CN113726512A

CN113726512A - Key generation and distribution method, key generation device, and key management system

Info

Publication number: CN113726512A
Application number: CN202111016098.6A
Authority: CN
Inventors: 蔡利锋; 蔡嘉禾; 王艳
Original assignee: Individual
Current assignee: Individual
Priority date: 2021-08-31
Filing date: 2021-08-31
Publication date: 2021-11-30
Also published as: WO2023030316A1

Abstract

The invention provides a key generation and distribution method, a key generation device, a key management system and an information security transmission system. The key generation and distribution method comprises the following steps: acquiring or/and generating system information of a key generation device, wherein the system information at least comprises a master key and at least one unidirectional data conversion algorithm, the master key is composed of unpublished random information, the unidirectional data conversion algorithm generates output information determined by input information according to the input information, and the input information is infeasible to be inferred or/and derived by the output information; generating a key determined by the timestamp and the information in the master key together by adopting at least one unidirectional data conversion algorithm according to the master key and by means of the timestamp consisting of non-repeated arbitrary information, and associating the key with the timestamp information; and transmitting the timestamp to a paired key generation apparatus, wherein the paired key generation apparatus stores second system information corresponding to the system information.

Description

Key generation and distribution method, key generation device, and key management system

Technical Field

The present invention relates to the field of information security, and more particularly, to a key generation and distribution method, a key generation apparatus, a key management system, an encryption/decryption apparatus, a file security system, and an information security delivery system.

Background

The rapid development of computer and communication technologies and the subsequent popularization and application of internet of things, cloud computing and cloud storage provide new challenges for information security and new development opportunities. The secure transmission and storage of information is the core of information security, and the encryption of information is an important means for realizing the information security.

Continuous encryption and decryption by saving or sharing a key in advance provides great convenience for users and is a common means in cryptography. However, the repeated use of the same key brings many security risks, and thus many attack strategies for a specific encryption algorithm are derived. Encrypting a file using a one-time key can effectively avoid most cryptographic attacks against encryption algorithms, but the generation and exchange of large numbers of one-time keys is often difficult and cumbersome. Currently, it remains a challenge to design a convenient and versatile encryption scheme that can be proven secure. In addition, since the correspondent entity needs different keys for different correspondent objects, key management is also often a problem, which is particularly acute in organizations and organizations that need to manage a large number of keys, where the number of keys involved is proportional to the square of the number of members.

Because the plaintext information amount is usually larger than the key information amount during encryption, and the information larger than the key information amount can be safely transmitted through the ciphertext, the shared key can be designed into a dynamic key, the key information needing to be updated is transmitted to the other party along with the communication information through the ciphertext, the shared key is dynamically updated in the communication process of the two parties, the practical one-time key encryption is realized, and the corresponding attack is avoided. The dynamic key scheme is suitable for real-time communication, and lacks advantages in information storage and key management.

Therefore, a method that can generate a required number of independent keys with certain key strength by means of one master key and can conveniently and safely distribute the keys is expected to overcome the limitations of the existing encryption scheme and solve the fundamental problems of cryptography and information safety.

Disclosure of Invention

The invention solves the problems of generation and safe distribution of independent keys with required key strength and capable of meeting the required quantity, and on the basis, an encryption scheme which can prove safety in an informatics theory is constructed, so that an information safety transmission scheme and an information safety system are constructed.

According to one embodiment described herein, there is provided a key generation and distribution method including:

acquiring or/and generating system information of a key generation device, wherein the system information at least comprises a master key and at least one unidirectional data conversion algorithm, the master key is composed of unpublished random information, the unidirectional data conversion algorithm generates output information determined by input information according to the input information, and the input information is infeasible to be inferred or/and derived by the output information;

generating a key determined by the timestamp and the information in the master key together by adopting at least one unidirectional data conversion algorithm according to the master key and by means of the timestamp consisting of non-repeated arbitrary information, and associating the key with the timestamp information; and

transmitting the timestamp to a paired key generation apparatus, wherein the paired key generation apparatus stores second system information corresponding to the system information.

In some embodiments, generating the key comprises:

generating, by the key generation apparatus, the timestamp;

calculating the timestamp and the master key to generate an intermediate key;

taking the intermediate key as input information, and performing conversion on the intermediate key through the one-way data conversion algorithm to generate secondary information;

extracting an information generation key from the secondary information; and

and associating the key with the timestamp corresponding to the key.

In some embodiments, operating on the timestamp and the master key to generate an intermediate key comprises:

generating the intermediate key using a non-degenerate combination of the timestamp and the master key.

generating the intermediate key through a second unidirectional data conversion algorithm using the timestamp and the master key as input information, the second unidirectional data conversion algorithm being the same as or different from the unidirectional data conversion algorithm.

In some embodiments, the one-way data conversion algorithm performs data conversion using the input information as control information to generate output information,

the system information further comprises a public database configured to store public data comprising a number of bits substantially greater than a number of bits comprised by the master key, an

The one-way data conversion algorithm performs data conversion on the common data using the input information as control information to generate secondary information.

In some embodiments, the data transformation employs a combinational die operation,

the public data is configured to be composed of N number sequences with the same length, each number sequence comprises the same number of bits, is marked by a number indicating 0 to N-1 with the same number of bits and is called as a seed;

the input information is configured into a sequence consisting of M numbers of the serial numbers, and the sequence points to M seeds identified by the serial numbers;

the one-way data conversion algorithm is configured to:

taking the input information as control information, and sequentially extracting M seeds pointed by the serial numbers in the input information from the public data;

and performing modular operation on the M seeds to generate secondary information with the same format as the seeds, wherein N and M are positive integers.

In some embodiments, the common data is configured as an end-to-end circular sequence of N x M elements, the circular sequence being divided into N units of length M, each of the units being identified by a number from 0 to N-1;

the seed is configured to extend from one of the cells in the same direction across the entire circular array to form an array having a length of N M, with the starting cell number being the seed number.

In some embodiments, generating the key comprises:

taking the master key as control information, and converting public data into private data through a third one-way data conversion algorithm under the control of the master key;

taking the timestamp as control information, and generating an intermediate key from the private data through a fourth one-way data conversion algorithm under the control of the timestamp;

the intermediate key is used as control information, and the public data is converted into secondary information through the one-way data conversion algorithm under the control of the intermediate key;

extracting an information generation key from the secondary information; and

associating the key with a corresponding time stamp,

wherein the one-way data conversion algorithm, the third one-way data conversion algorithm, and the fourth one-way data conversion algorithm use the same or different one-way algorithms.

In some embodiments, the method further comprises:

receiving a second timestamp transmitted from the paired key generation device;

and generating a second key determined by the master key and information in the second timestamp through the one-way data conversion algorithm according to the master key and by means of the second timestamp, wherein the second key is used as a second key corresponding to the second timestamp.

In one embodiment, 3 preconditions are proposed to satisfy the security of the key generation and distribution system:

premise 1. the master key is always kept secure, and all information output from the system, including keys generated and distributed from the system and information for key distribution, cannot detect master key information.

Premise 2. the generated keys are independent of each other, and there is no substantial help in deriving the next newly generated key from all the keys output from the system, in combination with known public information and methods.

Premise 3. key distribution is safe and feasible, i.e. the key can be securely transmitted to the legitimate receiver through the public channel, and an attacker who does not know the information of the master key cannot obtain the essential information of the key through the key transmission route.

The information security system satisfying the above 3 premises can realize generation and secure distribution of independent keys satisfying the required number and having key strength equivalent to the bit number of the master key by means of one master key, thereby constructing an encryption system which can prove security in an informatics theory.

In another embodiment, it is demonstrated that when the following 4 features are provided in the one-way data conversion algorithm, the key generation system using the method satisfies the above 3 preconditions in operation and application, so that any desired number of independent keys with key strength comparable to the number of bits of the master key can be generated and securely distributed by means of one master key by the method.

The method is characterized in that: the input information can be easily converted into secondary information determined by the input information by a one-way data conversion algorithm, i.e. it is certain and feasible to derive the secondary information from the input information;

and (2) feature: it is computationally impossible to convert the generated secondary information into corresponding input information, i.e. no substantial content of the input information can be deduced from the secondary information;

and (3) feature: the input information is subjected to non-degenerated nonlinear conversion to the secondary information, namely the value space of the secondary information is not smaller than that of the input information, so that different input information can statistically correspond to different secondary information, small changes of the input information can cause global changes in the secondary information, which cannot be predicted only by the variation, and under strict one-way data conversion, the unpredictable global changes of the generated secondary information can be caused by the changes of single bits in the input information.

And (4) feature: the one-way data conversion algorithm can convert any input information which can be converted to be in accordance with the input format into one-way data to generate the secondary information. In the present invention, if the number of bits included in the input information is N, the value space is 2^NThen, 0 to 2 are satisfied^NAny information value between-1 can be used as effective input information to implement the one-way data conversion and generate secondary information.

In some embodiments, the timestamp and the master key may be operated on by a one-way data conversion algorithm to generate the intermediate key; and generating the intermediate key by the one-way data conversion algorithm by taking the information in the timestamp and the master key as input information.

In one embodiment, the one-way data conversion algorithm is introduced in the intermediate key generation process, so that the encryption system adopting the method can effectively resist key collision attack, simultaneously reduces the requirement of the method on the one-way data conversion algorithm, and enlarges the application range of the method.

Some of the one-way data conversion algorithms with the above-mentioned 4 features that can be used in the method of the present invention are introduced in the following embodiments, including the evolution, division, and some hash functions.

In some embodiments, the one-way data conversion algorithm employs common data conversion under control of input information; the system information of the key generation device is further added with a public database which is configured to store public data composed of non-degenerate information without containing a large number of repeating units, and the number of bits contained in the public data can be far larger than the number of bits contained in the master key and the input information; the one-way data conversion algorithm is configured to convert the public data into secondary information under control of the input information.

In some embodiments it is demonstrated that the common data transformation under control of the input information can take a variety of forms; plaintext can be used as public data, an encryption key is used as the input information, and common data conversion under the control of the input information is realized by using a common encryption algorithm; in addition, some data conversion methods that are not suitable for conventional encryption algorithms because the data generated by the one-way conversion cannot be restored by a suitable algorithm may also be used in the method of the present invention.

In some embodiments, the common data transformation under the control of the input information employs a combination mold operation; the public database is configured to be composed of N number sequences with the same length, each number sequence comprises the same number of bits and is marked by a number from 0 to N-1, and the number is called as a seed; the input information is configured into a sequence consisting of M numbers of the serial numbers, and the sequence points to M seeds identified by the serial numbers; and the combined mold operation is configured to sequentially extract M seeds pointed by the serial numbers in the input information from the public database, and perform mold operation on the M seeds to generate secondary information with the same format as the seeds.

In some embodiments, using the above-described combinatorial model operation, the common database is configured as an end-to-end circular array comprising N × M elements, the circular array being divided into N units of length M, each unit being identified by a number from 0 to N-1; the seed is configured to extend from one of the cells in the same direction across the entire circular array to form an array having a length of N x M, with the starting cell number being the seed number.

In some embodiments, the one-way data conversion algorithm uses public data conversion under the control of the input information, and may generate a key by using the following process:

converting public data into private data under the control of a master key which is used as input information; generating a time stamp composed of arbitrary information which is not repeated, using the time stamp as input information, and generating an intermediate key from the private data under the control of the time stamp; converting the public data into secondary information under the control of the intermediate key by taking the intermediate key as input information; and extracting information generation keys from the secondary information, and associating the keys with the corresponding time stamps.

By adopting the process, the encryption algorithm with 1024-bit or higher key strength which can prove safe in an informatics theory can be conveniently realized on common communication equipment, so that unconditional and safe information communication in a real physical world can be realized through the method.

In some embodiments, the one-way data conversion algorithm may employ more than one-way algorithm, such that different one-way algorithms are employed in different one-way data conversion steps.

In some embodiments, the key generation device using the method is further configured to receive a timestamp sent from a paired key generation device, and generate, by the key generation device, a key corresponding to the timestamp by using the single data conversion algorithm in dependence on the master key according to information in the timestamp.

According to another embodiment described herein, there is provided a key generation apparatus including:

a system information module configured to store or/and generate system information of the key generation apparatus, the system information including at least a master key and at least one unidirectional data conversion algorithm, the master key being composed of unpublished random information, the unidirectional data conversion algorithm generating output information determined by input information according to the input information, and it is infeasible to infer or/and deduce the input information from the output information;

a key generation module configured to generate a key determined by information in the timestamp and the master key together by using at least one unidirectional data conversion algorithm depending on a timestamp composed of non-repeating arbitrary information according to the master key, and associate the key with the timestamp information; and

a transmission module configured to transmit the timestamp to a paired key generation apparatus, wherein the paired key generation apparatus stores second system information corresponding to the system information.

In some embodiments, the key generation module is further configured to:

generating the time stamp composed of the arbitrary information which is not repeated;

calculating the timestamp and the master key to generate an intermediate key;

extracting an information generation key from the secondary information; and

and associating the key with the timestamp corresponding to the key.

In some embodiments, the key generation module is further configured to:

In some embodiments, the apparatus further comprises:

a public database configured to store public data comprising a number of bits substantially greater than a number of bits comprised by the master key.

In some embodiments, the system information further comprises a public database configured to store public data comprising a number of bits substantially greater than a number of bits comprised by the master key,

wherein the one-way data conversion algorithm performs data conversion using the input information as control information to generate output information,

the key generation module is further configured to:

performing data transformation on the public data by the one-way data transformation algorithm using the input information as control information to generate secondary information.

the one-way data conversion algorithm is configured to:

In some embodiments, the key generation module is further configured to:

taking the master key as control information, and converting public data into private data through a second one-way data conversion algorithm under the control of the master key;

taking the timestamp as control information, and generating an intermediate key from the private data through a third one-way data conversion algorithm under the control of the timestamp;

extracting an information generation key from the secondary information; and

associating the key with a corresponding timestamp.

In some embodiments, the unidirectional data conversion algorithm, the second unidirectional data conversion algorithm, and the third unidirectional data conversion algorithm use the same or different unidirectional algorithms.

In some embodiments, the transmission unit is further configured to receive a second timestamp transmitted from the paired key generation device;

the key generation unit is further configured to generate a key by the one-way data conversion algorithm using the master key and the second timestamp as input information, the key being associated with the second timestamp information.

According to another embodiment described herein, there is provided a key management system including:

a management-side device, the management-side device comprising:

a control module: configured to generate, for each of a plurality of users, arbitrary information identifying an identity thereof as a user identification code of the user;

a user information module configured to store the user identification code;

a key generation module, including the key generation apparatus as described in the foregoing embodiments and storing a master key, configured to generate a corresponding user key for each of a plurality of users, and to deliver the user identification code and the corresponding key to a corresponding user end device as a user key of the user.

In some embodiments, the key generation module generates a key corresponding to the user identifier by using the user identifier as a timestamp in response to the user identifier sent from the user information module, and transmits the user identifier and the corresponding key to a corresponding user end device as the user key of the user.

In some embodiments, the control module is further configured to:

when the user key of one or more users is lost, the control module receives the corresponding user identification code from the user end device,

the subscriber information module is further configured to verify the received subscriber identity to confirm that the subscriber identity is a stored subscriber identity,

and the key generation module takes the user identification code as a timestamp, generates a user key corresponding to the user identification code, and feeds the user key back to the user end equipment.

In some embodiments, the key generation module is further configured to:

and combining the information in the user identification codes of different user end equipment to generate a time stamp, and generating a secret key for communication between different users.

In some embodiments, the system further comprises:

and one or more intermediate management nodes of different hierarchies are arranged between the management end device and the user end device.

In some embodiments, the system further comprises:

one or more customer premise equipment, the customer premise equipment stores the user identification code of the corresponding user.

According to another embodiment described herein, there is provided an encryption and decryption apparatus including:

the key generation apparatus as described in the previous embodiments, configured to generate a one-time key;

an input port configured to read or input data to be encrypted;

the formatting unit is configured to convert the data to be encrypted input by the input port into formatted plaintext matched with the format of the one-time key;

the encryption module is configured to generate a time stamp during encryption, generate a main ciphertext through the operation of the one-time secret key generated by the secret key generation module and the formatted plaintext according to information in the time stamp, use the time stamp corresponding to the one-time secret key as a ciphertext title, and combine the main ciphertext and the ciphertext title to generate a ciphertext;

a transmission port configured to transmit the generated ciphertext to a paired decryption apparatus.

In some embodiments, the encryption and decryption apparatus further includes:

a receiving port configured to receive a ciphertext transmitted from a paired encryption apparatus;

the decryption module is configured to analyze the received ciphertext to extract a time stamp in a main ciphertext and a ciphertext title, generate a one-time key corresponding to the time stamp as a decryption key by using the key generation module according to information in the time stamp, and decrypt the main ciphertext by using the decryption key to generate a decrypted plaintext;

the formatting unit is further configured to convert the decrypted plaintext into recovered data;

an output port configured to output the recovered data.

According to another embodiment described herein, there is provided a file management system, comprising a management-side device and one or more client-side devices,

the management terminal device includes:

a key management module, employing a key management system as described in the previous embodiments, configured to store a system master key and to generate and distribute a user master key for each user of the system;

the system encryption and decryption module is configured to encrypt and decrypt the file information communicated between the user side equipment and the management side equipment by adopting the encryption and decryption device in the previous embodiment;

a system file module configured to store system files of the file management system,

the customer premises equipment includes:

the user encryption and decryption module is configured to encrypt and decrypt the file information communicated between the user end device and the management end device by using the encryption and decryption apparatus according to the foregoing embodiment.

In some embodiments, the management-side device generates and stores a user identifier of each user of the user-side device through the key management module, generates a user master key corresponding to the user identifier, and allocates the user master key and the corresponding user identifier to each user-side device;

the user end equipment generates a time stamp through the user encryption and decryption module, generates a one-time key corresponding to the time stamp by depending on the user master key, encrypts file information by using the one-time key to generate a master ciphertext, uses the time stamp and a user identification code of the user as ciphertext titles, combines the master ciphertext and the ciphertext titles to generate a ciphertext, and sends the ciphertext to the management end equipment through a public channel to serve as a file certificate submitted by the user to the management end equipment;

the management terminal equipment receives the ciphertext transmitted from the user terminal, analyzes the ciphertext through the system encryption and decryption module, and extracts a user identification code and a time stamp in a main ciphertext and a ciphertext title; the key management module generates a corresponding user master key according to the user identification code; the system encryption and decryption module generates a corresponding decryption key by depending on the user master key according to the information in the timestamp, decrypts the master ciphertext and confirms the file information;

and the management terminal equipment stores the ciphertext of the confirmed file information into the system file module.

In some embodiments, the management-side device is further configured to generate, by the key management module, a user master key of the target user, as a master key of the system encryption and decryption module, encrypt the file information by the system encryption and decryption module to generate a ciphertext, and send the ciphertext to the target user-side device through a public channel;

the target user side equipment is further configured to receive the ciphertext sent from the management side equipment through the user encryption and decryption module, decrypt the ciphertext, and recover file information.

In some embodiments, the system further comprises:

According to another embodiment described herein, there is provided an information secure transfer system comprising a first communication device and a second communication device paired, wherein

The first communication device includes:

a first key generation apparatus using the key generation apparatus as described in the previous embodiments, configured to generate a one-time key as a first key;

the first input port is configured to read or input a first file to be transmitted;

the first formatting unit is configured to convert a first file to be transmitted input by the input port into a first formatted plaintext with the same key format;

a first encryption module configured to convert the first formatted plaintext into a first main ciphertext by using a first key generated by a first key generation device, use a corresponding first timestamp of the first key as a first ciphertext title, and combine the first main ciphertext and the first ciphertext title to generate a first ciphertext;

a first transmission port configured to transmit the generated first cipher text to the second communication device,

the second communication device includes:

a second key generation device, which uses the key generation device as described in the previous embodiment, configured to generate a one-time key as a second key;

a second receiving port configured to receive the first ciphertext transmitted by the first transmitting port;

the second decryption module is configured to analyze the received first ciphertext to extract a first time stamp in a first main ciphertext and a first ciphertext title, generate a second decryption key corresponding to the first time stamp through the second key generation module according to the first time stamp, and decrypt the first main ciphertext by using the second decryption key to generate a second decrypted plaintext;

a second formatting module configured to convert the second decrypted plaintext into second recovered data;

a second output port configured to output the second restored data as a second received file.

In some embodiments, the second communication device further comprises:

the second input port is configured to read or input a second file to be sent;

the second formatting module is also configured to convert the second file to be sent into a second formatted plaintext with the same key format;

a second encryption module configured to convert the second formatted plaintext into a second main ciphertext through a second key generated by the second key generation module, use a second timestamp corresponding to the second key as a second ciphertext title, and combine the second main ciphertext and the second ciphertext title to generate a second ciphertext;

a second transmission port configured to transmit the second ciphertext to the first communication device;

the first communication device further comprises:

the first receiving port is configured to receive the second ciphertext transmitted by the second transmitting port;

the first decryption module is configured to parse the received second ciphertext to extract a second main ciphertext and a second timestamp in a second ciphertext title, generate a first decryption key corresponding to the second timestamp through the first key generation module according to the second timestamp, and decrypt the second main ciphertext by using the first decryption key to generate a first decrypted plaintext;

the first formatting unit is also configured to convert the first decrypted plaintext into first recovered data;

a first output port configured to output the first restored data as a first received file.

According to the key generation and distribution method, the key generation device, the key management system, the encryption and decryption device, the file management system and the information security transmission system, independent keys which meet the requirement that the key strength can be equivalent to the bit number of the main key in any required number can be generated by means of one main key, the keys can be conveniently and safely distributed among legal communicators which exclusively share the main key, a general efficient encryption system which can be proved to be safe in an informatics theory is further constructed, and the fundamental problem of cryptography is solved.

Furthermore, the disclosed techniques may be directly adaptable to many other communication systems and information security environments.

Other features and advantages of the key generation and secure distribution method and its application of the present invention will become more apparent in the light of the attached drawings and the following detailed description of specific embodiments.

Drawings

Fig. 1 is a schematic diagram illustrating a method of generating a key according to an embodiment of the present invention.

Fig. 2 is another schematic diagram illustrating a method of generating a key according to an embodiment of the present invention.

FIG. 3 is a schematic diagram illustrating a combinational die operation according to an embodiment of the present invention.

Fig. 4 is a diagram illustrating a specific example of generating a key by the method according to the embodiment of the present invention.

Fig. 5 is a schematic diagram showing a key generation apparatus according to an embodiment of the present invention.

Fig. 6 is a schematic diagram showing a key management system according to an embodiment of the present invention.

Fig. 7 is a schematic diagram showing an encryption and decryption apparatus according to an embodiment of the present invention.

Fig. 8 is a schematic diagram showing a file management system according to an embodiment of the present invention.

Fig. 9 is a schematic diagram illustrating a system for secure delivery of information according to an embodiment of the present invention.

Detailed Description

The invention discloses a key generation method, which can generate and safely distribute independent keys which can meet the requirement of the number and have the key strength equivalent to the bit number of a master key by depending on the master key; an efficient, reliable and universal key management system can be constructed by using the method, and the plurality of users can be users with unlimited number in the real world by means of keys of a plurality of users in one master key management system; the generated key is used as plaintext information with the same one-time key encryption bit number, a general high-efficiency encryption system which can be proved to be safe in an informatics theory can be constructed, and various information safety requirements are met.

The system adopting the method meets the following premise in the application process so as to realize the safety of the system.

Precondition 1: the master key is always kept safe, and the master key information cannot be detected in all information output by the slave system, whether the information is public or the information needing to be kept private in the application process; the output information of the system includes keys generated and distributed from the system and information for key distribution.

In the application of cryptography, a ciphertext is considered to be public, a plaintext can also be disclosed in the future, and when the disposable secret key is used for encrypting file information, the disposable secret key information can be relatively easily deduced according to the ciphertext and the file information disclosed in the future, so that in the process of deciphering the cipher, the disposable secret key can be considered to be public information after the information transmission is finished; in a key management system, a system administrator generally does not want a user to probe master key information through distributed keys; therefore, in the premise, the key output from the system is regarded as information that can be used to attack the system master key.

Precondition 2: the generated keys are independent of each other and from all the keys output from the system, in combination with known public information and methods, there is no substantial help in deriving the next newly generated key, i.e. there is no relationship between substantial information of the keys generated using the key generation method that can be determined by existing and future expectable methods, i.e. the keys contain independent information determined by key strength.

Precondition 3: the key distribution is safe and feasible, namely the key can be safely distributed to a legal receiver through a public channel, and an illegal receiver who does not know the information of the master key cannot acquire the essential information of the key through a key transmission way; in a specific cryptographic application, a legitimate receiver in possession of the master key can easily generate the key to be transmitted from the master key based on the key distribution information, while an attacker not in possession of the master key does not obtain essential information about the distribution key from the key distribution information and any public information and knowledge.

The information security system satisfying the

premises

1, 2, and 3 can realize generation and secure distribution of a required number of independent keys having a strength equivalent to that of the master key by means of one master key, thereby constructing an encryption system which can prove security in an informatics theory.

In modern cryptography practice, it is required that besides part of system parameter information that can be encoded into a secret key, other system information, including but not limited to algorithms, processes, data formats, control parameters, etc., need to be disclosed to the outside. Therefore, in the key generation method and the information security system constructed by the key generation method described in the present invention, unless otherwise specified, the master key is the only private information of the system, and the key strength of the system is determined by the number of bits of the master key and the key generation method and the encryption and decryption process, so that the specific definitions of undetectable, irreducible, unknown, unacquirible, and the like in the above premises depend on the key strength of the system used.

Here, with the aid of cryptographic practice, we define key strength as the degree of difficulty in successfully inferring information encrypted by a key with the aid of public information and prior knowledge, as compared to inferring undisclosed random information of one N-bit. The possible values of the N-bit random information are evenly distributed over a size of 2^NThe success rate of randomly guessing a key with a key strength of N bits is 1/2^N. Therefore, the above-mentioned conditions, which cannot be detected, cannot be derived, cannot be known, cannot be obtained, etc., can be defined as: when information is encrypted by using an encryption method with N-bit key strength, target information is detected, derived and acquired each time by depending on information and knowledge other than the keySuccess rate is not significantly greater than 1/2^NOr the number of attempts for successfully acquiring the file information encrypted by the encryption method with the N-bit key strength is not obviously less than 2^N。

The essential information is a specific arrangement mode of bits contained in the key so as to be distinguished from the length, format and the like of the key according to the information required to be disclosed in the cryptographic practice, and thus confusion is avoided. The bits are basic units of information familiar to those skilled in the art of information science, and information of a plurality of bits can be determined by a corresponding number of 0's or 1's in a specific arrangement order.

The present specification mainly discusses digitized information, and the basic form is a binary number sequence composed of 0 or 1, and other binary number sequences can be adopted, such as, but not limited to, octal, decimal and hexadecimal, so as to facilitate manual reading and identification. The binary number array and the binary number array have a one-to-one conversion relationship, and the number arrays having a one-to-one conversion relationship can be considered as equivalent in the present specification.

Many forms of physical signals that can be detected and repeatedly generated are digitized, such as may include, but are not limited to, light waves, radio waves, current pulses, sound waves, nuclear radiation, patterns, symbols, and the like, which can be digitally processed and ultimately converted into binary-coded information that can be recognized and processed by a computer processor; also, the digitized information may be transmitted, processed, or otherwise caused to respond by conversion to suitable physical signals and symbols; these physical signals and combinations of symbols which can be digitized are also considered equivalent in the field of informatics to the number series and are thus included within the scope of the information discussed in this specification.

Hereinafter, a key generation method, a key generation apparatus, a key management system, an encryption/decryption apparatus, a file management system, and an information security delivery system according to embodiments of the present invention will be described in detail with reference to the accompanying drawings.

Examples of embodiments of the claimed subject matter are provided by way of introduction to the key generation methods of the present invention, as well as to various devices or systems employing the methods. The embodiments described below do not limit any claimed subject matter, and any claimed subject matter may encompass methods or systems other than those described below. The claimed subject matter is not limited to a system or method having all of the features of any one of the systems or methods described below, nor to features common to a plurality or all of the devices or methods described below. It is possible that a system or method described below is not an embodiment set forth in any claimed subject matter. Any subject matter disclosed in the systems or methods described below but not claimed in this document can be subject matter of another means of protection, such as the continuation of the patent application, and any such subject matter is disclosed in this document, and it is not the intention of the applicant, inventor or owner to disclaim, deny or dedicate them to the public.

While embodiments of the invention have been described in terms of several preferred, estimated, and analyzed examples to provide a better understanding of the invention, it will be appreciated that numerous specific details are set forth to provide a thorough understanding of the embodiments described herein and are not intended to limit the claims set forth herein. In actual implementation, the specific flow and algorithm can be optimized by means of existing knowledge and means commonly used in the field, so that the efficiency is improved and the use is convenient. Those skilled in the relevant art(s) will optimize the embodiments described herein in a manner well known in the art, giving optional parameters or recommendations to improve efficiency and extend the scope of applicability, or, based on the assessments and analyses described herein, through rigorous scientific reasoning, may find or make up the insufficiencies of the assessments and analyses provided herein, and result in some technical improvements; these possible technical improvements and advantageous suggestions should not be construed as imposing limitations upon the claims which are claimed herein, without exceeding the novel teaching and inventive spirit of the present invention. However, it will be understood by those of ordinary skill in the art that in some instances, the embodiments described herein may be practiced without these specific details. In other instances, well-known methods, procedures, and modules have not been described in detail so as not to obscure the embodiments described herein. Moreover, the drawings and their description are not to be taken as limiting the scope of the embodiments described herein.

Described herein are various embodiments of methods, systems, computer-readable media, and apparatuses for providing data protection. In general, embodiments described herein provide methods for generating encryption keys for securely encrypting files. The embodiments described herein also provide a method for generating a corresponding decryption key, i.e. secure distribution of keys, which is used to decrypt the encrypted file. In general, the embodiments described herein fall into the category of symmetric encryption, where the encryption key and the decryption key are the same. In general, features of the various embodiments described herein can be used in any combination with each other, unless otherwise indicated.

Embodiments described herein may address issues associated with key generation and management. In particular, the embodiments described herein may be used to provide one-time key data encryption, i.e., encrypting a plaintext with the same number of bits as the one-time key using the one-time key, so that the corresponding ciphertext and the encryption system are informatically provably secure while ensuring that the key can be securely generated and distributed by the method of the present invention.

< first embodiment >

Fig. 1 shows a schematic diagram of the generation of a key by the method of the invention. With the aid of fig. 1, this embodiment describes the implementation of the method according to the invention of independent keys whose key strength can be compared with the number of bits of the master key, by means of a time stamp which can consist of arbitrary information, by means of at least one-way data conversion algorithm, to meet the requirements in terms of the number of keys required by one master key generation and secure distribution.

The method of the embodiment of the invention can be generally realized by a key generation module; the key generation module can be used in various systems, including but not limited to a key generation device, a key management system, an encryption and decryption device, a file management system, an information security transmission system, etc., and can be used as a component of communication equipment in the system, in the form of hardware or/and software, to generate a key by using the method described in the embodiments of the present invention, and can be applied to the communication equipment to realize secure distribution and/or secure communication of the key.

In order to implement the method of the present invention, the master key and the one-way data conversion algorithm may be generated and/or stored in the key generation module by a common technical method as system information of the key generation module.

As described in fig. 1, first, system information stored in the key generation apparatus is acquired. The system information comprises at least a master key 101, a one-way data conversion algorithm 102. The master key consists of unpublished random information and is used as unique private information in the system; the one-way data conversion algorithm is configured to convert input information into secondary information determined from the input information, but detecting corresponding input information from the secondary information is not possible or computationally difficult. That is, the one-way data conversion algorithm is used to perform irreversible data conversion on input information to generate output information.

In another embodiment, the system information may also be flexibly generated according to the usage scenario. For example, two or more devices may flexibly set various parameters in a one-way data conversion algorithm. Two or more devices may also generate the same master key.

To achieve secure distribution of keys, the method introduces timestamps that can exploit arbitrary information.

Then, a key is generated by the one-way data conversion algorithm using the master key and the timestamp as input information, the key being associated with the timestamp information.

Finally, the timestamp is sent to a paired key generation device, where the paired key generation device stores second system information corresponding to the system information.

The information in the timestamp is extensive and any information that does not occur repeatedly may be employed.

In one embodiment, the time stamp is generated by the key generation apparatus. The time when the key is generated can be taken as a timestamp; by adopting the time as the timestamp, the value space of the timestamp can be ensured to be open, and the information in the timestamp is not repeated.

In another embodiment, the time of encryption can be used to attach some redundant random information as a time stamp; by adopting the timestamp, the redundant random information can be used as buffer while the timestamp value space is kept open and the information in the timestamp does not repeatedly appear, so that the timestamp has better expandability under the condition of keeping a fixed format; for example, the lower limit of time coding can be expanded with the increase of encryption frequency, and the year coding can be expanded with the increase of the service life of the system.

Specifically, as shown in fig. 1, the key generation module generates the key by:

generating a timestamp 111; combining the timestamp 111 with the master key 101 to generate an intermediate key 112; generating secondary information 113 by using the intermediate key 112 as input information through a one-way data conversion algorithm 102; extracting information from the secondary information 113 generates a key 114, associating the key 114 with a corresponding timestamp 111.

The one-way data conversion algorithm has the following characteristics:

and (3) feature: the input information is subjected to non-degenerated nonlinear conversion to the secondary information, namely the value space of the secondary information is not smaller than that of the input information, so that different input information can statistically correspond to different secondary information, small changes of the input information can cause global changes in the secondary information, which cannot be predicted only by the variation, and under strict one-way data conversion, the unpredictable global changes of the generated secondary information can be caused by the changes of single bits in the input information. In practice, it is possible to use a number of bits for the secondary information that is significantly larger than the number of bits for the input information and to introduce a non-linear algorithm or a non-linear transformation.

And (4) feature: the one-way data conversion algorithm can convert any input information which can be converted to be in accordance with the input format into one-way data to generate the secondary information. In the invention, if the input information is N bits, the value space is 2^NThen, 0 to 2 are satisfied^NAny information value between-1 can be used as effective input information to implement the one-way data conversion and generate secondary information.

The key generation module sends the timestamp a corresponding to the key 114 to the paired key generation module, and the paired key generation module adopts the same system information;

after receiving the timestamp a, the paired key generation module generates the key a corresponding to the timestamp a by the same method according to the same system information and using the same steps, thereby realizing key transmission.

In the whole key generation and transmission process, the intermediate key only appears in the calculation and exists in the memory or cache of the computer, and the output information of the system does not include the intermediate key information.

In the key generation and distribution system, the master key is unique private information, and other system information including, but not limited to, a system structure, a key format, a timestamp format, a flow and the like can be kept public.

It is proved that when the unidirectional data conversion algorithm 102 has the above features 1, 2, 3, and 4, the key generation and distribution system using the method can satisfy the

above preconditions

1, 2, and 3 in operation and application, so that independent keys with the same key strength and the same number of bits as the master key can be generated and safely distributed by one master key through the method.

The following was demonstrated:

all information output by the system includes the timestamp and possibly the key used to encrypt the file information or to assign to the object to which the system belongs, except for no other information that can be used to probe the master key. By adopting the one-way data conversion algorithm conforming to the characteristic 2, the essential information of the intermediate key cannot be detected from the secondary information, so that even if the information in the generated key is completely exposed after use for various reasons, the intermediate key information cannot be deduced from part of the exposed key information or even from all the secondary information, and the essential information of the main key cannot be obtained; since the time stamp is composed of information that can be arbitrary and can be used in common completely independently of the key generation method and the system information, the time stamp does not expose the system information and the master key information. Thus, the master key can be kept secure in the operation of the key generation system, and precondition 1 is satisfied.

In the key generation device, the main key and the system information are fixed, and finally, the time stamps which can adopt different values are determined to output different secondary information and keys. The time stamp which can be formed by any non-repeated information is adopted, the value space of the time stamp is open, and the information in the time stamp can be independent. An intermediate key is generated by combining the timestamp with the master key, and the intermediate key can inherit independent information in the timestamp by adopting non-degenerate combination. By adopting the one-way data conversion algorithm conforming to the characteristics 3 and 4, any intermediate key can be converted into effective input information to generate independent secondary information which can inherit the independent information in the intermediate key, so that the independent key can be selected from the independent secondary information. Precondition 2 is satisfied.

The intermediate key is generated using a non-degenerate combination, the intermediate key inherits the key strength of the primary key, and therefore, even with a short timestamp, the key strength of the primary key is passed to the secondary information via the intermediate key, thereby generating an independent key from the secondary information that may have the same key strength as the primary key.

If necessary, the intermediate key, the secondary information and the key can be generated in sequence by the method shown in fig. 1 by using the timestamp with the same bit number as the main key; the use of long time stamps is also easy to implement in the key generation system; under the condition that the bit number of the selected secondary information is obviously larger than the bit number of the key, the calculation amount required for generating the secondary information and the corresponding key and the information processing efficiency of the system are not obviously influenced by adopting the long timestamp. The openness of the timestamp value space also ensures that any required number of keys can be generated by the timestamp.

It is obvious that by the method a key is generated that can be conveniently distributed by means of a timestamp. By adopting the one-way data conversion algorithm conforming to the characteristics 2 and 3, the unpredictable global change of the generated secondary information can be caused by the change of a single bit of the intermediate key, so that the change of the corresponding secondary information can not be speculated according to the change of the timestamp under the condition of not exposing the essential information of the intermediate key; therefore, by adopting the key generation flow shown in fig. 1, it is ensured that the intermediate key essential information is not exposed, and the corresponding secondary information and the key generated therefrom cannot be inferred according to the information in the timestamp, so that the key can be safely distributed through the timestamp. Precondition 3 is satisfied.

Therefore, by using the one-way data conversion algorithm conforming to

features

1, 2, 3, 4, it is ensured that the essential information of the master key is not exposed by other means than the key generation and distribution process described above, and that the essential information of the intermediate key is kept unexposed during the application process, any desired number of independent keys whose key strength can be matched to the number of bits of the master key by means of one master key generation and secure distribution by means of the timestamp can be satisfied by the method described in the embodiments of the present invention.

In another embodiment, the combination of the timestamp and the master key may be a simple non-degenerate combination, such as a modulo operation or a simple addition of information, to generate the intermediate key.

According to the foregoing analysis, in the case of using the unidirectional data conversion algorithm conforming to

features

1, 2, 3, and 4 and not disclosing the intermediate key information, the above simple combination can also ensure that any required number of independent keys are generated by means of the master key according to the information in the timestamp, the master key information remains secure in the key generation and distribution process, and the secondary information generated by the intermediate key through the unidirectional data conversion algorithm is not detected from the information in the timestamp, thereby achieving the generation and secure distribution of independent keys satisfying any required number.

In cryptographic practice, there is a key collision, i.e. two independently selected or independently generated keys are identical; key collisions can generally be avoided by enlarging the key space, i.e. increasing the key strength; under the same key strength, the random key is adopted, the known information easy to remember is prevented from being used as the key, the effective key space is kept, and the key collision is reduced.

In the embodiment of the invention, as in the common encryption method, the direct collision of the master key is not considered; because the embodiment of the invention usually generates a large number of disposable keys through one master key, the collision among the disposable keys can be considered in the application process, and an attacker is prevented from attacking the system through the collided disposable keys. Although, as will be described later, the key generation using the method of the present invention is very efficient and can be selected with very high key strength, for example, according to the description of the second embodiment, it is relatively easy to implement keys with strength of 1024 bits or more on common communication devices, so that it is statistically ensured that random collisions between these one-time keys are unlikely to occur in the real world.

In the worst case, an attacker with strong capability can acquire all the disposable keys and corresponding time stamps output by the key generation system adopting the method through the ciphertext and the decrypted plaintext, simultaneously generate a large number of disposable keys by using the own master key through the same method, expect to collide with the acquired disposable keys, and detect the information of the master key of the other party from the collided disposable keys. However, as previously mentioned, such attacks have little effect on high-strength keys to the extent that they are unlikely to occur in the real world.

If a key collision is observed, an attacker can easily derive intermediate key information for generating a corresponding key from the own system from the collided key.

The above intermediate key generation manner by simple combination of the timestamp and the key is vulnerable to the above key collision attack, for example, an attacker can easily derive the master key information from the intermediate key information and the corresponding timestamp information, thereby breaking the whole system.

In another embodiment, to avoid the collision attack described above, the master key and the timestamp are generated by a one-way data conversion algorithm as an intermediate key.

In the following, a specific example of key generation and distribution will be described with reference to one specific example:

in this example, a fixed 6-digit master key 763403 is set, and the one-way data conversion algorithm employs an evolution algorithm.

The time stamp being the date of encryption, e.g. 0803 (August three days)

The following steps are used to generate and distribute keys:

generating a time stamp: 0803

The timestamp and the master key are combined by multiplying to obtain the following remainder of 100 ten thousand, namely the last six digits, as an intermediate key:

763403 0803 613012609, the last six bits are taken to obtain the intermediate key 012609

Generating secondary information by using the intermediate key as input information through a one-way data conversion algorithm (evolution operation):

the root number of the input information 012609 is set to obtain 112.28980363327740720570916632036, 18 digits after 6 digits of the decimal point are taken to obtain a: 633277407205709166

Adding 1 to the input information 012609, namely 012610 root number, to obtain 112.2942563090383532372986924121, and taking 18 digits after 6 digits of the decimal point to obtain b: 309038353237298692

And performing bitwise modulo operation on the a and the b to obtain secondary information.

a：633277407205709166

b：309038353237298692

Adding bit by bit, taking the single digit of the sum

Secondary information 932205750432997758

Extracting information from the secondary information, e.g., the middle six bits, 750432, as a key, marking key 750432 with a timestamp 0803;

the timestamp 0803 is transmitted to the paired key generation apparatuses, and the paired key generation apparatuses generate a key 750432 corresponding to the timestamp 0803 by using the same master key 763403 and by the same procedure, thereby realizing key transfer.

Further, when the date is 0804 (august four days), the key generation and distribution step of date 0804:

generating a time stamp: 0804

Timestamp combined with master key: 763403 × 0804 ═ 613776012, the last six bits are taken, resulting in an intermediate key 776012;

intermediate key 776012 is used as input information;

the root number of the input information 776012 is set to obtain 880.91543294461585905541320952872, 18 digits after 6 digits of the decimal point are taken to obtain a: 944615859055413209

Adding 1 to the input information 776012, namely 776013 root number, to obtain 880.9160005358059109568403944211, and taking 18 digits after 6 digits of the decimal point to obtain b: 535805910956840394

a：944615859055413209

b：535805910956840394

Secondary information 479410769901253593

Extracting information from the secondary information, e.g., the middle six bits, 769901, as a key, marking key 769901 with a timestamp 0804;

the timestamp 0804 is transmitted to the paired key generation apparatuses, and the paired key generation apparatuses generate a key 769901 corresponding to the timestamp 0804 by using the same master key 763403 and by the same procedure, thereby realizing key transfer.

The above process has the following characteristics:

1. the timestamp form and content may be irrelevant to the master key and key generation scheme, and thus the master key information is not exposed.

2. The time stamp can be combined with the master key to generate an intermediate key, and further to generate the determined secondary information and key by one-way data transformation, and it is impossible to infer the corresponding intermediate key from the secondary information and key, and further, the master key cannot be inferred, so that the generated key does not expose the master key information.

3. In the case where an intermediate key is not generated in combination with a master key, it is impossible to estimate a corresponding key from a timestamp and a change in the timestamp, and therefore, the key can be securely distributed by the timestamp. The key values corresponding to the very close timestamps 0803 and 0804 of the above described form are quite different.

The required number of non-repeating keys can be generated by a suitable length of time stamp, for example 1 hundred million keys can be generated using an 8-bit time stamp.

Fig. 2 shows one useful flow of the master key and time stamp through a one-way data transformation algorithm to generate an intermediate key, and thus a secondary information and key. In contrast to the example of fig. 1, the intermediate key is generated by a one-way conversion algorithm in the example of fig. 2.

Specifically, an intermediate key 212 is generated by the one-way data conversion algorithm 202, with the master key 201 and the timestamp 211 as input information; generating secondary information 213 by the one-way data conversion algorithm 203 using the intermediate key 212 as input information, extracting information from the secondary information 213 to generate a key 214, and associating the key 214 with a corresponding timestamp.

In the above embodiment, since the intermediate key is generated by using the one-way data conversion algorithm, the conversion from the master key and the timestamp to the intermediate key is non-linear, and a single bit change in the timestamp will cause an unpredictable global change in the generated intermediate key information. Therefore, even if an attacker can acquire a small amount of intermediate key information through the above-described key collision attack, the master key substance information cannot be effectively detected from the intermediate key and the corresponding time stamp information. Therefore, the intermediate key generated in the above manner can effectively resist the above attack based on key collision.

In some embodiments, some unidirectional data conversion algorithms are described that can be used in the methods described herein. It should be understood that these examples are only used to indicate that the one-way data transformation algorithm applicable to the method of the present invention is ubiquitous, and not as a limitation to the claims claimed in the present invention, and any one constructed one-way data transformation algorithm applicable to the key generation method and its related information security system described in the present invention should not impair the novelty of the present invention and the claims claimed in the present invention.

Unidirectional data conversion algorithms conforming to the

features

1, 2, 3, 4 are ubiquitous.

In one embodiment, the secondary information of any desired length that can be determined from an input value is generated, for example, by an squaring operation, or other operation that can generate an irrational number from the input value.

Specifically, for example, the following steps may be taken:

input information is digitized, and the digitized information is converted into a non-negative integer N as an input value.

Computing

The numerical value meeting the required length after the decimal point is accurate, an integer part and a decimal part which is at least as long as N and is adjacent to the decimal point are abandoned, and the numerical value a of the determined length of the latter part is selected;

computing

The numerical value meeting the required length after the decimal point is accurate, an integer part and a decimal part which is at least as long as N and is adjacent to the decimal point are abandoned, and a numerical value b of the determined length of the latter part is selected;

and performing modulo operation taking the N system as a module on the a and the b bit by bit to generate secondary information.

The specific calculation process is demonstrated by adopting decimal number, N is 1889, the corresponding input information is 1-8-8-9, the length of the secondary information is 24 bits, N is a very large number in practical application, and the number of bits of the secondary information is also very long;

computing

Discarding the integer part and 4 digits after decimal point to obtain 2762420146175670116696808, and taking 24 digits to obtain a, wherein the a is 276242014617567011669680;

computing

Discarding the integer part and 4 digits after decimal point to obtain 1713900185020498627353631, and taking 24 digits to obtain b of 171390018502049862735363;

and performing modulo operation of modulo 10 on the bits of the a and the b to generate secondary information, wherein the specific operation is as follows:

a：276242014617567011669680

b：171390018502049862735363

modulo operation modulo 10

Secondary information: 347532022119506873394943

In the above modulo operation with 10 as the modulus, the numbers at the corresponding positions in a and b are added bit by bit, if the sum of the two is less than the modulus 10, the sum of the two is taken as the calculation result, if the sum of the two is greater than the modulus, the sum of the two is subtracted by the modulus 10 or the integral multiple of the modulus 10, and the non-negative integer less than the modulus 10 is taken as the calculation result. The method can be popularized to the modulo operation of all the system numbers.

The above-mentioned evolution algorithm is a one-way data conversion algorithm with

features

1, 2, 3, 4, which proves as follows:

the generation of the determined secondary information by performing the evolution operation on the input numerical value is computationally feasible, and the characteristic 1 is provided.

Obviously, through modulo operation, the a and b can select the number sequence with the same length of any value to generate the target secondary information; for example, the first digit of the secondary information is 3, the first digit of a or b can be any one of 0 to 9, and 3 is obtained by the modulo operation through pairing, such as 0 and 3, 1 and 2, 2 and 1, 3 and 0, 4 and 9, 5 and 8, 6 and 7, 7 and 6, 8 and 5, 9 and 4, and the digits of other positions are the same; therefore, it is impossible to infer a and b from the secondary information, and thus N and the input information cannot be obtained; in addition, the data conversion is nonlinear because the integer and high-order decimal parts are discarded, and the single-digit change in the input value N can cause the global change of the generated a or b and secondary information. The feature 2 is provided.

Obviously, any input information can be converted into a determined non-negative integer smaller than the value space value thereof, so that the input information can be used as legal input; the above calculation makes use of the common sense that N and N +10 cannot be perfectly square numbers at the same time, ensuring that non-0 secondary information of any desired length can be output, as provided by features 3, 4.

It can be seen from the above calculations that it is also difficult to guess N from a or b, and the algorithm can be further optimized.

The decimal operation used in the above and following demonstrations is intended to facilitate a better understanding of the invention by persons skilled in the broader arts. In actual calculation, binary systems and octal or hexadecimal systems which can be conveniently converted from the binary systems are more convenient to adopt; after binary, the modulo operation can be accomplished by an XOR operation more suitable for computers.

In another embodiment, with common data, an efficient one-way data conversion algorithm can be constructed by a division operation.

Converting input information into a numerical form, e.g. a form such as x₁x₂x₃…x_i-2x_i-1x_iy₁y₂y₃…y_i-2y_i-1y_i；

Common data in the form of values, e.g. in the form of z₁z₂z₃…z_k-2z_k-1z_k；

Advantageously, k is much greater than 2 i;

calculating 1z₁z₂z₃…z_k-2z_k-1z_k1/1x₁x₂x₃…x_i-2x_i-1x_i1, that is to say1z₁z₂z₃…z_k-2z_k-1z_k1 divided by 1x₁x₂x₃…x_i-2x_i-1x_i1, calculating a digit which is long enough after reaching a decimal point, discarding a high-order digit with the same length as the input information in the integral part of the calculation result, and selecting a numerical value a with the same length as the public data in the rear part;

when in calculation, one non-0 digit is added before and after the numerical value, so that the situation that the format of the calculation result is greatly changed due to the fact that more 0 values appear before and after the input information and the public data can be effectively avoided.

Calculating 1z₁z₂z₃…z_k-2z_k-1z_k1/1y₁y₂y₃…y_i-2y_i-1y_i1 to decimal point, discarding high-order digits with the same length as the input information in the integral part of the calculation result, and selecting a numerical value b with the same length as the public data in the part;

and performing modulo operation taking the numerical system used as a modulus on the a and the b bit by bit to generate secondary information.

The calculation process is demonstrated by using 8-digit decimal value input information 3-7-2-8-1-5-9-6, the converted input information format is 3728-1596, the public data is 24-digit 367368971209437083569112, and the length of the input information and the public data is far longer than that of the example in practical application;

13673689712094370835691121/137281 is calculated to obtain 99603657549802018019.180520246793, 8 high-order digits of the integer part are abandoned to obtain 549802018019.180520246793, and 24 digits are selected to obtain a is 549802018019180520246793;

13673689712094370835691121/115961 is calculated to obtain 117916279715545492326.65396986918, 8 high-order digits of the integer part are abandoned to obtain 9715545492326.65396986918, and 24 digits are selected to obtain b of 971554549232665396986918;

a：549802018019180520246793

b：971554549232665396986918

modulo operation modulo 10

Secondary information: 410356557241745816122601

The division operation is a one-way data conversion algorithm with

features

1, 2, 3, and 4, and proves as follows:

generating a determined secondary information from the input information by a division operation is operationally feasible, feature 1 possesses.

Since modulo operation is employed in the secondary information generation process, it is impossible to infer a and b from the secondary information, and thus the input information cannot be inferred, and feature 2 is provided.

Effective secondary information which is determined by the common data length and is obviously larger than the length of the input information can be output from the division operation, and the non-degenerating transformation from the input information to the secondary information is ensured; the data conversion is nonlinear because the high-order digits of the division result are abandoned, and the global change of the calculated value can be caused by the single value change of the input information. The feature 3 is provided.

Obviously, any input information can be converted into a definite non-negative integer smaller than the value space value, and thus can be used as legal input. The feature 4 is provided.

As can be seen from the above calculations, it is also difficult to infer the input information from a or b before the fractional part appears to loop.

The calculation speed of the key generated by the division one-way data conversion algorithm is inversely proportional to the length of the key and is equivalent to the speed of the fastest encryption algorithm at present.

The public data can be universally used in the method adopting different master keys, can be stored and transmitted in a public way as the public information of the system, and the master key is still the only variable private information which needs to be shared with different legal correspondents in the system; under the existing information and computer technical conditions, the introduction of the public data does not increase the extra information storage burden of the communication equipment adopting the method of the invention.

In the division operation adopted in this embodiment and other unidirectional data conversion algorithms described in the following embodiments, the requirement on the randomness of the public data is not high, and as long as digital information of a large number of repeated segments does not appear, the public data can be regarded as qualified public data, for example, a random number generator in a computer accessory can be adopted to generate the public data.

In addition, except for a very special key, for example, all the keys are composed of 0, in the division operation of the embodiment, in the case that the length of the secondary information is much longer than that of the input information but is not close to the non-negative integer value corresponding to the input information, 1 or other simple numerical value can be used as a default value to replace the public data. The above-mentioned premise can be easily satisfied, for example, by using the 8-bit input information 3-7-2-8-1-5-9-6, the length of the secondary information satisfying the above-mentioned premise can reach thousands of bits.

In some embodiments, the one-way data transformation algorithm may employ common data transformation under control of input information.

The system information of the key generation module is added with a public database on the basis of the master key and the one-way data conversion algorithm, and the public database is configured to store public data, and the public data can be configured to adopt random numbers generated by a random number generator in a common computer accessory.

The common data transformation under control of the input information is configured to transform the common data into secondary information under control of the input information.

The common data transformation under the control of the input information may be constructed by means of a common encryption algorithm, or may be directly used as the common data transformation under the control of the input information.

Common encryption algorithms, such as DES, AES, etc., have a basic function of converting plaintext into ciphertext under the control of a key, and usually the bit number of the plaintext and the converted ciphertext is much larger than that of the key; if the key of the common encryption algorithm is used as input information, plaintext to be encrypted is used as public data, and ciphertext generated through the encryption algorithm is used as secondary information, the encryption process of the common encryption algorithm is a one-way data conversion algorithm with the

characteristics

1, 2, 3 and 4. The following was demonstrated:

the method has the advantages that the plaintext is conveniently converted into the ciphertext through the key, and the basic functions of all encryption algorithms are achieved, so that public data (plaintext) can be conveniently converted into secondary information (ciphertext) under the control of input information (key) by utilizing the encryption algorithms, and the characteristic 1 is achieved;

common encryption algorithms require that it is impossible or computationally infeasible to derive plaintext from ciphertext, the degree of computational difficulty determining the key strength of the encryption method; in a common encryption algorithm that encrypts different plaintexts multiple times using the same key, it is also not feasible to infer the key from the ciphertext and the corresponding plaintexts. The feature 2 is provided.

The effective encryption algorithm also requires that the transformation from the key and the plaintext to the ciphertext is nonlinear, and requires that small changes of information in the key or the plaintext can cause global changes of the generated ciphertext, which cannot be predicted according to the variable quantity of the information in the key or the plaintext; generating a ciphertext with a bit number much larger than the key bit number by encrypting plaintext data with a bit number much larger than the key bit number through a key is also a basic requirement of a common encryption algorithm, and ensures that the conversion from input information to output information is non-degenerate conversion. The feature 3 is provided.

In addition to the public key algorithm, any bit combination conforming to the key format in the commonly used encryption algorithm can be used as the key, which becomes the valid input information, and the feature 4 is provided.

Different from the application scenario of the common encryption algorithm, in the method of the present invention, the intermediate key is used as one-time input information to participate in the public data conversion to generate secondary information and a key, and therefore, the encryption method and the information security system constructed by the method of the present invention are generally invalid against the attack of the common encryption algorithm.

Therefore, many existing encryption algorithms can be used as the one-way data conversion algorithm of the method of the present invention.

In other embodiments, the one-way data conversion algorithm with

features

1, 2, 3, 4 may be selected from a number of hash functions.

In another embodiment, the common data transformation under the control of the input information uses a combined die operation. The public database can be configured to be composed of N number sequences with the same length, and the number sequences are marked by numbers from 0 to N-1 and are called seeds, and each seed contains the same number of bits; accordingly, the input information is configured as a sequence of M number sequences, each of which points to M seeds identified by the number.

The one-way data conversion algorithm may take the following form:

sequentially extracting M seeds pointed by the serial numbers in the input information; and performing modular operation on the M seeds to generate secondary information with the same format as the seeds.

The combined die operation is a one-way data conversion algorithm with

characteristics

1, 2, 3 and 4, and proves that the following steps are carried out:

m seeds determined by the serial numbers in the input information are selected from the input information to carry out modular operation, so that secondary information determined by the input information can be conveniently generated, and the characteristic 1 is provided;

the secondary information is generated by selecting corresponding seeds in a public database according to the serial numbers in the input information and carrying out modular operation on the seeds; according to the characteristic of modular operation, as mentioned above, any sequence with the same format as the secondary information can generate the secondary information through modular operation with a suitable sequence with the same format, so that any seed in the public data cannot be excluded before all seed combinations are tried; the number of different combinations of numbers in the input information, i.e. the possible seed combination modes, is equal to the value space of the input information; in a case where the input information is hidden, it is not less difficult to detect corresponding input information from the secondary information than to randomly guess the input information, and therefore, substantial information of the corresponding input information is not detected from the secondary information. The feature 2 is provided.

Because the input information consists of seed numbers, the change of a single bit in the input information changes a number value, thereby changing the seeds participating in combination, and because the secondary information is as long as the seeds, the change of the single seeds participating in combination causes the global change of the generated secondary information, therefore, the combination mold operation conforms to strict nonlinear transformation; and the length of the generated secondary information can be obviously larger than that of the input information, so that the non-degenerated conversion from the input information to the secondary information is ensured. The feature 3 is provided.

Obviously, any input information can be converted into the number sequence, and thus can be used as legal input information. The feature 4 is provided.

Under the condition of keeping seed information in a database private, the combination die is operated as a strict one-way data conversion algorithm; under the condition of disclosing the seed information in the database, the master key and the timestamp are required to be adopted as input information, and an intermediate key is generated through a one-way data conversion algorithm; the intermediate key is generated by adopting the one-way data conversion algorithm, the unpredictable global change of the intermediate key is caused by the change of a single bit in the timestamp, the secondary information and the key generated by the secondary information cannot be conjectured from the information change in the timestamp under the condition that the information of the intermediate key is not disclosed, and the combination die operation accords with strict one-way data conversion.

And by adopting the combination die operation, the key generation efficiency can be obviously improved under the condition of enough seeds. Compared with division operation, 2 is adopted^NUnder the condition of each seed, the operation efficiency of the combined mold can be improved by N times. For example, select 256 ═ 2⁸In the key generation system of the bit key, the division operation for generating the key requires about 256 times of addition operation, if 256 seeds are adopted, the serial number of each seed is 8 bits, the combination die operation only requires 32 times of modular addition operation, and the efficiency is improved by 8 times.

In another embodiment, the unidirectional data conversion algorithm uses a combination model operation, the public database is configured as an end-to-end ring array containing N × M elements, the ring array is divided into N units with length M, and each unit is identified by a number from 0 to N-1; the division of the circular array into units of length M is to enable shift modulo arithmetic, as will be described in detail later;

the seed is configured to extend from one of the cells in the same direction across the entire circular array to form an array having a length of N x M, with the starting cell number being used as the corresponding seed number.

Determining N seeds with the same bit number as the cyclic sequence from the cyclic sequence formed by the N x M elements; the use of circular arrays allows the maximum number of seeds containing the most bits to be maintained with the minimum common database capacity.

One specific example of the combined die operation is described below in conjunction with fig. 3.

As shown in fig. 3, the common database is a 64-bit binary ring array divided into 16 4-bit units, which are identified sequentially by 4-bit binary numbers from 0000 to 1111. In practice, the length of the circular array should be much greater.

16 seeds can be derived from the binary ring number array, each seed spans the whole ring number array from one unit to form a 64-bit binary number array with the same length as the ring number array, and the number of the unit is used as the corresponding seed number.

For example, as shown in fig. 3, the seed with the number 0101 extends from the unit '1001' with the number 0101 in the ring sequence to the unit '1100' with the number 1111, further extends across the unit with the number 1111, is connected to the initial unit '1010' with the number 0000, and ends at the unit '0110' with the number 0100, forming a binary sequence with a length of 64-bits.

The input information is a 16-bit binary number sequence, and sequentially comprises 4 seed numbers: 1010-0110-0111-0101.

The combined die operation adopts the following steps:

sequentially selecting seeds with corresponding numbers in the input information: 1010. 0110, 0111, 0101, numbering the seeds according to the selection sequence, as shown in fig. 3, the sequence is numbered from 0 to 3;

before the modular operation, shifting the selected seeds, and shifting the bits of the selected seed number sequence along the same direction by the number corresponding to the corresponding sequence number value; for example, as shown in fig. 3, the seed No. 01010 remains unchanged, the sequence of the seed No. 10110 is shifted backward by 1 bit, and finally the extra 1-bit number is folded back, and the length of the sequence is kept unchanged; in the same way, the seed sequences No. 2 and No. 3 are respectively shifted backwards by 2 bits and 3 bits; the numbers that are folded back are underlined in FIG. 3;

and performing modular operation on the numerical sequence subjected to the shifting operation to generate secondary information. With binary sequences, modulo arithmetic becomes an XOR operation that facilitates computer operation. For the bit-by-bit XOR operation of a plurality of arrays, the number of times of 1 occurrence at the corresponding position is only counted during calculation, the odd number of 1 results is 1, and the even number of 1 results is 0.

By adopting the shift modular operation, different secondary information can be generated from the input information containing different sequential combinations of the same seeds, so that the secondary information and the input information keep a one-to-one correspondence statistically.

Obviously, in the above-mentioned combined mold operation, the variation of a single bit in the input information will cause unpredictable global variation of the generated secondary information, ensuring that the conversion from the input information to the secondary information conforms to a strict non-linear transformation.

Obviously, in the above combination mode operation, the input information 0000-; thus, unlike conventional algorithms, all input information has the same complexity in a combined die operation with a fixed input information format.

In some embodiments, with the aid of the flows described in fig. 1 and fig. 2, different unidirectional data transformation algorithms, different intermediate key generation manners, and different combinations of these unidirectional data transformation algorithms and intermediate key generation manners described in the above embodiments may be used to construct a key generation method suitable for a specific application.

By means of the above embodiments, this specification demonstrates that any desired number of independent keys, whose key strength can be comparable to the number of bits of the master key, can be satisfied by the method of the invention by means of one master key generation and secure distribution, by means of timestamps that can use any information, at least one unidirectional data conversion algorithm.

Returning to fig. 1, the above method generates the key from the timestamp by the following chain of data transformations: timestamp + master key → intermediate key → secondary information → key, the output timestamp and key being at both ends of the data transformation chain.

Because a one-way data conversion algorithm is adopted in the conversion process of the intermediate key → the secondary information, the possibility that the generated secondary information and the key are used for deducing the front information including the intermediate key and the main key is cut off, and the system can be ensured to output the key which does not influence the safety of the main key at will; the timestamp for distributing the key does not expose any system information either, since the randomness of the information in the timestamp can be independent of the key generation method; the above-mentioned characteristics ensure that the system unique private information master key is always kept safe in the key generation and application processes.

The non-linear nature of the one-way data transformation algorithm used in the method of the present invention described with the above embodiments is such that a single bit change in the intermediate key will cause a global change in the corresponding secondary information and information in the key; the intermediate key information is not disclosed, and a path for estimating the generated secondary information and the corresponding key from the intermediate key change caused by the information change in the time stamp is cut off, so that the key can be distributed securely by the time stamp. In some embodiments, a one-way data conversion algorithm is introduced in the process of timestamp + master key → intermediate key, so that the requirement on the one-way data conversion algorithm is further reduced, and the application range of the method is expanded.

In the system, system information including a master key is fixed, and a time stamp is used for final decision of key information. The time stamp with optional information has an open value space, so that the independence of the information in the time stamp is ensured, and the independent keys corresponding to the time stamp in any required number can be generated.

The master key participates in the generation of the intermediate key as the only private information in the system. The time stamp and the master key are combined to generate the intermediate key through non-degeneration, so that the intermediate key can inherit the key strength of the master key on one hand, the method can conveniently generate and distribute the key with the strength equivalent to that of the master key by means of the shorter time stamp, and inherits the independent information in the time stamp on the other hand, and the system can generate the independent key through the time stamp which can adopt any information and the intermediate key.

Therefore, the method generates an intermediate key which is not open to the outside by adopting the independent timestamp of any information and the main key through non-degeneracy combination, converts the intermediate key into secondary information through a one-way data conversion algorithm, extracts the key from the secondary information, and simultaneously realizes two targets which are difficult to achieve in the prior art:

1. the randomness of the information in the timestamp enables a system adopting the method of the invention to adopt a universal timestamp which is independent of the system and an algorithm so as not to expose system information to distribute the key, thereby eliminating the possibility of attacking the system in the key distribution process, simultaneously eliminating the possibility that the information detection in the universal timestamp depends on the system information, and generating secondary information inheriting the key intensity of the main key and the key from the main key, thereby constructing an ideal key security distribution scheme according to the method;

2. the independence of the information in the timestamp enables an intermediate key generated by non-degenerate combination of the timestamp and the master key to inherit the independent information in the timestamp, and the independence of secondary information and a key generated by the intermediate key through a one-way data conversion algorithm is guaranteed; therefore, even if the secondary information and the key information are all exposed after use, the substantial information of the newly generated and transmitted key cannot be presumed from all the key information that has been generated and used; so that an ideal key generation mechanism can be constructed according to the above method.

In the above embodiment, the manner of generating the intermediate key by introducing a non-degenerate combination of the timestamp and the master key produces two beneficial results at the same time:

1. the intermediate key can inherit the key strength of the master key, so that a high-strength key determined by the bit number of the master key can be generated and distributed by adopting a short timestamp, and convenient key generation and distribution are realized;

2. the time of key generation can be used as the timestamp, and meanwhile, the information in the timestamp is not repeated and the number of generated timestamps is opened, so that the number of intermediate keys, secondary information and keys generated by the timestamp is opened, and the generation and distribution of any required number of independent keys are realized.

In the above embodiment, the timestamp and the master key are used as common input information, and a key capable of inheriting the key strength of the master key and the independent information in the timestamp at the same time is generated through a non-degenerate unidirectional data conversion algorithm; by means of the arbitrariness of information in the time stamp and the openness of a value space, the number of unlimited keys is generated and safely distributed through the universal time stamp which can be independent of a key generation method. In the above embodiments, some specific key generation processes using the method and a unidirectional data conversion algorithm that can be used in the method are described at the same time, and the unidirectional property of the algorithm and the security of the processes are preliminarily evaluated.

With the method described in this embodiment, the present invention solves the problem of convenient generation and secure distribution of independent keys that can satisfy any desired number, with the required key strength. The timestamp is used as a user identification code, a general and reliable key management system can be constructed by using the method, and keys of a complex system which can contain any number of users are efficiently and conveniently managed by depending on one master key; the key is used as plaintext information with the same number of encryption bits of the one-time key, the corresponding timestamp is used as a decryption clue, a general encryption algorithm which can prove safe in an informatics theory can be constructed by the method, and efficient, convenient and unlimited safe information exchange is realized by relying on an exclusive shared master key.

< second embodiment >

Next, a specific example of generating a key according to the second embodiment will be described with reference to fig. 4. The one-way data conversion algorithm employs common data conversion under control of input information. That is, the one-way data conversion algorithm performs data conversion using input information as control information to generate output information.

As shown in fig. 4, the system information may include a master key 401, a public database 402, one-way data conversion algorithms 403, 404, and 405;

in the method of the second embodiment, the system information further includes public data stored in a public database of the key generation apparatus, and the number of bits included in the public data is much larger than that included in the master key.

In this example, the unidirectional data conversion algorithm performs data conversion on the common data using the input information as control information to generate output information.

The following steps may be taken to generate the key:

taking a master key 401 as input information, under the control of the master key 401, public data 402 is converted into private data 410 through a one-way data conversion algorithm 403;

generating a time stamp 411 composed of non-repeated arbitrary information, using the time stamp 411 as input information, and generating an intermediate key 412 from the private data 410 through a one-way data conversion algorithm 404 under the control of the time stamp 411;

taking the intermediate key 412 as input information, under the control of the intermediate key 412, converting the public data 402 into secondary information 413 through a one-way data conversion algorithm 405;

extracting information from the secondary information 413 generates a key 414, associating the key 414 with a corresponding timestamp.

In one embodiment, the common data transformation under the control of the input information may employ a combinational die operation.

Correspondingly, the common database 402 may be a 512Kb binary ring array, which is divided into 65536 ═ 2 in a manner similar to that shown in fig. 3¹⁶Each unit is 64 bits in length, consists of 64 0 or 1 sequences and is identified by a 16-bit number; the seed starting from one of said units, crossing in the same directionForming a 512Kb binary number sequence across the whole annular number sequence, and using the starting unit number as a corresponding seed number; from the public database 402, 2 can be extracted¹⁶512Kb seeds, identified by 16-bit numbers.

The master key 401 may be a 1024-bit unpublished binary random number sequence consisting of 1024 0's or 1's in sequence, the sequence containing 64 16-bit seed numbers, the sequence pointing to 64 of the seeds.

The one-way data conversion algorithm 403 may employ a combination of die operations as follows:

sequentially extracting 64 seeds pointed by the serial number in the master key 401 from the public database 402 by taking the master key 401 as input information;

the extracted seed may be subjected to a shift modulo operation similar to that shown in fig. 3; specifically, 64 selected seeds are numbered from 0 to 63 according to the extraction sequence, the seed number sequence is shifted to the same direction by the number corresponding to the sequence number value of the seeds, for example, the number 0 sequence is kept unchanged, the number 1 sequence is shifted by 1 bit, the number 2 sequence is shifted by 2 bit, and so on, the last number is folded back to keep the length of the number sequence unchanged; introducing a shift operation may statistically ensure a one-to-one correspondence between the input information and the generated secondary information.

The binary seed subjected to the shift operation is subjected to a modulo operation, such as an XOR operation as shown in fig. 3, to generate 512Kb of private data 410.

The key generation device generates a time stamp 411 from the time at that time, and generates an intermediate key 412 from the private data 410 by the one-way data conversion algorithm 404 using the time stamp 411 as input information.

The unidirectional data conversion algorithm 404 may employ a combination of die operations as follows:

the private data 410 of 512Kb is divided into 4096 ═ 2 in sequence¹²1024-bit information fragments, each information fragment being identified by a 12-bit number; the information in the private database 410 is only present in the encryption process and only in the computer memory or cache.

Time stamp with 48 bits, including 8-bit year and 4-bitTessere, 5 bit date, 5 bit hour (adopting 24 hours system), 6 bit minute, 6 bit second, the remaining 14 bits are used as redundant information, at ordinary times random information can be filled as spare to maintain the stability of the time stamp format, and can be used as extended information when needed, for example, time coding of less than 10 bit second can be added in the high-frequency encryption process to improve the time resolution of the encryption system to millisecond, and 4 bits can be further added in the year coding to improve the effective time span of the encryption system adopting the method to 2¹²4096 years old.

The 48-bit timestamp may contain 4 12-bit numbers in sequence, with the sequence pointing to 4 of the information pieces in private database 410.

Using the timestamp 411 as input information, sequentially selecting information segments corresponding to 4 numbers in the timestamp 411 from the private database 410, and generating a 1024-bit intermediate key 412 by the information segments through the shift module operation; the intermediate key information is only present in the computer memory or cache.

The encoded information for the year, month, date, hour, minute, second, and the spare information may be dispersed into different numbers in the timestamp, maintaining a highly dynamically changing intermediate key.

Specifically, for example, the timestamp 411 may take the following format:

Y₁M₁D₁H₁m₁S₁Y₂rD₂H₂m₂S₂-Y₃M₂D₃H₃m₃S₃Y₄rrrm₄S₄-Y₅M₃D₄H₄m₅S₅Y₆rrrrr-Y₇M₄D₅H₅m₆S₆Y₈rrrrr

where Y represents the binary number of the year in which the location is placed, the subscripts indicate the serial number of the binary from left to right, likewise, M represents month, D represents date, H represents hour, M represents minute, S represents second, and r represents the alternate number.

For example, a timestamp of 36 minutes and 57 seconds at 11/26/15/1998 is constructed as follows:

1998 is greater than the maximum value of 255 for the 8-bit encodable information, divided by 256 to obtain the remainder 206, which is binary encoded as 11001110, corresponding to Y in the timestamp format described above₁Y₂Y₃Y₄Y₅Y₆Y₇Y₈。

In 11 months, the binary codes 1011 of 11 are taken and respectively correspond to M in the time stamp format₁M₂M₃M₄；

On day 26, the binary code 11010 of 26 is taken and respectively corresponds to D in the timestamp format₁D₂D₃D₄D₅；

At time 15, the binary code 01111 of time 15 is taken and respectively corresponds to H in the time stamp format₁H₂H₃H₄H₅；

36 points, 36 binary codes 100100 are taken, and the m corresponds to the m in the time stamp format₁m₂m₃m₄m₅m₆；

57 seconds, the binary code 111001 of 57 is taken and respectively corresponds to S in the time stamp format₁S₂S₃S₄S₅S₆；

Therefore, the effective information of 36 minutes and 57 seconds corresponding to the time stamp at 11, 26, 15 and 1998 is: 1110111r1101-0001010rrr10-1111001rrrrr-1101010 rrr;

the key generation module randomly generates a 14-bit binary spare number, for example 01101011011001, and sequentially replaces the undetermined r in the timestamp, and the timestamp used in the final calculation is:

111011101101-000101011010-111100110110-110101001001；

the time stamp coding mode can ensure that the information in 2 adjacent generated time stamps can code more than 2 different numbers and correspond to more than 2 different information units in a private database, thereby keeping the high dynamic property of the corresponding intermediate key;

the format of the timestamp may be set as a check code formed by 14 bits of information immediately after the current time, for example, a 16-ary coded check code may be adopted, the additional information may be grouped into 0110-1011-0110-01, and the check code is 6B 61; the timestamp format may be 1998-11-26-15-36-57-6B61, for ease of reading and processor identification and processing by the communication device.

The 48-bit timestamp code can support the application requirement of 1024 key generation frequencies per second and 4096 years of time span after being expanded, and can be expanded at any time on the basis of not influencing the operation speed and the key generation flow, for example, the 72-bit timestamp is adopted, only 2 times of modular operation are needed to be added in the middle key generation process, the number of keys which can be distributed in a coding mode is further expanded by 2²⁴And (4) doubling.

Using the intermediate key 412 as input information, under the control of the intermediate key, converting the public data 402 into secondary information 413 through a one-way data conversion algorithm 405;

the 1024-bit intermediate key can be sequentially divided into 64 16-bit numbers in the same manner as the master key, and the one-way data conversion algorithm 405 can use the same algorithm as 403:

sequentially extracting 64 seeds pointed by the intermediate key 412 from the public database 402, performing shift modular operation on the seeds to generate 512Kb secondary information 413, and extracting the key with the required length from the secondary information 413; the longest time can take 512Kb of secondary information as a one-time key, and plaintext with the same bit number is encrypted through modular operation; a 1024-bit key equal to the master key length may also be extracted.

The generation of the intermediate key by the secret database described in this embodiment does not significantly increase the amount of calculation for generating the key. Generally, in a one-time encryption application, a private database can be calculated only once and used as a cache, so that all keys required in the current encryption application are generated, and therefore, in application scenarios with a high requirement on encryption speed, such as real-time secure communication and large-capacity information encryption and decryption, the influence of an extra calculation amount required by the one-time private database generation on the overall encryption speed can be ignored.

With the above flow, in the case of ensuring that the master key information is not leaked through a means other than the key and the time stamp output from the system, the key strength of the generated key is 1024 bits.

Unlike the key length referred to in public key algorithms or some cryptographic algorithms, for example, the 1024-bit key proposed in public key algorithms typically refers to the number of bits of the key used, since the integer values selectable by the key in public key algorithms are discontinuous, the actual key space is much less than 2¹⁰²⁴The success rate of guessing one of the undisclosed random public keys according to the key selection rule is much greater than 1/2¹⁰²⁴The corresponding key strength may be significantly less than 1024 bits; the key strength in the embodiment of the invention is equivalent to the bit number of the master key, and the possible values of the 1024-bit master key are uniformly distributed at 2¹⁰²⁴The success rate of randomly guessing an undisclosed random master key is not significantly greater than 1/2¹⁰²⁴The key strength of the system is 1024 bits.

A key with a strength of 1024 bits can be considered to be unbreakable in the real physical world. A key with a strength of 1024 bits means that an attacker who does not possess key information needs to approach 2 if he wants to obtain the key-encrypted file information with a relative certainty¹⁰²⁴A second attempt; estimates obtained using different statistical methods may be slightly lower than this, but not orders of magnitude different. The real world, following the basic laws of physics, has the following physical limitations: the information processing speed cannot be faster than the speed of light, i.e. 3x10⁸M/s; the size of the observable universe is about 140 hundred million years of light, about 1.4x10¹⁰x10¹⁶＝1.4x10²⁶Rice, corresponding to a universal age of about 140 million years, about 1.4X10¹⁰x3x10⁷＝4.2x10¹⁷Second; the smallest manipulable particle, e.g. nucleus, has a diameter of 10^-15And (4) rice. Under these physical law constraints, consider a 10^-15The processor of meter reads information through the speed of light, and the upper limit of the processing speed of a single processorIs (3x 10)⁸Meter/s)/(10^-15Rice), i.e., 3x10²³Times/second; consider a computer comparable to the current universe volume, which may contain an upper limit on the number of processors (1.4x 10)²⁶Rice)³/(10^-15Rice)³＝2.8x10¹²³A plurality of; the upper limit of the information processing speed of the computer is (3x 10)²³Second/second) x (2.8x10¹²³One) 8.4x10¹⁴⁶Times/second; on the current universe age scale, the upper limit of achievable calculations is (8.4x 10)¹⁴⁶Second/second) x (4.2x10¹⁷Second) 3.53x10¹⁶⁴Second, not more than 2⁵⁴⁷Next, the process is carried out. Therefore, a key with a key strength of 1024 bits cannot be broken in the real world following the physical law.

The estimation default processors can cooperate freely to divide work to complete calculation, under the limitation of light speed, the cooperation cannot be realized on the computer of the volume in practice, and the cooperation is divided into work to require extra calculation resources, so that the upper limit of the achievable calculation amount needs to be further reduced. Different operable minimum particle scales, the range of observable universes, and the age of the universe may give different estimates, but do not affect the conclusions much.

The above-mentioned informatics theoretically certifiable secure key is a key whose key strength is 1024 bits, which can be considered as an unconditionally secure key in the real world following the basic laws of physics.

By adopting the flow in the embodiment, the calculation amount required for generating the key with 1024-bit intensity is slightly larger than 64 times of XOR operation; the 4 XOR operations of 48 bits length to generate the intermediate key are reduced to finally generate the 512Kb one-time key, with an increase ratio of (4x48)/(512x8x64) of 0.07%, close to 0.

The secondary information generated by the method can be used as a one-time key, a ciphertext is generated by modular operation with plaintext information in the same format, a corresponding timestamp is used as a decryption clue, the ciphertext is transmitted between correspondents sharing the main key, and an encryption method which can prove safe in an informatics theory can be constructed. In the 1024-bit key strength encryption method, the calculation amount of the encryption and decryption process is 65 times of modular operation, wherein 64 times are used for generating the one-time key, and 1 time is used for generating the ciphertext or recovering the plaintext information from the ciphertext.

The encryption method adopting the method of the invention can be efficiently realized on the conventional portable communication equipment. For example, using a conventional portable smart communication device with a 1 ghz processor, the speed of processing unconditionally secure ciphertext information with a key strength of 1024 bits is 15MbP, and the 512Kb common database storage space is also easily implemented on current common smart communication devices.

In the embodiment, the public data and the corresponding algorithm parameters can be conveniently adjusted to meet different application requirements.

In another embodiment, the common database 402 may employ a 4Kb circular array of numbers comprising 256 128-bit units, from which 256 4Kb seeds may be extracted, using 8-bit seed numbers. Then 128 modulo operations are required to generate a 1024 bit strong key, the length of the one-time key is 4Kb, and 129 modulo operations are required for the encryption and decryption process.

Generating the 256-bit strength key in the current mainstream encryption protocol requires 32 times of modular operation, and the encryption and decryption process requires 33 times of modular operation.

Obviously, encryption algorithms of 2048 bits or higher key strength can be easily implemented according to the above embodiments.

In the encryption algorithm adopting the method, the information capacity of the main ciphertext and the plaintext is the same, and the bit number of the time stamp which is added to the ciphertext and used as a decryption clue can be ignored compared with the main ciphertext, so that the information bearing proportion of the ciphertext can be close to 1, and an efficient encryption method is formed.

The above embodiment shows that any required number of unconditionally safe keys in the real physical world can be generated and safely distributed on common communication equipment by the method of the present invention; the key is used as a one-time key to encrypt plaintext information with the same bit number as the key, an encryption algorithm which can prove safe in an informatics theory can be constructed, unconditional and safe communication in a real physical world is realized, and the information processing speed and the file transmission efficiency of the information security system adopting the encryption algorithm can be obviously higher than those of the existing encryption application.

< third embodiment >

Next, a key generation apparatus according to an embodiment of the present invention will be described with reference to fig. 5.

The key generation apparatus 500 of the embodiment of the present invention as shown in fig. 5 may include:

a system information module 510 configured to store or/and generate system information of the key generation apparatus, which may include a master key, at least one unidirectional data conversion algorithm, and a public database may be added as needed; the unidirectional data conversion algorithm generates output information determined from input information from which it is infeasible to infer or/and derive, based on the input information.

A key generation module 520 configured to generate a timestamp that can be encoded by arbitrary information that does not repeat, and generate a key corresponding to the timestamp according to the system information;

a transmission module 530 configured to receive and transmit the time stamp.

The key generation module 520 generates the key by the method as described in the previous embodiment by means of one or more of the system information in the system information module 510, and the following process can be adopted:

generating the timestamp; generating an intermediate key by operating the information in the timestamp and the information in the master key; generating secondary information by using the intermediate key as input information through the one-way data conversion algorithm; extracting information from the secondary information to generate key A, and associating the timestamp with key A.

The transmission module 530 sends the timestamp a to the paired key generation device; the paired key generation device has the same configuration as the key generation device 500, and uses the same system information.

In another embodiment, the transmission module 530 may also receive a timestamp B transmitted from the paired key generation device; the key generation module 520 is further configured to generate a corresponding key B based on the received timestamp B, by means of the system information 510, using the steps described above.

The key generation module 520 is further configured to generate the timestamp.

The key generation module 520 may generate a key according to the method of the previous embodiment.

For example, the key generation module 520 may be configured to operate on the timestamp and the master key to generate an intermediate key; generating secondary information by using the intermediate key as input information through the one-way data conversion algorithm; extracting an information generation key from the secondary information; and associating the key with a timestamp corresponding to the key.

Further, key generation module 520 may generate the intermediate key using a non-degenerate combination of the timestamp and the master key.

In one example, the key generation module 520 is further configured to generate the intermediate key by a second one-way data conversion algorithm using the timestamp and the master key as input information.

Although not shown in the drawings, the key generation apparatus 500 may further include a public database. The public database may be configured to store public data comprising a number of bits that is much larger than the number of bits comprised by the master key.

The key generation module 520 may also generate secondary information through the one-way data conversion algorithm using the public data as input information; extracting an information generation key from the secondary information; and associating the key with a timestamp corresponding to the key.

In some examples, the one-way data conversion algorithm also performs data conversion on the common data using the input information as control information, and the data conversion employs a combined die operation.

For example, the common data is configured to be composed of N number of columns of the same length, each of the number columns containing the same number of bits, identified by a number indicating 0 to N-1 of the same number of bits, and referred to as a seed. The control information is configured as a sequence of M said number sequences, the sequence pointing to M seeds identified by said number.

And the combined mold operation is configured to sequentially extract M seeds pointed by the serial numbers in the control information from the public data, and then perform mold operation on the M seeds to generate secondary information with the same format as that of the seeds, wherein N and M are positive integers.

Furthermore, the common data may be configured as a circular sequence of N x M elements, the circular sequence being divided into N units of length M, each unit being identified by a number from 0 to N-1. Then, the seed is configured to extend from one of the cells in the same direction across the entire circular sequence to form a sequence having a length of N × M, with the starting cell number as the seed number.

The key generation module 520 may further use the master key as control information, and convert public data into private data through a second unidirectional data conversion algorithm under the control of the master key; taking the timestamp as control information, and generating an intermediate key from the private data through a third one-way data conversion algorithm under the control of the timestamp; the intermediate key is used as control information, and the public data is converted into secondary information through the one-way data conversion algorithm under the control of the intermediate key; extracting an information generation key from the secondary information; and associating the key with a corresponding timestamp.

The unidirectional data conversion algorithm, the second unidirectional data conversion algorithm, and the third unidirectional data conversion algorithm use the same or different unidirectional algorithms.

The transmission unit 530 may also receive a second timestamp transmitted from the paired key generation device. Then, the key generation module 520 generates a second key corresponding to the second timestamp through the one-way data conversion algorithm by using the master key depending on the second timestamp.

This embodiment shows that any required number of independent keys, the key strength of which can be equivalent to the bit number of the master key, can be safely generated and exchanged between legitimate correspondents sharing the master key by using the key generation apparatus 500 according to the method of the present invention. The key generation device described in this embodiment can be used as a basic module of communication equipment to construct a multi-purpose information security system, and achieve the information exchange with the required key strength, which is proved to be secure in theory by the informatics described in the method of the present invention.

< fourth embodiment >

Next, a key management system according to an embodiment of the present invention will be described with reference to fig. 6.

The key management system 600 of the embodiment of the present invention shown in fig. 6 includes a management end 610 and one or more user ends 620. And the user end equipment stores the user identification code of the corresponding user.

A user end 620 including each user 620-i to which the system belongs; the serial number i is only used to indicate that the ue 620 includes different users in this specification, and there is no essential meaning, and in a specific system management, each user to which the system belongs may be identified by its user identification code.

The management terminal 610 includes: a control module 611 configured to generate and receive a subscriber identity; a user information module 612 configured to store the user identification code; the key generating module 613 is a key generating device according to the third embodiment, and is configured to generate a user key corresponding to the user identifier by using the user identifier as a timestamp.

The control module 611 may generate, for each of a plurality of users, any information identifying its identity as the user identification code for that user.

The control module 611 generates a user identification code i for each user 620-i, and stores the user identification code i in the user information module 612; the user identification code can be a section of arbitrary information, for example, random information can be added to the user characteristic information, and the user identification code can be in a form of being convenient to read by common information technology equipment, such as a two-dimensional code, a bar code and the like;

the key generation module 613 responds to the user identification code i from the user information module 612, generates a corresponding user key i by using the user identification code i as a timestamp, and submits the user key i and the corresponding user identification code i to a corresponding system user 620-i in the user side 620 to realize key distribution;

when the user 620-i key is lost, the user side submits a key recovery application to the management side 610; the management terminal 610 may request the user terminal to submit the user identification code i.

The management terminal 610 receives the user identification code i through the control module 611; the user information module 612 may detect whether the user identification code i matches information stored in the system; the key generating module 613 takes the user identifier i as a timestamp, generates a user key i corresponding to the user identifier i, and submits the user key i to the user 620-i to recover the user key.

In some examples, the key generating module 613 includes the key generating device of the previous embodiment and stores a master key, and is configured to generate a corresponding user key for each of a plurality of users and transmit the user identification code and the corresponding key to a corresponding user end device as the user key of the user.

The key generating module 613 responds to the user identification code sent from the user information module, generates a key corresponding to the user identification code by using the user identification code as a timestamp, and transmits the user identification code and the corresponding key to corresponding user end equipment as a user key of the user.

When the user key of one or more users is lost, the control module 611 receives the corresponding user identification code from the user end device.

The user information module 612 verifies the received user identification code to confirm that the user identification code is a stored user identification code.

The key generating module 613 takes the user identifier as a timestamp, generates a user key corresponding to the user identifier, and feeds back the user key to the user end device.

Further, the key generating module 613 may also respond to 2 or more than 2 user identification codes from the user information module 612, combine the user identification codes as a timestamp, generate a corresponding key, and distribute the key to the users as a key for communication between the users.

By the key management system described in the embodiment, a publicly available user identification code which can contain personal characteristic information publicly available to the user and random information is allocated to each user by adopting the current common technical means; the key management system generates and manages user information including user identification codes, and generates corresponding user keys by taking the user identification codes as timestamps and distributes the user keys to users; and when the user loses the user key, the user key is conveniently recovered through the system according to the user identification code submitted by the user.

In this embodiment, the system side may distribute the key to the system user in a secure manner, for example, the generated user key may be stored in a medium, such as a magnetic disk, a U-disk, a paper print, and the like, the corresponding medium is marked with the user identification code, and the medium is delivered and handed over to the user in a secure manner, or the user may directly receive the user key from the management side.

In this embodiment, the user identification code used for generating and recovering the user key may be any general information independent of the key management system, thereby completely avoiding the risk of information leakage of the user key and the system master key in the key management application process.

Except that the system master key in the key management system needs to be kept private, other information including a user identification code can be public, so that the operation and maintenance cost of the system is reduced to the maximum extent; the user key is generated and recovered through the user identification code which can be stored or called publicly, so that the key loss can be effectively prevented, and the reliability of the key management system is further improved.

By means of the key management system, keys of a plurality of users in the system can be generated and maintained safely and conveniently by means of one system master key, the plurality of users can comprise any required number of users in the real world, the keys comprise keys needing to be shared among the users, and the number of the keys can be far larger than the number of the users and the number of the stored corresponding user identification codes.

In another embodiment, a specific application of the key management system is described.

Each correspondent holds a master key, and all related keys are managed through the key management system.

The correspondent can use the master key as the master key of the key management system shown in fig. 6 in a secure environment isolated from external information, generate an identification code which can be any information through the control module 611, use the identification code as a timestamp, generate a trunk key corresponding to the identification code by using the key generation module 613, and store the trunk key and corresponding identification code information in the communication device as the master key in a certain period or in an application scene. For example, the backbone key may be a master key for communication in the current year, and a year number, for example 2021, of the current year may be used as an identification code.

Under the current technical condition, the system is in a private space, and is operated by adopting an independent processor without external communication connection, which can be generally regarded as a safe environment and can meet the requirement of conventional key management; the specific requirements for a secure environment will vary with technological development and with the specific level of privacy required.

The correspondent uses the main key of the correspondent as the main key of the next-level key management system, namely the main key of the application level key management system, and establishes the key management system aiming at different communication objects.

For example, the correspondent may set an identification code, which may be any information, for each communication object, where the identification code may be set by the correspondent, or may use public identification information of the communication object, such as name, mobile phone number, ID number, etc. of the communication object, or a combination thereof; the identification codes of the communication objects can be public and can be mutually defaulted.

Advantageously, each correspondent may be advised to have a permanent or relatively permanent personal identification code, which may contain information that the correspondent is willing to disclose to determine the identity of the correspondent, to be disclosed to the public in the form of a two-dimensional code, bar code, etc. that is easily readable by existing communication devices.

The correspondent uses the key management system of the application level to take the personal identification code as a timestamp according to the personal identification code of the communication object, and generates a communication object key corresponding to the personal identification code by depending on the main key; and sending the communication object key to the communication object in a safe mode. And the communication object stores the secret key under the electronic business card of the sender, and the electronic business card simultaneously comprises the personal identification code of the sender.

The two communication parties exchange the secret keys mutually through the mode to establish safe connection. The electronic business cards of both parties of the correspondent establishing the secure connection respectively store the personal identification code of the opposite party and the secret key sent from the opposite party.

A and B establishing the secure connection can perform secure communication in the following way:

the correspondent A generates a secret key A-B corresponding to the personal identification code of the correspondent B through the application level secret key management system, and combines the secret key A with the secret key B-A generated by the correspondent B and stored in the address book to generate a secret key AB; the correspondent B generates a secret key B-A corresponding to the personal identification code of the correspondent A through the application level secret key management system, and combines the secret key B-A with the secret key A-B generated by the correspondent A and stored in the address book to generate a secret key BA; the symmetric combination is adopted, the keys AB and BA are the same, and the keys AB and BA are used as the master keys for the communication of both parties, so that the safe communication between A and B can be realized.

The key management system forms a hierarchical key management system from the main key of the communicator through the main key and the communication object key, and can realize the following beneficial effects:

the main key can be generated in an absolutely safe environment for practical communication, the direct use of the main key is avoided, and the safety of the main key is enhanced, so that the use of the corresponding main key can be stopped when the main key is leaked, and the influence range is limited to the minimum;

in the key management system, a key is generated from the key management system of the corresponding hierarchy through the key identification code which can be published, so that the key management is convenient, and the convenience is provided for the key management of a large number of dynamic communication objects; meanwhile, the key can be conveniently recovered through the key identification code, so that the key is prevented from being lost, and the reliability of the system is enhanced;

the key combination of both parties of the communicator is adopted for communication, so that the information missending can be effectively reduced; meanwhile, when the secret key of the single party of the correspondent is lost, the correspondent can be contacted with the communication object through part of the secret key generated by the own party, and the secret key is recovered safely.

Key management, including key generation, exchange, and privacy maintenance, is often an extremely difficult problem in large-scale information security systems. By the key management system, the key of the system with unlimited number of users and complexity can be managed and maintained conveniently, efficiently, orderly and reliably by one master key. Through the embodiment, the problems of key generation and security maintenance in a large-scale complex-structure information security system are solved.

< fifth embodiment >

Next, an encryption/decryption apparatus according to an embodiment of the present invention will be described with reference to fig. 7.

The encryption/decryption apparatus 700 according to the embodiment of the present invention shown in fig. 7 includes:

the key generation module 701, which employs a key generation apparatus as described in the third embodiment, is configured to use the generated secondary information as a one-time key.

An input port 702 configured to read or input a file to be transmitted;

a formatting module 703 configured to convert the file to be sent into a formatted plaintext a having the same format as the key format;

an encryption module 704 configured to convert the formatted plaintext a into a main ciphertext a by using the one-time key generated by the key generation module 701, take a timestamp a corresponding to the one-time key as a ciphertext header, and combine the main ciphertext a and the ciphertext header a to generate a ciphertext a;

the transmission port 705 is configured to transmit the ciphertext a to the paired encryption/decryption apparatus.

Further, the encryption/decryption apparatus 700 according to the present embodiment further includes:

a reception port 706 configured to receive the ciphertext B transmitted from the paired encryption/decryption apparatus;

a decryption module 707 configured to parse the received ciphertext B to generate a main ciphertext B and a timestamp B, and generate a key B corresponding to the timestamp B through the key generation module 701 to decrypt the main ciphertext B to generate a decrypted plaintext B;

the formatting module 703 is further configured to convert the decrypted plaintext B into recovered data;

an output port 708 configured to output the restored data as a received file that is the same as a file to be transmitted that is transmitted from the paired encryption/decryption device.

This embodiment shows that the method of the present invention can be adopted, by means of the encryption and decryption apparatus 700, with the help of a timestamp composed of arbitrary non-repeated information, a one-time key that can satisfy any required number of key strengths and can be equivalent to the number of bits of the master key is generated by means of one master key, a plaintext with the same number of encrypted bits as the one-time key is used to generate a ciphertext, the timestamp corresponding to the one-time key that can be universally used and independent of the key generation mode is used as a unique decryption clue, the ciphertext can be decrypted by only a legitimate correspondent sharing the information of the master key through the timestamp, and it is ensured that no system information and key information are exposed in the ciphertext transmission process, thereby realizing an encryption method that can prove safe in the informatics theory. The encryption and decryption device can be used as an independent unit in communication equipment to encrypt and decrypt communication information, required key strength can be conveniently set, and an unconditional and safe communication system in a real physical world is constructed.

< sixth embodiment >

Next, a file management system according to an embodiment of the present invention will be described with reference to fig. 8.

The file management system 800 of the embodiment of the invention shown in FIG. 8 includes a management side 810 and a user side 820.

The user end 820 comprises each user 820-i in the system, a user encryption and decryption module 821 is installed on the communication equipment of each user 820-i, an encryption and decryption device as described in the fifth embodiment is adopted, and the encryption and decryption module is configured to encrypt and decrypt the file information transmitted between the user 820-i and the management end 810, the sequence number i is only used for indicating that the user end 820 comprises different users in the description, and has no substantial meaning, and the user to which each system belongs in the specific file management system can be identified by the user identification code thereof.

The management terminal 810 includes: a system encryption and decryption module 811, which employs the encryption and decryption apparatus as described in the fifth embodiment, and is configured to encrypt and decrypt the file information transmitted between the management terminal 810 and the user terminal 820; a key management module 812, which employs the key management system according to the fourth embodiment, and is configured to distribute and manage the user master key and user information of the system user; the storage module 813 is configured to store system files.

The key management module 812 generates a user identification code and a corresponding user master key for each user in the system, and distributes the user identification code and the corresponding user master key to each system-owned user 820-i in the user terminal 820.

The user 820-i uses the user master key i to generate a one-time key encryption file information through the user encryption and decryption module 821 to generate a master ciphertext, uses a timestamp corresponding to the one-time key and the user identification code i as a ciphertext title, combines the master ciphertext and the ciphertext title to generate a ciphertext, and sends the ciphertext to the management terminal 810 through a conventional channel. As proof of the user 820-i submitting the document to the administrative site.

The management terminal 810 analyzes the received ciphertext transmitted from the user 820-i through the system encryption and decryption module 811, and extracts the user identification code i and the time stamp in the main ciphertext and the ciphertext header; the key management module 812 generates a corresponding user master key i according to the user identification code i; the system encryption and decryption module 811 generates a corresponding decryption key depending on the user master key i according to the information in the timestamp, decrypts the master ciphertext, confirms the file information, and stores the ciphertext of the confirmed file information in the storage module 813.

The management terminal 810 is further configured to generate a user master key i of the target user 820-i through the key management module 812, generate a one-time key encryption file information generation ciphertext by means of the user master key i through the system encryption and decryption module, and send the ciphertext to the target user 820-i through a public channel;

the user terminal 820 is further configured that the user 820-i receives the ciphertext transmitted from the management terminal through the user encryption and decryption module, decrypts the ciphertext, and recovers the file information.

The user terminal 820 is further configured to send a key recovery request to the management terminal 810 when the user master key i of the user 820-i is lost.

The key management module 812 of the management terminal 810 is further configured to generate a user master key i of the user 820-i according to the user identification code i of the user 820-i, and to transmit the user master key i to the user 820-i in a secure manner to recover the user master key.

In one embodiment, the management terminal may be a manager of an organization or a company, and the user may be a subordinate user of the manager; the transferred file may be a job report sent by the subordinate user to the administrator as a job certificate of the subordinate user.

By using the file management system, a manager can adopt the method of the invention to independently and safely exchange working file information with a plurality of subordinate users by means of a system master key.

In another embodiment, the management side may be a publishing house or a patent acceptance organization, and the user may be a contributor or a patent submitter; the document delivered may be a pending issue article or patent application material as proof of material submitted by the contributor or patent applicant to the press or patent acceptance agency.

By using the file management system, a manager can safely and independently process the application information of a plurality of highly dynamic users by using one master key of the system by adopting the method.

In another embodiment, the key management system 812 can adopt a hierarchical key management system as described in the fourth embodiment, and in a similar manner, different levels of intermediate management terminals are arranged between the management terminal and the user terminal to establish a hierarchical file management system.

By utilizing the hierarchical file management system, the method of the invention can be adopted to safely and conveniently manage the file information of a complex system through a system master key.

< seventh embodiment >

Next, an information secure delivery system according to an embodiment of the present invention will be described with reference to fig. 9.

The information security delivery system according to the embodiment of the present invention shown in fig. 9 includes a first communication device 900A and a second communication device 900B which are paired, where the first communication device 900A and the second communication device 900B may have the same structure and configuration, and the encryption and decryption apparatus as described in the fifth embodiment is used.

The first communication device 900A may be held by correspondent a and the second communication device 900B may be held by correspondent B.

Specifically, for example, the first communication device 900A may include:

the first key generation module 901A, which employs the key generation apparatus as described in the third embodiment, is configured to generate secondary information as a one-time key.

A first input port 902A configured to read or input a file a to be transmitted;

a first formatting module 903A, configured to convert a file A to be sent into a formatted plaintext A with the same format as the key format;

a first encryption module 904A, configured to generate a main ciphertext a by performing modular operation on the one-time key generated by the first key generation module 901A and the formatted plaintext a, take a timestamp a corresponding to the key as a first ciphertext title, and combine the main ciphertext a and the first ciphertext title to generate a ciphertext a;

a first sending port 905A configured to send the ciphertext a to the second communication device 900B;

the second communication device 900B includes:

the second key generation unit 901B, which employs the key generation apparatus as described in the third embodiment, is configured to generate secondary information as a one-time key.

A second receiving port 906B configured to receive the ciphertext a transmitted by the first transmitting port;

the second decryption module 907B is configured to parse the received ciphertext a to extract the time stamp a in the main ciphertext a and the first ciphertext header, generate a decryption key a corresponding to the time stamp a through the second key generation module 901B, and generate a decrypted plaintext a by performing inverse operation of modular operation on the decryption key a and the main ciphertext a.

A second formatting module 903B configured to convert the decrypted plaintext a into recovered data;

a second output port 908B configured to output the recovered data as a received file a, the received file a being the same as the file a to be transmitted.

