CN113779614B - Encryption method based on improved AES algorithm and computer-readable storage medium - Google Patents

Encryption method based on improved AES algorithm and computer-readable storage medium Download PDF

Info

Publication number
CN113779614B
CN113779614B CN202111317720.7A CN202111317720A CN113779614B CN 113779614 B CN113779614 B CN 113779614B CN 202111317720 A CN202111317720 A CN 202111317720A CN 113779614 B CN113779614 B CN 113779614B
Authority
CN
China
Prior art keywords
random number
aes algorithm
encryption method
mapping
segment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202111317720.7A
Other languages
Chinese (zh)
Other versions
CN113779614A (en
Inventor
戚建淮
韩丹丹
崔宸
唐娟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Y&D Electronics Information Co Ltd
Original Assignee
Shenzhen Y&D Electronics Information Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Y&D Electronics Information Co Ltd filed Critical Shenzhen Y&D Electronics Information Co Ltd
Priority to CN202111317720.7A priority Critical patent/CN113779614B/en
Publication of CN113779614A publication Critical patent/CN113779614A/en
Application granted granted Critical
Publication of CN113779614B publication Critical patent/CN113779614B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F7/00Methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F7/58Random or pseudo-random number generators
    • G06F7/588Random number generators, i.e. based on natural stochastic processes

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Mathematical Optimization (AREA)
  • Pure & Applied Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Computational Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to an encryption method based on an improved AES algorithm, which comprises the following steps: carrying out key expansion; collecting system time; performing byte replacement; repeatedly executing round key addition until the set times are met, generating a random number SC based on the system time, and generating a random array with the length of SC; and obtaining a mapping ciphertext through a mapping function based on the random number SC and the character string to be encrypted which is input by the random number group in a segmented mode. The invention also relates to a computer-readable storage medium. By adding the segment mapping, the invention avoids the fixed corresponding relation from the plain text to the cipher text because the segment number of the segments and the bit number of each segment are randomly generated, thereby resisting enumeration attack.

Description

Encryption method based on improved AES algorithm and computer-readable storage medium
Technical Field
The present invention relates to the field of data encryption technologies, and in particular, to an encryption method and a computer-readable storage medium based on an improved AES algorithm.
Background
The AES (Advanced Encryption Standard) algorithm is a new generation of block symmetric cipher algorithm released by the national institute of standards and technology in 2001, and is used to replace the original DES (Data Encryption Standard), and its specific processes include byte replacement, line translation, column confusion, round key addition, and the like. In order to improve the encryption efficiency, the encryption process of the AES algorithm is improved, and the specific process of the improved AES algorithm may be: byte substitution and round key plus two processes.
However, for the improved AES algorithm, the plaintext directly obtains the ciphertext through the improved AES algorithm, so the plaintext has a fixed ciphertext corresponding to it, and thus cannot resist enumeration attack.
Disclosure of Invention
The technical problem to be solved by the present invention is to provide an encryption method based on an improved AES algorithm and a computer-readable storage medium, which can avoid a fixed correspondence relationship from plaintext to ciphertext by adding segment mapping, so as to resist enumeration attack.
The technical scheme adopted by the invention for solving the technical problems is as follows: an encryption method based on an improved AES algorithm is constructed, and the method comprises the following steps:
s1, carrying out key expansion;
s2, collecting system time;
s3, executing byte replacement;
s4, repeatedly executing round key addition until the set times are met, and then executing a step S5;
s5, generating a random number SC based on the system time and generating a random array with the length of SC
Figure 65086DEST_PATH_IMAGE001
S6, based on the random number SC and the random array
Figure 947591DEST_PATH_IMAGE002
And inputting the character string to be encrypted in a segmented mode to a mapping function to perform segmented mapping so as to obtain a mapping ciphertext.
In the encryption method based on the improved AES algorithm of the present invention, the step S6 further includes: inputting a character string C to be encrypted according to the random number SC1C2...CnIs divided into SC segments from right to left and is based on the random array through the mapping function
Figure 237758DEST_PATH_IMAGE002
Obtaining a segment mapped ciphertext
Figure DEST_PATH_IMAGE003
Wherein
Figure 180307DEST_PATH_IMAGE004
Wherein the random number SC is any integer from 8 to 16; n is 128, 192 or 256 and p is a positive integer greater than 2.
In the encryption method based on the improved AES algorithm of the present invention, the step S1 further includes:
expanding the original 8-bit-element 16 × 16 constant key matrix into 5 32-bit-element 16 × 16 expanded key matrices according to the following format:
2 × S (i, j) 3 × S (i, j), 3 × S (i, j) 2 × S (i, j), S (i, j) 3 × S (i, j) 2 × S (i, j), S (i, j) 3 × S (i, j), S (i, j), wherein S (i, j) represents an element in the original constant key matrix, and i takes on an integer of 0 to 15.
Another technical solution adopted by the present invention to solve the technical problem is to configure a computer-readable storage medium on which a computer program is stored, wherein the program is configured to implement the improved AES algorithm-based encryption method when executed by a processor.
The encryption method based on the improved AES algorithm and the computer readable storage medium increase the segment mapping, and because the segment number of the segments and the bit number of each segment are randomly generated, the fixed corresponding relation from the plain text to the cipher text is avoided, thereby being capable of resisting enumeration attack.
Drawings
The invention will be further described with reference to the accompanying drawings and examples, in which:
fig. 1 is a flow chart of the steps of an encryption method of the improved AES algorithm of the preferred embodiment of the present invention;
fig. 2 is a functional block diagram of an encryption process of the AES algorithm shown in fig. 1;
fig. 3 is a schematic diagram of a raw constant key matrix of a preferred embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The invention relates to an encryption method based on an improved AES algorithm, which comprises the following stepsThe method comprises the following steps: carrying out key expansion; collecting system time; performing byte replacement; repeatedly executing round key addition until set times are met, generating a random number SC based on the system time, and generating a random array with the length of SC
Figure 54459DEST_PATH_IMAGE002
(ii) a Based on the random number SC and the random array
Figure 475076DEST_PATH_IMAGE002
And inputting the character string to be encrypted in a segmented mode to a mapping function to perform segmented mapping so as to obtain a mapping ciphertext.
The invention is mainly characterized in that segment mapping is added on the basis of the improved AES algorithm, and because the number of segments and the number of bits of each segment are randomly generated, the fixed corresponding relation from the plain text to the cipher text is avoided, and the enumeration attack can be resisted. Therefore, the present invention mainly describes the application of the random number and the random array in the segment mapping, and other related steps, such as byte replacement, round key setting, round key addition, and encryption mapping steps, can be performed with reference to the AES specification, which is not specifically described in this document. Based on the teachings of the present application and the AES specification, one skilled in the art can implement the technical solution described in the present invention.
Fig. 1 is a flow chart of the steps of an encryption method of the improved AES algorithm of the preferred embodiment of the present invention. Fig. 2 is a functional block diagram of an encryption process of the AES algorithm shown in fig. 1. As shown in fig. 1-2, in step S1, key expansion is performed. AES is a block cipher that divides the plaintext into groups of equal length, and encrypts one set of data at a time until the entire plaintext is encrypted. In the AES standard specification, the packet length can only be 128 bits, that is, 16 bytes per packet (8 bits per byte). Thus, the length of the key may use 128 bits, 192 bits, or 256 bits. The recommended number of encryption rounds is different due to the different lengths of the keys. The keys are typically represented in a matrix. Thus, in the preferred embodiment, a matrix of 16 by 16 constants is used as shown in fig. 3. Thus, the key expansion step may be performed in such a way that the original 8-bit-wise 16 × 16 constant key matrix is expanded into a 32-bit-wise 5 × 16 expanded key matrix in the following format: 2 × S (i, j) 3 × S (i, j), 3 × S (i, j) 2 × S (i, j), S (i, j) 3 × S (i, j) 2 × S (i, j), S (i, j) 3 × S (i, j), S (i, j), wherein S (i, j) represents an element in the original constant key matrix, and i takes on an integer of 0 to 15. In the preferred embodiment, S (i, j) represents an element in the constant matrix shown in fig. 3.
In step S2, a system time is acquired. Here, any suitable timing software may be employed for system time acquisition.
In step S3, byte replacement is performed. It is known to those skilled in the art that the byte substitution of AES is a simple table lookup operation. AES defines one S-box and one inverse S-box. The elements in the state matrix are mapped to a new byte in the following way: the upper 4 bits of the byte are taken as the row value and the lower 4 bits as the column value, and the corresponding row element in the S-box or inverse S-box is taken out as the output. For example, in encryption, if the output byte S1 is 0x12, the 0x01 th row and 0x02 column of the S box are checked to obtain the value 0xc9, and then the original 0x12 of S1 is replaced with 0xc 9. Here, byte substitution may be performed in accordance with the AES specification, and a description thereof will not be repeated.
In step S4, step S5 is executed after the round key addition is repeatedly executed until the set number of times is satisfied. As mentioned above, the length of the key is different, and the number of recommended encryption rounds is also different. Here, a 256-bit key is used, and the number of encryption rounds is preferably 14 rounds. In this step, it is also proposed to perform round key addition according to the AES specification, which is not described again here.
In step S5, a random number SC is generated based on the system time, and a random array of length SC is generated
Figure 947646DEST_PATH_IMAGE001
. Here, the random number SC is any one of integers from 8 to 16. The random number SC and the random array
Figure 61096DEST_PATH_IMAGE001
May be generated using any known random number generation method.
In step S6, based on the random number SC and the random number group
Figure 924009DEST_PATH_IMAGE002
And inputting the character string to be encrypted in a segmented mode to a mapping function to perform segmented mapping so as to obtain a mapping ciphertext. Here, the random number SC determines the number of segments of the segment map, and the random number group
Figure 148317DEST_PATH_IMAGE002
Determining the number of bits per segment, thus based on the random number SC and the random number group
Figure DEST_PATH_IMAGE005
And segmenting the input character string to be encrypted to obtain a mapping ciphertext through a mapping function.
Specifically, the random number group is set according to the random number SC as the number of segments
Figure 147497DEST_PATH_IMAGE002
As a bit vector of each segment, inputting a character string C to be encrypted1C2...Cn(n = 128/192/256) are divided into SC segments from right to left, and the coefficients for each segment are found as:
Figure 431848DEST_PATH_IMAGE006
(ii) a So that
Figure 844375DEST_PATH_IMAGE004
With P = 2/3/# being true,
Figure 872374DEST_PATH_IMAGE006
i.e., the mapped ciphertext.
At this time, because the segment mapping is added, the number of segments of the segment and the number of bits of each segment are randomly generated, so that the fixed corresponding relation from the plaintext to the ciphertext is avoided, and the enumeration attack can be resisted.
The encryption method based on the improved AES algorithm increases the segment mapping, and because the number of segments and the number of bits of each segment are randomly generated, the fixed corresponding relation from the plaintext to the ciphertext is avoided, and the enumeration attack can be resisted.
Accordingly, the present invention can be realized in hardware, software, or a combination of hardware and software. The present invention can be realized in a centralized fashion in at least one computer system, or in a distributed fashion where different elements are spread across several interconnected computer systems. Any kind of computer system or other apparatus adapted for carrying out the methods of the present invention is suited. A typical combination of hardware and software could be a general purpose computer system with a computer program that, when being loaded and executed, controls the computer system such that it carries out the methods described herein.
The invention may also be embodied in a computer program product containing all the features enabling the implementation of the method according to the invention, which when loaded in a computer system, is able to carry out the encryption method according to the invention based on the modified AES algorithm. The computer program in this document refers to: any expression, in any programming language, code or notation, of a set of instructions intended to cause a system having an information processing capability to perform a particular function either directly or after either or both of the following: a) conversion to other languages, codes or symbols; b) reproduced in a different format.
While the invention has been described with reference to specific embodiments, it will be understood by those skilled in the art that various changes may be made and equivalents may be substituted without departing from the scope of the invention. In addition, many modifications may be made to adapt a particular situation or material to the teachings of the invention without departing from its scope. Therefore, it is intended that the invention not be limited to the particular embodiment disclosed, but that the invention will include all embodiments falling within the scope of the appended claims.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents and improvements made within the spirit and principle of the present invention are intended to be included within the scope of the present invention.

Claims (3)

1. An encryption method based on an improved AES algorithm is characterized by comprising the following steps:
s1, carrying out key expansion;
s2, collecting system time;
s3, executing byte replacement;
s4, repeatedly executing round key addition until the set times are met, and then executing a step S5;
s5, generating a random number SC based on the system time and generating a random array with the length of SC
Figure 418026DEST_PATH_IMAGE001
S6, based on the random number SC and the random array
Figure 232398DEST_PATH_IMAGE002
The method comprises the steps that a character string to be encrypted which is input in a segmented mode is mapped to a mapping function in a segmented mode to obtain a mapping ciphertext; the step S6 further includes: inputting a character string C to be encrypted according to the random number SC1C2...CnIs divided into SC segments from right to left and is based on the random array through the mapping function
Figure 54861DEST_PATH_IMAGE002
Obtaining a segment mapped ciphertext
Figure 321894DEST_PATH_IMAGE003
Wherein
Figure 520794DEST_PATH_IMAGE004
Wherein the random number SC is any integer from 8 to 16; n is 128, 192 or 256 and p is a positive integer greater than 2.
2. The improved AES algorithm-based encryption method according to claim 1, wherein the step S1 further includes:
expanding the original 8-bit-element 16 × 16 constant key matrix into 5 32-bit-element 16 × 16 expanded key matrices according to the following format:
2 × S (i, j) 3 × S (i, j), 3 × S (i, j) 2 × S (i, j), S (i, j) 3 × S (i, j) 2 × S (i, j), S (i, j) 3 × S (i, j), S (i, j), wherein S (i, j) represents an element in the original constant key matrix, and i takes on an integer of 0 to 15.
3. A computer-readable storage medium, on which a computer program is stored, which program, when being executed by a processor, is adapted to carry out the improved AES algorithm based encryption method according to claim 1 or 2.
CN202111317720.7A 2021-11-09 2021-11-09 Encryption method based on improved AES algorithm and computer-readable storage medium Active CN113779614B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111317720.7A CN113779614B (en) 2021-11-09 2021-11-09 Encryption method based on improved AES algorithm and computer-readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111317720.7A CN113779614B (en) 2021-11-09 2021-11-09 Encryption method based on improved AES algorithm and computer-readable storage medium

Publications (2)

Publication Number Publication Date
CN113779614A CN113779614A (en) 2021-12-10
CN113779614B true CN113779614B (en) 2022-03-15

Family

ID=78956836

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111317720.7A Active CN113779614B (en) 2021-11-09 2021-11-09 Encryption method based on improved AES algorithm and computer-readable storage medium

Country Status (1)

Country Link
CN (1) CN113779614B (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113206736A (en) * 2021-04-21 2021-08-03 国网黑龙江省电力有限公司齐齐哈尔供电公司 Encryption method based on AES encryption algorithm

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020048364A1 (en) * 2000-08-24 2002-04-25 Vdg, Inc. Parallel block encryption method and modes for data confidentiality and integrity protection
US7688976B2 (en) * 2005-07-14 2010-03-30 Tara Chand Singhal Random wave envelope derived random numbers and their use in generating transient keys in communication security application part I
US8522016B2 (en) * 2010-06-18 2013-08-27 Axis Technology Software, LLC On-the-fly data masking

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113206736A (en) * 2021-04-21 2021-08-03 国网黑龙江省电力有限公司齐齐哈尔供电公司 Encryption method based on AES encryption algorithm

Also Published As

Publication number Publication date
CN113779614A (en) 2021-12-10

Similar Documents

Publication Publication Date Title
KR100362458B1 (en) Cryptographic processing apparatus, cryptographic processing method, and recording medium recording cryptographic processing program for realizing high-speed crypographic processing without impairing security
Wang et al. Security analysis on a color image encryption based on DNA encoding and chaos map
Wei et al. Cryptanalysis of a cryptosystem using multiple one-dimensional chaotic maps
JPWO2009020060A1 (en) Common key block encryption apparatus, common key block encryption method, and program
Wong et al. A more secure chaotic cryptographic scheme based on the dynamic look-up table
EA027214B1 (en) Method of data encryption with chaotic changes of round key based on dynamic chaos
Bujari et al. Comparative analysis of block cipher modes of operation
US20070277043A1 (en) Methods for Generating Identification Values for Identifying Electronic Messages
CN114124359A (en) Method and device for preserving format encrypted data, electronic equipment and storage medium
CN113779614B (en) Encryption method based on improved AES algorithm and computer-readable storage medium
CN107493164B (en) DES encryption method and system based on chaotic system
Jang et al. A format-preserving encryption FF1, FF3-1 using lightweight block ciphers LEA and, SPECK
KR20080044150A (en) Apparatus and method for mapping out compressed function of a hash mode of operation for block cipher
JP5113833B2 (en) ENCRYPTION METHOD AND ENCRYPTION APPARATUS FOR IMPROVING OPERATION PERFORMANCE OF A CENTRAL PROCESSOR
KR20010034058A (en) Method for the cryptographic conversion of binary data blocks
KR101807259B1 (en) Apparatus and methdo for encoding
RU2738321C1 (en) Cryptographic transformation method and device for its implementation
Patro et al. Text-to-image encryption and decryption using piece wise linear chaotic maps
Gligoroski et al. On the importance of the key separation principle for different modes of operation
Wang et al. Attack to an image encryption based on chaotic Logistic map
CN110532763A (en) A kind of cipher constructions method and system based on high-order orthomorphic permutation
Rishakani et al. A Note on the Construction of Lightweight Cyclic MDS Matrices.
Xiang et al. On the security of binary arithmetic coding based on interval shrinking
Chang et al. A chaos-based joint compression and encryption scheme for streaming data
Ramesh et al. A novel block-cipher mechanism for information security in cloud system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant