CN115333777A - Data encryption method, system, device and storage medium - Google Patents
Data encryption method, system, device and storage medium Download PDFInfo
- Publication number
- CN115333777A CN115333777A CN202210819562.3A CN202210819562A CN115333777A CN 115333777 A CN115333777 A CN 115333777A CN 202210819562 A CN202210819562 A CN 202210819562A CN 115333777 A CN115333777 A CN 115333777A
- Authority
- CN
- China
- Prior art keywords
- encrypted
- data
- encryption
- packet
- integer
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 98
- 238000003860 storage Methods 0.000 title claims abstract description 18
- 238000003491 array Methods 0.000 claims abstract description 20
- 238000007493 shaping process Methods 0.000 claims abstract description 13
- 230000015654 memory Effects 0.000 claims description 17
- 230000001174 ascending effect Effects 0.000 claims description 4
- 230000005540 biological transmission Effects 0.000 abstract description 13
- 230000006870 function Effects 0.000 description 34
- 238000009827 uniform distribution Methods 0.000 description 9
- 238000005311 autocorrelation function Methods 0.000 description 8
- 238000005336 cracking Methods 0.000 description 8
- 238000010586 diagram Methods 0.000 description 8
- 238000006467 substitution reaction Methods 0.000 description 8
- 238000004364 calculation method Methods 0.000 description 7
- 230000008569 process Effects 0.000 description 7
- 238000005516 engineering process Methods 0.000 description 6
- 230000008901 benefit Effects 0.000 description 5
- 238000005314 correlation function Methods 0.000 description 5
- 239000000203 mixture Substances 0.000 description 3
- 208000003580 polydactyly Diseases 0.000 description 3
- 238000006243 chemical reaction Methods 0.000 description 2
- 238000004891 communication Methods 0.000 description 2
- 239000002131 composite material Substances 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000001502 supplementing effect Effects 0.000 description 2
- 238000013459 approach Methods 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 125000004122 cyclic group Chemical group 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 230000007480 spreading Effects 0.000 description 1
- 238000003892 spreading Methods 0.000 description 1
- 230000007723 transport mechanism Effects 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- General Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- Bioethics (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Computing Systems (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a data encryption method, a system, a device and a storage medium, which are characterized in that a preset encryption index is expanded to obtain a large-index field type containing multi-bit numbers, and then the numbers of the large-index field type are divided into a plurality of integer arrays with the length of 10 from the highest bit of the large-index field type. And then, carrying out integer shaping on the integer array to obtain a position permutation sequence consisting of a plurality of position permutation groups, wherein the position permutation groups are completely and uniformly distributed sequences. Dividing the obtained elements of the data to be encrypted into a plurality of groups to be encrypted with the length of 10 from the first left, and performing local position replacement inside the groups on the elements in the corresponding groups to be encrypted through the position replacement groups according to a preset group corresponding relation to obtain first encrypted data consisting of encrypted groups. The method has high confidentiality, simple realization and less transmission parameters, and can be widely applied to data encryption scenes such as IoT data transmission encryption and the like.
Description
Technical Field
The present application relates to the field of data encryption technologies, and in particular, to a data encryption method, system, device, and storage medium.
Background
With the advent of the big data era, massive data needs to be processed, and the problem of data security is caused. During data transmission, data may be intercepted, resulting in data leakage. Therefore, in the related art, data to be transmitted is encrypted and transmitted in a form of a ciphertext to ensure the safety of the data. In the data encryption method based on the conversion of data from plaintext to ciphertext, two conditions are usually used for measuring the advantages and disadvantages of the encryption method, wherein firstly, the cost for breaking the ciphertext is far greater than the value of the plaintext data, and secondly, the time required for breaking the ciphertext is far greater than the effective time of the plaintext data. In other words, the amount of computation (or computational complexity) to break the ciphertext is the key of this data encryption method. In the related art, the data encryption method based on the conversion of data from plaintext to ciphertext generally has the problems of low cracking difficulty, complex transmission parameter and the like.
Disclosure of Invention
The present application is directed to solving, at least to some extent, one of the technical problems in the related art. Therefore, the application provides a data encryption method, system, device and storage medium.
In a first aspect, an embodiment of the present application provides a data encryption method, including: expanding a preset encryption index to obtain a large-index field type containing a plurality of digits; dividing the numbers of the large exponential patterns into a plurality of integer arrays from the highest bit of the large exponential patterns; the length of each integer array is 10, and each digit in the integer arrays is a decimal number; integer array carry on integer while being said, get position permutation sequence that is made up of a plurality of position permutation groups; starting from the first bit on the left, dividing the elements of the obtained data to be encrypted into a plurality of groups to be encrypted; wherein the length of each packet to be encrypted is 10; according to a preset grouping corresponding relation, carrying out position replacement on elements in the corresponding to-be-encrypted grouping through the position replacement grouping to obtain an encrypted grouping; and determining first encrypted data corresponding to the data to be encrypted according to the plurality of encrypted packets.
Optionally, the performing integer shaping on the integer array to obtain a position permutation sequence composed of a plurality of position permutation groups includes: sequentially inquiring each digit in the integer array from the first digit on the left, and deleting the digits except for the first occurrence or only one occurrence to obtain a first array; sequentially supplementing the decimal numbers which do not appear in the first array to the last digit of the first array in an ascending order to obtain the position replacement packet which has the length of 10 and appears in each decimal number and appears only once; and when the integer array is integer, obtaining the position permutation sequence composed of a plurality of position permutation groups.
Optionally, the first number characterizes a position of a number in the sequence of position permutations or of an element in the packet to be encrypted; the second number characterizes a position of an element in the encrypted packet; the obtaining of the encrypted packet by performing the position permutation on the element in the corresponding to-be-encrypted packet by the position permutation packet includes: determining any element in the packet to be encrypted as an encryption starting point; determining the numbers with the same number in the position replacement sequence according to the numbers of the elements in the packet to be encrypted; the second number in the encrypted packet with the number as the element; and determining the element corresponding to the first number which is the same as the second number as the next encryption starting point.
Optionally, the method further comprises: if the length of the data to be encrypted is not an integral multiple of 10, padding characters are supplemented after the last packet to be encrypted of the data to be encrypted, so that the length of each packet to be encrypted in the data to be encrypted is 10.
Optionally, the method further comprises: and if the length of the large-exponent field pattern is not an integral multiple of 10, discarding the last integer array with the length smaller than 10.
Optionally, shifting an element in the first encrypted data according to a preset shifting direction and a preset shifting length; and taking the shifted first encrypted data as new data to be encrypted, returning to expand the preset encryption index to obtain a large-index field type containing multiple digits, and re-executing the data encryption method to obtain second encrypted data.
Optionally, the method further comprises: and the data encryption side sends the encryption index and the grouping corresponding relation to a data receiving side so that the data receiving side decrypts the first encrypted data according to the encryption index and the grouping corresponding relation to obtain the data to be encrypted.
In a second aspect, an embodiment of the present application provides a data encryption system, including: the first module is used for expanding a preset encryption index to obtain a large-index field type containing a plurality of digits; a second module for dividing the numbers of the large-exponent field into a plurality of integer arrays starting from the highest bit of the large-exponent field; the length of each integer array is 10, and each digit in the integer arrays is a decimal number; a third module, configured to perform integer shaping on the integer array to obtain a position permutation sequence composed of a plurality of position permutation groups; a fourth module, configured to divide the elements of the obtained data to be encrypted into a plurality of packets to be encrypted, starting from the first bit on the left; wherein the length of each packet to be encrypted is 10; a fifth module, configured to perform position permutation on elements in the corresponding to-be-encrypted packet through the position permutation packet according to a preset packet correspondence relationship, so as to obtain an encrypted packet; and the sixth module is used for determining first encrypted data corresponding to the data to be encrypted according to the plurality of encrypted packets.
In a third aspect, an embodiment of the present application provides a data encryption apparatus, including: at least one processor; at least one memory for storing at least one program; when executed by the at least one processor, cause the at least one processor to implement the data encryption method described above.
In a fourth aspect, the present application provides a computer storage medium, in which a program executable by a processor is stored, and the program executable by the processor is used for implementing the data encryption method when executed by the processor.
The embodiment of the application has the following beneficial effects: firstly, a preset encryption index is expanded to obtain a large-index field type containing multiple digits, and then the digits of the large-index field type are divided into a plurality of integer arrays with the length of 10 from the highest position of the large-index field type. And then, carrying out integer shaping on the integer array to obtain a position permutation sequence consisting of a plurality of position permutation groups, wherein the position permutation groups are completely and uniformly distributed sequences. Then, starting from the first left bit, dividing the obtained elements of the data to be encrypted into a plurality of groups to be encrypted with the length of 10, and performing local position replacement inside the groups on the elements in the corresponding groups to be encrypted through the position replacement groups according to a preset group corresponding relation to obtain first encrypted data consisting of encrypted groups. The data encryption method is constructed by the randomness and the uniform distribution characteristic of a large-index field type, the confidentiality of an encryption scheme is guaranteed by realizing high randomness of element replacement in data to be encrypted, and the method is simple to implement, has few transmission parameters and can be widely applied to data encryption scenes such as IoT data transmission encryption and the like.
Drawings
The accompanying drawings are included to provide a further understanding of the invention, and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the example serve to explain the principles of the invention.
FIG. 1 is a flow chart of steps of a data encryption method provided by an embodiment of the present application;
FIG. 2 shows an example of the present application, 7 108 And 7 108 And 7 107 A schematic of the cross correlation function of (a);
FIG. 3 is a schematic diagram of an autocorrelation function and an autocorrelation function of two random number sequences randomly generated by MATLAB provided by an embodiment of the present application;
FIG. 4 is a flowchart illustrating integer array integer shaping steps provided in an embodiment of the present application;
fig. 5 is a flowchart of a step of performing location permutation to obtain an encrypted packet according to an embodiment of the present application;
FIG. 6 is a schematic illustration of a position permutation provided by an embodiment of the present application;
FIG. 7 is a schematic diagram of a data encryption system provided by an embodiment of the present application;
fig. 8 is a schematic diagram of a data encryption apparatus according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more clearly understood, the present application is further described in detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application.
It is noted that while a division of functional blocks is depicted in the system diagram, and logical order is depicted in the flowchart, in some cases the steps depicted and described may be performed in a different order than the division of blocks in the system or the flowchart. The terms first, second and the like in the description and in the claims, and the drawings described above, are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order.
In the above, it is mentioned that the calculation amount (or the calculation complexity) for cracking the ciphertext is the key of the data encryption method, and in a common simple function, based on a positive integer n, the calculation amounts of different functions are sorted from small to large as follows:
log n,n,n 2 ,n 3 ,...,2 n ,3 n ,...,n!,n n
as can be seen, the factorial function n! Is far more than the exponential function a n Is large, where a is the base of the exponential function. Therefore, it can be understood that, when data in a plaintext is replaced by a ciphertext, if a function with a higher operation amount is used as a basis for the replacement, the plaintext is more difficult to obtain through ciphertext cracking. For example, take a plaintext data with a length of n as an example, if n! To convert it into ciphertext, it may be necessary to attempt n! When n is large enough, the cost for cracking the ciphertext becomes very high and is higher than the value of plaintext data (or the time for cracking the ciphertext is far longer than the effective time of the plaintext data), so that the high security of the data can be realized. In the embodiment of the application, an exponential function a is used n Constructing a position replacement sequence of the data on the basis, wherein the constructed position replacement sequence can be used for extracting the data to be encryptedFor approximating n! The embodiment of the present application provides a data encryption method that can obtain a ciphertext close to the complexity of a factorial function level by performing location substitution based on a simple function. The embodiments of the present application will be further explained with reference to the drawings.
Referring to fig. 1, fig. 1 is a flowchart illustrating steps of a data encryption method provided in an embodiment of the present application, where the method includes, but is not limited to, steps S100-S150:
s100, expanding a preset encryption index to obtain a large-index field type containing multi-digit numbers;
specifically, methods for converting plaintext into ciphertext include permutation encryption and substitution encryption. The replacement encryption is that data in plain text are sequentially scrambled and rearranged according to a certain rule, the structurality of the plain text is broken, so that the plain text is converted into ciphertext with the meaning which cannot be identified, and in the replacement encryption method, elements in the plain text only change positions. The substitution encryption is a method of substituting elements in the plain text with other types of elements, for example, when the elements in the plain text are english, the english is substituted with corresponding chinese characters. In the process of the alternate encryption, the types of elements in the plaintext are changed, and when a ciphertext generated by the alternate encryption method is cracked, a substitution table (also referred to as a key) of the plaintext and the ciphertext used in the encryption needs to be obtained. In order to further improve the cracking difficulty, in practical application, multiple replacement encryption or multiple replacement encryption may be performed, or the replacement encryption and the replacement encryption may be used in combination.
The method provided by the embodiment of the application belongs to a replacement encryption method, the data encryption method is high in cracking difficulty, and a high confidentiality level can be achieved when the data encryption method is used as a single encryption method. In practical application, the data encryption method provided by the application can be combined with other encryption methods, so that the data security is further ensured. In the following, only the principle, implementation process and security of the data encryption method are described, and details on the combination of the data encryption method and other encryption methods are not repeated. Hereinafter, the mathematical basis of the data encryption method based on permutation encryption proposed in the embodiment of the present application is first set forth.
In order to improve the difficulty of decrypting the ciphertext in the data encryption method, the embodiment of the application uses an exponential function a n And constructing a position replacement sequence of the data for the basis, and encrypting the data by using the sequence to obtain an encryption space approaching a factorial function level. In the embodiment of the application, the exponential function a n Referred to as the encryption exponent, a is the base of the encryption exponent and n is the power of the encryption exponent. The encryption index is expanded to obtain a specific value called an index pattern. For example when the encryption function a n =5 4 Then, the exponential field pattern obtained after the expansion is 5 4 =5 × 5 × 5=625, 625 being 5 4 Is used to generate the exponential field pattern. If the encryption function a n =7 108 Then, the exponential pattern obtained after the expansion is as follows:
7 108 =(18646,11341,71613,14493,26161,68039,56698,97144,64158,58248,58341,59291,20740,30215,43182,06422,51722,18248,01)
the index pattern contains a total of 92 digits, and it should be understood that the index pattern is actually one actual digit, separated by commas for ease of reading and description. It is clear that if the exponentiation of the cryptographic exponent takes a large value, it is not easy to calculate the exponent pattern of the cryptographic exponent. Taking n =30 and n =50 as an example, and taking a =2, the function operation amount of each simple function is as shown in table 1 below.
TABLE 1
Table 1 above shows the function calculation amount of each simple function provided in the embodiments of the present application, and if a program calculation is performed by a computer, 10 is required -6 The time required to perform the above function in seconds is shown in table 2 below.
TABLE 2
Table 2 above shows the estimated operation time of each simple function provided in the embodiment of the present application, and it can be seen that, when the power of the encryption exponent is large enough, it is safe and reliable to select the exponential function as the encryption function, regardless of the operation amount of the function or the estimated operation time of the function. Therefore, in the embodiment of the present application, the exponent pattern after the exponent expansion should be a large exponent pattern.
First, it will be explained that the number of digits in the large-exponent field obtained by the encryption exponent expansion is very large from the actual calculation data and the operation data. The following continues to demonstrate two properties of the large exponential pattern, respectively properties that are difficult to estimate and uniformly distributed.
Firstly, the characteristics of large index patterns which are difficult to estimate are demonstrated to encrypt the index a n =7 107 And a n =7 108 For example. When occurring in exponential form, 7 107 And 7 108 It looks similar, with the bases of the two exponents being the same, with the powers differing by only 1. And two large exponent patterns are obtained by expanding the two encryption exponents as follows:
7 108 =(18646,11341,71613,14493,26161,68039,56698,97144,64158,58248,58341,59291,20740,30215,43182,06422,51722,18248,01)
7 107 =(26637,30488,16590,20704,65945,25770,80998,53063,77369,40355,11916,56132,96290,03077,59743,77464,53174,03543)
therein, 7 107 The large-exponent field pattern contains 90 decimal numbers in total, 7 108 The large-exponent field pattern of (2) contains 92 decimal digits. Although the lengths of the two large exponential patterns do not differ very much, the number arrangements in the two large exponential patterns actually differ greatly. Referring to fig. 2, fig. 2 is a drawing 7 provided in the embodiment of the present application 108 And 7 108 And 7 107 Schematic of the cross correlation function of (a). As shown in FIG. 2, 7 108 The autocorrelation function of (2) is a blue waveform, the waveform of the function exhibitsApproximating the ideal impulse function result of white noise. It will be appreciated that the closer the autocorrelation function is to the impulse function, the more random it is representative of the current sequence. And the orange waveform in fig. 2 indicates 7 108 And 7 107 The waveform of the cross-correlation function is represented by 7 108 And 7 107 The cross-correlation of (a) is low. Further, referring to fig. 3, fig. 3 is a schematic diagram of an autocorrelation function and an autocorrelation function of two random number sequences randomly generated by MATLAB according to an embodiment of the present application, and assuming that the two random number sequences are referred to as a first random sequence and a second random sequence, a blue waveform in fig. 3 represents the autocorrelation function of the first random sequence, and an orange waveform represents the cross-correlation function of the first random sequence and the second random sequence. Comparing the same color waveforms in fig. 2 and 3, it can be seen that 7 108 And 7 107 It is even more preferable to the degree of randomness than two random sequences randomly generated by MATLAB, since it is apparent that the blue waveform in fig. 2 is closer to the shape of the pulse function, and the orange waveform in fig. 2 is overall lower than the orange waveform in fig. 3.
According to the above, the large exponential patterns proposed in the embodiments of the present application firstly have the characteristics similar to the impulse function of the autocorrelation function, and secondly the cross-correlation properties of the cross-correlation functions of the two large exponential patterns with similar exponential forms are very low, so it can be demonstrated that: the randomness of the large exponential field pattern is very high, and the difficulty of calculating the original exponential encryption function by the large exponential field pattern is very high.
In the following, the behavior of a uniform distribution of the large-index patterns is demonstrated. In the embodiment of the present application, entropy (denoted by H) that measures the message volume is referred to as a measure of the degree of uniform distribution of the exponential patterns. Let a discrete information source have n elements, denoted as { v } 0 ,v 1 ,...,v n-1 The relative probability in an element is denoted as { p } 0 ,p 1 ,...,p n-1 And then, the entropy value of the discrete information source is expressed as the following formula:
if the field pattern of visual index (d) 0 d 1 ...d n-1 ) Is a random sequence of length N, d k-1 E {0,1,2.., 9} represents the kth element in the sequence, then the discrete information source has n =10 elements (i.e., d is meant) k-1 Belonging to any one of 10 elements of {0,1,2.., 9 }), when N is large enough and has high randomness, then p can be determined 0 ≈p 1 ≈p 2 ...≈p 9 =0.1, the ideal entropy value H of the discrete information source 10 Can be calculated as follows:
if so
To represent an exponential pattern (d) 0 d 1 ...d n-1 ) In accordance with the fact of p k The entropy calculated from the value of (a) then defines
The uniformity of the index pattern is characterized. Referring to table 3 and table 4 below, table 3 provides the composition of the exponential patterns with prime numbers as the base numbers and the corresponding entropy and uniformity of the exponential patterns. Table 4 shows the composition of the exponential patterns with the composite number as the base number and the corresponding entropy and uniformity of the exponential patterns provided by the present application.
TABLE 3
TABLE 4
The formats of the above tables 3 and 4 are the same, first, the first column on the left of the table is the index form of the index field type, the index is expanded to obtain the index field type, the decimal numbers in the index field type are counted, the composition of the current index field type is determined through the second column to the eleventh column of the table, for example, refer to the second row in the table 3, the index 2 312 The expanded index pattern comprises 10 numbers 0,5 numbers 1,7 numbers 2. The length of the field pattern obtained by the exponential expansion selected in tables 3 and 4 was between 90 and 100. It can be easily seen from the above tables 3 and 4 that when the exponent field pattern is large enough, the decimal number in the exponent field pattern has a high uniformity degree, at least up to 95%, no matter the base number or the composite number of the exponent.
Therefore, it can be determined from the above that when the length of the exponential pattern is sufficiently long (for example, the above-demonstrated length is above 90), the decimal numbers 0 to 9 in the exponential pattern can be considered to be substantially uniformly distributed, that is, the uniform distribution characteristic of the exponential pattern is demonstrated.
According to the above, firstly, a large-exponent field pattern with a length can be obtained according to a simple combination of a base number and an exponent, and even if the exponents are similar in structure, the obtained large-exponent field pattern has a certain degree of randomness; finally, the decimal numbers in the large-exponent field type have the characteristic of uniform distribution. It is because of these properties of the large exponential patterns, the examples of the present application suggest that the large exponential patterns have great potential as position-permutated sequences. When the positions in the data to be encrypted are represented by the numbers in the large-exponent field, the randomness of the positions where the elements in the data to be encrypted are replaced increases because the numbers in the large-exponent field have considerable randomness. And because the decimal numbers in the large-exponent field are uniformly distributed, in the array with ten numbers in one group, the probability that the elements in the data to be encrypted are possibly replaced from the current position to the other nine positions is equal, and the unpredictability of the replacement of the data to be encrypted is further enhanced. In addition, the large-exponent field is large in length, so that an array obtained by combining a plurality of decimal numbers can be obtained, and the arrays containing different combinations of decimal numbers can provide more choices for element replacement in the data to be encrypted. It can be said that the characteristic of the large exponential field pattern makes the data substitution in the data to be encrypted more likely, more combinable, and basically difficult to infer.
In light of the foregoing, the embodiments of the present application illustrate the mathematical principles and basis for using large exponent patterns as the basis for data replacement in data encryption methods, and the following description continues to illustrate specific data encryption methods.
S110, dividing the numbers of the large-exponent field into a plurality of integer arrays from the highest position of the large-exponent field;
specifically, a large-index field is obtained by expanding a preset encryption index, and from the highest bit of the large-index field, the number of the large-index field is divided into a plurality of integer arrays with the length of 10, wherein each digit in the integer arrays is a decimal number. As discussed above, the 10 decimal numbers 0-9 are used as discrete information sources in the exponential pattern, and the uniformity obtained by entropy calculation can indicate that the 10 decimal numbers 0-9 are basically uniformly distributed in the large exponential pattern. Therefore, in the embodiment of the present application, 10 numbers are taken as one group to obtain an integer array, and the numbers in the integer array are taken as the positions after the elements in the data to be encrypted are replaced. It can be understood that, on the premise of ensuring that no position conflict occurs after the position replacement is performed on the elements in the data to be encrypted (that is, the same position is not allocated to two elements), an integer array with the length of 10 may replace the elements in the data to be encrypted with the length of 10.
In some embodiments, the large exponent pattern obtained after the exponent spreading may not be an integer multiple of 10, which may result in the number of digits in the last integer array after the large exponent pattern is grouped to be less than 10. At this time, the last integer array with the length less than 10 may be discarded, and only the integer array with the length of 10 is used for subsequent position replacement.
S120, performing integer shaping on the integer array to obtain a position permutation sequence consisting of a plurality of position permutation groups;
specifically, an integer array of 10 in length is obtained according to the above steps. The uniform distribution of the large-exponent field pattern is uniform distribution as a whole, and does not mean that 0 to 9 are uniformly distributed in each integer array having a length of 10 in the large-exponent field pattern, and therefore, it is also necessary to perform integer shaping on the integer array to obtain a position permutation sequence that can be used for position permutation. The process of integer array integer shaping is described below in conjunction with the steps in fig. 4.
Referring to fig. 4, fig. 4 is a flowchart illustrating steps of integer array integer shaping provided in the embodiment of the present application, where the method includes, but is not limited to, steps S400 to S430:
s400, sequentially inquiring each digit in the integer array from the first digit on the left, and deleting the digits except for the first occurrence or only one occurrence to obtain a first array;
specifically, the encryption index is 2 312 For example, the resulting exponential pattern is developed as follows:
2 312 =(8343699359,0660550093,5555353972,4812947666,8145404556,7488260563,1280555545,8038306271,4852719565,2096)
starting from the most significant digit of the exponential pattern, every 10 digits are comma-separated, and the 10 digits between two punctuation marks represent an array of integers, e.g. let [8343699359 ]]Is an integer array A. In this step, each digit in the integer array is sequentially searched from the first digit on the left
The number a is represented as a repeating number, and a represents the number which appears for the first time or appears only once, then the integer array A can be arranged as
Deleting the numbers except for the first occurrence or only one occurrence to obtain a first array B of [834695 ]]。
S410, arranging the decimal numbers which do not appear in the first array in an ascending order, and sequentially supplementing the decimal numbers to the last digit of the first array to obtain a position replacement group which is 10 in length and only appears once in each decimal number;
specifically, according to step S400, if the decimal numbers that do not appear in the first array B include 0,1,2, and 7, the decimal numbers that do not appear in the first array are sorted in ascending order and sequentially supplemented to the last digit of the first array, so as to obtain a position replacement packet that has a length of 10 and appears once per decimal number, that is, the position replacement packet obtained after the integer of the above integer array a is [8346950127].
It will be appreciated that after the shaping, the resulting position permutation groups are actually completely uniformly distributed sequences, and 10 decimal numbers 0-9 appear in a position permutation group with the same number of times, and the positions where they appear are also highly random, that is, the position permutation groups can be considered as a group of random scrambling codes.
S420, when the integer arrays are completely integer, obtaining a position permutation sequence consisting of a plurality of position permutation groups;
according to the steps 400-S410, all integer arrays are shaped to obtain a plurality of position replacement groups, and the position replacement groups are sequentially arranged to form a position replacement sequence. With the above encryption index 2 312 For example, the last integer array with a length smaller than 10 in the exponent field is discarded, and the position permutation sequence C obtained after the integer is as follows:
2 312 →(8346950127,0659312478,5397201468,4812976035,8145062379,7482605319,1280543679,8036271459,4852719603)
the above formula is 2 312 The position replacement sequence is constructed on the basis of 90 numbers, namely the position replacement sequence can perform position replacement of elements for at least data to be encrypted with the element length of 90.
Through the above steps S400 to S420, the embodiment of the present application provides a method for performing integer permutation on an integer array to obtain a position permutation group with a length of 10 and each decimal number appearing only once, and on the premise of ensuring the randomness of numbers in the whole position permutation sequence, the decimal numbers in each position permutation group are uniformly distributed, so that the position permutation group can be used for performing position permutation on elements in data to be encrypted.
The above step S120 has already been explained through the above steps S400 to S420, and the explanation of step S130 is started.
S130, starting from the first bit on the left, dividing the elements of the acquired data to be encrypted into a plurality of groups to be encrypted;
specifically, the data to be encrypted at this time is called data to be encrypted, and elements in the data to be encrypted are divided into a plurality of packets to be encrypted, each of which has a length of 10. It can be understood that, since the data encryption method of the embodiment of the present application is substantially a replacement encryption method, and there is no influence or requirement on the types of elements in the data to be encrypted, the types of elements in the data to be encrypted can be in various forms such as numbers, letters, and chinese characters, and when grouping, the grouping only needs to be performed according to the minimum unit of the types of elements in the current data to be encrypted.
In some embodiments, if the length of the data to be encrypted is not an integer multiple of 10, a preset padding character may be supplemented after the last packet to be encrypted of the data to be encrypted, for example, the padding character is set to be a number 0, and zero is supplemented at the last packet to be encrypted of the last packet to be encrypted, which is less than 10 elements, so as to ensure that the length of each packet to be encrypted in the data to be encrypted is 10.
S140, according to a preset grouping corresponding relation, carrying out position replacement on elements in the corresponding to-be-encrypted grouping through the position replacement grouping to obtain an encrypted grouping;
specifically, numbering each position permutation group of the position permutation sequence C obtained in the above steps can obtain the following position permutation sequence:
2 312 →([8346950127] 0 ,[0659312478] 1 ,[5397201468] 2 ,[4812976035] 3 ,[8145062379,] 4 ,[7482605319] 5 ,[1280543679] 6 ,[8036271459] 7 ,[4852719603] 8 )
it is to be understood that the packets to be encrypted in the data to be encrypted may also be numbered in the same manner as described above. In the embodiment of the present application, one position replacement packet is used to perform position replacement on one packet to be encrypted, and therefore, a packet correspondence relationship between the position replacement packet and the packet to be encrypted needs to be determined in advance. For example, in some embodiments, the position permutation packet may directly correspond to the packet to be encrypted at the same position, that is, the position permutation packet numbered 0 provides the permutation for the packet to be encrypted numbered 0, and the position permutation packet numbered 1 provides the permutation for the packet to be encrypted numbered 1. In other embodiments, to further improve the randomness of the permutation, the packet correspondence between the position permutation packet and the packet to be encrypted may be represented in the form of a table or a function, e.g. with function f m,n Indicating that the position replacement is provided for the nth packet to be encrypted in the data to be encrypted by the mth position replacement packet in the current position replacement sequence.
After determining the position replacement packet corresponding to the packet to be encrypted according to the preset packet correspondence, the position replacement packet performs position replacement on the packet to be encrypted, and a process of obtaining the encrypted packet after performing position replacement in the embodiment of the present application is described below with reference to fig. 5.
Referring to fig. 5, fig. 5 is a flowchart illustrating steps of performing location permutation to obtain an encrypted packet according to an embodiment of the present application, where the method includes, but is not limited to, steps S500 to S530:
s500, determining any element in a packet to be encrypted as an encryption starting point;
specifically, suppose the data to be encrypted is a sentence of english: for convenience of reading, in the embodiment of the present application, the character _ "represents a space in the above english sentence, and the data to be encrypted is: "experience _ is _ the _ failure _ of _ wisdom _ and _ memory _ the _ the _ most". The sentence has 56 total space length, and can be used as 2 312 Derived position permutation order based onThe first six position permutation groups of the column are correspondingly subjected to position permutation. Assuming that the padding character is a letter o, the data to be encrypted is subjected to packet numbering to obtain the following expression:
([experience] 0 ,[_is_the_fa] 1 ,[ther_of_wi] 2 ,[sdom_and_m] 3 ,[emory_the_] 4 ,[motheroooo] 5 )
f is carried out in sequence by taking the position replacement grouping as the grouping to be encrypted with the same position 00 ,f 11 ,f 22 ...f 55 There are 6 sets of substitutions.
Referring to fig. 6, fig. 6 is a schematic diagram of position permutation provided in the embodiment of the present application, and as shown in fig. 6, a position permutation packet and a packet to be encrypted are indicated in a first parenthesis. Where the number (1) -r in the first row in the first parenthesis is the first number in this application, which characterizes the position of a digit in the position replacement sequence or of an element in the packet to be encrypted; the elements of the second row represent elements within the packet to be encrypted and the positions of the numerical representation of the third row replace numbers in the packet. The second parenthesis indicates the encrypted packet. Wherein the first line number in the second parenthesis 1) -10) is the second number in this application, which characterizes the position of the element in the encrypted packet; the elements of the second row represent the elements that have undergone a permutation of positions, i.e. the elements in the encrypted packet.
The data encryption method based on the location permutation proposed in the embodiment of the present application can be easily understood by combining fig. 5 and fig. 6. First, any one of the elements to be encrypted is determined to serve as an encryption starting point of the element in the group, and an element "e" with the first number (1) is taken as an encryption starting point for example in the following.
S510, determining numbers with the same number in the position replacement sequence according to the numbers of elements in the to-be-encrypted packets;
specifically, referring to fig. 6, after the encryption start point is determined, according to the number of the element in the packet to be encrypted, the number with the same number in the position permutation sequence is determined, that is, the first number of the encryption start point is (1), and the number corresponding to the position with the first number also being (1) in the position permutation sequence is determined, and the correspondence relationship between the first number, the element and the number can be represented as (1) → e → 8, (2) → x → 3, (8) → n → 1, and so on.
S520, a second number taking the number as an element in the encrypted packet;
specifically, the number in the position replacement packet in the present application is used to characterize the new order after the elements in the data to be encrypted are scrambled, that is, the number in the position replacement packet is actually the second number of the element in the encrypted packet. Referring to the connecting line numbered 1 in fig. 6, it can be seen that the path from the first number up to the element in the encrypted packet can be represented as: (1) → e → 8 → 8) → e. Thus, referring to steps S500-S520, the corresponding positions of all elements in the packet to be encrypted in the encrypted packet, i.e., from the packet to be encrypted [ experience ], can be determined]Performing a position replacement of f 00 The encrypted packet can then be obtained as [ encxpieer ]]I.e. to implement experience → encxpieeeer. By analogy, all the packets to be encrypted can be subjected to position replacement through the corresponding position replacement packets to obtain the corresponding encrypted packets. Such as a packet to be encrypted (therf _ of _ wi)]Performing a position replacement of f 22 After that, an encrypted packet [ of _ h _ twrie is obtained](ii) a Packet to be encrypted [ moteoooo ]]Performing a position replacement of f 55 Then, obtain the encrypted packet [ rohooemotto ]]。
And S530, determining an element corresponding to the first number which is the same as the second number as a next encryption starting point.
Specifically, in some embodiments, after the position replacement of the encryption starting point is completed, the remaining elements that are not replaced may be arbitrarily selected for the next position replacement. In other embodiments, an element corresponding to a first number that is the same as a second number of the current encryption starting point may be determined as the next encryption starting point. As shown in fig. 6, after the connection line with the reference number 1 completes the position replacement of the element with the first number (1), the second number of the element is 8), the first number (8) which is the same as the second number is determined, and the element e corresponding to (8) is used as the next encryption starting point. The location replacement steps, as described above in steps S510-S520, then continue. As shown in fig. 6, the 2-numbered connection completes the position replacement of the first (8) -numbered element, which is eventually replaced into the second 2) -numbered position in the encrypted packet. Therefore, if only the first number and the second number are reserved, the alternate path of the packet to be encrypted currently can be represented as two loops, i.e., 0 → 8 → 2 → 4 → 9 → 7 → 1 → 3 → 6 → 0 ≡ f (082497136) and 5 → 5 ≡ f (5), and other packets can be sequentially represented in such a loop sequence, which will not be described herein again. The method of the circular replacement can ensure that all elements in the packet to be encrypted are replaced by positions.
Through the above, the embodiment of the present application provides a method for performing position replacement on elements in a to-be-encrypted grouping by a position replacement grouping to finally obtain an encrypted grouping, where the elements in the encrypted grouping are the result of reordering the elements in the to-be-encrypted grouping. The content of the above step S140 has already been explained through steps S500-S530, and the explanation of step S150 is started.
S150, determining first encrypted data corresponding to the data to be encrypted according to the plurality of encrypted packets;
specifically, according to the step S140, all the packets to be encrypted are subjected to position permutation to obtain a plurality of encrypted packets, and the encrypted packets are sequentially combined to obtain the first encrypted data corresponding to the data to be encrypted. If the data to be encrypted "" experience _ is _ the _ false _ of _ wisdom _ and _ memory _ the _ the _ memory "", proceed f mn After the position replacement of (where m = n, and m and n are integers), the first encrypted data composed of the obtained encrypted packets is "encxpieeen _ het _ sifa _ of _ h _ twriedom _ smnad _ ymthor _ ee _ rooemoto".
It is understood that the first encrypted data is based on f mn And m = n, m may not be equal to n at all, so that the probability of the first encrypted data is n-1 times greater.
Taking the data to be encrypted N =90 as an example, the data to be encrypted can be divided into nine packets to be encrypted, and ten bits of each packet to be encryptedThe positions are all independently replaced, and the possibility of the output encrypted packets with different arrangement of each packet to be encrypted is 10! = 3628800. If only the position replacement packet with the same number is substituted for the packet to be encrypted (i.e. f mentioned above) mn And m = n), the possibility of the above 9 encrypted packets needs to be multiplied by 9 times, and the total of the output first encrypted data is 10 |! X 10! X10! =3628800 9 ≈1.09×10 59 >2 196 ≈10 59 . It can be seen that without the specific information of the location replacement, it takes a very long time to brute force the encrypted data to such a degree of complexity with exhaustive methods. Taking the related art encryption method AES-192 as an example, the key length is 192, and the number of generated keys is at most 2 192 ≈6.28×10 57 It is clear that there is much less likelihood of encrypting data than the encryption method in the embodiment of the present application outputs. On the basis of the above, if f in the present application mn And m is not necessarily equal to n, then the first encrypted data may also continue to be incremented by 9! Multiple possibilities. Through calculation, if the data encryption method based on the exponential integer pattern is equal to AES-256 in secrecy degree on the premise that N =90 of the data to be encrypted. Therefore, the data encryption method provided by the embodiment of the application has the advantage of security degree by comparing the data of the application with the data of the security scheme in the related art.
Moreover, it is understood that the above position permutation is performed inside the packet, that is, the above steps are actually implemented as a local permutation scheme inside the packet. In some embodiments, a global permutation scheme may also be added on the basis of the local permutation. The global replacement method specifically shifts first encrypted data obtained after first local replacement. For example, a shift direction is preset to shift to the right, a shift length is 2, and the shift mode is cyclic shift, and the elements in the first encrypted data are shifted according to the preset shift direction and shift length. For example, the data to be encrypted is "experience _ is _ the _ fast _ of _ wisdom _ and _ memory _ the _ the _ watch", and after partial replacement, the first encrypted data corresponding to the data to be encrypted can be represented as "encxpieen _ het _ sofa _ of _ h _ twriedom _ smnad _ ymthor _ ee _ rooemomoto". And shifting the first encrypted data according to the conditions that the shifting direction is shifting to the right and the shifting length is 2 to obtain data 'toencxpieeen _ het _ sifa _ of _ h _ twriedom _ smnad _ ymthor _ ee _ rooem'.
And after the shifting is finished, taking the shifted first encrypted data as new data to be encrypted, and carrying out a new round of partial replacement on the new data. That is to say, the data encryption method based on the large-exponent field pattern in the embodiment of the present application is re-executed on the shifted first encrypted data, and the second encrypted data is re-obtained, so that global permutation is completed, and the encryption round for re-executing the encryption method can be preset according to requirements. In addition, in an actual operation process, because the operation amount and the corresponding operation time consumption of the encryption method in the embodiment of the application can be obtained by correspondingly calculating the encryption round and the selected encryption index, for different data to be encrypted, the round in which the data encryption method needs to be operated and the corresponding encryption index can be determined according to business requirements. For example, if there is confidential data with a higher level, multiple rounds of data encryption can be performed, and each round of encryption can use a different encryption index, so as to further improve the confidentiality. For some data with high security level and short time effectiveness, only one or two rounds of encryption can be performed, and only the time for violently cracking the encrypted data needs to be controlled to be far longer than the effective time of the data. The embodiment of the application can obtain the encrypted data with controllable secrecy degree and flexible elasticity only by setting the encryption indexes corresponding to different rounds, and is simple to operate. For multi-round encryption, only a few encryption indexes (or a few grouping corresponding relations) need to be transmitted more during parameter transmission, and compared with an encryption scheme in the related technology, the scheme still has the advantage of less transmission parameters.
The following describes the data encryption method for multiple rounds in the present scheme in combination with the actual deduction process.
First, there are 10 elements in each packet to be encrypted, and the permutation is performed by using the position permutation packet with the length of 10 and the property of completely uniform distribution (that means that the 10 tens of bits from 0 to 9 are uniformly and randomly distributed), then the possibility obtained after each packet to be encrypted completes the partial permutation is that:
10!=10×9×8×...×2×1=3628800
if the length of the whole data to be encrypted is N =10k (k is a positive integer), there are k groups of the packets to be encrypted that need to be encrypted, and the possibility that the whole data to be encrypted is obtained after partial replacement is completed is as follows:
(10!) N/10 =(10!) k
if the encryption needs to execute i +1 round encryption (i is an integer greater than or equal to 0) according to the need of confidentiality, the possibility that the data to be encrypted is subjected to i +1 round encryption without considering the shift is as follows:
(10!) (i+1)/10 =(10!) (i+1)k
when shift is considered, the possibility of shift is (N-1) for the first shift, and if i shifts are performed in multiple rounds of encryption, the complexity level index O (N) after shift is obtained i ) Expressed as:
O(N i )=(N-1)(N-2)...(N-i)
therefore, combining the shift in the multi-round encryption, it can be determined that after i shifts in the i +1 round encryption, there is a possibility that the encrypted data obtained by encrypting the data to be encrypted is:
O(N i ×(10!) (i+1)/10 )→N!
that is, after multiple partial replacements and shifts, the encryption space (i.e. the total of the encryption data available from the current data to be encrypted) obtained by the encryption method proposed in the embodiment of the present application can approach N! I.e., approaching the above-mentioned n | which is the highest computational complexity in simple functions! It can be seen that the application can well meet the requirement of high confidentiality when a plurality of rounds of encryption are superposed. For example when 20<N<50,i=2,O(N i ×(10!) (i+1)N/10 )=N 2 ×(10!) 3N/10 >N! And when 60 is<N<120,i=3,O(N i ×(10!) (i+1)N/10 )=N 3 ×(10!) 2N/5 >N! . According to the above example, even in the case where the length of data to be encrypted is not too long, the complexity of encryption reaches n!after 2 to 3 rounds of execution by the data encryption method of the embodiment of the present application! . Therefore, the above deduction and example can show that the data encryption method of the embodiment of the present application can easily achieve the encryption complexity level at the factorial function level through the superposition of the encryption rounds.
Comparing the embodiment of the present application with AES-128, AES-192 and AES-256, firstly, the encryption spaces of AES-128, AES-192 and AES-256 are respectively:
2 128 ≈3.40×10 38
2 192 ≈6.28×10 57
2 256 ≈1.16×10 77
the data encryption method in the present application is specifically compared with the AES encryption method as follows:
when N =30,i =2,o (N) i ×(10!) (i+1)N/10 )≈6.85×10 40 >3.40×10 38 ≈2 128 ;
When N =60,i =1,o (N) i ×(10!) (i+1)N/10 )≈1.37×10 41 >3.40×10 38 ≈2 128 ;
When N =50,i =2,o (N) i ×(10!) (i+1)N/10 )≈1.98×10 67 >6.28×10 57 ≈2 192 ;
When N =60,i =2,o (N) i ×(10!) (i+1)N/10 )≈3.13×10 80 >1.16×10 77 ≈2 256 ;
When N =120,i =1,o (N) i ×(10!) (i+1)N/10 )≈6.26×10 80 >1.16×10 77 ≈2 256 。
Through the comparison, the embodiment of the application is determined to be a replacement encryption method with simple logic and less transmission parameters, has a better security degree than the common AES technology in the related technology, and can be widely applied to various data encryption systems.
In some embodiments, in performing the second round of partial permutation, the encryption exponent (i.e., the field of large exponents required for encryption) required for encryption may be the same as or different from the encryption exponent used in the first round. It can be understood that, on the one hand, the decryption difficulty of the encrypted data can be further increased by using different encryption indexes in different rounds, and the decryption can be completed only by acquiring the correct encryption indexes respectively corresponding to the multiple rounds when the encrypted data is violently decrypted. On the other hand, for the data to be encrypted with large data length, the operation complexity can be controlled by controlling the lengths of the encryption indexes of different rounds, so that the encryption requirement can be met, and the operation amount is reduced. Such as encryption using a shorter large-exponent pattern in a later round, sorting using multiple position permutation packets in the large-exponent pattern repeatedly, and so forth.
It is understood that since the second encrypted data is also actually data obtained by the permutation encryption, the internal elements thereof are also the same as those of the original data to be encrypted. Therefore, after the data receiving party determines the encryption round and the encryption index, the data receiving party can operate in a reverse order according to the data encryption method in the embodiment of the application, so that the second encrypted data is decrypted, and the original data plaintext to be encrypted is obtained.
It can be seen that the randomness of the permutation can be further improved by combining the global permutation on the basis of the local permutation, so that the security of the data encryption method is further enhanced.
It can be understood that, although the large-exponent field used in the above description includes a plurality of numbers and a plurality of arrays, in practice, the embodiment of the present application is relatively simple in implementation, and a data encryption scheme with a high degree of security can be obtained without generating a large number of keys and establishing an excessively complicated packet correspondence. In addition, when the data encryption method is actually implemented, the data encryptor only needs to send the encryption index and the packet correspondence to the data receiver before data transmission, so that the data receiver can decrypt the received first encrypted data according to the reverse-order operation of the above steps according to the encryption index (which can also be understood as a set of base number and power) and the packet correspondence (for example, m = n +1, and the like), thereby obtaining the data to be encrypted in the plaintext. If global permutation is performed again on the basis of the local permutation, the transferred parameters also need to include a shift direction and a shift length. Therefore, even under more complicated permutation combinations, in the data encryption method of the embodiment of the application, only a few simple parameters need to be transmitted between the data encryption party and the data decryption party. Therefore, besides high security degree, the embodiment of the application has the advantages of simple process and less transmission parameters in practical application.
Through the above steps S100 to S150, the present application provides a data encryption method based on permutation encryption, which first expands a preset encryption exponent to obtain a large exponent field containing multiple digits, and then divides the digits of the large exponent field into multiple integer arrays with a length of 10 starting from the highest bit of the large exponent field. And then, carrying out integer shaping on the integer array to obtain a position replacement sequence consisting of a plurality of position replacement groups, wherein the position replacement groups are completely and uniformly distributed sequences. Then, starting from the first position on the left, dividing the obtained elements of the data to be encrypted into a plurality of groups to be encrypted with the length of 10, and performing local position replacement inside the groups on the elements in the corresponding groups to be encrypted through the position replacement groups according to a preset group corresponding relation to obtain first encrypted data consisting of encrypted groups. After the first encrypted data is obtained, the first encrypted data can be encrypted for multiple times according to a preset encryption turn after being encrypted according to a preset shift direction and a preset shift length, and second encrypted data is obtained. The data encryption method is constructed by the randomness and the uniform distribution characteristic of a large-index field type, the confidentiality of an encryption scheme is guaranteed by realizing high randomness of element replacement in data to be encrypted, and the method is simple to implement, has few transmission parameters, and can be widely applied to data encryption scenes such as IoT data transmission encryption and the like.
Referring to fig. 7, fig. 7 is a schematic diagram of a data encryption system according to an embodiment of the present application, where the system 700 includes a first module 710, a second module 720, a third module 730, a fourth module 740, a fifth module 750, and a sixth module 760, where the first module is configured to expand a preset encryption exponent to obtain a large exponent field including a multi-bit number; the second module is used for dividing the numbers of the large-exponent field type into a plurality of integer arrays from the highest bit of the large-exponent field type; the length of each integer array is 10, and each digit in the integer arrays is a decimal number; the third module is used for reshaping the integer array to obtain a position permutation sequence consisting of a plurality of position permutation groups; the fourth module is used for dividing the elements of the acquired data to be encrypted into a plurality of groups to be encrypted from the first bit on the left; the fifth module is used for performing position replacement on elements in the corresponding to-be-encrypted packets through the position replacement packets according to a preset packet corresponding relation to obtain encrypted packets; the sixth module is used for determining first encrypted data corresponding to the data to be encrypted according to the plurality of encrypted packets.
Referring to fig. 8, fig. 8 is a schematic diagram of a data encryption apparatus provided in an embodiment of the present application, where the apparatus 800 includes at least one processor 810 and at least one memory 820 for storing at least one program; in fig. 8, a processor and a memory are taken as an example.
The processor and memory may be connected by a bus or other means, such as by a bus in FIG. 8.
The memory, as a non-transitory computer-readable storage medium, may be used to store non-transitory software programs as well as non-transitory computer-executable programs. Further, the memory may include high speed random access memory, and may also include non-transitory memory, such as at least one disk storage device, flash memory device, or other non-transitory solid state storage device. In some embodiments, the memory optionally includes memory located remotely from the processor, and these remote memories may be connected to the device over a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The above-described embodiments of the apparatus are merely illustrative, wherein the units illustrated as separate components may or may not be physically separate, i.e. may be located in one place, or may also be distributed over a plurality of network elements. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment.
The embodiment of the application also discloses a computer storage medium, wherein a program executable by a processor is stored, and the program executable by the processor is used for realizing the method provided by the application when being executed by the processor.
One of ordinary skill in the art will appreciate that all or some of the steps, systems, and methods disclosed above may be implemented as software, firmware, hardware, and suitable combinations thereof. Some or all of the physical components may be implemented as software executed by a processor, such as a central processing unit, digital signal processor, or microprocessor, or as hardware, or as an integrated circuit, such as an application specific integrated circuit. Such software may be distributed on computer readable media, which may include computer storage media (or non-transitory media) and communication media (or transitory media). The term computer storage media includes volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data, as is well known to those of ordinary skill in the art. Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, digital Versatile Disks (DVD) or other optical disk storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to store the desired information and which can accessed by a computer. In addition, communication media typically embodies computer readable instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism and includes any information delivery media as known to those skilled in the art.
While the preferred embodiments of the present invention have been described, the present invention is not limited to the above embodiments, and those skilled in the art can make various equivalent modifications or substitutions without departing from the spirit of the present invention, and such equivalent modifications or substitutions are included in the scope of the present invention defined by the claims.
Claims (10)
1. A method of data encryption, comprising:
expanding a preset encryption index to obtain a large-index field type containing a plurality of digits;
dividing the numbers of the large exponential patterns into a plurality of integer arrays from the highest bit of the large exponential patterns;
the length of each integer array is 10, and each digit in the integer arrays is a decimal number;
integer array carry on integer while being said, get position permutation sequence that is made up of a plurality of position permutation groups;
dividing the elements of the acquired data to be encrypted into a plurality of groups to be encrypted from the first bit on the left;
wherein the length of each packet to be encrypted is 10;
according to a preset grouping corresponding relation, carrying out position replacement on elements in the corresponding to-be-encrypted grouping through the position replacement grouping to obtain an encrypted grouping;
and determining first encrypted data corresponding to the data to be encrypted according to the plurality of encrypted packets.
2. The data encryption method of claim 1, wherein the integer shaping the array of integers to obtain a position permutation sequence consisting of a plurality of position permutation groups comprises:
sequentially inquiring each digit in the integer array from the first digit on the left, and deleting the digits except for the first occurrence or only one occurrence to obtain a first array;
the decimal numbers which do not appear in the first array are arranged in an ascending order and are sequentially supplemented to the last digit of the first array, and the position replacement packet which is 10 in length and appears once in each decimal number is obtained;
and when the integer array is integer, obtaining the position permutation sequence composed of a plurality of position permutation groups.
3. The data encryption method according to claim 1, characterized in that the first number characterizes the position of a number in the sequence of position permutations or of an element in the packet to be encrypted; the second number characterizes a position of an element in the encrypted packet; the obtaining of the encrypted packet by performing the position permutation on the element in the corresponding to-be-encrypted packet by the position permutation packet includes:
determining any element in the packet to be encrypted as an encryption starting point;
determining the numbers with the same number in the position replacement sequence according to the numbers of the elements in the packet to be encrypted;
the second number in the encrypted packet with the number as the element;
and determining the element corresponding to the first number which is the same as the second number as the next encryption starting point.
4. A data encryption method according to any one of claims 1 or 3, characterized in that the method further comprises:
if the length of the data to be encrypted is not an integral multiple of 10, padding characters are supplemented after the last packet to be encrypted of the data to be encrypted, so that the length of each packet to be encrypted in the data to be encrypted is 10.
5. The data encryption method of claim 1, wherein the method further comprises:
if the length of the large-exponent field is not an integral multiple of 10, discarding the last integer array with a length less than 10.
6. The data encryption method of claim 1, wherein the method further comprises:
shifting elements in the first encrypted data according to a preset shifting direction and a preset shifting length, and taking the shifted first encrypted data as new data to be encrypted;
returning to the step of expanding the preset encryption index to obtain a large-index field type containing multi-bit numbers;
and re-executing the data encryption method according to a preset encryption turn to obtain second encrypted data.
7. The data encryption method of claim 1, wherein the method further comprises:
and the data encryption side sends the encryption index and the grouping corresponding relation to a data receiving side so that the data receiving side decrypts the first encrypted data according to the encryption index and the grouping corresponding relation to obtain the data to be encrypted.
8. A data encryption system, comprising:
the first module is used for expanding a preset encryption index to obtain a large-index field type containing a plurality of digits;
a second module for dividing the numbers of the large-exponent field into a plurality of integer arrays starting from the highest bit of the large-exponent field;
the length of each integer array is 10, and each digit in the integer arrays is a decimal number;
a third module, configured to perform integer shaping on the integer array to obtain a position permutation sequence composed of a plurality of position permutation groups;
a fourth module, configured to divide the element of the obtained data to be encrypted into a plurality of packets to be encrypted, starting from the first bit on the left;
wherein the length of each packet to be encrypted is 10;
a fifth module, configured to perform position permutation on elements in the corresponding to-be-encrypted packet through the position permutation packet according to a preset packet correspondence relationship, so as to obtain an encrypted packet;
and the sixth module is used for determining first encrypted data corresponding to the data to be encrypted according to the plurality of encrypted packets.
9. A data encryption apparatus, comprising:
at least one processor;
at least one memory for storing at least one program;
when executed by the at least one processor, cause the at least one processor to implement the data encryption method of any one of claims 1-7.
10. A computer storage medium in which a processor-executable program is stored, wherein the processor-executable program, when executed by the processor, is for implementing a data encryption method as claimed in any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210819562.3A CN115333777B (en) | 2022-07-13 | 2022-07-13 | Data encryption method, system, device and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210819562.3A CN115333777B (en) | 2022-07-13 | 2022-07-13 | Data encryption method, system, device and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115333777A true CN115333777A (en) | 2022-11-11 |
| CN115333777B CN115333777B (en) | 2024-07-23 |
Family
ID=83917286
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210819562.3A Active CN115333777B (en) | 2022-07-13 | 2022-07-13 | Data encryption method, system, device and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115333777B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116305225A (en) * | 2023-05-24 | 2023-06-23 | 山东梧桐树软件有限公司 | User data encryption protection method used in online payment process |
| CN117332432A (en) * | 2023-09-21 | 2024-01-02 | 深圳高灯云科技有限公司 | Data desensitization method, device, computer equipment and storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111865591A (en) * | 2020-09-21 | 2020-10-30 | 北京华云安信息技术有限公司 | Symmetric encryption method, device, equipment and storage medium |
| CN113792305A (en) * | 2021-08-18 | 2021-12-14 | 广州城建职业学院 | Encryption and decryption method, system, equipment and computer readable storage medium |
| WO2022021005A1 (en) * | 2020-07-27 | 2022-02-03 | 中国科学院重庆绿色智能技术研究院 | Symmetric encryption and decryption method based on exponential complexity |
-
2022
- 2022-07-13 CN CN202210819562.3A patent/CN115333777B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2022021005A1 (en) * | 2020-07-27 | 2022-02-03 | 中国科学院重庆绿色智能技术研究院 | Symmetric encryption and decryption method based on exponential complexity |
| CN111865591A (en) * | 2020-09-21 | 2020-10-30 | 北京华云安信息技术有限公司 | Symmetric encryption method, device, equipment and storage medium |
| CN113792305A (en) * | 2021-08-18 | 2021-12-14 | 广州城建职业学院 | Encryption and decryption method, system, equipment and computer readable storage medium |
Non-Patent Citations (2)
| Title |
|---|
| S.-H. WANG: "A novel low-complexity precoded OFDM system with reduced PAPR", 《 IEEE TRANS. SIGNAL PROCESS》, vol. 63, no. 6, 31 December 2015 (2015-12-31), pages 1368 - 1376 * |
| 罗海波;葛斌;王杰;吴波;: "整合神经网络置乱图像的动态自反馈混沌系统图像加密", 中国图象图形学报, no. 03, 16 March 2018 (2018-03-16) * |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116305225A (en) * | 2023-05-24 | 2023-06-23 | 山东梧桐树软件有限公司 | User data encryption protection method used in online payment process |
| CN116305225B (en) * | 2023-05-24 | 2023-08-18 | 山东梧桐树软件有限公司 | User data encryption protection method used in online payment process |
| CN117332432A (en) * | 2023-09-21 | 2024-01-02 | 深圳高灯云科技有限公司 | Data desensitization method, device, computer equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115333777B (en) | 2024-07-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110677237B (en) | File encryption method with chaos-like characteristic | |
| KR101267109B1 (en) | Cryptographic primitives, error coding, and pseudo-random number improvement methods using quasigroups | |
| Daemen | Cipher and hash function design strategies based on linear and differential cryptanalysis | |
| Simmons | Symmetric and asymmetric encryption | |
| US5751811A (en) | 32N +D bit key encryption-decryption system using chaos | |
| AU702766B2 (en) | A non-deterministic public key encryption system | |
| US5193115A (en) | Pseudo-random choice cipher and method | |
| CN115333777A (en) | Data encryption method, system, device and storage medium | |
| KR102154164B1 (en) | Method for generating a pseudorandom sequence, and method for coding or decoding a data stream | |
| CN115659409B (en) | Financial asset transaction data safe storage method | |
| CN116527233B (en) | Energy monitoring data management system based on cloud computing | |
| US20020159588A1 (en) | Cryptography with unconditional security for the internet, commercial intranets, and data storage | |
| CN115276989A (en) | Serialized data encryption method based on direction scrambling | |
| CN116418481A (en) | Text privacy data double encryption protection method, device and equipment | |
| Kumar et al. | A cryptographic model based on logistic map and a 3-D matrix | |
| Aung et al. | A complex polyalphabetic cipher technique Myanmar polyalphabetic cipher | |
| CN114285610A (en) | Method for encrypting and transmitting information | |
| CN107078900B (en) | Cryptographic system based on reproducible random sequences | |
| US6301361B1 (en) | Encoding and decoding information using randomization with an alphabet of high dimensionality | |
| CN109344627A (en) | A kind of novel Shannon perfection time slot scrambling | |
| Dömösi et al. | A novel cryptosystem based on abstract automata and Latin cubes | |
| Lee et al. | Ciphertext-only attack on linear feedback shift register-based Esmaeili-Gulliver cryptosystem | |
| Rastaghi | An efficient CCA2-secure variant of the McEliece cryptosystem in the standard model | |
| KR20220137024A (en) | Symmetric Asynchronous Generation Encryption Method | |
| Simmons | Symmetric and asymmetric encryption |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |