CN113783692A - Dynamic encryption communication system - Google Patents
Dynamic encryption communication system Download PDFInfo
- Publication number
- CN113783692A CN113783692A CN202111096037.5A CN202111096037A CN113783692A CN 113783692 A CN113783692 A CN 113783692A CN 202111096037 A CN202111096037 A CN 202111096037A CN 113783692 A CN113783692 A CN 113783692A
- Authority
- CN
- China
- Prior art keywords
- dynamic
- sender
- communication
- unit
- receiver
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 230000006854 communication Effects 0.000 title claims abstract description 198
- 238000004891 communication Methods 0.000 title claims abstract description 189
- 238000006243 chemical reaction Methods 0.000 claims abstract description 32
- 230000005540 biological transmission Effects 0.000 claims abstract description 18
- 238000012545 processing Methods 0.000 claims description 48
- 238000013500 data storage Methods 0.000 claims description 21
- 238000001914 filtration Methods 0.000 claims description 13
- 238000012423 maintenance Methods 0.000 claims description 12
- 238000011084 recovery Methods 0.000 claims description 8
- 239000000284 extract Substances 0.000 claims description 4
- 238000001228 spectrum Methods 0.000 claims description 4
- 238000005516 engineering process Methods 0.000 description 5
- 238000005336 cracking Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 238000000034 method Methods 0.000 description 3
- 230000007547 defect Effects 0.000 description 2
- 238000013467 fragmentation Methods 0.000 description 2
- 238000006062 fragmentation reaction Methods 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 230000002159 abnormal effect Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/12—Details relating to cryptographic hardware or logic circuitry
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a dynamic encryption communication system, which consists of dynamic encryption equipment, sender communication equipment, receiver communication equipment and dynamic decryption equipment, wherein the sender communication equipment is used for sending a message to the receiver; the invention adds a sender dynamic conversion unit on the encryption equipment to form dynamic encryption equipment, adds a receiver dynamic conversion unit on the decryption equipment to form dynamic decryption equipment, and simultaneously respectively sets a sender route control output unit and a sender route control input unit on the dynamic encryption equipment and the sender communication equipment to support the sender to dynamically select channel transmission, and respectively sets a receiver route control input unit and a receiver route control output unit on the receiver communication equipment and the dynamic decryption equipment to support the receiver to dynamically select channel transmission.
Description
Technical Field
The invention belongs to the technical field of communication, and particularly relates to a communication system for dynamically changing an encryption algorithm, a secret key, a communication channel and communication contents in a communication process.
Background
Information encryption is a common means of information protection in the field of communications. And encrypting the plaintext by using an encryption algorithm and a secret key, transmitting the encrypted plaintext to an information receiver by the information transmitter through a communication channel, and decrypting the ciphertext by using a corresponding decryption algorithm by the information receiver so as to obtain the message plaintext. As shown in fig. 1, in the current communication system, both communication parties generally encrypt information by using a certain encryption and decryption algorithm, and transmit information by using a fixed communication channel, where only effective information is transmitted in the information transmission process.
Under the condition of high-speed development of the current communication technology and the computer technology, a fixed encryption mode, a fixed channel transmission and a fixed effective information transmission face a great risk of being stolen. And after the password stealing party acquires the complete ciphertext through a password stealing technology, the password stealing party decrypts or brute force by adopting a large-scale computing technology. And once the decryption succeeds, all information transmitted subsequently by the communication channel is decrypted into plaintext, so that the encryption communication system loses the meaning of secret transmission.
The traditional fixed encryption mode has the following defects in the practical application process: firstly, a fixed encryption algorithm and a fixed key are used, a secretor can continuously monitor a large amount of information for comparison and verification to obtain key information in the information, once the communication information is tried to be broken by the secretor at a certain time, the encryption algorithm and the key are mastered by the secretor, and information transmitted subsequently by a communication system is decrypted into a plaintext by the algorithm, so that all subsequent information is unprotected; secondly, a fixed communication channel is adopted, so that a person who steals the information can continuously eavesdrop the whole information communication process and completely steal the ciphertext, and the possibility of cracking the full information is greatly increased; finally, if only useful information is transmitted on the communication channel, the original information can be more easily acquired by a burglar, and the probability of secret breaking is increased.
Disclosure of Invention
The invention provides a novel dynamic encryption communication system for overcoming the defects on the premise of realizing the original encryption function.
The technical scheme adopted by the invention for solving the technical problems is as follows: a dynamic encryption communication system is composed of a dynamic encryption device, a sender communication device, a receiver communication device and a dynamic decryption device; the dynamic encryption equipment consists of a sender human-computer interface unit, a data storage input unit, a sender operation processing unit, a sender storage unit, a sender dynamic conversion unit, a sender information output unit, a sender route control output unit and a sender system maintenance unit, and after receiving plaintext information, the dynamic encryption equipment encrypts and sends the plaintext information according to a dynamically specified encryption algorithm and/or key; the sender arithmetic processing unit is provided with a plaintext processing module, a variable-based dynamic encryption module and an interference frame generation module, the plaintext processing module is respectively connected with a sender human-computer interface unit and a data storage input unit, the variable-based dynamic encryption module and the interference frame generation module are simultaneously connected with a sender information output unit, the plaintext processing module divides a plaintext acquired by the sender human-computer interface unit or the data storage input unit into multiple frames or contents sent for multiple times, then the variable-based dynamic encryption module is used for encrypting the plaintext, and the sender arithmetic processing unit generates multiple interference frames which are transmitted to sender communication equipment through the sender information output unit; the sender communication equipment consists of a sender information input unit, a sender routing control input unit, a communication routing unit configured with a variable-based dynamic communication routing module and a communication output unit, wherein the sender information input unit and the sender routing control input unit are respectively connected with the sender information output unit and the sender routing control output unit; the communication processing unit obtains a routing control instruction from the dynamic decryption device after the communication input unit receives the information of each communication channel, and effective information is filtered out and then delivered to the dynamic decryption device through the receiving party information output unit; the dynamic decryption equipment consists of a receiver human-computer interface unit, a data storage and output unit, a receiver system maintenance unit, a receiver arithmetic processing unit, a receiver storage unit, a receiver dynamic conversion unit, a receiver information input unit and a receiver route control and output unit, wherein the receiver information input unit and the receiver route control and output unit are respectively connected with the receiver information output unit and the receiver route control and input unit, and the receiver information input unit is connected with the receiver information output unit; the receiver arithmetic processing unit is provided with a plaintext recovery module, a variable-based dynamic decryption module and an interference filtering module, the plaintext recovery module is respectively connected with a receiver human-computer interface unit and a data storage output unit, and the interference filtering module is connected with a receiver information input unit and the variable-based dynamic decryption module; after the dynamic decryption device receives the ciphertext message, the receiver operation processing unit filters the interference frame through the interference filtering module, generates a dynamic decryption control instruction according to the variable-based dynamic decryption module, extracts a corresponding decryption algorithm and a key from the receiver storage unit to decrypt the residual valid message ciphertext, and transmits the plaintext to the receiver through the receiver human-computer interface unit or the data storage output unit after obtaining the plaintext.
The dynamic encryption communication system is characterized in that a sender dynamic conversion unit comprises a dynamic conversion module, a dynamic routing control module and a dynamic encryption control module, wherein the dynamic routing control module is connected with a sender routing control output unit and then connected with a sender routing control input unit.
The dynamic encryption communication system is characterized in that a receiver dynamic conversion unit of the dynamic encryption communication system consists of a dynamic conversion module, a dynamic routing control module and a dynamic decryption control module, and the dynamic routing control module is connected with a receiver routing control output unit and then connected with a receiver routing control input unit.
The dynamic encryption communication system has the advantages that the dynamic encryption equipment and the dynamic decryption equipment are matched with each other on the basis of the same dynamic variable.
In the dynamic encryption communication system, the communication channel comprises a frequency spectrum channel, a bus channel or a heterogeneous channel; when only one communication channel exists, the interference frame and the normal frame are mixed to be sent; when a plurality of communication channels exist, the dynamic encryption equipment selects one communication channel for transmission and dynamically encrypts the plaintext, and then on the idle communication channel, the dynamic encryption equipment encrypts invalid information to form an interference frame and transmits the interference frame through the communication equipment of the sender.
According to the dynamic encryption communication system, a plaintext is divided into a plurality of parts in the communication process, frame dynamic encryption is adopted, each frame of ciphertext is sent by communication equipment of a sending party according to a communication channel dynamically specified by the dynamic encryption equipment, and a communication equipment of a receiving party receives ciphertext messages according to the communication channel dynamically specified by the dynamic decryption equipment and then submits the ciphertext messages to the dynamic decryption equipment for decryption.
The invention has the following characteristics:
the invention not only has all functions of encryption communication of a common communication system, but also adds a sender dynamic conversion unit on the encryption equipment to form dynamic encryption equipment, adds a receiver dynamic conversion unit on the decryption equipment to form dynamic decryption equipment, and simultaneously respectively sets a sender route control output unit and a sender route control input unit on the dynamic encryption equipment and the sender communication equipment to support the sender to dynamically select channel transmission, and respectively sets a receiver route control input unit and a receiver route control output unit on the receiver communication equipment and the dynamic decryption equipment to support the receiver to dynamically select channel transmission.
Drawings
Fig. 1 is a block diagram of a conventional encryption communication system;
FIG. 2 is a block diagram of the dynamic encryption communications system of the present invention;
fig. 3 is a system framework diagram of the dynamic encryption communication system of the present invention.
The figures are numbered: e1-dynamic encryption device, E2-sender communication device, E3-receiver communication device, E4-dynamic decryption device, H1-sender human-machine interface unit, H2-data storage input unit, H3-sender arithmetic processing unit, H4-sender storage unit, H5-sender dynamic conversion unit, H6-sender information output unit, H7-sender route control output unit, H8-sender system maintenance unit, H9-sender information input unit, H10-sender route control input unit, H11-communication routing unit, H12-communication output unit, H13-communication input unit, H14-communication processing unit, H15-receiver information output unit, H16-receiver route control input unit, H17-receiver information input unit, H18-receiver route control output unit, H19-receiver arithmetic processing unit, h20-receiver dynamic conversion unit, H21-receiver storage unit, H22-receiver human-machine interface unit, H23-data storage output unit, H24-receiver system maintenance unit, S1-plaintext processing module, S2-variable-based dynamic encryption module, S3-interference frame generation module, S4-encryption algorithm library, S5/S17-key library, S6/S14-dynamic conversion module, S7/S15-dynamic routing control module, S8-dynamic encryption control module, S9-variable-based dynamic communication routing module, S10-variable-based dynamic communication processing module, S11-interference filtering module, S12-variable-based dynamic decryption module, S13-plaintext recovery module, S16-dynamic decryption control module, S18-decryption algorithm library.
Detailed Description
The technical solution of the present invention is described in detail below with reference to the accompanying drawings and examples, but the scope of the present invention is not limited to the examples.
Referring to fig. 2, the dynamic encryption communication system disclosed in the present invention is composed of a dynamic encryption device E1, a sender communication device E2, a receiver communication device E3, and a dynamic decryption device E4. After the information sender dynamically encrypts the plaintext through the dynamic encryption device E1, the encrypted ciphertext and the generated information interference frame are sent to the message receiver through the sender communication device E2, and the sender communication device E2 sends the normal ciphertext message and the interference message through a plurality of specified communication channels according to the instruction and the communication channel dynamic routing instruction sent by the dynamic encryption device E1. When the information reaches the receiver communication equipment E3 through the communication channel, the receiver communication equipment E3 filters the content transmitted by the invalid communication channel according to the communication channel routing control command sent by the dynamic decryption equipment E4, only receives the information transmitted by the valid communication channel, and transmits the information to the dynamic decryption equipment E4; after receiving the ciphertext message, the dynamic encryption device E1 filters out invalid interference messages, and decrypts the remaining valid ciphertext to obtain a plaintext. And finally, transmitting the plaintext to an information receiver. In the daily maintenance process, a user can realize an algorithm, a key and a dynamic conversion mechanism by refreshing the dynamic encryption equipment E1 and the dynamic decryption equipment E4, and the safety of the system is improved.
Referring to fig. 3, the hardware part of the dynamic encryption device E1 mainly comprises a sender human-computer interface unit H1, an information data storage input unit H2, a sender system maintenance unit H8, a sender arithmetic processing unit H3, a sender storage unit H4, a sender dynamic conversion unit H5, a sender information output unit H6 and a sender routing control output unit H7; the modules of the software part mainly comprise: the device comprises a dynamic encryption control module S8, a dynamic routing control module S7, a dynamic conversion module S6 based on dynamic variables, an encryption algorithm library S4 containing a plurality of encryption algorithms, a key library S5, a plaintext processing module S1, a dynamic encryption module S2 based on variables and an interference frame generation module S3. The sender arithmetic processing unit H3 comprises a plaintext processing module S1, a variable-based dynamic encryption module S2 and an interference frame generation module S3, the plaintext processing module S1 is respectively connected with a sender human-computer interface unit H1 and an information data storage input unit H2, and the variable-based dynamic encryption module S2 and the interference frame generation module S3 are simultaneously connected with a sender information output unit H6.
Firstly, a message sender inputs information plaintext to a dynamic encryption device E1 through a sender human-computer interface unit H1 or an information data storage input unit H2, then the dynamic encryption device E1 starts to split the plaintext through a plaintext processing module S1, the plaintext is split into multiple frames or contents sent for multiple times, then the plaintext to be sent is encrypted according to an encryption algorithm and a key specified by a dynamic encryption control module S8, and the plaintext in different frames (times) adopts different encryption algorithms and (or) keys. The encrypted ciphertext is passed from the output interface to the sender communication device E2. Meanwhile, the arithmetic processing unit H3 also generates a plurality of interference frames, and the sender information output unit H6 transmits the interference frames together with the ciphertext to the sender communication device E2. While the sender route control output unit H7 generates a communication channel selection instruction route output control instruction.
The plaintext processing module S1 performs fragmentation processing on a longer plaintext, and transmits the longer plaintext to the variable-based dynamic encryption module S2, the variable-based dynamic encryption module S2 requests the dynamic encryption control command from the dynamic sender conversion unit H5, the dynamic sender conversion unit H5 generates the dynamic encryption control command through the dynamic encryption control module S8, and provides the dynamic encryption control command to the variable-based dynamic encryption module S2, the variable-based dynamic encryption module S2 extracts a corresponding encryption algorithm and a corresponding key from the encryption algorithm library S4 and the key library S5 in the sender storage unit H4 according to the command, and then encrypts the message plaintext to generate a ciphertext, and meanwhile, the sender operation processing unit H3 continues to generate a corresponding interference frame through calculation, and transmits the ciphertext and the interference frame to the sender communication device E2 through the sender information output unit H6. Meanwhile, the sender dynamic conversion unit H5 of the dynamic encryption device E1 also generates dynamic routing information through the dynamic routing control module S7, and transmits the dynamic routing information to the sender communication device E2 through the sender routing control output unit H7.
The sender communication equipment E2 mainly comprises a sender information input unit H9, a sender route control input unit 10, a communication route unit H11 and a communication output unit H12, wherein the communication route unit H11 is provided with a variable-based dynamic communication route module S9, the sender information input unit H9 and the sender route control input unit 10 are respectively connected with the sender information output unit H6 and the sender route control output unit H7 and then sequentially connected with a communication route unit H11 and the communication output unit H12, the sender information input unit H9 assigns communication channels for each part of data and transmits the data after receiving the encrypted ciphertext and the interference frame transmitted from the dynamic encryption equipment E1 by the variable-based dynamic communication route module S9, and the route control input unit H10 receives the dynamic routing instruction transmitted by the dynamic encryption equipment E1 and then routes the data according to the dynamic routing instruction, the valid ciphertext information and the interference message are transmitted over the designated communication channel via communication routing unit H11. After the interface of the sender information input unit H9 receives the encrypted ciphertext and the interference frame transmitted from the dynamic encryption device E1, the communication routing unit H11 selects a corresponding communication channel to send according to the channel routing instruction received by the communication control input unit, and sends the received interference frame information to other channels. The communication channel is responsible for carrying the communicated message to the recipient communication device E3.
The sender dynamic conversion unit H5 is composed of a dynamic conversion module S6 based on dynamic variables, a dynamic route control module 7 and a dynamic encryption control module S8, and the dynamic route control module 7 is connected with the sender route control output unit H7 and then connected with the sender route control input unit 10.
The receiver communication equipment E3 mainly comprises a receiver information output unit H15, a receiver route control input unit H16, a communication input unit H13 and a communication processing unit H14, wherein the communication processing unit H14 is provided with a variable-based dynamic communication processing module S10, the communication processing unit H14 obtains a communication control instruction through the route control input unit H16 to obtain the content of a channel corresponding to effective information, and then transmits the information to the dynamic decryption equipment E4 through a sender information output unit H6; after the communication input unit H13 receives the information transmitted from the multiple communication channels, the communication processing unit H14 filters out the interference information of other abnormal communication channels according to the routing control command obtained by the routing control input unit H16 from the dynamic decryption device E4, and transmits the sender information output unit H6 to the dynamic decryption device E4. The receiver arithmetic processing unit H19 comprises a plaintext recovery module S13, a decryption module S12 and an interference filtering module S11, wherein the plaintext recovery module S13 is respectively connected with the receiver human-computer interface unit 22 and the information data storage output unit H23, and the interference filtering module S11 is connected with the receiver information input unit H17 and the decryption module S12.
The hardware part of the dynamic decryption equipment E4 mainly comprises a receiver human-computer interface unit 22, an information data storage and output unit H23, a receiver system maintenance unit H24, a receiver arithmetic processing unit H19, a receiver storage unit H21, a receiver dynamic conversion unit H20, a receiver information input unit H17 and a receiver routing control and output unit H18; the software functional module mainly comprises: the system comprises a dynamic conversion module S14 based on dynamic variables, a dynamic routing control module S15, a dynamic decryption control module S16, a key bank S17, a decryption algorithm bank S18, an interference filtering module S11, a dynamic decryption module S12 based on variables and a plaintext restoration module S13, wherein the plaintext restoration module S13 is respectively connected with a receiving-party human-computer interface unit 22 and a data storage output unit H23, and the interference filtering module S11 is connected with a receiving-party information input unit H17 and a dynamic decryption module S12 based on variables.
The dynamic conversion unit H20 of the receiver consists of a dynamic conversion module S14 based on dynamic variables, a dynamic route control module 15 and a dynamic decryption control module S16, wherein the dynamic route control module 15 is connected with the receiver route control output unit H18 and then is connected with the receiver route control input unit H16. The receiver information input unit H17 and the receiver route control output unit H18 are respectively connected with the receiver information output unit H15 and the receiver route control input unit H16.
After the dynamic decryption device E4 receives the valid ciphertext message delivered by the receiver communication device E3 through the receiver information input unit H17, the information is processed by the receiver arithmetic processing unit H19, the receiver arithmetic processing unit H19 firstly filters the interference through the interference filtering module S11, the effective message ciphertext is left, then the matching dynamic decryption control instruction is generated according to the sender dynamic conversion unit H5, the decryption module S12 obtains the dynamic decryption control command generated by the dynamic conversion unit H20 through the dynamic decryption control module S16, extracts the specified decryption algorithm and key from the key library S17 and decryption algorithm library S18 in the receiver storage unit H21, and decrypting the ciphertext data, recovering the segmented plaintext generated after decryption into a complete plaintext through a plaintext recovery module S13, and finally transmitting the plaintext to the information receiver through the receiver human-computer interface unit 22 or the data storage output unit H23 interface.
The dynamic encryption device E1 can dynamically select an encryption algorithm and/or a key to encrypt plaintext information to be transmitted by the sender, thereby generating a ciphertext, and specify the sender communication device E2 to transmit the ciphertext according to a dynamically selected transmission channel, and after the receiver communication device E3 receives the information, the receiver communication device E4 obtains an encrypted ciphertext according to the dynamic channel selection specified by the dynamic decryption device E4, and then transmits the ciphertext to the dynamic decryption device E4. And finally, the decryption module S12 in the dynamic decryption device E4 decrypts the ciphertext according to the encryption algorithm and the key which are matched and consistent, and obtains the information plaintext.
The dynamic encryption equipment E1 has the functions of decomposing the information of the plaintext of the communication of the sender, dynamically selecting an encryption algorithm and a communication channel and generating an interference frame, the communication equipment E2 of the sender is responsible for transmitting message ciphertext according to the dynamically selected channel, the communication equipment E3 of the receiver is responsible for receiving the message from the communication equipment E2 of the sender and extracting effective ciphertext according to the appointed dynamic communication channel, and the dynamic decryption equipment E4 is responsible for filtering the interference frame and converting the ciphertext into the plaintext by adopting a decryption algorithm and/or a key which are consistent with the dynamic encryption equipment E1.
When encrypting the communication plaintext, the dynamic encryption device E1 encrypts the communication plaintext according to a dynamically specified encryption algorithm and/or key, and then the encrypted communication plaintext is sent by the sender communication device E2, and after receiving the ciphertext through the receiver communication device E3, the information receiver decrypts the ciphertext by using the corresponding dynamic decryption algorithm and/or key, thereby obtaining the plaintext of the communication content.
In the communication process, the encryption device and the decryption device realize the matching of the encryption party and the decryption party based on the same dynamic variable, and ensure that a decryption algorithm and/or a secret key used by the decryption party and an encryption algorithm and/or a secret key used by the encryption party are kept consistent, so that a ciphertext can be correctly decrypted into a plaintext.
Because the encryption algorithm, the key and the transmission channel used in each frame (time) transmission can be dynamically changed, compared with the traditional encryption and decryption communication process, even if the ciphertext transmitted in the communication process is stolen, the stealing party can hardly break the related plaintext by comparing and deducing the encryption algorithm.
Even if a certain encryption algorithm used in the communication process is cracked by a secret-stealing party, the secret-stealing party can only obtain the plaintext of the message transmitted at a certain time, but cannot continuously obtain the plaintext in the whole communication process, and the loss of information leakage is reduced.
In the communication process, if the communication system has a plurality of channels such as a plurality of frequency spectrums, buses, heterogeneous channels and the like, in the communication transmission process, a plaintext is split into a plurality of parts, frame (sub) dynamic encryption is adopted, each frame (sub) of ciphertext is sent by communication equipment (a sender) according to a communication channel dynamically specified by encryption equipment, and the communication equipment (a receiver) receives a ciphertext message according to the communication channel dynamically specified by decryption equipment and then submits the ciphertext message to decryption equipment for decryption. The encryption device and the decryption device both adopt a communication channel selection algorithm based on the same dynamic variable to ensure consistency. By adopting the processing mode of dynamically selecting the communication channel, the possibility that a stealing party acquires all information contents can be reduced.
In the communication process, if the communication system has a plurality of frequency spectrums, buses, heterogeneous channels and other channels, after the encryption equipment dynamically selects a transmission channel and dynamically encrypts a plaintext, the encryption equipment encrypts invalid information to form an interference information frame on an idle communication channel, and the interference information frame is transmitted through the communication equipment (a sender) to form the condition that all the communication channels have information transmission, so that an encryptor acquires the valid information to form interference. If the communication system only has one communication channel, the condition that the interference frame and the normal frame are sent in a mixed mode is adopted, so that information interference is formed for a password thief, and the possibility that the password thief cracks effective information is reduced.
To ensure that the encryption and decryption algorithms, keys, used by the message sender and receiver remain consistent under dynamically changing conditions. The sender and the receiver adopt the same dynamic selection algorithm based on the same dynamic variable, thereby ensuring that the ciphertext is correctly decrypted into the plaintext. In addition, when the dynamic communication channel is selected, the method also ensures the routing and the selection of the effective communication channel.
The dynamic encryption device E1 and the dynamic decryption device E4 can be upgraded and maintained by maintenance personnel through the system maintenance unit H8 and the system maintenance unit H24 respectively, and the key bank and the algorithm bank are updated, so that the safety of the system is continuously improved.
In addition, in order to ensure the consistency of the encryption control command and the decryption control command to the use of the encryption algorithm and the decryption algorithm, the dynamic conversion modules of the dynamic encryption device E1 and the dynamic decryption device E4 both use the dynamic algorithm based on the same dynamic variable, and the generated encryption control command and the generated decryption control command are also matched and consistent. In order to ensure consistency of communication route control between the sender communication device E2 and the receiver communication device E3, dynamic route control commands based on the same dynamic variables generated in the dynamic encryption device E1 and the dynamic decryption device E4 are also used.
The invention dynamically changes the encryption algorithm and/or the secret key in the communication process, dynamically changes the used communication channel in the communication process, sends the plaintext for a plurality of times or a plurality of frames in the communication process, simultaneously increases the difficulty of breaking the secret by mixing the interference frame into the normal frame, and ensures that the encryption and decryption modes are matched and consistent by adopting the dynamic algorithm based on the same dynamic variable by the sender and the receiver.
The plaintext content of the sent message is sent by splitting, so that the possibility that the encrypted ciphertext is completely acquired is greatly reduced, the safety is improved, the plaintext is encrypted by using a dynamic encryption algorithm, the difficulty of ciphertext cracking is greatly improved, the dynamic channel selection transmission is supported, the possibility that the sent message is completely acquired is further reduced, and the normal ciphertext and the interference information in a communication channel are mixed by using an information interference mechanism, so that the possibility that the normal ciphertext is identified is greatly reduced, and the cracking difficulty is increased.
The invention uses the mode of mixing dynamic routing, information fragmentation and interference, further improves the confidentiality and the safety of the whole communication system, and greatly increases the communication safety. The system also has a special dynamic encryption function, can dynamically change an encryption algorithm and dynamically select a communication channel, can greatly increase the decryption difficulty and the communication security in the encrypted information transmission process, and can be widely applied to various wired and wireless communications with higher confidentiality.
The foregoing is illustrative only and is not limiting, and any person skilled in the art can make changes or modifications to the disclosed technology to obtain equivalent variations, and it should be understood by those skilled in the art that any modifications or equivalent substitutions that do not depart from the spirit and scope of the present invention are intended to be covered by the appended claims.
Claims (6)
1. A dynamic encryption communication system, comprising: the system consists of a dynamic encryption device (E1), a sender communication device (E2), a receiver communication device (E3) and a dynamic decryption device (E4);
the dynamic encryption equipment (E1) consists of a sender human-computer interface unit (H1), a data storage input unit (H2), a sender arithmetic processing unit (H3), a sender storage unit (H4), a sender dynamic conversion unit (H5), a sender information output unit (H6), a sender route control output unit (H7) and a sender system maintenance unit (H8), wherein the dynamic encryption equipment (E1) encrypts and sends plaintext information according to a dynamically specified encryption algorithm and/or key after receiving the plaintext information; the sender arithmetic processing unit (H3) is provided with a plaintext processing module (S1), a variable-based dynamic encryption module (S2) and an interference frame generation module (S3), the plaintext processing module (S1) is respectively connected with a sender human-computer interface unit (H1) and a data storage input unit (H2), the variable-based dynamic encryption module (S2) and the interference frame generation module (S3) are simultaneously connected with a sender information output unit (H6), the plaintext processing module (S1) splits the plaintext acquired by the sender human-computer interface unit (H1) or the data storage input unit (H2) into a plurality of frames or a plurality of times of transmitted contents, then, a plaintext is encrypted using a variable-based dynamic encryption module (S2), while a sender arithmetic processing unit (H3) generates a plurality of interference frames, together delivered to the sender communication device (E2) by the sender information output unit (H6);
the sender communication equipment (E2) consists of a sender information input unit (H9), a sender routing control input unit (10), a communication routing unit (H11) configured with a variable-based dynamic communication routing module (S9) and a communication output unit (H12), wherein the sender information input unit (H9) and the sender routing control input unit (10) are respectively connected with the sender information output unit (H6) and the sender routing control output unit (H7), and after receiving the encrypted ciphertext and the interference frame transmitted from the dynamic encryption equipment (E1), the sender information input unit (H9) specifies and transmits a communication channel for each part of data by the variable-based dynamic communication routing module (S9);
the receiver communication equipment (E3) consists of a communication input unit (H13), a communication processing unit (H14) with a variable-based dynamic communication processing module (S10), a receiver information output unit (H15) and a receiver route control input unit (H16), wherein after the communication input unit (H13) receives information of each communication channel, the communication processing unit (H14) obtains a route control command from the dynamic decryption equipment (E4), filters out valid information and delivers the valid information to the dynamic decryption equipment (E4) through the receiver information output unit (H15) through the communication control command generated by the variable-based dynamic communication processing module (S10);
the dynamic decryption device (E4) consists of a receiver human-computer interface unit (22), a data storage output unit (H23), a receiver system maintenance unit (H24), a receiver arithmetic processing unit (H19), a receiver storage unit (H21), a receiver dynamic conversion unit (H20), a receiver information input unit (H17) and a receiver route control output unit (H18), wherein the receiver information input unit (H17) and the receiver route control output unit (H18) are respectively connected with the receiver information output unit (H15) and the receiver route control input unit (H16), and the receiver information input unit (H17) is connected with the receiver information output unit (H15); the receiver arithmetic processing unit (H19) is provided with a plaintext recovery module (S13), a variable-based dynamic decryption module (S12) and an interference filtering module (S11), the plaintext recovery module (S13) is respectively connected with the receiver human-computer interface unit (22) and the data storage output unit (H23), and the interference filtering module (S11) is connected with the receiver information input unit (H17) and the variable-based dynamic decryption module (S12); after the dynamic decryption device (E4) receives the ciphertext message, the receiving side operation processing unit (H19) filters the interference frame through the interference filtering module (S11), generates a dynamic decryption control instruction according to the variable-based dynamic decryption module (S12), extracts a corresponding decryption algorithm and a corresponding key from the receiving side storage unit (H21) to decrypt the residual valid message ciphertext, and transmits the plaintext to the receiving side through the receiving side human-computer interface unit (22) or the data storage output unit (H23) after obtaining the plaintext.
2. A dynamic encryption communication system according to claim 1, wherein said sender dynamic switching unit (H5) is composed of a dynamic switching module (S6), a dynamic routing control module (7) and a dynamic encryption control module (S8), and said dynamic routing control module (7) is connected to the sender routing control output unit (H7) and then connected to the sender routing control input unit (10).
3. The dynamic encryption communication system according to claim 1, wherein the dynamic conversion unit (H20) of the receiving side is composed of a dynamic conversion module (S14), a dynamic routing control module (15) and a dynamic decryption control module (S16), and the dynamic routing control module (15) is connected to the receiving side routing control output unit (H18) and then connected to the receiving side routing control input unit (H16).
4. A dynamic encryption communication system according to claim 1, 2 or 3, characterized in that the dynamic encryption device (E1) and the dynamic decryption device (E4) implement matching of the decryptor and the encryptor based on the same dynamic variable.
5. A dynamic encryption communications system according to claim 1, 2 or 3, wherein said communications channel comprises a spectrum channel, a bus channel or a heterogeneous channel; when only one communication channel exists, the interference frame and the normal frame are mixed to be sent; when there are a plurality of communication channels, the dynamic encryption device (E1) selects one communication channel for transmission and dynamically encrypts the plaintext, and then, on the free communication channel, the dynamic encryption device (E1) encrypts the invalid information to form an interference frame and transmits the interference frame through the communication device (E2) on the transmitting side.
6. A dynamic encryption communication system according to claim 1, 2 or 3, characterized in that the plaintext is divided into a plurality of parts during communication, frame-by-frame dynamic encryption is adopted, each frame of ciphertext is sent by the sending communication device (E2) according to the communication channel dynamically assigned by the dynamic encryption device (E1), and the receiving communication device (E3) receives the ciphertext message according to the communication channel dynamically assigned by the dynamic decryption device (E4), and then submits the ciphertext message to the dynamic decryption device (E4) for decryption.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111096037.5A CN113783692B (en) | 2021-09-18 | 2021-09-18 | Dynamic encryption communication system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111096037.5A CN113783692B (en) | 2021-09-18 | 2021-09-18 | Dynamic encryption communication system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113783692A true CN113783692A (en) | 2021-12-10 |
| CN113783692B CN113783692B (en) | 2024-05-28 |
Family
ID=78852181
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111096037.5A Active CN113783692B (en) | 2021-09-18 | 2021-09-18 | Dynamic encryption communication system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113783692B (en) |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20120189122A1 (en) * | 2011-01-20 | 2012-07-26 | Yi-Li Huang | Method with dynamic keys for mutual authentication in wireless communication environments without prior authentication connection |
| CN103986583A (en) * | 2014-05-29 | 2014-08-13 | 上海斐讯数据通信技术有限公司 | Dynamic encryption method and encryption communication system thereof |
| CN105024800A (en) * | 2014-04-21 | 2015-11-04 | 许丰 | Random security communication method and Bluetooth device |
| CN107517206A (en) * | 2017-08-18 | 2017-12-26 | 北京北信源软件股份有限公司 | A kind of method, apparatus of secure communication, computer-readable recording medium and storage control |
| CN107659396A (en) * | 2016-07-23 | 2018-02-02 | 刘金宏 | A kind of dynamic encrypting method |
| US20180332010A1 (en) * | 2017-05-12 | 2018-11-15 | Wattre, Inc. | Network security devices and method |
| CN109347628A (en) * | 2018-09-29 | 2019-02-15 | 中国人民解放军国防科技大学 | Lightweight dynamic security encryption method based on physical layer channel characteristics |
| CN111885013A (en) * | 2020-07-06 | 2020-11-03 | 河南信大网御科技有限公司 | Mimicry encryption communication module, system and method |
-
2021
- 2021-09-18 CN CN202111096037.5A patent/CN113783692B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20120189122A1 (en) * | 2011-01-20 | 2012-07-26 | Yi-Li Huang | Method with dynamic keys for mutual authentication in wireless communication environments without prior authentication connection |
| CN105024800A (en) * | 2014-04-21 | 2015-11-04 | 许丰 | Random security communication method and Bluetooth device |
| CN103986583A (en) * | 2014-05-29 | 2014-08-13 | 上海斐讯数据通信技术有限公司 | Dynamic encryption method and encryption communication system thereof |
| CN107659396A (en) * | 2016-07-23 | 2018-02-02 | 刘金宏 | A kind of dynamic encrypting method |
| US20180332010A1 (en) * | 2017-05-12 | 2018-11-15 | Wattre, Inc. | Network security devices and method |
| CN107517206A (en) * | 2017-08-18 | 2017-12-26 | 北京北信源软件股份有限公司 | A kind of method, apparatus of secure communication, computer-readable recording medium and storage control |
| CN109347628A (en) * | 2018-09-29 | 2019-02-15 | 中国人民解放军国防科技大学 | Lightweight dynamic security encryption method based on physical layer channel characteristics |
| CN111885013A (en) * | 2020-07-06 | 2020-11-03 | 河南信大网御科技有限公司 | Mimicry encryption communication module, system and method |
Non-Patent Citations (2)
| Title |
|---|
| A. DOHERTY; RSA, THE SECURITY DIVISION OF EMC; M. PEI; VERISIGN, INC.;S. MACHANI;DIVERSINET CORP.;M. NYSTROM; MICROSOFT CORP.;: "Dynamic Symmetric Key Provisioning Protocol (DSKPP)", IETF, 31 December 2010 (2010-12-31) * |
| 钱涛;: "基于混沌理论的动态密钥产生器设计及其应用", 机械与电子, no. 07, 24 July 2010 (2010-07-24) * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113783692B (en) | 2024-05-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JPH03243035A (en) | System and method for ciphered communication | |
| US5764766A (en) | System and method for generation of one-time encryption keys for data communications and a computer program product for implementing the same | |
| US6996233B2 (en) | System and method for encrypting and verifying messages using three-phase encryption | |
| CN101931623B (en) | Safety communication method suitable for remote control with limited capability at controlled end | |
| CN113726725A (en) | Data encryption and decryption method and device, electronic equipment and storage medium | |
| CN114531239B (en) | Data transmission method and system for multiple encryption keys | |
| CN109005151A (en) | A kind of encryption of information, decryption processing method and processing terminal | |
| RU2376712C2 (en) | System and method for three-phase information encryption | |
| JPH09307542A (en) | Data transmitter and data transmission method | |
| CN114640455A (en) | Dynamic encrypted communication network | |
| CN112861164B (en) | Encryption method, decryption method, data processing method, terminal and encryption machine | |
| JPH10107832A (en) | Cipher multi-address mail system | |
| CN100464337C (en) | Method and equipment for carrying out safety communication between USB device and host | |
| CN113783692A (en) | Dynamic encryption communication system | |
| CN110557591B (en) | Network camera, video encryption transmission system and video encryption method | |
| CN112149166B (en) | Unconventional password protection method and intelligent bank machine | |
| JPH01212039A (en) | Cryptographic key common share device | |
| JP4667235B2 (en) | Data distribution / reception system and data distribution / reception method | |
| CN112668029A (en) | Private social software and private implementation method thereof | |
| JP2000224158A (en) | Ciphering communication system | |
| JPH0983509A (en) | Cipher communication method and its device | |
| CN113660276A (en) | Remote task scheduling method based on privacy data protection | |
| US20100014670A1 (en) | One-Way Hash Extension for Encrypted Communication | |
| JPH0777933A (en) | Network data ciphering device | |
| CN110636502A (en) | Wireless encryption communication method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant |