CN116366368A - Ciphertext transmission method and device based on information hiding - Google Patents

Ciphertext transmission method and device based on information hiding Download PDF

Info

Publication number
CN116366368A
CN116366368A CN202310520342.5A CN202310520342A CN116366368A CN 116366368 A CN116366368 A CN 116366368A CN 202310520342 A CN202310520342 A CN 202310520342A CN 116366368 A CN116366368 A CN 116366368A
Authority
CN
China
Prior art keywords
certificate
reference matrix
matrix
ciphertext
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310520342.5A
Other languages
Chinese (zh)
Inventor
杨宇光
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Industrial and Commercial Bank of China Ltd ICBC
Original Assignee
Industrial and Commercial Bank of China Ltd ICBC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Industrial and Commercial Bank of China Ltd ICBC filed Critical Industrial and Commercial Bank of China Ltd ICBC
Priority to CN202310520342.5A priority Critical patent/CN116366368A/en
Publication of CN116366368A publication Critical patent/CN116366368A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3268Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/50Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a ciphertext transmission method and a ciphertext transmission device based on information hiding, and relates to the technical field of information security, wherein the method comprises the following steps: the sender server acquires a certificate from the authentication group server; unpacking the certificate to obtain a first reference matrix; any element in the first reference matrix is one of a plurality of preset continuous natural numbers; dividing a first reference matrix into a plurality of first sub-matrices; any two elements in the first sub-matrix are different; taking the central elements of all the first submatrices to generate a second reference matrix; acquiring a host for hiding ciphertext information and ciphertext information to be hidden; hiding the ciphertext information to the host data by using a first reference matrix, a plurality of first submatrices and a second reference matrix to obtain host data with the ciphertext information hidden; and sending the host data hiding the ciphertext information to a receiver server. The invention can reduce the risk of ciphertext information leakage and increase the concealment of ciphertext information.

Description

Ciphertext transmission method and device based on information hiding
Technical Field
The present invention relates to the field of information security technologies, and in particular, to a ciphertext transmission method and apparatus based on information hiding.
Background
This section is intended to provide a background or context to the embodiments of the invention that are recited in the claims. The description herein is not admitted to be prior art by inclusion in this section.
Information hiding is a new technology for guaranteeing information security, and a system embeds specific information into a digital host data stream (such as text, digital sound, image, video signal and the like), so that hidden information is guaranteed not to be noticed by a monitor such as a hacker and the like as much as possible.
Various related improved algorithms emerge in a dispute as Least Significant Bit (LSB) algorithms are proposed. For example, an EMD algorithm is proposed that conceals one (2n+1) binary digital information by modifying at most one original pixel value in n image pixels, which algorithm can conceal 1.5 bits of information on average per pixel. Subsequently, the EMD algorithm was also improved, and the improved EMD algorithm (i.e., EMD-2 algorithm) achieved a hidden capacity of 1.585bpp. However, with the development of the multimedia age, the data volume of the multimedia information transmitted in the network is more and more huge, and the hidden capacity of the original algorithm is limited, so that the requirement of the hidden transmission of the big data in the current society cannot be met; in addition, with the rapid development of information transmission technology, the existing information hiding technology is poor in confusion and high in information leakage risk.
Disclosure of Invention
The embodiment of the invention provides a ciphertext transmission method based on information hiding, which is applied to a sender server and is used for reducing information leakage risk, increasing information hiding confusion and concealment and improving information hiding capacity, and the method comprises the following steps:
sending a certificate acquisition request to an authentication group server to which a certificate authority belongs, so that the authentication group server: after the sender user information and the receiver user information are verified and recorded according to the certificate acquisition request, a certificate is generated, and the certificate is sent to a sender server and a receiver server; the certificate comprises a plurality of preset natural numbers in succession;
receiving a certificate sent by an authentication group server;
unpacking the certificate to obtain a first reference matrix; any element in the first reference matrix is one of a plurality of preset continuous natural numbers;
dividing a first reference matrix into a plurality of first sub-matrices according to a first preset length-width threshold; wherein any two elements in the first sub-matrix are different;
taking the central elements of all the first submatrices to generate a second reference matrix;
acquiring host data for hiding ciphertext information and ciphertext information to be hidden;
Hiding the ciphertext information to the host data by using a first reference matrix, a plurality of first submatrices and a second reference matrix to obtain host data with the ciphertext information hidden;
and sending the host data hiding the ciphertext information to a receiver server.
The embodiment of the invention provides a ciphertext transmission method based on information hiding, which is applied to a receiver server and is used for reducing information leakage risk, increasing information hiding confusion and concealment and improving information hiding capacity, and the method comprises the following steps:
receiving a certificate sent by an authentication group server to which a certificate issuing organization belongs; the certificate is generated after the authentication group server verifies and records the information of the user of the sender and the information of the user of the receiver according to the certificate acquisition request sent by the sender server; the certificate comprises a plurality of preset natural numbers in succession;
unpacking the certificate to obtain a first reference matrix; any element in the first reference matrix is one of a plurality of preset continuous natural numbers;
dividing a first reference matrix into a plurality of first sub-matrices according to a first preset length-width threshold; wherein any two elements in the first sub-matrix are different;
Receiving host data of hidden ciphertext information sent by a sender server; the ciphertext information is hidden into the host data through a first reference matrix, a plurality of first submatrices and a second reference matrix;
ciphertext information is extracted from the host data using the first reference matrix, the plurality of first sub-matrices, and the second reference matrix.
The embodiment of the invention provides a ciphertext transmission device based on information hiding, which is applied to a sender server and is used for reducing information leakage risk, increasing information hiding confusion and concealment and improving information hiding capacity, and the device comprises:
the certificate acquisition module is used for sending a certificate acquisition request to the authentication group server to which the certificate issuing organization belongs, so that the authentication group server: after the sender user information and the receiver user information are verified and recorded according to the certificate acquisition request, a certificate is generated, and the certificate is sent to a sender server and a receiver server; the certificate comprises a plurality of preset natural numbers in succession;
the first certificate receiving module is used for receiving the certificate sent by the authentication group server;
the first certificate processing module is used for unpacking the certificate to obtain a first reference matrix; any element in the first reference matrix is one of a plurality of preset continuous natural numbers; dividing a first reference matrix into a plurality of first sub-matrices according to a first preset length-width threshold; wherein any two elements in the first sub-matrix are different; taking the central elements of all the first submatrices to generate a second reference matrix;
The ciphertext and host acquisition module is used for acquiring host data for hiding ciphertext information and ciphertext information to be hidden;
the information hiding module is used for hiding the ciphertext information to the host data by using the first reference matrix, the plurality of first submatrices and the second reference matrix to obtain host data of the hidden ciphertext information;
and the ciphertext sending module is used for sending the host data hiding the ciphertext information to the receiver server.
The embodiment of the invention provides a ciphertext transmission device based on information hiding, which is applied to a receiver server and is used for reducing information leakage risk, increasing information hiding confusion and concealment and improving information hiding capacity, and the device comprises:
the second certificate receiving module is used for receiving the certificate sent by the authentication group server to which the certificate issuing organization belongs; the certificate is generated after the authentication group server verifies and records the information of the user of the sender and the information of the user of the receiver according to the certificate acquisition request sent by the sender server; the certificate comprises a plurality of preset natural numbers in succession;
the second certificate processing module is used for unpacking the certificate to obtain a first reference matrix; any element in the first reference matrix is one of a plurality of preset continuous natural numbers; dividing a first reference matrix into a plurality of first sub-matrices according to a first preset length-width threshold; wherein any two elements in the first sub-matrix are different; taking the central elements of all the first submatrices to generate a second reference matrix;
The ciphertext receiving module is used for receiving host data of the hidden ciphertext information sent by the sender server; the ciphertext information is hidden into the host data through a first reference matrix, a plurality of first submatrices and a second reference matrix;
and the ciphertext decryption module is used for extracting ciphertext information from the host data by utilizing the first reference matrix, the plurality of first submatrices and the second reference matrix.
The embodiment of the invention also provides a computer device which comprises a memory, a processor and a computer program stored on the memory and capable of running on the processor, wherein the processor realizes the ciphertext transmission method based on information hiding when executing the computer program.
The embodiment of the invention also provides a computer readable storage medium, wherein the computer readable storage medium stores a computer program, and the computer program realizes the ciphertext transmission method based on information hiding when being executed by a processor.
The embodiment of the invention also provides a computer program product, which comprises a computer program, and the computer program realizes the ciphertext transmission method based on information hiding when being executed by a processor.
In the embodiment of the invention, a certificate is generated by an authentication group server to which a certificate issuing mechanism belongs, the certificate comprises a preset continuous plurality of natural numbers, after a sender server receives the certificate, the certificate is unpacked to obtain a first reference matrix, any element in the first reference matrix is one of the preset continuous plurality of natural numbers, the first reference matrix is utilized to obtain a plurality of first submatrices and second reference matrices, and the first reference matrix, the plurality of first submatrices and the second reference matrix are utilized to completely hide ciphertext information into host data. In this example, the first reference matrix is divided into a plurality of first sub-matrices according to the first preset length-width threshold, any two elements in the first sub-matrices are different, so that the information hiding capacity can be improved, and ciphertext information is completely hidden into host data by using the first reference matrix, the plurality of first sub-matrices and the second reference matrix, so that the risk of information leakage is reduced, and the information hiding confusion and concealment are increased.
In the embodiment of the invention, a certificate is generated by an authentication group server to which a certificate issuing mechanism belongs, the certificate comprises a plurality of preset continuous natural numbers, after a receiving party server receives the certificate, the certificate is unpacked to obtain a first reference matrix, any element in the first reference matrix is one of the plurality of preset continuous natural numbers, and a plurality of first submatrices and second reference matrices are obtained by using the first reference matrix; receiving host data of hidden ciphertext information sent by a sender server; the ciphertext information is hidden into the host data through a first reference matrix, a plurality of first submatrices and a second reference matrix; ciphertext information is extracted from the host data using the first reference matrix, the plurality of first sub-matrices, and the second reference matrix. In this example, the first reference matrix is divided into a plurality of first sub-matrices according to the first preset length-width threshold, any two elements in the first sub-matrices are different, so that the information hiding capacity can be improved, and ciphertext information is completely hidden into host data by using the first reference matrix, the plurality of first sub-matrices and the second reference matrix, so that the risk of information leakage is reduced, and the information hiding confusion and concealment are increased.
Drawings
In order to more clearly illustrate the embodiments of the invention or the technical solutions in the prior art, the drawings that are required in the embodiments or the description of the prior art will be briefly described, it being obvious that the drawings in the following description are only some embodiments of the invention, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art. In the drawings:
fig. 1 is a schematic flow chart of a ciphertext transmission method based on information hiding applied to a sender server in an embodiment of the invention;
fig. 2 is a block diagram of a ciphertext transmission system based on information hiding in an embodiment of the invention;
FIG. 3 is a block diagram of a Web service node in a ciphertext transmission system based on information hiding in an embodiment of the invention;
fig. 4 is a block diagram of an authentication group server in a ciphertext transmission system based on information hiding in an embodiment of the invention;
FIG. 5 is a schematic diagram of a first reference matrix according to an embodiment of the present invention;
fig. 6 is a schematic flow chart of a ciphertext transmission method based on information hiding applied to a receiver server in an embodiment of the invention;
FIG. 7 is a diagram illustrating an embodiment of a ciphertext transmission method based on information hiding according to an embodiment of the present invention;
Fig. 8 is a schematic structural diagram of a ciphertext transmission device based on information hiding applied to a sender server in an embodiment of the present invention;
fig. 9 is a schematic structural diagram of a ciphertext transmission device based on information hiding applied to a receiver server in an embodiment of the invention.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the embodiments of the present invention will be described in further detail with reference to the accompanying drawings. The exemplary embodiments of the present invention and their descriptions herein are for the purpose of explaining the present invention, but are not to be construed as limiting the invention.
The applicant finds that with the development of the multimedia age, the data volume of the multimedia information transmitted in the network is more and more huge, the hidden capacity of the original algorithm is limited, and the requirement of the hidden transmission of the big data in the current society cannot be met; in addition, with the rapid development of information transmission technology, the existing information hiding technology is poor in confusion and high in information leakage risk. For this reason, the applicant proposes a ciphertext transmission method based on information hiding.
It should be noted that, in the technical scheme of the application, the acquisition, storage, use, processing and the like of the data all conform to the relevant regulations of national laws and regulations.
Fig. 1 is a schematic flow chart of a ciphertext transmission method based on information hiding applied to a sender server in an embodiment of the invention, and as shown in fig. 1, the method includes:
step 101, sending a certificate acquisition request to an authentication group server to which a certificate authority belongs, so that the authentication group server: after the sender user information and the receiver user information are verified and recorded according to the certificate acquisition request, a certificate is generated, and the certificate is sent to a sender server and a receiver server; the certificate comprises a plurality of preset natural numbers in succession;
step 102, receiving a certificate sent by an authentication group server;
step 103, unpacking the certificate to obtain a first reference matrix; any element in the first reference matrix is one of a plurality of preset continuous natural numbers;
104, dividing a first reference matrix into a plurality of first sub-matrices according to a first preset length-width threshold; wherein any two elements in the first sub-matrix are different;
step 105, taking the central elements of all the first submatrices to generate a second reference matrix;
step 106, obtaining host data for hiding ciphertext information and ciphertext information to be hidden;
Step 107, hiding the ciphertext information to the host data by using a first reference matrix, a plurality of first sub-matrices and a second reference matrix to obtain host data with the ciphertext information hidden;
and step 108, sending the host data hiding the ciphertext information to a receiver server.
As can be seen from the flow shown in fig. 1, in the embodiment of the present invention, a certificate is generated by an authentication group server to which a certificate issuing mechanism belongs, where the certificate includes a preset continuous plurality of natural numbers, after a sender server receives the certificate, the certificate is unpacked to obtain a first reference matrix, any element in the first reference matrix is one of the preset continuous plurality of natural numbers, a plurality of first submatrices and second reference matrices are obtained by using the first reference matrix, and ciphertext information is completely hidden into host data by using the first reference matrix, the plurality of first submatrices and the second reference matrix. In this example, the first reference matrix is divided into a plurality of first sub-matrices according to the first preset length-width threshold, any two elements in the first sub-matrices are different, so that the information hiding capacity can be improved, and ciphertext information is completely hidden into host data by using the first reference matrix, the plurality of first sub-matrices and the second reference matrix, so that the risk of information leakage is reduced, and the information hiding confusion and concealment are increased.
The ciphertext transmission method based on information hiding in the embodiment of the invention is explained in detail below.
Firstly, in the embodiment of the present invention, a ciphertext transmission system based on information hiding is provided, fig. 2 is a block diagram of the ciphertext transmission system based on information hiding in the embodiment of the present invention, and as shown in fig. 2, the system includes a Web client 1, a Web service node 1, a Web client 2, a Web service node 2, and an authentication group.
The Web client 1 and the Web client 2 are respectively a sender and a receiver of ciphertext transmission, the Web service node 1 and the Web service node 2 are respectively a sender server and a receiver server of corresponding ciphertext transmission, and are respectively responsible for processing service logic of the respective clients and simultaneously responsible for running an information hiding algorithm. After the information hiding algorithm is operated, both side servers need to initiate authentication requests to the service servers of the authentication group, obtain certificates, and encrypt, decrypt and transmit ciphertext.
The authentication group is a server cluster formed by one or more service servers and a database server, wherein the service servers are responsible for executing encapsulation, authentication and receiving logic of certificates, and the database server is responsible for storing information of both users authorized to communicate. After receiving authentication request of service node needing to use information hiding algorithm to communicate, service server interacts with database server to register or check authentication information, and decides whether to send certificate to service node of both sides.
Fig. 3 is a diagram illustrating a structure of a Web service node in a ciphertext transmission system based on information hiding in an embodiment of the invention, where, as shown in fig. 3, the Web service node includes a registration authentication module 31, a service processing module 32, an information encryption module 33, an information decryption module 34, and a network communication module 35; wherein, the liquid crystal display device comprises a liquid crystal display device,
the registration authentication module 31 is mainly responsible for interaction with an authentication group, when the Web service node is started and determines to use an information hiding function, the registration authentication module 31 sends authentication information of a user to the network communication module 35, submits the authentication information to the authentication group through a special encryption channel and waits for response of the authentication group, and when the authentication group-transmitted certificate is received through the network communication module 35, the certificate is immediately transmitted to the information encryption module 33 and the information decryption module 34, and a message of the information hiding certificate is notified to the service processing module 32;
the service processing module 32 is mainly responsible for the service processing of the Web client, the Web service node generates ciphertext information to be transmitted through the service processing module 32, when the module obtains signals transmitted by the registration authentication module 31, all the ciphertext information to be transmitted can be sent to the information encryption module 33, when the module receives decrypted ciphertext information transmitted by the information decryption module 34, corresponding service logic is selectively executed according to the information content, and the result is transmitted to the network communication module 35;
The information encryption module 33 is mainly responsible for executing an information hiding algorithm, hiding information into a section of multimedia information, and selecting one piece of multimedia information from a database of a Web service node as a host for hiding ciphertext information, including but not limited to pictures, videos, audios, etc., and starting to execute the ciphertext information hiding algorithm after the module receives information to be processed of the service processing module 32 and registers a certificate transmitted by the authentication module 31;
the information extraction module 34 is mainly responsible for ciphertext information extraction and multimedia information reconstruction, and starts to execute a ciphertext information extraction algorithm after receiving ciphertext information transmitted by the network communication module 35 and registering a certificate transmitted by the authentication module 31, and extracts related ciphertext information;
the network communication module 35 is an information gateway of the whole Web service node, and is mainly responsible for communication work between the Web service node and the Web client, authentication group and other Web service nodes, and the module comprises a special encrypted communication channel, is responsible for interaction with the authentication group, and interacts with the Web client and other Web service nodes through a conventional communication channel.
Fig. 4 is a block diagram of an authentication group server in a ciphertext transmission system based on information hiding in an embodiment of the invention, where, as shown in fig. 4, the authentication group includes an authorization management module 41, an information storage module 42, a certificate generation module 43, and a network communication module 44; wherein, the liquid crystal display device comprises a liquid crystal display device,
The authorization management module 41 is mainly responsible for interacting with the information storage module 42, recording, analyzing and verifying information of the two users requesting encrypted communication, and determining whether to grant the two certificates;
the information storage module 42 is mainly responsible for interacting with the authorization management module 41, realizing functions of adding, deleting, modifying, inquiring database information and the like in the database server, and providing data support for the authorization management module 41 to execute certificate authentication logic;
the certificate generation module 43 is mainly responsible for designing and packaging the certificate, and after the authorization management module 41 determines that authorization is granted to both users, the certificate generation module starts to design and package the certificate and transmits the packaged certificate to the network communication module 44;
the network communication module 44 is mainly responsible for receiving user information and sending certificates, and can interact with each Web service node through a special encryption channel in order to ensure the security of certificate transfer.
When the embodiment of the invention is implemented, in step 101, a Web service node 1, i.e. a sender server, firstly sends a certificate acquisition request to an authentication group server to which a certificate authority belongs; the authentication group server receives the certificate acquisition request, analyzes and verifies the information of the sender user and the information of the receiver user, determines to grant certificates of both sides after verification is passed, records the information of both sides, and then sends the certificates to the sender server and the receiver server.
Wherein, at the certificate generation module 43 of the authentication group server, the certificate is generated as follows:
1. permission confirmation: after confirming receipt of the information of approval of the authentication transferred by the authentication management module 41 of the authentication group server, preparing to execute the certificate generation logic;
2. generating a base layer reference matrix: generating a matrix according to a plurality of preset continuous natural numbers, and marking the matrix as a basic layer reference matrix, wherein each element in the basic layer reference matrix is not repeated;
for example, a predetermined number of consecutive natural numbers is 0 to 8, and nine numbers from 0 to 8 are randomly filled into the matrix (each number cannot be repeated), and finally the base layer reference matrix a is formed.
MatrixA schematic:
Figure BDA0004221980010000081
3. matrix expansion: generating a plurality of submatrices by taking each element in the basic layer reference matrix as a central value according to a first preset length-width threshold value, wherein each element in the submatrices is also taken from a preset continuous plurality of natural numbers, and any two elements in the submatrices are ensured to be different;
for example, for the above base layer reference matrix:
3.1 Generating 9 3×3 sub-matrix boxes with each element of matrix a as a central value, the central element of the boxes being denoted box (1, 1);
3.2 For each sub-matrix Box, deleting the same value as the sub-matrix center element Box (1, 1) from the nine numbers from 0 to 8, randomly filling the rest 8 numbers into the matrix (each number cannot be repeated), and arranging all the numbers according to the original position relation of the center element Box (1, 1) to obtain a 9 multiplied by 9 matrix Box;
Box schematic:
Figure BDA0004221980010000091
3.3 Copying the Matrix Box for 85 times in the horizontal direction and the vertical direction respectively to obtain a 258×258 Matrix, deleting two rows and two columns at the periphery to form a 256×256 Matrix, and marking the Matrix as a first reference Matrix.
In step 102, the sender server receives the certificate sent by the certificate group server, and in step 103, step 104 and step 105, the certificate is unpacked, and in contrast to the certificate generation process in the certificate group server, the sender server unpacks the certificate to obtain a first reference matrix; any element in the first reference matrix is one of a plurality of preset continuous natural numbers; dividing a first reference matrix into a plurality of first sub-matrices according to a first preset length-width threshold; wherein any two elements in the first sub-matrix are different; and taking the central elements of all the first submatrices to generate a second reference matrix.
For example, for the first reference Matrix generated by Matrix a at the authentication group server:
step 1, a receiving side server receives a certificate, unpacks the certificate to obtain a 256×256 first reference Matrix, for example, the Matrix is shown in fig. 5, and fig. 5 is a schematic diagram of the first reference Matrix in the embodiment of the present invention;
Step 2, starting from the first element of Matrix, dividing the Matrix into a plurality of small matrixes of 3×3, and recording each element in the first submatrix MatrixBox, matrixBox as Matrix box (i, j);
and 3, taking central elements of all matrix boxes, and arranging according to the position relation of the matrix boxes to which the central elements belong to obtain a new matrix, and marking each element in the second reference matrix MatrixB, matrixB as matrix B (i, j).
Thereafter, in step 106, host data for hiding ciphertext information and ciphertext information to be hidden are acquired. For example, by setting a user at a client, ciphertext information to be hidden is obtained, and host data, video, audio and pictures are obtained from a database of a sender server.
Finally, hiding the ciphertext information to the host data by using a first reference matrix, a plurality of first submatrices and a second reference matrix to obtain host data with the ciphertext information hidden; and sending the host data hiding the ciphertext information to a receiver server.
Taking a 512×512 picture as an example, all pixels are used, the information hiding method according to the embodiment of the invention can hide 830996 binary numbers at most, calculate the hiding capacity according to the following formula, and the hiding capacity can reach 3.17bpp, so that the information hiding capacity can be greatly improved.
Figure BDA0004221980010000101
In the formula, M is the bit number of ciphertext information that a picture can carry, and H, W is the size of the picture.
In one embodiment, hiding the ciphertext information to the host data using the first reference matrix, the plurality of first sub-matrices, and the second reference matrix to obtain host data with the ciphertext information may include:
converting host data into a host data stream P i I is an integer;
the ciphertext information is converted into ciphertext data stream d according to a preset format rule i I is an integer;
the following steps are repeatedly performed until the host data stream P i Based on the whole ciphertext data stream d i The values of the abscissa and the ordinate of the first reference matrix are replaced to obtain a host data stream P with hidden ciphertext information i ′:
From the host data stream P i The preset positions in the sequence of the data pairs (P i ,P i+1 );
Sequentially taking ciphertext data stream d i Continuous data pair (d) i ,d i+1 );
With (P) i ,P i+1 ) In the first position with the abscissa and the ordinateDetermining a first element in the reference matrix;
determining a center element of a first sub-matrix of the first element map;
determining a second element of a second reference matrix mapped by a center element of the first sub-matrix;
taking a second element as a central element in a second reference matrix, and dividing the second reference matrix according to a first preset length-width threshold value to obtain a second sub-matrix;
Find the sum d in the second submatrix i An equal third element;
determining a first sub-matrix mapped by the third element on the first reference matrix;
searching in a first submatrix mapped by a third element in a first reference matrix to obtain a sum d i+1 An equal fourth element, determining the abscissa of the fourth element on the first reference matrix;
the host data stream P i Is a continuous pair of data (P i ,P i+1 ) Replacing the fourth element with a value of the fourth element on the abscissa and the ordinate of the first reference matrix;
let i=i+2;
the sending of the host data hiding the ciphertext information to the recipient server may include:
host data stream P to conceal ciphertext information i ' send to the recipient server.
For example, continuing to generate the first reference Matrix from Matrix a at the authentication group server, and obtaining the first reference Matrix, the plurality of first sub-matrices Matrix box, and the second reference Matrix b:
step 4, converting the host data into a host data stream P i I is an integer, and whether the host is a picture or other formats such as video, the host data is converted into a host data stream to form a host matrix, in this example, the picture is used for illustration;
step 5, converting the ciphertext information into ciphertext data stream d according to a preset format rule i I is an integer; for example, the acquired ciphertext information is converted into binary data stream and then into nine-system dataIf the bit number after conversion into the nine system is odd, the stream is provided with 1 in the last bit;
step 6, taking ciphertext data stream d according to the sequence i Continuous data pair (d) i ,d i+1 ) Two consecutive pixel pairs (P i ,P i+1 );
Step 7, use P i In abscissa, in P i+1 For the ordinate, a unique element can be determined in the first reference Matrix, denoted Matrix (P i ,P i+1 ) And Matrix (P) i ,P i+1 ) It is necessary to map into the Matrix box to which it belongs, and then the coordinates of the central element Matrix box (mbi, mbj) of the Matrix box in the Matrix can be determined:
Figure BDA0004221980010000111
Figure BDA0004221980010000112
step 8, according to the matrix box (mbi, mbj), a second element in the matrix b can be mapped uniquely, and the abscissa of the second element can be calculated according to the following formula, and is denoted as matrix b (bi, bj):
Figure BDA0004221980010000121
Figure BDA0004221980010000122
step 9, dividing a nine-square lattice in the matrix B by taking the matrix B (bi, bj) as a central element, wherein the unique sum d is necessary to exist in the nine-square lattice i The same value, i.e. the third element, takes its coordinates (flagi, flagj), i.e. d i =MatrixB(flagi,flagj)。
Step 10, knowing the relation between Matrix and Matrix B (flagi, flagj) can be uniquely mapped into one of the Matrix boxes and is equal to its center element, which is noted as the Matrix (mbi) 2 ,mbj 2 ) The abscissa value is obtained by the following formula:
mbi 2 =3flagi+1
mbj 2 =3flagj+1
in Matrix (mbi) 2 ,mbj 2 ) Finding the sum d in a matrix box which is a central element i+1 The fourth element is equal, and the abscissa of the fourth element in the first reference Matrix is determined;
step 11, host data stream P i Successive pairs of pixels (P i ,P i+1 ) Replacing the fourth element with the value of the abscissa of the fourth element in the first reference Matrix; at this time, the data pair (d i ,d i+1 ) Finishing hiding;
step 12, let i=i+2, continue to execute steps 6 to 11 until all ciphertext data streams d i Is hidden into the host picture to obtain a host picture with replaced pixels and hidden ciphertext information.
Since the pixel pairs (P i ,P i+1 ) A host picture P hiding ciphertext information at a position mapped in the first reference matrix near a position mapped in the first reference matrix by the fourth pixel i ' and original host picture P i The appearance is not quite different, and the masking performance is good.
In one embodiment, the value of the transverse width of the first reference matrix is not divisible by the first predetermined length-width threshold;
after dividing the first reference matrix into a plurality of first sub-matrices according to the first preset length-width threshold value, the method may further include:
Leaving a plurality of bordered rows or columns in the first reference matrix that cannot be allocated to the first sub-matrix;
for example, when the value of the transverse width of the first reference matrix is 256×256 and the first preset length-width threshold is 3, if the submatrix is divided from the element of the first row and the first column of the first reference matrix, the remaining row and the column cannot be divided into the first submatrix;
then by (P) i ,P i+1 ) Determining a first element in the first reference matrix, on the abscissa, may include:
if the first element is located in a row or column of the first reference matrix that cannot be allocated to the first sub-matrix at the boundary, P i ,P i+1 The first threshold value is subtracted respectively to subtract the data pair (P i ,P i+1 ) The first element is redetermined in the first reference matrix for the abscissa.
For example, when the value of the transverse width of the first reference matrix is 256×256 and the first preset length-width threshold is 3, if the first element is located in the last row or the last column of the first reference matrix, i.e., P i =255 or P i+1 =255, will P i ,P i+1 The value equal to 255 minus 1, which is otherwise equal to 254, and the first element is redetermined in the first reference matrix.
In one embodiment, in the second reference matrix, with the second element as a central element, dividing the second reference matrix according to a first preset length-width threshold value to obtain a second sub-matrix may include:
If the second element is located in one of the first row, the first column, the last row and the last column of the second reference matrix, dividing the second reference matrix into a third sub-matrix according to a first preset length-width threshold, wherein the second element is located in one or any combination of the first row, the first column, the last row and the last column of the third sub-matrix.
When the second element is located in one of the first row, the first column, the last row and the last column of the second reference matrix, the nine-square lattice cannot be marked in the second reference matrix by taking the second element as the center element, for example, the unique sum d can be found in the nine-square lattice where the second element is located i The same value as the third element.
In one embodiment, the certificate has a validity period;
after receiving the certificate sent by the authentication group server, the method may further include:
verifying the validity period of the certificate;
if the valid period of the certificate is expired, a certificate acquisition request is sent to the authentication group server again;
and receiving the certificate retransmitted by the authentication group server.
For example, the authentication group server sets a time control module, after the certificate generation module 43 of the authentication group server generates a certificate, a valid time is set for the certificate, the sender server checks the validity period of the certificate, and after the valid time expires, the time control module of the authentication group server interacts with the authorization management module 41 to request the authorization management module 41 to recheck the authorization authentication condition of the user, and when receiving the certificate acquisition request sent by the sender server, the sender server regenerates the generated certificate. In the embodiment of the invention, the user is supported to carry out ciphertext transmission in the infinite number of times within the certificate validity period, and once the certificate validity period expires, the ciphertext transmission is stopped, so that the safety of ciphertext transmission is improved.
The embodiment of the invention also provides a ciphertext transmission method based on information hiding of the application receiver server. Fig. 6 is a schematic flow chart of a ciphertext transmission method based on information hiding applied to a receiver server according to an embodiment of the invention, and as shown in fig. 6, the method includes:
step 601, receiving a certificate sent by a certificate group server to which a certificate issuing organization belongs; the certificate is generated after the authentication group server verifies and records the information of the user of the sender and the information of the user of the receiver according to the certificate acquisition request sent by the sender server; the certificate comprises a plurality of preset natural numbers in succession;
step 602, unpacking the certificate to obtain a first reference matrix; any element in the first reference matrix is one of a plurality of preset continuous natural numbers;
step 603; dividing a first reference matrix into a plurality of first sub-matrices according to a first preset length-width threshold; wherein any two elements in the first submatrix are different
Step 604, taking the central elements of all the first submatrices to generate a second reference matrix;
step 605, receiving host data of the hidden ciphertext information transmitted by the sender server; the ciphertext information is hidden into the host data through a first reference matrix, a plurality of first submatrices and a second reference matrix;
Step 606, extracting ciphertext information from the host data using the first reference matrix, the plurality of first sub-matrices, and the second reference matrix.
As can be seen from the flow shown in fig. 6, in the embodiment of the present invention, a certificate is generated by an authentication group server to which a certificate issuing mechanism belongs, the certificate includes a preset continuous plurality of natural numbers, after a receiving server receives the certificate, the certificate is unpacked to obtain a first reference matrix, any element in the first reference matrix is one of the preset continuous plurality of natural numbers, and a plurality of first submatrices and second reference matrices are obtained by using the first reference matrix; receiving host data of hidden ciphertext information sent by a sender server; the ciphertext information is hidden into the host data through a first reference matrix, a plurality of first submatrices and a second reference matrix; ciphertext information is extracted from the host data using the first reference matrix, the plurality of first sub-matrices, and the second reference matrix. In this example, the first reference matrix is divided into a plurality of first sub-matrices according to the first preset length-width threshold, any two elements in the first sub-matrices are different, so that the information hiding capacity can be improved, and ciphertext information is completely hidden into host data by using the first reference matrix, the plurality of first sub-matrices and the second reference matrix, so that the risk of information leakage is reduced, and the information hiding confusion and concealment are increased.
In this embodiment, the receiving server receives the certificate sent by the authentication group server and the host data of the hidden ciphertext information sent by the sending server. Firstly, the same processing is carried out on the certificate in accordance with the sender server to obtain a first reference Matrix, a plurality of first sub-Matrix boxes and a second reference Matrix, then, ciphertext information is extracted from the host data using the first reference Matrix, the plurality of first sub-matrices Matrix boxes, and the second reference Matrix.
In one embodiment, extracting ciphertext information from host data using the first reference matrix, the plurality of first sub-matrices, and the second reference matrix may include:
converting host data into a host data stream P i ' i is an integer;
for the host data stream P i ' the following loop operation is performed:
from the host data stream P i The preset positions in' take successive pairs of data (P i ′,P i+1 );
With (P) i ′,P i+1 ) Determining a fourth element d in the first reference matrix i+1 I is an integer;
according to the fourth element d in the first reference matrix i+1 Determining the center element d of the first sub-matrix to which it maps i ,d i And d i+1 Adjacent;
let i=i+2 until all host data streams P are taken up i Ciphertext data stream d hidden in i Ending the cyclic operation;
ciphertext data stream d i And converting the ciphertext information according to a preset format rule.
An example is illustrated:
step 1, host data of the received hidden ciphertext information can be various carriers such as pictures, videos or audios, and the host data are converted into host data streams to form a host matrix, and the pictures are used for illustration in the example;
step 2, two consecutive pixel pairs (P i ′,P i+1 ) In P i ' is the abscissa, in P i+1 For the ordinate, a unique element can be determined in the first reference Matrix, which element is denoted ciphertext information d i+1
Step 3, in the first reference Matrix, d i+1 A first sub-matrix is mapped, and the central element of the first sub-matrix is ciphertext information d i
Step 4, making i=i+2, repeating step 1 to step 3 until all host data streams P are taken out i Ciphertext data stream d hidden in i
Step 5, the nine-system ciphertext data stream d i Converting the encrypted information into a binary data stream, and obtaining ciphertext information according to the binary data stream.
When ciphertext information is extracted, ciphertext hidden when a first element in a receiver server is located in a first reference matrix and cannot be distributed to a row or a column of a first submatrix or a boundary or a second element is located in one of a first row, a first column, a last row and a last column of a second reference matrix may be encountered, and in one embodiment, the value of the transverse width of the first reference matrix cannot be divided by a first preset length-width threshold;
After dividing the first reference matrix into a plurality of first sub-matrices according to the first preset length-width threshold value, the method may further include:
leaving a plurality of bordered rows or columns in the first reference matrix that cannot be allocated to the first sub-matrix;
with (P) i ′,P i+1 ) Determining a fourth element d in the first reference matrix i+1 Comprising:
if the fourth element d i+1 Adjoining bordered rows or columns not assigned to the first sub-matrix, P i ′,P i+1 Respectively adding a first threshold to the data pair (P i ′,P i+1 ) Redefining a fourth element d in the first reference matrix for the abscissa i+1
For example, the first reference matrix has a width-to-width value of 256×256, the first predetermined length-to-width threshold value is 3, and the first reference matrix is used as a pixel pair (P i ′,P i+1 ) When 254 is present and the value of the corresponding 254 in the next pixel pair to be processed becomes 255, this indicates that case 1 is encountered. When the next pixel pair is processed, it is still processed at 254.
If the second element is located in one of the first row, the first column, the last row and the last column of the second reference matrix, the execution accuracy of the ciphertext extraction algorithm is not affected due to the self mechanism of the algorithm in the embodiment of the invention, so that the method is directly executed according to the original information extraction algorithm.
In one embodiment, the certificate has a validity period;
after receiving the certificate sent by the certificate group server to which the certificate authority belongs, the method may further include:
verifying the validity period of the certificate;
if the validity period of the certificate has expired, sending a message to the sender server that the validity period of the certificate has expired, so that the sender server: and re-sending a certificate acquisition request to the authentication group server, and receiving the certificate re-sent by the authentication group server.
For example, the authentication group server sets a time control module, after the certificate generation module 43 of the authentication group server generates a certificate, sets a valid time for the certificate, the receiving server checks the valid period of the certificate, and sends a message that the valid period of the certificate has expired to the sending server after the valid time expires, at the same time, the time control module of the authentication group server interacts with the authorization management module 41, so as to require the authorization management module 41 to recheck the authorization authentication condition of the user, and when receiving the certificate acquisition request sent by the sending server, regenerates the generated certificate. In the embodiment of the invention, the user is supported to carry out ciphertext transmission in the infinite number of times within the certificate validity period, and once the certificate validity period expires, the ciphertext transmission is stopped, so that the safety of ciphertext transmission is improved.
Fig. 7 is a block diagram of an embodiment of a ciphertext transmission method based on information hiding according to an embodiment of the invention, as shown in fig. 7:
step 701, firstly, the Web service nodes of the two communication parties apply certificates to an authentication group through the registration authentication module 31 and the network communication module 35;
step 702, the network communication module 44 of the authentication group monitors the message at any time, and after receiving the request from both parties, confirms, records and verifies the user information of both parties of communication through the authorization management module 41 and the information storage module 42;
step 703, after the authority confirmation is passed, the authentication group starts the certificate generation module 43, sets the valid period field of the certificate to zero, generates the certificate, encapsulates the certificate and issues the certificate according to the certificate generation method in the embodiment of the invention, and transmits the certificate to the Web service nodes of both parties through the special encryption communication channel of the network communication module 44;
step 704, the authentication group setting time control module 44 monitors the certificate validation time all the time, and after the validation time is completed, the process goes to step 702 to continue monitoring; the Web service node receives the certificate, monitors the message through the network communication module 35, and starts the information encryption module 33 or the information extraction module 34 after the client sends a request or receives network information;
Step 705, after receiving the message and the certificate sent by the client a, the Web service node a performs a binary conversion on the message sent by the client a, and selects multimedia data such as an image and a video at the same time, and executes a ciphertext encryption algorithm, that is, a ciphertext transmission algorithm applied to the sender server in the embodiment of the invention, to obtain a ciphertext image of hidden ciphertext information, and transmits the ciphertext image to the Web service node B;
step 706, after receiving the certificate and the ciphertext image, the Web service node B executes a ciphertext decryption algorithm, that is, the ciphertext transmission algorithm applied to the recipient server in the embodiment of the invention, to obtain a ciphertext data stream d i The cipher text data stream d of nine system i And converting the encrypted message into a binary data stream to obtain ciphertext information.
In summary, the embodiment of the invention has the following advantages:
1. the implementation of the invention introduces an information hiding algorithm, which is more fraudulent than normal ciphertext propagation, and can effectively reduce the probability of the ciphertext concerned by virtue of the high concealment after the message is intercepted by an intruder, thereby playing the roles of anti-interception and anti-intrusion.
2. The information hiding algorithm used in the implementation of the invention has larger reserve value on the premise of the same information carrier, the information reserve value can reach 3.17bpp, and the reserve value of the traditional algorithm is 1.58bpp to 2.32bpp, compared with the traditional algorithm, the method in the implementation of the invention is more suitable for the requirements of modern multimedia large data transmission.
The embodiment of the invention also provides a ciphertext transmission device based on information hiding, as described in the following embodiment. Because the principle of the device for solving the problem is similar to that of the ciphertext transmission method based on information hiding, the implementation of the device can refer to the implementation of the ciphertext transmission method based on information hiding, and the repetition is omitted.
Fig. 8 is a schematic structural diagram of a ciphertext transmission device based on information hiding applied to a sender server according to an embodiment of the present invention, where, as shown in fig. 8, the device includes:
a certificate acquisition module 801, configured to send a certificate acquisition request to an authentication group server to which a certificate authority belongs, so that the authentication group server: after the sender user information and the receiver user information are verified and recorded according to the certificate acquisition request, a certificate is generated, and the certificate is sent to a sender server and a receiver server; the certificate comprises a plurality of preset natural numbers in succession;
a first certificate receiving module 802, configured to receive a certificate sent by an authentication group server;
a first certificate processing module 803, configured to perform unpacking processing on a certificate to obtain a first reference matrix; any element in the first reference matrix is one of a plurality of preset continuous natural numbers; dividing a first reference matrix into a plurality of first sub-matrices according to a first preset length-width threshold; wherein any two elements in the first sub-matrix are different; taking the central elements of all the first submatrices to generate a second reference matrix;
A ciphertext and host obtaining module 804, configured to obtain host data for hiding ciphertext information and ciphertext information to be hidden;
an information hiding module 805, configured to hide the ciphertext information to the host data by using a first reference matrix, a plurality of first sub-matrices, and a second reference matrix, to obtain host data with the ciphertext information hidden;
the ciphertext sending module 806 is configured to send host data with the ciphertext information hidden to the recipient server.
In one embodiment, the information hiding module 805 is specifically configured to:
converting host data into a host data stream P i I is an integer;
the ciphertext information is converted into ciphertext data stream d according to a preset format rule i I is an integer;
the following steps are repeatedly performed until the host data stream P i Based on the whole ciphertext data stream d i The values of the abscissa and the ordinate of the first reference matrix are replaced to obtain a host data stream P with hidden ciphertext information i ′:
From the host data stream P i The preset positions in the sequence of the data pairs (P i ,P i+1 );
Sequentially taking ciphertext data stream d i Continuous data pair (d) i ,d i+1 );
With (P) i ,P i+1 ) Determining a first element in a first reference matrix as an abscissa;
determining a center element of a first sub-matrix of the first element map;
Determining a second element of a second reference matrix mapped by a center element of the first sub-matrix;
taking a second element as a central element in a second reference matrix, and dividing the second reference matrix according to a first preset length-width threshold value to obtain a second sub-matrix;
find the sum d in the second submatrix i An equal third element;
determining a first sub-matrix mapped by the third element on the first reference matrix;
searching in a first submatrix mapped by a third element in a first reference matrix to obtain a sum d i+1 An equal fourth element, determining the abscissa of the fourth element on the first reference matrix;
the host data stream P i Is a continuous pair of data (P i ,P i+1 ) The fourth element is replaced by the fourth element in the transverse and longitudinal directions of the first reference matrixValues of coordinates;
let i=i+2;
the ciphertext sending module 806 is specifically configured to:
host data stream P to conceal ciphertext information i ' send to the recipient server.
In one embodiment, the value of the transverse width of the first reference matrix is not divisible by the first predetermined length-width threshold;
the apparatus further comprises:
after the first certificate processing module 803 divides the first reference matrix into a plurality of first sub-matrices according to a first preset length-width threshold, a plurality of rows or columns which cannot be allocated to the first sub-matrices and are at the boundary remain in the first reference matrix; the information hiding module 805 specifically is configured to:
If the first element is located in a row or column of the first reference matrix that cannot be allocated to the first sub-matrix at the boundary, P i ,P i+1 The first threshold value is subtracted respectively to subtract the data pair (P i ,P i+1 ) The first element is redetermined in the first reference matrix for the abscissa.
In one embodiment, the information hiding module 805 is specifically configured to:
if the second element is located in one of the first row, the first column, the last row and the last column of the second reference matrix, dividing the second reference matrix into a third sub-matrix according to a first preset length-width threshold, wherein the second element is located in one or any combination of the first row, the first column, the last row and the last column of the third sub-matrix.
In one embodiment, the certificate has a validity period;
the apparatus further comprises:
a first certificate verification module, configured to verify a validity period of a certificate after the first certificate receiving module 802 receives the certificate sent by the authentication group server;
if the valid period of the certificate is expired, a certificate acquisition request is sent to the authentication group server again;
and receiving the certificate retransmitted by the authentication group server.
Fig. 9 is a schematic structural diagram of a ciphertext transmission device based on information hiding applied to a receiver server according to an embodiment of the present invention, where the device includes:
A second certificate receiving module 901, configured to receive a certificate sent by an authentication group server to which a certificate authority belongs; the certificate is generated after the authentication group server verifies and records the information of the user of the sender and the information of the user of the receiver according to the certificate acquisition request sent by the sender server; the certificate comprises a plurality of preset natural numbers in succession;
a second certificate processing module 902, configured to perform unpacking processing on a certificate to obtain a first reference matrix; any element in the first reference matrix is one of a plurality of preset continuous natural numbers; dividing a first reference matrix into a plurality of first sub-matrices according to a first preset length-width threshold; wherein any two elements in the first sub-matrix are different; taking the central elements of all the first submatrices to generate a second reference matrix;
the ciphertext receiving module 903 is configured to receive host data of the hidden ciphertext information sent by the sender server; the ciphertext information is hidden into the host data through a first reference matrix, a plurality of first submatrices and a second reference matrix;
the ciphertext decrypting module 904 is configured to extract ciphertext information from the host data using the first reference matrix, the plurality of first sub-matrices, and the second reference matrix.
In one embodiment, ciphertext decryption module 904 may be configured to:
converting host data into a host data stream P i ' i is an integer;
for the host data stream P i ' the following loop operation is performed:
from the host data stream P i The preset positions in' take successive pairs of data (P i ′,P i+1 );
With (P) i ′,P i+1 ) Determining a fourth element d in the first reference matrix i+1 I is an integer;
according to the fourth element d in the first reference matrix i+1 Determining the center element d of the first sub-matrix to which it maps i ,d i And d i+1 Adjacent;
let i=i+2 until all host data streams P are taken up i Ciphertext data stream d hidden in i Ending the cyclic operation;
ciphertext data stream d i And converting the ciphertext information according to a preset format rule.
In one embodiment, the value of the transverse width of the first reference matrix is not divisible by the first predetermined length-width threshold;
the apparatus further comprises:
after the second certificate processing module 902 divides the first reference matrix into a plurality of first sub-matrices according to the first preset length-width threshold, a plurality of rows or columns which cannot be allocated to the first sub-matrices and are at the boundary remain in the first reference matrix;
the ciphertext decryption module 904 may be configured to:
if the fourth element d i+1 Adjoining bordered rows or columns not assigned to the first sub-matrix, P i ′,P i+1 Respectively adding a first threshold to the data pair (P i ′,P i+1 ) Redefining a fourth element d in the first reference matrix for the abscissa i+1
In one embodiment, the certificate has a validity period;
the apparatus further comprises:
the second certificate verification module is used for verifying the valid period of the certificate after receiving the certificate sent by the certificate group server to which the certificate issuing organization belongs;
if the validity period of the certificate has expired, sending a message to the sender server that the validity period of the certificate has expired, so that the sender server: and re-sending a certificate acquisition request to the authentication group server, and receiving the certificate re-sent by the authentication group server.
The embodiment of the invention also provides a computer device which comprises a memory, a processor and a computer program stored on the memory and capable of running on the processor, wherein the processor realizes the ciphertext transmission method based on information hiding when executing the computer program.
The embodiment of the invention also provides a computer readable storage medium, wherein the computer readable storage medium stores a computer program, and the computer program realizes the ciphertext transmission method based on information hiding when being executed by a processor.
The embodiment of the invention also provides a computer program product, which comprises a computer program, and the computer program realizes the ciphertext transmission method based on information hiding when being executed by a processor.
In the embodiment of the invention, a certificate is generated by an authentication group server to which a certificate issuing mechanism belongs, the certificate comprises a preset continuous plurality of natural numbers, after a sender server receives the certificate, the certificate is unpacked to obtain a first reference matrix, any element in the first reference matrix is one of the preset continuous plurality of natural numbers, the first reference matrix is utilized to obtain a plurality of first submatrices and second reference matrices, and the first reference matrix, the plurality of first submatrices and the second reference matrix are utilized to completely hide ciphertext information into host data. In this example, the first reference matrix is divided into a plurality of first sub-matrices according to the first preset length-width threshold, any two elements in the first sub-matrices are different, so that the information hiding capacity can be improved, and ciphertext information is completely hidden into host data by using the first reference matrix, the plurality of first sub-matrices and the second reference matrix, so that the risk of information leakage is reduced, and the information hiding confusion and concealment are increased.
In the embodiment of the invention, a certificate is generated by an authentication group server to which a certificate issuing mechanism belongs, the certificate comprises a plurality of preset continuous natural numbers, after a receiving party server receives the certificate, the certificate is unpacked to obtain a first reference matrix, any element in the first reference matrix is one of the plurality of preset continuous natural numbers, and a plurality of first submatrices and second reference matrices are obtained by using the first reference matrix; receiving host data of hidden ciphertext information sent by a sender server; the ciphertext information is hidden into the host data through a first reference matrix, a plurality of first submatrices and a second reference matrix; ciphertext information is extracted from the host data using the first reference matrix, the plurality of first sub-matrices, and the second reference matrix. In this example, the first reference matrix is divided into a plurality of first sub-matrices according to the first preset length-width threshold, any two elements in the first sub-matrices are different, so that the information hiding capacity can be improved, and ciphertext information is completely hidden into host data by using the first reference matrix, the plurality of first sub-matrices and the second reference matrix, so that the risk of information leakage is reduced, and the information hiding confusion and concealment are increased.
It will be appreciated by those skilled in the art that embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The foregoing description of the embodiments has been provided for the purpose of illustrating the general principles of the invention, and is not meant to limit the scope of the invention, but to limit the invention to the particular embodiments, and any modifications, equivalents, improvements, etc. that fall within the spirit and principles of the invention are intended to be included within the scope of the invention.

Claims (21)

1. The ciphertext transmission method based on information hiding is characterized by being applied to a sender server and comprising the following steps:
sending a certificate acquisition request to an authentication group server to which a certificate authority belongs, so that the authentication group server: after the sender user information and the receiver user information are verified and recorded according to the certificate acquisition request, a certificate is generated, and the certificate is sent to a sender server and a receiver server; the certificate comprises a plurality of preset natural numbers in succession;
receiving a certificate sent by an authentication group server;
unpacking the certificate to obtain a first reference matrix; any element in the first reference matrix is one of a plurality of preset continuous natural numbers;
dividing a first reference matrix into a plurality of first sub-matrices according to a first preset length-width threshold; wherein any two elements in the first sub-matrix are different;
taking the central elements of all the first submatrices to generate a second reference matrix;
acquiring host data for hiding ciphertext information and ciphertext information to be hidden;
hiding the ciphertext information to the host data by using a first reference matrix, a plurality of first submatrices and a second reference matrix to obtain host data with the ciphertext information hidden;
And sending the host data hiding the ciphertext information to a receiver server.
2. The method of claim 1, wherein hiding the ciphertext information to the host data using a first reference matrix, a plurality of first sub-matrices, and a second reference matrix to obtain host data for hiding ciphertext information, comprising:
converting host data into a host data stream P i I is an integer;
the ciphertext information is converted into ciphertext data stream d according to a preset format rule i I is an integer;
the following steps are repeatedly performed until the host data stream P i Based on the whole ciphertext data stream d i The values of the abscissa and the ordinate of the first reference matrix are replaced to obtain a host data stream P with hidden ciphertext information i
From the host data stream P i The preset positions in the sequence of the data pairs (P i ,P i+1 );
Sequentially taking ciphertext data stream d i Continuous data pair (d) i ,d i+1 );
With (P) i ,P i+1 ) Determining a first element in a first reference matrix as an abscissa;
determining a center element of a first sub-matrix of the first element map;
determining a second element of a second reference matrix mapped by a center element of the first sub-matrix;
taking a second element as a central element in a second reference matrix, and dividing the second reference matrix according to a first preset length-width threshold value to obtain a second sub-matrix;
Find the sum d in the second submatrix i An equal third element;
determining a first sub-matrix mapped by the third element on the first reference matrix;
searching in a first submatrix mapped by a third element in a first reference matrix to obtain a sum d i+1 An equal fourth element, determining the abscissa of the fourth element on the first reference matrix;
the host data stream P i Is a continuous pair of data (P i ,P i+1 ) Replacing the fourth element with a value of the fourth element on the abscissa and the ordinate of the first reference matrix;
let i=i+2;
sending host data hiding ciphertext information to a recipient server, comprising:
host data stream P to conceal ciphertext information i And sending the message to a receiver server.
3. The method of claim 2, wherein the value of the transverse width of the first reference matrix is not divisible by the first predetermined length-width threshold;
after dividing the first reference matrix into a plurality of first sub-matrices according to the first preset length-width threshold value, the method further comprises:
leaving a plurality of bordered rows or columns in the first reference matrix that cannot be allocated to the first sub-matrix; with (P) i ,P i+1 ) Determining a first element in a first reference matrix for the abscissa, comprising:
if the first element is located in a row or column of the first reference matrix that cannot be allocated to the first sub-matrix at the boundary, P i ,P i+1 The first threshold value is subtracted respectively to subtract the data pair (P i ,P i+1 ) The first element is redetermined in the first reference matrix for the abscissa.
4. The method of claim 3, wherein dividing the second reference matrix with the second element as a center element according to the first preset length-width threshold value to obtain the second sub-matrix comprises:
if the second element is located in one of the first row, the first column, the last row and the last column of the second reference matrix, dividing the second reference matrix into a third sub-matrix according to a first preset length-width threshold, wherein the second element is located in one or any combination of the first row, the first column, the last row and the last column of the third sub-matrix.
5. The method of claim 1, wherein the certificate has a validity period;
after receiving the certificate sent by the authentication group server, the method further comprises the following steps:
verifying the validity period of the certificate;
if the valid period of the certificate is expired, a certificate acquisition request is sent to the authentication group server again;
and receiving the certificate retransmitted by the authentication group server.
6. The ciphertext transmission method based on information hiding is characterized by being applied to a receiver server and comprising the following steps:
Receiving a certificate sent by an authentication group server to which a certificate issuing organization belongs; the certificate is generated after the authentication group server verifies and records the information of the user of the sender and the information of the user of the receiver according to the certificate acquisition request sent by the sender server; the certificate comprises a plurality of preset natural numbers in succession;
unpacking the certificate to obtain a first reference matrix; any element in the first reference matrix is one of a plurality of preset continuous natural numbers;
dividing a first reference matrix into a plurality of first sub-matrices according to a first preset length-width threshold; wherein any two elements in the first sub-matrix are different;
taking the central elements of all the first submatrices to generate a second reference matrix;
receiving host data of hidden ciphertext information sent by a sender server; the ciphertext information is hidden into the host data through a first reference matrix, a plurality of first submatrices and a second reference matrix;
ciphertext information is extracted from the host data using the first reference matrix, the plurality of first sub-matrices, and the second reference matrix.
7. The method of claim 6, wherein extracting ciphertext information from the host data using the first reference matrix, the plurality of first sub-matrices, and the second reference matrix comprises:
Converting host data into a host data stream P i I is an integer;
for the host data stream P i The following loop operation is performed:
from the host data stream P i The preset positions in the sequence of the data pairs (P i ,P i +1 );
With (P) i ,P i +1 ) Determining a fourth element d in the first reference matrix i+1 I is an integer;
according to the fourth element d in the first reference matrix i+1 Determining the center element d of the first sub-matrix to which it maps i ,d i And d i+1 Adjacent;
let i=i+2 until all host data streams P are taken up i Ciphertext data stream d hidden in i Ending the cyclic operation;
ciphertext data stream d i And converting the ciphertext information according to a preset format rule.
8. The method of claim 7, wherein the value of the transverse width of the first reference matrix is not divisible by the first predetermined length-width threshold;
after dividing the first reference matrix into a plurality of first sub-matrices according to the first preset length-width threshold value, the method further comprises:
leaving a plurality of bordered rows or columns in the first reference matrix that cannot be allocated to the first sub-matrix;
with (P) i ,P i +1 ) Determining a fourth element d in the first reference matrix i+1 Comprising:
if the fourth element d i+1 Adjoining bordered rows or columns not assigned to the first sub-matrix, P i ,P i +1 Respectively adding a first threshold to the data pair (P i ,P i +1 ) Redefining a fourth element d in the first reference matrix for the abscissa i+1
9. The method of claim 6, wherein the certificate has a validity period;
after receiving the certificate sent by the certificate group server to which the certificate authority belongs, the method further comprises the following steps:
verifying the validity period of the certificate;
if the validity period of the certificate has expired, sending a message to the sender server that the validity period of the certificate has expired, so that the sender server: and re-sending a certificate acquisition request to the authentication group server, and receiving the certificate re-sent by the authentication group server.
10. A ciphertext transmission device based on information hiding, applied to a sender server, comprising:
the certificate acquisition module is used for sending a certificate acquisition request to the authentication group server to which the certificate issuing organization belongs, so that the authentication group server: after the sender user information and the receiver user information are verified and recorded according to the certificate acquisition request, a certificate is generated, and the certificate is sent to a sender server and a receiver server; the certificate comprises a plurality of preset natural numbers in succession;
The first certificate receiving module is used for receiving the certificate sent by the authentication group server;
the first certificate processing module is used for unpacking the certificate to obtain a first reference matrix; any element in the first reference matrix is one of a plurality of preset continuous natural numbers; dividing a first reference matrix into a plurality of first sub-matrices according to a first preset length-width threshold; wherein any two elements in the first sub-matrix are different; taking the central elements of all the first submatrices to generate a second reference matrix;
the ciphertext and host acquisition module is used for acquiring host data for hiding ciphertext information and ciphertext information to be hidden;
the information hiding module is used for hiding the ciphertext information to the host data by using the first reference matrix, the plurality of first submatrices and the second reference matrix to obtain host data of the hidden ciphertext information;
and the ciphertext sending module is used for sending the host data hiding the ciphertext information to the receiver server.
11. The apparatus of claim 10, wherein the information hiding module is specifically configured to:
converting host data into a host data stream P i I is an integer;
the ciphertext information is converted into ciphertext data stream d according to a preset format rule i I is an integer;
the following steps are repeatedly performed until the host data stream P i Based on the whole ciphertext data stream d i The values of the abscissa and the ordinate of the first reference matrix are replaced to obtain a host data stream P with hidden ciphertext information i
From the host data stream P i The preset positions in the sequence of the data pairs (P i ,P i+1 );
Sequentially taking ciphertext data stream d i Continuous data pair (d) i ,d i+1 );
With (P) i ,P i+1 ) Determining a first element in a first reference matrix as the abscissaA hormone;
determining a center element of a first sub-matrix of the first element map;
determining a second element of a second reference matrix mapped by a center element of the first sub-matrix;
taking a second element as a central element in a second reference matrix, and dividing the second reference matrix according to a first preset length-width threshold value to obtain a second sub-matrix;
find the sum d in the second submatrix i An equal third element;
determining a first sub-matrix mapped by the third element on the first reference matrix;
searching in a first submatrix mapped by a third element in a first reference matrix to obtain a sum d i+1 An equal fourth element, determining the abscissa of the fourth element on the first reference matrix;
the host data stream P i Is a continuous pair of data (P i ,P i+1 ) Replacing the fourth element with a value of the fourth element on the abscissa and the ordinate of the first reference matrix;
Let i=i+2;
the ciphertext sending module is specifically used for:
host data stream P to conceal ciphertext information i And sending the message to a receiver server.
12. The apparatus of claim 11, wherein the value of the transverse width of the first reference matrix is not divisible by the first predetermined length-width threshold;
further comprises:
after the first certificate processing module divides the first reference matrix into a plurality of first sub-matrices according to a first preset length-width threshold value, a plurality of rows or columns which cannot be allocated to the first sub-matrices and are positioned at the boundary remain in the first reference matrix; the information hiding module is specifically used for:
if the first element is located in a row or column of the first reference matrix that cannot be allocated to the first sub-matrix at the boundary, P i ,P i+1 The first threshold value is subtracted respectively to subtract the data pair (P i ,P i+1 ) In the abscissa and ordinate, inThe first element is redetermined in the first reference matrix.
13. The apparatus of claim 12, wherein the information hiding module is specifically configured to:
if the second element is located in one of the first row, the first column, the last row and the last column of the second reference matrix, dividing the second reference matrix into a third sub-matrix according to a first preset length-width threshold, wherein the second element is located in one or any combination of the first row, the first column, the last row and the last column of the third sub-matrix.
14. The apparatus of claim 10, wherein the certificate has a validity period;
further comprises:
the first certificate verification module is used for verifying the valid period of the certificate after the first certificate receiving module receives the certificate sent by the authentication group server;
if the valid period of the certificate is expired, a certificate acquisition request is sent to the authentication group server again;
and receiving the certificate retransmitted by the authentication group server.
15. A ciphertext transmission device based on information hiding, applied to a receiver server, comprising:
the second certificate receiving module is used for receiving the certificate sent by the authentication group server to which the certificate issuing organization belongs; the certificate is generated after the authentication group server verifies and records the information of the user of the sender and the information of the user of the receiver according to the certificate acquisition request sent by the sender server; the certificate comprises a plurality of preset natural numbers in succession;
the second certificate processing module is used for unpacking the certificate to obtain a first reference matrix; any element in the first reference matrix is one of a plurality of preset continuous natural numbers; dividing a first reference matrix into a plurality of first sub-matrices according to a first preset length-width threshold; wherein any two elements in the first sub-matrix are different; taking the central elements of all the first submatrices to generate a second reference matrix;
The ciphertext receiving module is used for receiving host data of the hidden ciphertext information sent by the sender server; the ciphertext information is hidden into the host data through a first reference matrix, a plurality of first submatrices and a second reference matrix;
and the ciphertext decryption module is used for extracting ciphertext information from the host data by utilizing the first reference matrix, the plurality of first submatrices and the second reference matrix.
16. The apparatus of claim 15, wherein the ciphertext decryption module is operable to:
converting host data into a host data stream P i I is an integer;
for the host data stream P i The following loop operation is performed:
from the host data stream P i The preset positions in the sequence of the data pairs (P i ,P i +1 );
With (P) i ,P i +1 ) Determining a fourth element d in the first reference matrix i+1 I is an integer;
according to the fourth element d in the first reference matrix i+1 Determining the center element d of the first sub-matrix to which it maps i ,d i And d i+1 Adjacent;
let i=i+2 until all host data streams P are taken up i Ciphertext data stream d hidden in i Ending the cyclic operation;
ciphertext data stream d i And converting the ciphertext information according to a preset format rule.
17. The apparatus of claim 16, wherein the value of the transverse width of the first reference matrix is not divisible by the first predetermined length-width threshold;
Further comprises:
after the second certificate processing module divides the first reference matrix into a plurality of first sub-matrices according to a first preset length-width threshold value, a plurality of rows or columns which cannot be allocated to the first sub-matrices and are positioned at the boundary remain in the first reference matrix;
the ciphertext decryption module is specifically configured to:
if the fourth element d i+1 Adjoining bordered rows or columns not assigned to the first sub-matrix, P i ,P i +1 Respectively adding a first threshold to the data pair (P i ,P i +1 ) Redefining a fourth element d in the first reference matrix for the abscissa i+1
18. The apparatus of claim 15, wherein the certificate has a validity period;
further comprises:
the second certificate verification module is used for verifying the valid period of the certificate after receiving the certificate sent by the certificate group server to which the certificate issuing organization belongs;
if the validity period of the certificate has expired, sending a message to the sender server that the validity period of the certificate has expired, so that the sender server: and re-sending a certificate acquisition request to the authentication group server, and receiving the certificate re-sent by the authentication group server.
19. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the method of any of claims 1 to 9 when executing the computer program.
20. A computer readable storage medium, characterized in that the computer readable storage medium stores a computer program which, when executed by a processor, implements the method of any of claims 1 to 9.
21. A computer program product, characterized in that the computer program product comprises a computer program which, when executed by a processor, implements the method of any of claims 1 to 9.
CN202310520342.5A 2023-05-09 2023-05-09 Ciphertext transmission method and device based on information hiding Pending CN116366368A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310520342.5A CN116366368A (en) 2023-05-09 2023-05-09 Ciphertext transmission method and device based on information hiding

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310520342.5A CN116366368A (en) 2023-05-09 2023-05-09 Ciphertext transmission method and device based on information hiding

Publications (1)

Publication Number Publication Date
CN116366368A true CN116366368A (en) 2023-06-30

Family

ID=86909967

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310520342.5A Pending CN116366368A (en) 2023-05-09 2023-05-09 Ciphertext transmission method and device based on information hiding

Country Status (1)

Country Link
CN (1) CN116366368A (en)

Similar Documents

Publication Publication Date Title
CN111327620B (en) Data security traceability and access control system under cloud computing framework
CN101719910B (en) Terminal equipment for realizing content protection and transmission method thereof
US20160197939A1 (en) Segment Authentication for Dynamic Adaptive Streaming
JP4596256B2 (en) Transmission / reception system and method, transmission device and method, reception device and method, and program
CN110401818B (en) Safe communication system for power video transmission
JP6069852B2 (en) Information processing apparatus, information processing method, and program
US11259082B2 (en) Systems and methods for data processing, storage, and retrieval from a server
CN101989984A (en) Electronic document safe sharing system and method thereof
CN102427442A (en) Combining request-dependent metadata with media content
CN103873233A (en) Digital film secret key distributing method, device and system based on management website
CN108881186B (en) Compressed sensing encryption method capable of realizing key sharing and error control
CN108881966B (en) Information processing method and related equipment
CN114785524B (en) Electronic seal generation method, device, equipment and medium
CN104753870B (en) a kind of data transmission method and system
KR20210063378A (en) Computer-implemented systems and methods that share common secrets
JP4193380B2 (en) Electronic signature system for stream transfer
US8374340B2 (en) Method for secure transmission of data
US20150023498A1 (en) Byzantine fault tolerance and threshold coin tossing
CN101783925B (en) Method for security protection of video data of set top box for peer-to-peer computing
CN108199836B (en) Method and device for binding and unbinding key and equipment
CN107947915B (en) Anonymous traitor tracing method based on compressed sensing
WO2013129084A1 (en) Information processing device, information processing method, and program
CN110247761B (en) Ciphertext strategy attribute encryption method supporting attribute revocation in lattice manner
WO2013129119A1 (en) Information processing device, information processing method, and program
CN112954388B (en) Data file acquisition method and device, terminal equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination