data and the second encrypted data together, and performing inverse permutation processing to obtain and output target encrypted data, the method includes:
the new second encrypted data and the second encrypted data are spliced together after left-right position exchange, and one round of encryption aiming at the original data is completed to obtain first round of encrypted data;
when the encryption round number of the original data does not meet a preset round number threshold value, carrying out encryption processing on the previous round of encrypted data again to obtain the Nth round of encrypted data; wherein N is more than or equal to 2;
and when the encryption round number of the original data meets a preset round number threshold, determining the N-th round of encrypted data as target encrypted data.
Specifically, the N-round encryption flow for the original data can be expressed as shown in the following equation (2).
Rn=L(n-1);
Ln=R(n-1) xor f(Rn-1,kn-1) (2);
Wherein xor represents an exclusive or operation; knIs a key of 48 bits input when encrypting to the Nth round; f is Rn-1 and KnA function that is a variable and outputs 32 bits of data; rnIs the second data; l isnThe value of n is 0-16 for the first data.
In the first round of encryption of the original data, the first key is used for the first round of encryption of the original dataAfter the two data are encrypted, the second data R1=L0First of the original data, the first data is an exclusive or result of second data of the original data and an output result of the function f. Then, the first (new second data) of the original data is encrypted by using the second key, and after the encryption, the second data is an exclusive or result of the second data of the original data and an output result of the function f, and the first data is an exclusive or result of the first data of the original data and the output result of the function f.
After the second data and the first data of the original data are respectively encrypted, second encrypted data and new second encrypted data (namely, data encrypted by the first data of the original data) are obtained, and after the second encrypted data and the new second encrypted data are spliced together, one-round encryption of the original data is completed, so that the first-round encrypted data is obtained.
The preset round number threshold value can be flexibly set according to actual conditions, and preferably, the encryption round number threshold value can be 2, 3, 4, 5, 6, 7 or 8.
As an example, when the preset round number threshold is 8 rounds, the first round of encrypted data may be re-encrypted by referring to the above step of performing one round of encryption on the original data, so as to obtain second round of encrypted data; next, the second round of encrypted data is encrypted again, a third round of encrypted data … … is obtained, and so on, the seventh round of encrypted data is encrypted again, an eighth round of encrypted data is obtained, and the eighth round of encrypted data is determined as the target encrypted data.
The encryption processing method comprises the steps that encryption processing is carried out on first round encrypted data again, and keys used in the process of obtaining second round encrypted data are a third key and a fourth key; carrying out encryption processing on the second round of encrypted data again, wherein keys used in the process of obtaining the third round of encrypted data are a fifth key and a sixth key; and performing re-encryption processing on the third round of encrypted data, wherein keys used in the process of obtaining the fourth round of encrypted data are a seventh key and an eighth key … …, and the keys used in the process of obtaining the eighth round of encrypted data are a fifteenth key and a sixteenth key.
The third key is generated by performing circular right shift transformation again on the third transformed sub-key and the fourth transformed sub-key to obtain a fifth transformed sub-key and a sixth transformed sub-key, combining the fifth transformed sub-key and the sixth transformed sub-key to obtain a third combined key, and adjusting the order and the position of the third combined key according to the replacement selection table shown in the table 6.
In this way, the sixteenth secret key is generated by performing circular right shift transformation on the thirteenth transformed sub-secret key and the fourteenth transformed sub-secret key again to obtain a fifteenth transformed sub-secret key and a sixteenth transformed sub-secret key, combining the fifteenth transformed sub-secret key and the sixteenth transformed sub-secret key to obtain a sixteenth combined secret key, and then adjusting the order and the position of the sixteenth combined secret key according to the replacement selection table shown in the table 6.
The cyclic right shift number in the generation process of the key adopted in each round of encryption process is as follows: when a first key required to be used in the first round of encryption is generated, the circulating right shift numbers of the first sub-key and the second sub-key are 3 bits, and when a second key is generated, the circulating right shift numbers of the first conversion sub-key and the second conversion sub-key are 3 bits; generating a third key and a fourth key which are needed to be used in the second round of encryption, wherein the cyclic right shift number of the sub-key corresponding to the third key and the fourth key is 3 bits; when the keys required to be used for the fourth, sixth and seventh round encryption are generated, the cyclic right shift numbers of the corresponding sub-keys are all 3 bits; when the keys needed to be used in the third, fifth and eighth round encryption are generated, the cyclic right shift numbers of the corresponding sub-keys are all 1 bit.
And replacing the positions and the sequence of the data subjected to the N rounds of encryption processing into the original positions, namely, replacing the positions exchanged by the replacing table in the table 1 above again to obtain the target encrypted data.
As a preferred example, when the above formula (2) is used to perform 2-8 rounds (2 is not less than N and not more than 8) of iterative encryption on the original data, the difficulty in cracking the original data by other devices (e.g., illegal devices) can be significantly increased, so that the original data can be effectively prevented from being copied maliciously, the original data can be prevented from being forged and falsified by the illegal devices, and the authenticity and the security of the original data are ensured.
All the above optional technical solutions may be combined arbitrarily to form optional embodiments of the present application, and are not described herein again.
The following are embodiments of the disclosed apparatus that may be used to perform embodiments of the disclosed methods. For details not disclosed in the embodiments of the apparatus of the present disclosure, refer to the embodiments of the method of the present disclosure.
Fig. 4 is a schematic diagram of a data anti-counterfeiting encryption device provided in an embodiment of the present disclosure. As shown in fig. 4, the data anti-counterfeiting encryption device comprises:
the data acquisition module 11 is configured to acquire original data to be broadcasted, and split the original data into first data and second data;
a first encryption module 12 configured to expand the second data to obtain second expanded data; encrypting the second expanded data by using a preset first key to obtain second encrypted data;
a switching module 13 configured to perform location switching between the second encrypted data and the first data, and determine the first data as new second data;
a second encryption module 14 configured to expand the new second data to obtain new second expanded data; encrypting the new second expanded data by using a preset second key to obtain new second encrypted data;
and the output module 15 is configured to splice the new second encrypted data and the second encrypted data together after performing left-right position exchange, so as to obtain target encrypted data and output the target encrypted data.
According to the technical scheme provided by the embodiment of the present disclosure, the data acquisition module 11 is configured to split original data to be broadcasted into first data and second data; the first encryption module 12 is configured to expand the second data to obtain second expanded data; the exchange module 13 is configured to encrypt the second extension data by using a preset first key to obtain second encrypted data; exchanging the position of the second encrypted data and the first data, and determining the first data as new second data; the second encryption module 14 is configured to expand the new second data to obtain new second expanded data; encrypting the new second expanded data by using a preset second key to obtain new second encrypted data; the output module 15 is configured to splice the new second encrypted data and the second encrypted data together after performing left-right position exchange to obtain target encrypted data and output the target encrypted data, so that the encryption processing on the original data is completed, and the difficulty of cracking the encrypted original data by other receiving equipment is high, so that the broadcasted data can be effectively prevented from being copied by other receiving equipment randomly or maliciously, the safety is high, the stable operation of the bluetooth positioning system is favorably ensured, and the safety factor of the whole bluetooth system is improved; meanwhile, the broadcast data which is maliciously copied by illegal equipment can be effectively restrained to realize certain behavior with bad purposes (such as positioning cheating and the like).
In some embodiments, the data obtaining module 11 includes:
the initial replacement data acquisition unit is configured to perform replacement processing on the original data according to a preset replacement rule to obtain initial replacement data;
a splitting unit configured to split the initial permutation data into first data and second data.
In some embodiments, the first encryption module 12 includes:
and the expanding unit is configured to adjust the order of the second data and repeat data at a preset position in the second data to obtain second expanded data.
In some embodiments, the data anti-counterfeiting encryption device further comprises:
the device comprises an original key splitting module, a first key obtaining module and a second key obtaining module, wherein the original key splitting module is configured to obtain an original key and split the original key into a first sub-key and a second sub-key;
a first right shift transformation module configured to perform circular right shift transformation on the first sub-key to obtain a first transformed sub-key; performing circular right shift transformation on the second sub-secret key to obtain a second transformed sub-secret key;
a first combining module configured to combine the first transformed subkey and the second transformed subkey to obtain a first combined key;
and the first key generation module is configured to perform selective replacement on the first combined key to generate a first key.
In some embodiments, the original key splitting module includes:
the bit reduction processing unit is configured to perform bit reduction processing on the original key to obtain a bit reduction key;
and the splitting unit is configured to perform position replacement on the bit-reduced key to obtain a replacement key, and split the replacement key into a first sub-key and a second sub-key.
In some embodiments, the right shift transform module is specifically configured to:
circularly moving the first sub-secret key to the right by preset digits to obtain a first transformation sub-secret key;
and circularly moving the second sub-secret key to the right by preset digits to obtain a second transformation sub-secret key.
In some embodiments, the first encryption module 12 further includes:
a first exclusive-or operation unit configured to perform an exclusive-or operation on the second extension data and the first key to obtain a first exclusive-or operation result;
a first permutation unit, configured to input the first exclusive-or operation result into an S-box for performing a substitution operation, to obtain a first substitution operation result, and input the substitution operation result into a T-box for performing a T-box permutation, to obtain a first permutation result;
a first encryption unit configured to perform an exclusive-or operation on the first permutation result and the second data to obtain second encrypted data.
In some embodiments, the first permutation unit may be specifically configured to:
and inputting the first XOR operation result into an S box to perform bit reduction on the first XOR operation result to obtain a first substitution operation result with the same number of bits as the first key.
In some embodiments, the data anti-counterfeiting encryption device further comprises:
the second right shift transformation module is configured to perform circular right shift transformation on the first transformation subkey to obtain a third transformation subkey; performing circular right shift transformation on the second transformation subkey to obtain a fourth transformation subkey;
a second merging module, configured to merge the third transformed subkey and the fourth transformed subkey to obtain a second merged key;
and the second key generation module is configured to perform replacement selection on the second combined key to generate a second key.
In some embodiments, the second encryption module 14 further includes:
a second exclusive-or operation unit configured to perform an exclusive-or operation on the new second extension data and the second key to obtain a second exclusive-or operation result;
a second replacement unit, configured to input the second exclusive-or operation result into an S-box for performing a replacement operation to obtain a second replacement operation result, and input the second replacement operation result into a T-box for performing a T-box replacement to obtain a second replacement result;
and the second encryption unit is configured to perform exclusive-or operation on the second replacement result and the new second data to obtain new second encrypted data.
In some embodiments, the output module 15 includes:
the first round encryption unit is configured to splice the new second encrypted data and the second encrypted data together after performing left-right position exchange, complete one round of encryption on the original data, and obtain first round of encrypted data;
the Nth round encryption unit is configured to encrypt the previous round of encrypted data again to obtain Nth round encrypted data when the encryption round number of the original data does not meet a preset round number threshold; wherein N is more than or equal to 2;
an output unit configured to determine the nth round of encrypted data as target encrypted data when the number of encryption rounds for the original data satisfies a preset round number threshold.
It should be understood that, the sequence numbers of the steps in the foregoing embodiments do not imply an execution sequence, and the execution sequence of each process should be determined by its function and inherent logic, and should not constitute any limitation on the implementation process of the embodiments of the present disclosure.
Fig. 5 is a schematic diagram of a computer device 5 provided by an embodiment of the present disclosure. As shown in fig. 5, the computer device 5 of this embodiment includes: a processor 501, a memory 502 and a computer program 503 stored in the memory 502 and operable on the processor 501. The steps in the various method embodiments described above are implemented when the processor 501 executes the computer program 503. Alternatively, the processor 501 implements the functions of the respective modules/units in the above-described respective apparatus embodiments when executing the computer program 503.
Illustratively, the computer program 503 may be partitioned into one or more modules/units, which are stored in the memory 502 and executed by the processor 501 to accomplish the present disclosure. One or more modules/units may be a series of computer program instruction segments capable of performing specific functions, which are used to describe the execution of the computer program 503 in the computer device 5.
The computer device 5 may be a desktop computer, a notebook, a palm computer, a cloud server, or other computer devices. Computer device 5 may include, but is not limited to, a processor 501 and a memory 502. Those skilled in the art will appreciate that fig. 5 is merely an example of a computer device 5 and is not intended to limit the computer device 5 and may include more or fewer components than shown, or some of the components may be combined, or different components, e.g., the computer device may also include input output devices, network access devices, buses, etc.
The Processor 501 may be a Central Processing Unit (CPU), other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic device, discrete hardware component, or the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The storage 502 may be an internal storage unit of the computer device 5, for example, a hard disk or a memory of the computer device 5. The memory 502 may also be an external storage device of the computer device 5, such as a plug-in hard disk provided on the computer device 5, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like. Further, the memory 502 may also include both internal storage units of the computer device 5 and external storage devices. The memory 502 is used for storing computer programs and other programs and data required by the computer device. The memory 502 may also be used to temporarily store data that has been output or is to be output.
It will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-mentioned division of the functional units and modules is illustrated, and in practical applications, the above-mentioned function distribution may be performed by different functional units and modules according to needs, that is, the internal structure of the apparatus is divided into different functional units or modules, so as to perform all or part of the functions described above. Each functional unit and module in the embodiments may be integrated in one processing unit, or each unit may exist alone physically, or two or more units are integrated in one unit, and the integrated unit may be implemented in a form of hardware, or in a form of software functional unit. In addition, specific names of the functional units and modules are only for convenience of distinguishing from each other, and are not used for limiting the protection scope of the present application. The specific working processes of the units and modules in the system may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the above embodiments, the descriptions of the respective embodiments have respective emphasis, and reference may be made to the related descriptions of other embodiments for parts that are not described or illustrated in a certain embodiment.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present disclosure.
In the embodiments provided in the present disclosure, it should be understood that the disclosed apparatus/computer device and method may be implemented in other ways. For example, the above-described apparatus/computer device embodiments are merely illustrative, and for example, a division of modules or units, a division of logical functions only, an additional division may be made in actual implementation, multiple units or components may be combined or integrated with another system, or some features may be omitted, or not implemented. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
Units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present disclosure may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated modules/units, if implemented in the form of software functional units and sold or used as separate products, may be stored in a computer readable storage medium. Based on such understanding, the present disclosure may implement all or part of the flow of the method in the above embodiments, and may also be implemented by a computer program to instruct related hardware, where the computer program may be stored in a computer readable storage medium, and when the computer program is executed by a processor, the computer program may implement the steps of the above methods and embodiments. The computer program may comprise computer program code, which may be in the form of source code, object code, an executable file or some intermediate form, etc. The computer readable medium may include: any entity or device capable of carrying computer program code, recording medium, usb disk, removable hard disk, magnetic disk, optical disk, computer Memory, Read-Only Memory (ROM), Random Access Memory (RAM), electrical carrier wave signals, telecommunications signals, software distribution medium, and the like. It should be noted that the computer readable medium may contain suitable additions or additions that may be required in accordance with legislative and patent practices within the jurisdiction, for example, in some jurisdictions, computer readable media may not include electrical carrier signals or telecommunications signals in accordance with legislative and patent practices.
The above examples are only intended to illustrate the technical solutions of the present disclosure, not to limit them; although the present disclosure has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; such modifications and substitutions do not substantially depart from the spirit and scope of the embodiments of the present disclosure, and are intended to be included within the scope of the present disclosure.

Claims (9)

1. A method for anti-counterfeit encryption of data, comprising:
acquiring original data to be broadcasted, and splitting the original data into first data and second data;
expanding the second data to obtain second expanded data, and encrypting the second expanded data by using a preset first secret key to obtain second encrypted data;
exchanging the position of the second encrypted data and the first data, and determining the first data as new second data;
expanding the new second data to obtain new second expanded data, and encrypting the new second expanded data by using a preset second secret key to obtain new second encrypted data;
the new second encrypted data and the second encrypted data are spliced together after position exchange, and target encrypted data are obtained through reverse replacement processing;
the encrypting the second extended data by using a preset first key to obtain second encrypted data includes:
performing exclusive-or operation on the second extended data and the first key to obtain a first exclusive-or operation result;
performing substitution operation on the first exclusive-or operation result to obtain a first substitution operation result;
performing replacement operation on the substitute operation result to obtain a first replacement result;
performing exclusive-or operation on the first replacement result and the second data to obtain second encrypted data;
the performing a substitute operation on the first exclusive-or operation result to obtain a first substitute operation result includes:
inputting the first XOR operation result into an S box to perform bit reduction on the first XOR operation result to obtain a first substitution operation result with the same number of bits as the first key;
the splicing the new right half encrypted data and the right half encrypted data after the position exchange is performed to obtain the target encrypted data includes:
the new second encrypted data and the second encrypted data are spliced together after left-right position exchange, and one round of encryption aiming at the original data is completed to obtain first round of encrypted data;
when the encryption round number of the original data does not meet a preset round number threshold value, carrying out encryption processing on the previous round of encrypted data again to obtain the Nth round of encrypted data; wherein N = 2;
when the encryption round number aiming at the original data meets a preset round number threshold value, determining the N-th round of encrypted data as target encrypted data after reverse replacement processing;
the value generation algorithm of the S-box is as follows: (a) defining initial arrangements 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15; (b) setting the nth S box as Sn, wherein the value of n is 1-8;
(c) the determinant generation formula of Sn is as follows:
P>>((n*1)-1);
P>>((n*2)-1);
P>>((n*3)-1);
P>>((n*4)-1);
in the formula, P represents the initial arrangement matrix in (a), > > represents the cyclic right shift, and n represents the index of the S box.
2. The data anti-counterfeiting encryption method according to claim 1, wherein the splitting the original data into the first data and the second data comprises:
performing replacement processing on the original data according to a preset replacement rule to obtain initial replacement data;
and splitting the initial replacement data into a left half part of data and a right half part of data, wherein the left half part of data corresponds to the first data, and the right half part of data corresponds to the second data.
3. The data anti-counterfeiting encryption method according to claim 1, wherein the expanding the second data to obtain second expanded data comprises:
and adjusting the sequence of the second data, and repeating the data at the preset position in the second data to obtain second extended data.
4. The data anti-counterfeiting encryption method according to claim 1, wherein before encrypting the second extended data by using the preset first key to obtain second encrypted data, the method further comprises:
acquiring an original key, and splitting the original key into a first sub-key and a second sub-key;
performing circular right shift transformation on the first sub-secret key to obtain a first transformation sub-secret key, and performing circular right shift transformation on the second sub-secret key to obtain a second transformation sub-secret key;
combining the first transformation subkey and the second transformation subkey to obtain a first combined key;
and carrying out selective replacement on the first combined key to generate a first key.
5. The data anti-counterfeiting encryption method according to claim 4, wherein the splitting the original key into a first sub-key and a second sub-key comprises:
performing bit reduction processing on the original key to obtain a bit reduction key;
and performing position replacement on the bit-reduced secret key to obtain a replacement secret key, and splitting the replacement secret key into a first sub secret key and a second sub secret key.
6. The data anti-counterfeiting encryption method according to claim 4, wherein before encrypting the new second data by using the preset second key to obtain the new second encrypted data, the method further comprises:
performing circular right shift transformation on the first transformation sub-key to obtain a third transformation sub-key, and performing circular right shift transformation on the second transformation sub-key to obtain a fourth transformation sub-key;
combining the third transformation subkey and the fourth transformation subkey to obtain a second combined key;
and performing replacement selection on the second combined key to generate a second key.
7. A data anti-counterfeiting encryption device, comprising:
the data acquisition module is used for acquiring original data to be broadcasted and splitting the original data into first data and second data;
the first encryption module is used for expanding the second data to obtain second expanded data; encrypting the second expanded data by using a preset first key to obtain second encrypted data;
the exchange module is used for exchanging the position of the second encrypted data with the first data and determining the first data as new second data;
the second encryption module is used for expanding the new second data to obtain new second expanded data; encrypting the new second data by using a preset second key to obtain new second encrypted data;
the output module is used for splicing the new second encrypted data and the second encrypted data together after performing left-right position exchange, and obtaining target encrypted data through reverse replacement processing;
the encrypting the second extended data by using a preset first key to obtain second encrypted data includes:
performing exclusive-or operation on the second extended data and the first key to obtain a first exclusive-or operation result;
performing substitution operation on the first exclusive-or operation result to obtain a first substitution operation result;
performing replacement operation on the substitute operation result to obtain a first replacement result;
performing exclusive-or operation on the first replacement result and the second data to obtain second encrypted data;
the performing a substitute operation on the first exclusive-or operation result to obtain a first substitute operation result includes:
inputting the first XOR operation result into an S box to perform bit reduction on the first XOR operation result to obtain a first substitution operation result with the same number of bits as the first key;
the splicing the new right half encrypted data and the right half encrypted data after the position exchange is performed to obtain the target encrypted data includes:
the new second encrypted data and the second encrypted data are spliced together after left-right position exchange, and one round of encryption aiming at the original data is completed to obtain first round of encrypted data;
when the encryption round number of the original data does not meet a preset round number threshold value, carrying out encryption processing on the previous round of encrypted data again to obtain the Nth round of encrypted data; wherein N = 2;
when the encryption round number aiming at the original data meets a preset round number threshold value, determining the N-th round of encrypted data as target encrypted data after reverse replacement processing;
the value generation algorithm of the S-box is as follows: (a) defining initial arrangements 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15; (b) setting the nth S box as Sn, wherein the value of n is 1-8;
(c) the determinant generation formula of Sn is as follows:
P>>((n*1)-1);
P>>((n*2)-1);
P>>((n*3)-1);
P>>((n*4)-1);
in the formula, P represents the initial arrangement matrix in (a), > > represents the cyclic right shift, and n represents the index of the S box.
8. A computer device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, characterized in that the processor implements the steps of the method according to any one of claims 1 to 6 when executing the computer program.
9. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 6.
CN202111219274.6A 2021-10-20 2021-10-20 Data anti-counterfeiting encryption method and device, computer equipment and storage medium Active CN113660620B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111219274.6A CN113660620B (en) 2021-10-20 2021-10-20 Data anti-counterfeiting encryption method and device, computer equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111219274.6A CN113660620B (en) 2021-10-20 2021-10-20 Data anti-counterfeiting encryption method and device, computer equipment and storage medium

Publications (2)

Publication Number Publication Date
CN113660620A CN113660620A (en) 2021-11-16
CN113660620B true CN113660620B (en) 2022-01-21

Family

ID=78494721

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111219274.6A Active CN113660620B (en) 2021-10-20 2021-10-20 Data anti-counterfeiting encryption method and device, computer equipment and storage medium

Country Status (1)

Country Link
CN (1) CN113660620B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114285609B (en) * 2021-12-10 2024-02-13 中国联合网络通信集团有限公司 Encryption method, device, equipment and storage medium
CN115134793A (en) * 2022-06-21 2022-09-30 北京百度网讯科技有限公司 Data processing method, device, equipment and storage medium
CN117131517B (en) * 2023-10-27 2024-03-19 鼎铉商用密码测评技术(深圳)有限公司 Security detection method for encryption algorithm, terminal equipment and storage medium

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111064562A (en) * 2019-12-12 2020-04-24 北京计算机技术及应用研究所 Implementation method of AES algorithm on FPGA

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101847492B1 (en) * 2015-05-19 2018-04-10 삼성에스디에스 주식회사 Apparatus and method for data encryption, apparatus and method for data decryption
CN105790930A (en) * 2016-04-29 2016-07-20 南京酷派软件技术有限公司 Information encryption method and information encryption device used for mobile terminal and mobile terminal
CN108134664A (en) * 2016-12-01 2018-06-08 钦州市晶通科技有限公司 A kind of implementation method of data encryption
CN108270545A (en) * 2016-12-30 2018-07-10 广东精点数据科技股份有限公司 A kind of improved DES data encryption algorithm based on mobile Internet
US11700111B2 (en) * 2019-06-26 2023-07-11 Cryptography Research, Inc. Platform neutral data encryption standard (DES) cryptographic operation
CN110784307B (en) * 2019-11-05 2020-06-09 衡阳师范学院 Lightweight cryptographic algorithm SCENERY implementation method, device and storage medium
CN110868717A (en) * 2019-12-04 2020-03-06 太原理工大学 Method for improving wireless communication security based on DES encryption algorithm
CN111614457B (en) * 2020-05-21 2021-02-19 衡阳师范学院 P replacement improvement-based lightweight packet encryption and decryption method, device and storage medium

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111064562A (en) * 2019-12-12 2020-04-24 北京计算机技术及应用研究所 Implementation method of AES algorithm on FPGA

Also Published As

Publication number Publication date
CN113660620A (en) 2021-11-16

Similar Documents

Publication Publication Date Title
CN113660620B (en) Data anti-counterfeiting encryption method and device, computer equipment and storage medium
US8126139B2 (en) Partial encryption and full authentication of message blocks
US6948067B2 (en) Efficient encryption and authentication for data processing systems
US6314186B1 (en) Block cipher algorithm having a robust security against differential cryptanalysis, linear cryptanalysis and higher-order differential cryptanalysis
CN108073353B (en) Data processing method and device
US6950517B2 (en) Efficient encryption and authentication for data processing systems
US6831979B2 (en) Cryptographic accelerator
KR102136904B1 (en) Shared secret key generation device, encryption device, decryption device, shared secret key generation method, encryption method, decryption method, and program
US7254233B2 (en) Fast encryption and authentication for data processing systems
CN111866018B (en) Data information encryption transmission method and device, computer equipment and storage medium
CN116846542A (en) Data encryption and decryption method and device and electronic equipment
CN113098675B (en) Binary data encryption system and method based on polynomial complete homomorphism
EP2960891B1 (en) Method for introducing dependence of white-box implementationon a set of strings
CN113660725B (en) Positioning anti-cheating method, device and system, computer equipment and storage medium
Sheng et al. An efficient chaotic image encryption scheme using simultaneous permutation–diffusion operation
CN115022000B (en) Communication method and device of railway signal system and electronic equipment
CN115277064B (en) Data encryption and data decryption methods and devices, electronic equipment and medium
US20040039918A1 (en) Secure approach to send data from one system to another
CN115632765A (en) Encryption method, decryption device, electronic equipment and storage medium
CN114978475A (en) Automobile instrument encryption and decryption processing method and system based on AES-128 algorithm
CN114285609A (en) Encryption method, device, equipment and storage medium
CN110247754B (en) Method and device for realizing block cipher FBC
JP2004004603A (en) Extension key generation apparatus, enciphering apparatus and enciphering system
JP5578422B2 (en) ENCRYPTED COMMUNICATION SYSTEM, TRANSMISSION DEVICE, RECEPTION DEVICE, ENCRYPTION / DECRYPTION METHOD, AND PROGRAM THEREOF
US6801625B1 (en) Apparatus and method for stripping parity bits from an input stream

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20220722

Address after: 5305, floor 5, building 6, No. 8, Beiyuan street, Chaoyang District, Beijing 100020

Patentee after: Beijing Longzhi Digital Technology Service Co.,Ltd.

Address before: 101100-090, floor 1, building 1, No. 2, Jufu North Road, Jufuyuan national industry development base, Tongzhou District, Beijing

Patentee before: Beijing zhuojianzhihan Technology Co.,Ltd.

Patentee before: Shanghai zhuohan Technology Co.,Ltd.