Similarly, the second communication device 900B further includes:

a second input port 902B configured to read or input a file B to be transmitted;

the second formatting module 903B is also configured to convert the file B to be sent into a formatted plaintext B matched with the key format;

a second encryption module 904B configured to generate a main ciphertext B by performing modular operation on the one-time key generated by the second key generation module 901B and the formatted plaintext B, take a timestamp B corresponding to the key as a second ciphertext title, and combine the main ciphertext B and the second ciphertext title to generate a ciphertext B;

a second transmission port 905B configured to transmit the generated ciphertext B to the first communication apparatus 900A;

the first communication device 900A further includes a first receiving port 906A configured to receive the ciphertext B transmitted by the second transmitting port;

the first decryption module 907A is configured to parse the received ciphertext B to extract the timestamp B in the main ciphertext B and the second ciphertext header, generate a decryption key B corresponding to the timestamp B through the first key generation unit 901A, and generate a decrypted plaintext B by performing inverse operation of modular operation on the decryption key B and the main ciphertext B;

the first formatting module 903A is also configured to convert the decrypted plaintext B into recovered data;

a first output port 908A configured to output the recovered data as a received file B; wherein the received file B is the same as the file B to be transmitted sent from the second communication device.

This embodiment shows that, by using the method of the present invention, through the information security delivery system 900, legitimate target correspondents can establish security connection by using the same type of encryption/decryption device through exclusive sharing of the master key, encrypt and decrypt information to be delivered, and realize information delivery that is provable to be secure in informatics theory. A convenient and general real-world unconditional secure communication system can be constructed by using the 1024-bit master key as described in the second embodiment and using the information security delivery system described in this embodiment.

The above embodiments outline the flow of generating an independent key that can be distributed securely by the method of the present invention and the available one-way data conversion algorithm, and the method of implementing different aspects of the information and methods required by the key generation device, the key management system, the encryption device, the file management system, the information security delivery system constructed by the method, and/or other steps by the program. The program or flow portions of the technology may be considered to be an "article of manufacture" or an "article of manufacture" in the form of executable code and/or associated data, which may be embodied in or carried out by a computer readable medium in the form of software. Computer-readable media can take many forms, including tangible storage media, carrier wave media, physical transmission media, and the like; the tangible, stable storage medium may include memory or storage for use by any computer, processor, or similar device or associated module. For example, various semiconductor memories, optical disks, magnetic disks, tape drives, and other computers or similar devices can implement the storage system of the system components depicted in the figures. Unstable storage media may include dynamic memory, such as the main memory of a computer platform, etc.

All or a portion of the software may sometimes communicate over a network, such as the internet or other communication network. Such communication may load software from one computer device or processor to another. For example: the system is loaded from a server or host computer of the internet of things system to a hardware platform of a computer environment, or other computer environment implementing the system, or similar system with functions related to providing information required by the internet of things. Thus, another medium capable of transferring software elements may also be used as a physical connection between local devices, such as optical, electrical, electromagnetic waves, etc., propagating through cables, optical cables, air, etc. The physical medium used for the carrier wave, such as an electric cable, a wireless connection, an optical cable, and the like, and the lines forming the bus inside the computer system, etc., can also be considered as the medium carrying the software. Carrier wave transmission media may convey electrical, electromagnetic, acoustic, or light wave signals, and so on. These signals may be generated by radio frequency or infrared, visible light wave, acoustic wave data communication methods. Common computer-readable media include hard disks, floppy disks, magnetic tape, any other magnetic medium; CD-ROM, DVD-ROM, any other optical medium; punch cards, any other physical storage medium containing a pattern of holes; RAM, PROM, EPROM, FLASHEPROM, any other memory chip or tape; a carrier wave transmitting data or instructions, a cable or connection transmitting a carrier wave, any other program code and/or data which can be read by a computer. These computer-readable media may take many forms, and include any type of program code for causing a processor to perform instructions, communicate one or more results, and/or the like. As used herein, unless limited to a tangible "storage" medium, other terms referring to a computer or machine "readable medium" refer to media that participate in the execution of any instructions by a processor.

A "module" in this specification refers to logic or a set of software instructions stored in hardware, firmware. The "modules" referred to herein can be executed via software and/or hardware modules, or stored in any kind of computer-readable non-transitory medium or other storage device. In some embodiments, a software module may be compiled and linked into an executable program. It will be appreciated that the software modules herein may respond to information communicated by themselves or other modules and/or may respond upon detection of certain events or interrupts. Software modules may be provided on a computer-readable medium that may be configured to perform operations on a computing device (e.g., a processor). The computer readable medium herein may be a compact disk, digital versatile disk, flash drive, magnetic disk, or any other kind of tangible medium. The software modules may also be obtained in a digital download mode (where the digital download also includes data stored in a compressed or installation package that may need to undergo decompression or decoding operations before execution). The code of the software modules herein may be stored in part or in whole in a memory device of a computing device performing the operations and employed in the operations of the computing device. The software instructions may be embedded in firmware, such as erasable programmable read-only memory (EPROM). It will be appreciated that a hardware module may comprise logic units such as gates, flip-flops, connected together and/or may comprise programmable units such as programmable gate arrays or processors. The functionality of the modules or computing devices described herein are preferably implemented as software modules, but may also be represented in hardware or firmware. Generally, the modules referred to herein are logical modules and are not limited by their particular physical form or memory. A module can be combined with other modules or separated into a series of sub-modules.

Generally, the key generation apparatus or communication device includes a processor, volatile and non-volatile memory, which may include at least one network interface, and input/output devices. The network interface of the communication device may include a connection to a network, such as a wired or wireless connection to the internet, to a cloud server, where data stored on the cloud server may be accessed by the communication device using the network. The data processing module of the communication device may include a server computer, desktop computer, laptop computer, tablet computer, PDA, smart phone, or other programmable computer. The user terminal may include any connected or "smart" device capable of data communication, such as a thermostat, air quality sensor, industrial equipment, etc. As more and more devices are networked through the internet of things, the user terminal includes more and more devices.

Data managed by the example systems described herein may remain encrypted at all times when stored in non-volatile memory on either a user device or other device, such as a cloud server.

In some embodiments, each programmable computer may include an input device for inputting information into the device. For example, the input device may be a keyboard, keypad, cursor control device, touch screen, camera, scanner, or microphone. In some embodiments, input information may be received from programmable computers on other networks through a communications interface. In some embodiments, a computing device may include a display device for presenting visual information. For example, the display device may be a computer display, a flat panel display, a projector, or a display panel. In some embodiments, a display device displays to a user one or more files encrypted via an encryption agent according to the systems and methods described herein.

Embodiments of the modules, apparatus, systems, processes and methods described herein may be implemented in hardware or software or a combination of both. Alternatively, the embodiments may be implemented in computer programs executing on programmable computers each comprising at least one processor (e.g., a microprocessor), a data storage system (including volatile and non-volatile memory and/or storage elements), at least one input device, and at least one output device. For example, but not limiting of, the programmable computer (hereinafter device, computing device or server) may be a personal computer, laptop computer, personal data assistant, cellular telephone, smart phone device, tablet, and/or wireless device. For any software component, program code is applied to input data to perform the functions described herein and generate output information. The output information is applied to one or more output devices in a known manner.

Each software component or program may be implemented in a high level procedural or object oriented programming and/or scripting language to communicate with a computer system. However, programs may be implemented in assembly or machine language, if desired. In any case, the language may be a compiled or interpreted language. Further, the processes and methods in the described embodiments can be distributed for sale in the form of computer readable media, including computer readable media bearing computer usable instructions for one or more processors. The medium may be provided in various forms including one or more floppy disks, optical disks, tapes, chips, cable transmission, satellite transmission, internet transmission or download, magnetic and electronic storage media, digital and analog signals, and the like. The computer useable instructions may also be in various forms, including compiled and non-compiled code.

Various embodiments have been described herein that rely on one master key generation and secure distribution with the described method to satisfy any desired number of independent keys with any desired key strength. With these embodiments, the use of one-time keys in large-scale data communication and storage systems can be achieved while eliminating the challenge of distributing and managing large numbers of random keys.

Various exemplary embodiments have been described herein. However, it will be understood by those skilled in the art that other variations and modifications may be made without departing from the scope of the embodiments as defined in the appended claims.

Unless otherwise defined, all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this disclosure belongs. It will be understood that terms, such as those defined in commonly used dictionaries, should be interpreted as having a meaning that is consistent with their meaning in the context of the relevant art and will not be interpreted in an idealized or overly formal sense unless expressly so defined herein.

The foregoing is illustrative of the present disclosure and is not to be construed as limiting thereof. Although a few exemplary embodiments of this disclosure have been described, those skilled in the art will readily appreciate that many modifications are possible in the exemplary embodiments without materially departing from the novel teachings and advantages of this disclosure. Accordingly, all such modifications are intended to be included within the scope of this disclosure as defined in the claims. It should be understood that the various embodiments described herein are presented by way of illustrative examples only and should not be construed to limit the scope of the claims. As described above, embodiments may be implemented in articles of manufacture each including one or more software programs executed by processing circuitry of user equipment, communications devices, other elements of a communications system. Conventional aspects of such circuits are well known to those skilled in the art and will not be described in detail herein. Alternative embodiments may utilize different key generation methods, key generation devices, key management systems, encryption and decryption devices, file management systems, shared key generation and distribution processes in information security delivery systems, file delivery protocols, and file formats than described above in the context of the illustrative embodiments. These and many other alternative embodiments within the scope of the appended claims will be apparent to those skilled in the art. And modifications to the disclosed embodiments, as well as other embodiments, are intended to be included within the scope of the appended claims. The present disclosure is defined by the claims and their equivalents.

Claims

1. A key generation and distribution method, comprising:

2. The method of claim 1, wherein the key is generated using the following procedure:

generating, by the key generation apparatus, the timestamp;

calculating the timestamp and the master key to generate an intermediate key;

extracting an information generation key from the secondary information; and

and associating the key with the timestamp corresponding to the key.

3. The method of claim 2, wherein operating on the timestamp and the master key to generate an intermediate key comprises:

4. The method of claim 2, wherein operating on the timestamp and the master key to generate an intermediate key comprises:

5. The method of claim 1, wherein the one-way data conversion algorithm performs data conversion using input information as control information to generate output information,

6. The method of claim 5, wherein the data transformation employs a combined die operation,

the one-way data conversion algorithm is configured to:

7. The method of claim 6, wherein said common data is configured as an end-to-end circular sequence of N x M elements, said circular sequence being divided into N units of length M, each of said units being identified by a number from 0 to N-1;

8. The method of claim 5, wherein generating the key using the following procedure comprises:

extracting an information generation key from the secondary information; and

associating the key with a corresponding time stamp,

9. The method of claim 1, further comprising:

receiving a second timestamp transmitted from the paired key generation device;

10. A key generation apparatus comprising:

11. The apparatus of claim 10, wherein the key generation module is further configured to:

generating the timestamp;

calculating the timestamp and the master key to generate an intermediate key;

extracting an information generation key from the secondary information; and

and associating the key with the timestamp corresponding to the key.

12. The apparatus of claim 11, wherein the key generation module is further configured to:

13. The apparatus of claim 10, wherein the system information further comprises a public database configured to store public data, the public data comprising a number of bits substantially greater than a number of bits comprised by the master key,

the key generation module is further configured to:

14. The apparatus of claim 13, wherein the data transformation employs a combined die operation,

the one-way data conversion algorithm is configured to:

15. The apparatus of claim 14, wherein said common data is configured as an end-to-end circular sequence of N x M elements, said circular sequence being divided into N units of length M, each of said units being identified by a number from 0 to N-1;

16. The apparatus of claim 13, wherein the key generation module is further configured to:

extracting an information generation key from the secondary information; and

associating the key with a corresponding time stamp,

17. The apparatus of claim 10, wherein the transmission unit is further configured to receive a second timestamp transmitted from a paired key generating device;

the key generation unit is further configured to generate a second key determined by information in the master key and the second timestamp through the one-way data conversion algorithm according to the master key and by means of the second timestamp, and the second key is used as a second key corresponding to the second timestamp.

18. A key management system, comprising:

a management-side device, the management-side device comprising:

a user information module configured to store the user identification code;

a key generation module comprising a key generation apparatus as claimed in any one of claims 10 to 17 and storing a master key, configured to generate a respective user key for each of a plurality of users, and to communicate the user identification code and the respective key to a corresponding user end device as the user key for the user.

19. The system according to claim 18, wherein the key generation module generates a key corresponding to the subscriber identity as a timestamp in response to the subscriber identity sent from the subscriber information module, and transmits the subscriber identity and the corresponding key to the corresponding subscriber end device as the subscriber key of the subscriber.

20. The system of claim 18, wherein the control module is further configured to:

21. The system of claim 18, wherein the key generation module is further configured to:

22. The system of claim 18, further comprising:

23. The system of claim 18, further comprising:

24. An encryption and decryption apparatus comprising:

the key generation apparatus of any of claims 10-17, configured to generate a one-time key;

an input port configured to read or input data to be encrypted;

25. The encryption and decryption apparatus according to claim 24, further comprising:

an output port configured to output the recovered data.

26. A file management system comprises a management end device and one or more user end devices,

the management terminal device includes:

a key management module employing a key management system as claimed in any one of claims 18 to 23, configured to store a system master key and to generate and distribute a user master key for each user of the system;

a system encryption and decryption module, which uses the encryption and decryption apparatus according to claim 24 or 25, and is configured to encrypt and decrypt the file information exchanged between the user end device and the management end device;

the customer premises equipment includes:

the user encryption and decryption module, which employs the encryption and decryption apparatus according to claim 24 or 25, and is configured to encrypt and decrypt the file information exchanged between the user end device and the management end device.

27. The system according to claim 26, wherein the management-side device generates and stores a user identifier of each user of the user-side device through the key management module, generates a user master key corresponding to the user identifier, and allocates the user master key and the corresponding user identifier to each user-side device;

28. The system of claim 27, wherein the management device is further configured to generate a user master key of the target user through the key management module, as the master key of the system encryption and decryption module, encrypt the file information through the system encryption and decryption module to generate a ciphertext, and transmit the ciphertext to the target user end device through a public channel;

29. The system of claim 28, further comprising:

30. An information security delivery system comprises a first communication device and a second communication device which are paired, wherein

The first communication device includes:

a first key generation apparatus, using the key generation apparatus of any of claims 10-17, configured to generate a one-time key as the first key;

the second communication device includes:

a second key generation apparatus, using the key generation apparatus of any of claims 10-17, configured to generate a one-time key as the second key;

31. The system for securely transferring information as claimed in claim 30, wherein

The second communication device further comprises:

the second input port is configured to read or input a second file to be sent;

the first communication device further comprises: