CN1266616C - Computer encryption unit and encryption method - Google Patents

Computer encryption unit and encryption method Download PDF

Info

Publication number
CN1266616C
CN1266616C CN 02129354 CN02129354A CN1266616C CN 1266616 C CN1266616 C CN 1266616C CN 02129354 CN02129354 CN 02129354 CN 02129354 A CN02129354 A CN 02129354A CN 1266616 C CN1266616 C CN 1266616C
Authority
CN
China
Prior art keywords
ciphertext
value
chaos
encryption
authentication value
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN 02129354
Other languages
Chinese (zh)
Other versions
CN1480851A (en
Inventor
杨斌
阮晓迅
青山信义
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN 02129354 priority Critical patent/CN1266616C/en
Publication of CN1480851A publication Critical patent/CN1480851A/en
Application granted granted Critical
Publication of CN1266616C publication Critical patent/CN1266616C/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Landscapes

  • Storage Device Security (AREA)

Abstract

The present invention relates to a high-speed encryption device based on a chaos theory and an encryption method thereof, which generates the cipher key flow of infinite circulation by the sensitivity dependence of a chaos principle on an initial value and has very high safety. The length of a cipher key required by the encryption method of the high-speed encryption device can be changed, the length of the cipher key can theoretically reach the random length (a recommended range is from 64 to 4096), the initial processed operation of the cipher key causes the subtle change of the cipher key to generate a mutual non-relevant cipher text value, and the present invention can greatly enhance decryption resistance. In a random number stirring method provided by the encryption method of the high-speed encryption device, random information which can not be foreseen is added in an encryption process when a cipher text with the length capable of being changed is obtained, the same plain text can obtain different cipher texts by encrypting every time, and the attack of a cipher can be completely impossible. Additionally, the time of the encryption method of the high-speed encryption device is not changed with the change of the length of the cipher key, and compared with an encryption method with equal strength, the encryption method of the high-speed encryption device has much higher speed. The encryption method of the high-speed encryption device is suitable for various platforms, and the encryption method of the high-speed encryption device also has wide application prospect in communication fields, such as Internet, cellular phones, etc.

Description

Computer encryption device and encryption method thereof
Technical field
The present invention relates generally to the encryption device and the encryption method thereof in computer realm and data communication field, particularly to privately owned before transmission, carry out encryption with private data and receive after be decrypted the data encryption device and the encryption method thereof of processing.
Background technology
Along with the develop rapidly of the Internet, computer and network technologies have become human lives's necessary part.Yet people are enjoying the while easily that computing machine and network bring, and individual's privacy is also constantly encroached on.Therefore, in recent years, computing machine and network security also more and more become one of focal issue of infotech.The network security technologys such as fire wall of computing machine and network arise at the historic moment.Yet these Passive Defence schemes can only work at computing machine and LAN (Local Area Network) inside, and just powerless for the data of the transmission on the Internet.The defence of only taking the initiative is promptly encrypted the transmission data, even information is intercepted and captured also and can't be understood in transmission course, could really reach secret purpose like this.
Contemporary cryptology is just to grow up in nearest decades.Press the characteristics of key, encryption method is divided into DSE arithmetic and asymmetric cryptosystem.So-called DSE arithmetic claims the private key cipher system again, and its encryption key is identical with decruption key or definite easily each other; So-called asymmetric cryptosystem claims public-key cryptosystem again, and its encryption key is different with decruption key, is difficult to release another one from one of them.Divide by cipher mode, the symmetric cryptography method is divided into stream cipher and block cipher.Usually, the private key cipher safety is relatively poor faster for speed; Otherwise the good public key cryptography speed of security is but very slow.
In the practical application, public key cryptography not only has very high security, and the management aspect of key also has its convenience.But because it need carry out extremely complex mathematical calculating to quite long key, speed is very slow, therefore can't be applied to a lot in the very high system of rate request, as Network Transmission, multi-medium data exchange etc.So stream cipher can only be used in these fields.
Therefore, the security of raising stream cipher just becomes very important.Yet the key problem of current stream cipher is its key stream generator and fails to break through limited circulation.Because a word one close method is considered to safe encryption method, so problem just ascribes how to find the key stream generator of realizing infinite loop on the method to.
Like this, the present technique field needs the stream cipher method of the high speed of the infinite loop of realization key on a kind of method.
The chaos Study on Theory that develops rapidly in recent years provides strong theoretical foundation for the key stream of realizing infinite loop.This method satisfied this field in above-mentioned application to the security of encryption method and the demand of efficient.This cryptographic methods has used chaos principle cleverly, and in conjunction with random number stirring and hash function data is carried out at a high speed the encrypt/decrypt of safety again.In addition, the authentication value that obtains in encryption can be done further authentication to ciphered data.
In this cryptographic methods, as follows to the encryption detailed process of any one byte in the plaintext.In the ciphering process, at first choosing certain chaotic function f (), is root with key k, calculates x 0=f N(k), f wherein N+1(k)=f (f n(k)) (reason of doing like this is that chaotic function must could produce the chaos effect after N takes turns iteration), and then with x 0Be the basis, utilize chaotic function f () and plaintext m, be iteration m time, obtain ciphertext c=x m=f m(x 0); In the decrypting process, utilizing same chaotic function f (), is root with identical key k, calculates x 0=f N(k), and then with x 0Be the basis, utilize chaotic function f () to calculate x successively 0, x 1, x 2..., x wherein N+1=f (x n), up to finding certain i, make x i=c (c is the ciphertext value), then plaintext m=i.Like this, utilize the characteristic of chaos principle,, make and do not knowing under the situation of key that the code breaker can't directly solve plaintext value by the ciphertext value promptly to sensitive dependence, unpredictability and the nonreversibility of starting condition.
Yet the part chaotic function situation of the corresponding identical ciphertext of different plaintexts may occur under some specific conditions.Promptly might exist m<n to make f (x m)=f (x n).So, in the process of deciphering, may make mistakes.For example, will obtain c=f (x after the n encryption n) (=f (x m)), during deciphering, when calculating m, find c=f (x m), will think to be m expressly this moment, cause and make mistakes.
In the method, computations is only relevant with a plaintext value, a key value, promptly for same key k and same plaintext m, is bound to draw unique ciphertext c.Such practice is very close with simple classic cryptographic system.Such cryptographic system is easy to crack out key value by the method for statistics, still has hidden danger.
Summary of the invention
The objective of the invention is to propose a kind of, realize the encryption device and the encryption method of stream cipher of high speed of the infinite loop of key based on mixed blunt principle computer encryption device and encryption method.
Another purpose of computer encryption device of the present invention and encryption method thereof is to utilize the method for hash function, and f is modified into function one to one, has guaranteed the certain corresponding different ciphertext value of different plaintexts.
Another purpose of computer encryption device of the present invention and encryption method thereof is also to have added unique random number generator, generate different random seriess before each the encryption, by random number stirring means unique among the present invention, before plaintext, add this random series and expressly encryption together.
Another purpose of computer encryption device of the present invention and encryption method thereof is also to introduce unique key updating device, brings in constant renewal in key stream in encryption, thereby has realized the key stream of infinite loop.
Another purpose of computer encryption device of the present invention and encryption method thereof has been also to set up the authentication method of itself, utilize the intermediate value that produces in each step encryption, progressively obtain authentication value, can reach the purpose of the legitimacy of distinguishing enciphered data by this value.
According to a first aspect of the invention, computer encryption device of the present invention is used for former data are encrypted and the password literary composition is decrypted by forming based on the computer dynamic encryption equipment and the decipher that mix blunt principle, and described encryption equipment comprises:
One encrypts pretreatment unit, generates the ciphertext header;
One initial key reforming unit changes into key stream with primary key;
One random sequence generator generates a string random series;
One random series stirrer utilizes key stream that random series is encrypted, and upgrades key stream simultaneously;
The encryption equipment of one plaintext utilizes key stream to plain text encryption, brings in constant renewal in key stream simultaneously;
One produces the device of authentication value, and final key stream is changed into authentication value; Described decipher comprises:
One deciphering pretreatment unit is obtained the ciphertext header;
One initial key reforming unit changes into key stream with primary key;
One random series purifier utilizes key stream to ciphertext portion's deciphering at random, upgrades key stream simultaneously;
One decrypt ciphertext device utilizes key stream to decrypt ciphertext, upgrades key stream simultaneously; With
The device of one verification authentication value changes into authentication value with final key stream, and with the authentication value of ciphertext relatively.
According to a second aspect of the invention, the described encryption pretreatment unit of the encryption equipment of computer encryption device of the present invention, by the device of determining the encryption equipment version information, obtaining the device of ciphertext header and the device of encryption ciphertext header forms, this device version information comprises version number, and this ciphertext header comprises the ciphertext length of portion and the length of telegram end authentication value at random;
The initial key reforming unit of described encryption equipment, by obtain to every value of key do the arithmetic computing conversion usefulness seed device and comprise that the maker of initial key stream of the encryption equipment of chaotic function forms;
The random sequence generator of described encryption equipment; By the device that obtains the seed of random sequence generator from system, obtain the device of system's random series from system, the renovator of chaos random number generator and seed is formed;
The random series stirrer of described encryption equipment comprises that random series is carried out Chaos encrypts the device that generates the Chaos value;
The encryption equipment of the plaintext of described encryption equipment, by encrypting the device that generates the Chaos value to expressly carrying out Chaos, the Chaos value is converted to the ciphertext converter of ciphertext value, utilizes key stream renovator that the Chaos value upgrades key stream and the authentication value renovator composition that utilizes Chaos value that authentication value is upgraded;
The device of the generation authentication value of described encryption equipment comprises and utilizes the device of Chaos value renewal as the authentication value of the authentication department of ciphertext telegram end;
The deciphering pretreatment unit of described decipher, by the device of obtaining the encryption method version information from the ciphertext header, the device of decrypting ciphertext header and the device of obtaining this ciphertext header are formed, this version information comprises the ciphertext header of ciphertext header, and this ciphertext header comprises the ciphertext length of portion and the length of telegram end authentication value at random;
The initial key reforming unit of described decipher, the device of seed of arithmetic computing is made in conversion to every value of key and the maker of initial key stream is formed by obtaining;
The random series purifier of described decipher, by to ciphertext at random portion carry out the device that Chaos deciphering generates the Chaos value, this device comprises the decipher of the chaotic function of the method for adjustment of using hash function, utilizes the Chaos value to key stream key stream renovator that upgrades and the authentication value renovator composition that utilizes the Chaos value that authentication value is upgraded;
The decrypt ciphertext device of described decipher, decipher the device that generates Chaos value and plaintext by ciphertext being carried out Chaos, utilize the Chaos value key stream key stream renovator that upgrades and the authentication value renovator composition that utilizes the Chaos value that authentication value is upgraded;
The device of the verification authentication value of described decipher by the device of obtaining authentication value from the ciphertext message, utilizes the Chaos value to upgrade the device of authentication value and form by the device of authentication value verification msg legitimacy, and wherein authentication value is the authentication department of ciphertext telegram end.
According to a third aspect of the invention we, in the described encryption equipment of the present invention:
The device of the encryption ciphertext header in the described encryption pretreatment unit comprises the encryption equipment of chaotic function and the adjusting gear of hash function;
Described random sequence generator comprises the random sequence generator that operating system is intrinsic, and described chaos random number generator comprises the encryption equipment and the hash function adjusting gear of chaotic function, and the renovator of described seed comprises the return device of getting to data;
The Chaos encryption equipment device of described random series stirrer comprises the encryption equipment of chaotic function and the adjusting gear of hash function, described ciphertext converter comprises the XOR calculation element to each byte, and described key stream renovator comprises that byte inverted sequence calculation element and the described authentication value renovator of XOR calculation element comprise chaotic function device and totalizer;
The Chaos encryption equipment device of the encryption equipment of described plaintext comprises the encryption equipment of chaotic function and the adjusting gear of hash function, described ciphertext converter comprises the XOR calculation element to each byte, described key stream renovator comprises byte inverted sequence calculation element and XOR calculation element, and described authentication value renovator comprises chaotic function device and totalizer;
The device of the described renewal authentication value of the device of described generation authentication value comprises chaotic function device and totalizer.
The device of the encryption ciphertext header in the described encryption pretreatment unit of computer encryption device comprises the encryption equipment of chaotic function and the adjusting gear of hash function;
According to a forth aspect of the invention, in the described decipher of computer encryption device of the present invention, the device of the decrypting ciphertext header of described deciphering pretreatment unit comprises the encryption equipment of chaotic function and the adjusting gear of hash function;
The maker of the initial key stream of described initial key reforming unit comprises the encryption equipment of chaotic function;
The key stream renovator of described random series purifier comprises byte inverted sequence calculation element and XOR calculation element, and described authentication value renovator comprises chaotic function device and totalizer.
The Chaos decipher of described decrypt ciphertext device comprises the decipher of chaotic function and the adjusting gear of hash function; Described key stream renovator comprises byte inverted sequence calculation element and XOR calculation element; Described authentication value renovator comprises chaotic function device and totalizer;
The device of the renewal authentication value of the device of described verification authentication value comprises chaotic function device and totalizer; The device of described verification msg legitimacy is comparison means by turn.According to a fifth aspect of the invention, a kind of computer encipher method of the present invention is based on computer encipher, the decryption method that former data are encrypted and the password literary composition is decrypted of mixing blunt principle, and described encryption method comprises step:
Encrypt pre-service, generate the ciphertext header;
Initial key transforms, and primary key is changed into key stream;
Random series generates, and generates a string random series;
Random series stirs, and utilizes key stream that random series is encrypted, and upgrades key stream simultaneously;
Encrypting plaintext utilizes key stream to plain text encryption, brings in constant renewal in key stream simultaneously; With
Produce authentication value, final key stream is changed into authentication value; Described decryption method comprises step:
The deciphering pre-service obtains the ciphertext header;
Initial key transforms, and primary key is changed into key stream;
Random series is purified, and utilizes key stream to ciphertext portion's deciphering at random, upgrades key stream simultaneously;
Decrypting ciphertext utilizes key stream to decrypt ciphertext, upgrades key stream simultaneously; With
The verification authentication value changes into authentication value with final key stream, and with the authentication value of ciphertext relatively.
According to a sixth aspect of the invention, be based on computer encipher, the decryption method that former data are encrypted and the password literary composition is decrypted of mixing blunt principle in computer encipher method of the present invention, in the described encryption method, described encryption pre-service comprises the method for determining the encryption method version information, obtain the method for ciphertext header and the method for encrypting the ciphertext header, this version information comprises version number, and this ciphertext header comprises the ciphertext length of portion and the length of telegram end authentication value at random;
Described initial key conversion comprises the method for the adquisitiones and the initial key stream of the seed of changing usefulness, and wherein seed is the arithmetical operation that every value of key is done;
Described random series generates and comprises the method that obtains the seed of random sequence generator from system, obtain the method for system's random series from system, the update method of chaos random digit generation method and seed, wherein seed comprises the system time of microsecond level and current process number and random series comprises the random series that the intrinsic random sequence generator of operating system generates;
Described random series stirs and comprises that random series is carried out Chaos encrypts the method that generates the Chaos value, the Chaos value is converted to the ciphertext conversion method of ciphertext value, utilizes key stream update method that the Chaos value upgrades key stream and the authentication value update method of utilizing the Chaos value that authentication value is upgraded;
Described encrypting plaintext method comprises encrypts the method that generates the Chaos value to expressly carrying out Chaos, the Chaos value is converted to the ciphertext conversion method of ciphertext value, utilizes key stream update method that the Chaos value upgrades key stream and the authentication value update method of utilizing the Chaos value that authentication value is upgraded;
The method of described generation authentication value comprises the method for the method of utilizing the Chaos value to upgrade authentication value and authentication value and the merging of ciphertext value, and wherein authentication value is the authentication department of ciphertext telegram end; In the described decryption method:
Described deciphering preprocess method comprises the method for version information that obtains the ciphertext header that comprises the ciphertext header of encryption method from the ciphertext header, deciphering comprise ciphertext at random the ciphertext header of the length of the length of portion and telegram end authentication value method and obtain the method for this ciphertext header;
Described initial key method for transformation comprises the method for the adquisitiones of changing seed and initial key stream;
Described random series method of purification comprise to ciphertext at random portion carry out the method that Chaos deciphering generates Chaos value, utilize key stream update method that the Chaos value upgrades key stream and the authentication value update method of utilizing the Chaos value that authentication value is upgraded;
Described decrypting ciphertext method comprises that ciphertext is carried out the Chaos deciphering generates Chaos value and method expressly, utilizes the Chaos value to key stream key stream update method of upgrading and the authentication value update method of utilizing the Chaos value that authentication value is upgraded; With
Described verification authentication value method comprises the method that obtains authentication value from the ciphertext message, utilizes the Chaos value to upgrade the method for authentication value and the method by authentication value verification msg legitimacy, and wherein authentication value is the authentication department of ciphertext telegram end.
The computer encipher method is based on computer encipher, the decryption method that former data are encrypted and the password literary composition is decrypted of mixing blunt principle.
According to a seventh aspect of the invention, in the encryption preprocess method of encryption method of the present invention, the method for encrypting the ciphertext header comprises the encryption method of chaotic function and the method for adjustment of hash function.
According to an eighth aspect of the invention, in the initial key method for transformation of encryption method of the present invention, the method for initial key stream comprises the encryption method of chaotic function.
According to a ninth aspect of the invention, in the generation of random series method of encryption method of the present invention, the chaos random digit generation method comprises the encryption method and the hash function method of adjustment of chaotic function, and the update method of seed comprises the inverse approach of getting to data.
According to the tenth aspect of the invention, in the encryption random series method of the described encryption method of computer encipher method of the present invention, the Chaos encryption method comprises the encryption method of chaotic function and the method for adjustment of hash function, the ciphertext conversion method comprises the XOR method to each byte, the key stream update method comprises byte inverted sequence method and XOR method, and the authentication value update method comprises chaotic function and additive operation.
According to an eleventh aspect of the invention, in the encrypting plaintext method of the described encryption method of computer encipher method of the present invention, the Chaos encryption method comprises the encryption method of chaotic function and the method for adjustment of hash function, the ciphertext conversion method comprises the XOR method to each byte, the key stream update method comprises byte inverted sequence method and XOR method, and the authentication value update method comprises chaotic function and additive operation.
According to a twelfth aspect of the invention, in the method for the generation authentication value of the described encryption method of computer encipher method of the present invention, the method for upgrading authentication value comprises chaotic function and additive operation.
According to a thirteenth aspect of the invention, in the deciphering preprocess method of the described decryption method of computer encipher method of the present invention, the method for decrypting ciphertext header comprises the encryption method of chaotic function and the method for adjustment of hash function.
According to a fourteenth aspect of the invention, in the initial key method for transformation of the described decryption method of computer encipher method of the present invention, seed is the arithmetical operation that every value of key is done, and the method for initial key stream comprises the encryption method of chaotic function.
According to a fifteenth aspect of the invention, in the decrypted random sequence of the described decryption method of computer encipher method of the present invention (random series purification) method, the Chaos decryption method comprises the decryption method of chaotic function and the method for adjustment of hash function, the key stream update method comprises byte inverted sequence method and XOR method, and the authentication value update method comprises chaotic function and additive operation.
According to a sixteenth aspect of the invention, in the decrypting ciphertext method of the described decryption method of computer encipher method of the present invention, the Chaos decryption method comprises the decryption method of chaotic function and the method for adjustment of hash function, the key stream update method comprises byte inverted sequence method and XOR method, and the authentication value update method comprises chaotic function and additive operation.
According to a seventeenth aspect of the invention, in the method for the verification authentication value of the described decryption method of computer encipher method of the present invention, the method for upgrading authentication value comprises chaotic function and additive operation, and the method for verification msg legitimacy is for comparing by turn.
According to an eighteenth aspect of the invention, the ciphertext storage form of computer encipher method employing of the present invention comprises the ciphertext header, ciphertext message portion and ciphertext telegram end portion.
According to a nineteenth aspect of the invention, the described ciphertext header of computer encipher method of the present invention comprises version information and ciphertext header, and described ciphertext message portion comprises ciphertext portion and ciphertext portion at random, and described ciphertext telegram end portion comprises authentication value.
Of the present invention is a kind of degree of safety very fast encryption device and encryption method of speed higher the time based on chaology high-speed encryption device and encryption method; it is suitable for being applied in the data transmission procedure that the very high while data volume of safety requirements is very big on the Internet, can be applied in the data protection that Internet goes up communication.In addition, can also be applied in the data protection field of encryption, to the encrypting storing of significant data, file.
Description of drawings
Fig. 1 has provided the block scheme of realizing the general operation frame of encryption method among the present invention;
Fig. 2 has provided the block scheme of realizing the general operation frame of decryption method among the present invention;
Fig. 3 is the functional block diagram that the present invention is used for the composition of employed each module of data encryption process;
Fig. 4 is the functional block diagram that the present invention is used for the composition of employed each module of data decryption process;
Fig. 5-the 1st, the pretreated logical flow chart of the encryption in the ciphering process;
Fig. 5-the 2nd, the pretreated logical flow chart of the deciphering in the decrypting process;
Fig. 6 is the logical flow chart of the initial key converter that in the encryption key literary composition of user input carried out;
Fig. 7 is the structural drawing of the chaos random sequence generator in the ciphering process;
Fig. 7 A is the logical flow chart of the chaos random number generator in the ciphering process;
Fig. 8 is the structural drawing of random series encryption equipment in the ciphering process;
Fig. 8 A is the logical flow chart that the random series encryption equipment is encrypted random series in the ciphering process;
Fig. 9 is the structural drawing of plain text encryption device in the ciphering process;
Fig. 9 A is the logical flow chart of plain text encryption device to expressly encrypting in the ciphering process;
Figure 10 is the structural drawing of random series decipher in the decrypting process;
Figure 10 A is the logical flow chart that the random series decipher is decrypted portion at random in the decrypting process;
Figure 11 is the structural drawing of decrypt ciphertext device in the decrypting process;
Figure 11 A is the logical flow chart that the decrypt ciphertext device is decrypted ciphertext in the decrypting process;
Figure 12 is the structural drawing of form of the ciphertext of this encryption method.
Embodiment
Below in conjunction with accompanying drawing, the system and the method thereof of computer data enciphering of the present invention elaborated.For ease of explanation, as follows to symbol and the ranking regulation that relates in this instructions:
Be M={M expressly 1, M 2..., M 1m, 0≤M i<256, its length is lm; Ciphertext is C={C 1, C 2..., C Lc, 0≤C i<256, its length is lc;
User-defined key literary composition is Key={Key 1, Key 2..., Key Lk, 0≤Key i<256, its length is lk; Key after the conversion is k={k 1, k 2..., k Lk, 0≤k i<256 4, i.e. k iBe 4 byte integer, its length also is lk;
If f () is chaotic function, then f N+1(x)=f (f n(x)) (n>0), f 1(x)=f (x).0≤x<256 wherein 4, 0≤f (x)<256 4
For reaching the chaos effect, iteration some (being N) is inferior in advance to initial value for need before encrypting, and getting N=50 usually can satisfy condition.
In addition, in this encrypting/decrypting method, having for 5 steps has used chaotic function: encrypt that header (fh), random number seed generate (fs), random number generates (fr), encrypt/decrypt random series (fcr), encrypting plaintext/decrypting ciphertext (f), representative function name in its bracket.They represent identical or different chaotic function respectively, all have common chaotic characteristic, as one embodiment of the present of invention, choose f (x)=4x (1-x) as chaotic function.
Fig. 1 explanation provides the general operation frame of realizing encryption method among the present invention.Encryption system 1000 at first comprises encryption equipment 1010, and this encryption equipment comprises each step of encryption flow; Encryption system 1000 also comprises the plaintext 1020 of input, key 1030, and the ciphertext 1040 of output.The encipherer utilizes privately owned key 1030, and expressly 1020 to call encryption equipment, output ciphertext 1040 as input.
Fig. 2 explanation provides the general operation frame of realizing decryption method among the present invention.Decryption system 2000 at first comprises decipher 2010, and this decipher comprises each step of deciphering flow process; Decryption system 2000 also comprises the ciphertext 2020 of input, key 2030, and the plaintext 2040 of output.Deciphering person utilizes privately owned key 2030 (must be identical with encryption key), and calls decipher with ciphertext 2020 as input, output expressly 2040.
Fig. 3 provides the composition and the module map of encrypting module 1100 of the present invention.Generally, the composition shown in Figure 3 and the purpose of module are to utilize key 1030 expressly 1020 to encrypt, thus output ciphertext 1040.
Composition shown in Figure 3 and module are encrypted the plaintext 1020 of input.Encrypting module 1100 comprises encrypts pre-service 1110, at first obtain the version number of encrypting module, and the ciphertext among definite ciphertext a100 length of the a130 of portion and the length of validation value a150 at random, and it is carried out encryption, data encrypted is stored in ciphertext header a120.
Encrypting module 1100 comprises initial key converter 1120, utilizes the chaos formula that the key 1030 of user's input is done conversion, the initial key stream 1380 after the generation conversion.
Encrypting module 1100 comprises random sequence generator 1130, at first utilizes operating system to obtain system information 1410 as seed 1420, obtains system's random series 1430 again as the basis, generates random series 1450 under the effect of chaos random number generator 1440.
Encrypting module 1100 comprises random series encryption equipment 1140, and the initial key stream 1380 that utilizes initial key converter 1120 to obtain is encrypted the random series that random sequence generator 1130 generates, and generates ciphertext portion 1670 at random.Simultaneously, in ciphering process, key stream 1380 is brought in constant renewal in.
Encrypting module 1100 comprises plain text encryption device 1150, utilizes the key stream 1380 that upgrades in random series encryption equipment 1140 ciphering process, to expressly 1020 encrypting, generates ciphertext a140.
Encrypting module 1100 comprises calculating authentication value 1160, in encrypting random series and process expressly, respectively authentication value 1690 and authentication value 1790 is upgraded, and this is worth promptly as authentication value a150.Can be used for enciphered data is carried out the legitimacy authentication.
Fig. 4 provides the composition and the module map of deciphering module 2100 of the present invention.Generally, the composition shown in Figure 4 and the purpose of module are to utilize key 2030 that ciphertext 2020 is decrypted, thus output plaintext 2040.
Composition shown in Figure 4 and module are decrypted the ciphertext 2020 of input.Deciphering module 2100 comprises deciphering pre-service 2110, at first obtain the version number of deciphering module from ciphertext header version information, and, determine the ciphertext length of the a130 of portion and the length of authentication value a150 at random among the ciphertext a100 by ciphertext header a120 is decrypted processing.
Deciphering module 2100 comprises initial key converter 2120, utilizes the chaos formula that the key 2030 of user's input is done conversion, the initial key stream 1380 after the generation conversion.
Deciphering module 2100 comprises random series decipher 2140, utilizes the initial key stream 1380 that initial key converter 2120 obtains, to ciphertext at random portion 1670 be decrypted.Simultaneously, in ciphering process, key stream 1380 is brought in constant renewal in.
Deciphering module 2100 comprises decrypt ciphertext device 2150, utilizes the key stream 1380 that upgrades in random series decipher 2140 decrypting processes, and ciphertext 2020 is decrypted, and generates expressly.
Deciphering module 2100 comprises checks authentication value 2160, in the process of decrypted random sequence and ciphertext, respectively authentication value 2690 and authentication value 2790 is upgraded, and this value and authentication value a150 make comparisons.Can be used for enciphered data is carried out the legitimacy authentication, inequality then illegal.
Fig. 5-the 1st, the pretreated logical flow chart of the encryption in the ciphering process.Mainly comprise and obtain encryption equipment version number 1202 and definite ciphertext minister's degree and authentication value length 1204 two parts at random.It is ready to be treated to following encryption by these two parts.
Step 1220 obtains the version number of this encryption equipment, it is stored among the version information a110 of ciphertext header a160, so that the version that the decision decipher will be taked in decrypting process.
Step 1230 is determined the ciphertext length L R of portion at random according to the user to the requirement of degree of safety and efficient.
Step 1240 is determined the length L T of ciphertext authentication department to the requirement of degree of safety and efficient according to the user.
Step 1250 with the LR of step 1230 generation and the synthetic L of LT of step 1240 generation, is encrypted L then, and the value CL that obtains is as the ciphertext header of ciphertext header.Process is as follows:
(1) initialization array u[256], establish u[i]=false, 0<i<255
(2) calculate w = Σ i Key i (Key iI component for key), x 0=fh 50(w)
(3) j carries out following steps (4) to step (6) repeatedly from 0 to L
(4) calculate x j=fh (x J-1) (when j=0, skipping this step)
(5) search u[xj (mod256) successively], u[xj+1 (mod256)], u[xj+2 (mod256)] ...,, make u[xj+t (mod256) up to finding certain t]=false
(6) make u[xj+t (mod256)]=true
(7) xj+t that finally obtains (mod256) is CL
Step 1260, the CL that step 2250 is obtained is stored in the ciphertext header as the ciphertext header.
Fig. 5-the 2nd, the pretreated logical flow chart of the deciphering in the decrypting process.Mainly comprise from ciphertext and obtain decipher version number 2202 and definite ciphertext minister's degree and authentication value length 2204 two parts at random.It is ready to be treated to following decryption processing by these two parts.
Step 2220 obtains version number to select the decipher of corresponding version from the version information of ciphertext header.
Step 2230 obtains the ciphertext header from the ciphertext header portion of ciphertext header, is CL.
Step 2240 is decrypted the CL that obtains in the step 2230, obtains L, and process is as follows:
(1) initialization array u[256], establish u[i]=false, 0<i<255
(2) calculate w = Σ i Key i (Key iI component for key), x 0=fh 50(w)
(3) j from 0 to 255, carries out following steps (4) repeatedly to step (6)
(4) calculate x j=fh (x J-1) (when j=0, skipping this step)
(5) search u[xj (mod256) successively], u[xj+1 (mod256)], u[xj+2 (mod256)] ...,, make u[xj+t (mod256) up to finding certain t]=false
(6) if CL=xj+t (mod256) forwards (7) to, otherwise makes u[xj+t (mod256)]=true
(7) Ci Shi j is ciphertext header L
Step 2250 extracts the ciphertext length L R of portion at random from L.
Step 2260 extracts the length L T of ciphertext authentication department from L.
Fig. 6 is the logical flow chart of the initial key converter that in the encryption key literary composition of user input carried out.This converter is mainly realized converting the key that the user provides to can be used initial key stream.Removed the relevant information in the user key in the transfer process.
Step 1320-1380 has realized the conversion of stream from the user key to the initial key:
Step 1320, calculating S is the quadratic sum of each byte of initial key:
S = Σ 1 k Ke y n 2
Step 1330, initialization C=S, i=1.
Step 1340-1370 makes conversion process to each component of key stream:
Step 1340 couple C makes conversion C=C (C is that the step-by-step of C is got contrary), t=Keyi.
Step 1350 is calculated C=fs N+t(C).
Step 1360, Ki=C, i=i+1.
Step 1370 judges whether i exceeds the length of key.If not, then forward step 1340 to, continue the next byte of process key; If then forward step 1380 to.
Step 1380 is exported sequence K as initial key stream.
Fig. 7 is the structural drawing of the chaos random sequence generator in the ciphering process.It utilizes some distinctive information of operating system, by the chaos random number generator of uniqueness, generates the random series of one group uniqueness, thereby for realizing that the random series stirring means provides the foundation.
Chaos random sequence generator 1400 comprises system information 1410, obtains the time value of Millisecond and the process number of current process from operating system.And these two values are passed to seed 1420 as the parameter that generates seed.
Chaos random sequence generator 1400 comprises seed 1420, and two values that system information 1410 is generated save as S1 and S2 respectively:
The S1=system time, the S2=process number.
Chaos random sequence generator 1400 comprises system's series 1430 at random, the random series length L R that determines according to step 1230, and utilize the random sequence generator of operating system, generate the random series R that a group length is LR 0, as one group of parameter of chaos random sequence generator 1440.
Chaos random sequence generator 1400 comprises chaos random number generator 1440, utilizes seed 1420 and system's random series 1430 to produce random series 1450.
Chaos random sequence generator 1400 comprises random series 1450, is the random series 1450 that the chaos random number generator produces, and is used to place expressly and encrypts before, thereby realize the random number stirring means.
Chaos random sequence generator 1400 comprises seed renovator 1460, after each generation random number, utilizes current random series that seed 1420 is done to upgrade and handles.
Fig. 7 A is the logical flow chart of the chaos random number generator in the ciphering process.Fig. 7 A has described the concrete treatment scheme of chaos random number generator 1440 in detail.It is a parameter with system's random series 1430 and seed 1420, generates random series 1450, utilizes more new seed 1420 of seed renovator 1460 simultaneously.
Step 1520, time value and process number that system is generated save as seed S 1And S 2:
S 1=system time value, S 2=process number
Step 1530 utilizes the random number generator of system to generate random series R 0, as the parameter of chaos random number generator.
Step 1540, initialization i=0.
Step 1550-1580 is the processing procedure that generates each byte of random series.
Step 1550 is with S 2Be parameter, calculate R i = fr N + R 0 i ( S 1 ) , Promptly obtain the one-component of random series.
Step 1560 is upgraded S 1, S 1 = R i ‾ .
Step 1570, subscript i moves on to next random number: i=i+1.
Step 1580 judges whether subscript i exceeds the length of random series (LR), if not, then forwards step 1550 to, continues to generate next random number; If forward step 1590 to.
Step 1590 is exported the random series R that generates as random series.Form ciphertext with common encryption of plaintext before this random series will be placed in expressly, promptly realize random number stirring means expressly.
Fig. 8 is the structural drawing of random series encryption equipment in the ciphering process.The chaos random series 1590 that chaos random number generator 1500 generates is encrypted, the ciphertext of generation will place ciphertext at random portion as the part of ciphertext.In ciphering process, bring in constant renewal in key stream, make key stream present aperiodicity.Use different key streams when making each encrypting plaintext simultaneously, strengthened anti-cracking greatly.
Random series encryption equipment 1600 comprises key stream 1610, as the carrier of the key stream of infinite loop.
Random series encryption equipment 1600 comprises random series 1620, and this sequence is the random series 1450 that chaos random sequence generator 1400 generates.This random series is the input of Chaos encryption equipment 1630.
Random series encryption equipment 1600 comprises Chaos encryption equipment (random series) 1630, with 1610 parameters of key stream, the random series 1620 of input is carried out bitwise encryption, generates Chaos value 1640.
Random series encryption equipment 1600 comprises Chaos value 1640, and this value is used for producing ciphertext portion at random for Chaos encryption equipment 1630 utilizes the value that obtains after the chaotic function calculating, upgrades authentication value and key stream simultaneously.
Random series encryption equipment 1600 comprises key updating device 1650, with key stream 1610 and Chaos value 1640 parameters, upgrades the value of key stream 1610.
Random series encryption equipment 1600 comprises ciphertext converter 1660, is parameter with the Chaos value, generates ciphertext portion 1670 at random.
Random series encryption equipment 1600 comprises ciphertext portion 1670 at random, the result that ciphertext converter 1660 generates.
Random series encryption equipment 1600 comprises authentication value renovator 1680, is parameter with current authentication value 1690 and Chaos value 1640, upgrades current authentication value 1690.
Random series encryption equipment 1600 comprises authentication value 1690, is used for being added in the authentication value of ciphertext telegram end, the legitimacy of verify data.
Fig. 8 A is the logical flow chart that the random series encryption equipment is encrypted random series in the ciphering process.Fig. 8 A has described the concrete treatment scheme of Chaos encryption equipment 1630 in detail.It produces Chaos value 1640 with 1450 parameters of random series, and then utilizes ciphertext converter 1660 to generate ciphertext portion at random, utilizes key updating device 1650 to upgrade key stream 1610 simultaneously, and utilizes authentication value renovator 1680 to upgrade authentication value.
Step 1720, initialization key flow index p=1, authentication value V=0, i=1.
Step 1730-1780 is the encryption process of random series encryption equipment to each byte of random series:
Step 1730 is a parameter with i byte Ri and p byte Kp of key stream of chaos random series, calculates the Chaos value, and process is as follows:
(1) initialization array u[256] be false,
(2) calculate x 0=fcr N(K p)
(3) j is from 1 to Ri, repeated execution of steps (4) step (6)
(4) calculate x j=fcr (x J-1)
(5) calculate y j=x jEach byte XOR and
(6) search u[yj (mod256) successively], u[yj+1 (mod256)], u[yj+2 (mod256)] ...,, make u[yj+t (mod256) up to finding certain t]=false, make u[yj+t (mod256)]=true
(7) Ci Shi xj is the Chaos value, and yj+t (mod256) is the ciphertext value
Step 1740, step 1730 (7) is random number ciphertext value by the yj+t (mod256) that the Chaos value generates:
CR i=yj+t(mod256)
Step 1750 is a parameter with the Chaos value, utilizes authentication value renovator 1680, upgrades authentication value V:
V=V+fcr (Chaos) wherein Chaos is the Chaos value
Step 1760 is a parameter with the Chaos value, utilizes key updating device 1650, upgrades key stream:
K p=r(K p)Chaos
K p+1=K pChaos
Wherein, represents the XOR method; The operation of r () expression byte inverted sequence (abcd → dcba); Chaos represents the Chaos value.
Step 1770 is upgraded current random number position i=i+1, mobile cryptographic key stream current pointer: p=(p+1) mod lk, and wherein lk is a key length.
Step 1780 judges whether subscript i exceeds the length of random series (LR), if not, then forwards step 1730 to, continues to encrypt next random number; If forward step 1790 to.
Step 1790, the sequence C R that generates in the ciphering process is as ciphertext portion's output at random, and all values and the current pointer p that keep key stream simultaneously also have current authentication value, continue during in order to encrypting plaintext to use.
Fig. 9 is the structural drawing of plain text encryption device in the ciphering process.Plaintext 1820 to user's input is encrypted, and the ciphertext of generation will place the ciphertext a140 part of the ciphertext message a170 of portion.In ciphering process, bring in constant renewal in key stream, make key stream present aperiodicity.Use different key streams when making each encrypting plaintext simultaneously, strengthened anti-cracking greatly.
Plain text encryption device 1800 comprises key stream 1810, as the carrier of the key stream of infinite loop.This key stream has been preserved the value of upgrading in random series encryption equipment 1600 ciphering process.
Plain text encryption device 1800 comprises plaintext 1820, the plaintext that this sequence need be encrypted for the user.This expressly is the input of Chaos encryption equipment 1830.
Plain text encryption device 1800 comprises Chaos encryption equipment (expressly) 1830, with 1810 parameters of key stream, the plaintext of importing 1820 is carried out bitwise encryption, generates Chaos value 1840.
Plain text encryption device 1800 comprises Chaos value 1840, and this value is used for producing ciphertext for Chaos encryption equipment 1830 utilizes the value that obtains after the chaotic function calculating, upgrades authentication value and key stream simultaneously.
Plain text encryption device 1800 comprises key updating device 1850, with key stream 1810 and Chaos value 1840 parameters, upgrades the value of key stream 1810.
Plain text encryption device 1800 comprises ciphertext converter 1860, is parameter with the Chaos value, generates ciphertext 1870.
Plain text encryption device 1800 comprises ciphertext 1870, the result that ciphertext converter 1860 generates.
Plain text encryption device 1800 comprises authentication value renovator 1880, is parameter with current authentication value 1890 and Chaos value 1840, upgrades current authentication value 1890.
Plain text encryption device 1800 comprises authentication value 1890, is used for being added in the authentication value of ciphertext telegram end, the legitimacy of verify data.
Fig. 9 A is the logical flow chart of plain text encryption device to expressly encrypting in the ciphering process.Fig. 9 A has described the concrete treatment scheme of Chaos encryption equipment 1830 in detail.It is a parameter with plaintext 1820 and key stream 1810, produces Chaos value 1840, and then utilizes ciphertext converter 1860 to generate ciphertext a140, utilizes key updating device 1850 to upgrade key streams 1810 simultaneously, and utilizes authentication value renovator 1880 to upgrade authentication values.
Step 1920 keeps key stream pointer p and authentication value V in the random series ciphering process, makes i=1.
Step 1930-1980 is the encryption process of plain text encryption device to each byte expressly:
Step 1930 is a parameter with expressly i byte Mi and p byte Kp of key stream, calculating Chaos value, and process is as follows:
(1) initialization array u[256] be false,
(2) calculate x 0=fcr N(K p)
(3) j is from 1 to Mi, repeated execution of steps (4) step (6)
(4) calculate x j=f (x J-1)
(5) calculate y j=x jEach byte XOR and
(6) search u[yj (mod256) successively], u[yj+1 (mod256)], u[yj+2 (mod256)] ...,, make u[yj+t (mod256) up to finding certain t]=false, make u[yj+t (mod256)]=true
(7) Ci Shi xj is the Chaos value, and yj+t (mod256) is the ciphertext value
Step 1940, step 1930 (7) is the ciphertext value by the yj+t (mod256) that the Chaos value generates:
C i=yj+t(mod256)
Step 1950 is a parameter with the Chaos value, utilizes authentication value renovator 1880, upgrades authentication value V:
V=V+f (Chaos) wherein Chaos is the Chaos value
Step 1960 is a parameter with the Chaos value, utilizes key updating device 1850, upgrades key stream:
K p=r(K p)Chaos
K p+1=K pChaos
Wherein, represents the XOR method; The operation of r () expression byte inverted sequence (abcd → dcba); Chaos represents the Chaos value.
Step 1970 is upgraded current plaintext position i=i+1, mobile cryptographic key stream current pointer: p=(p+1) mod lk, and wherein lk is a key length.
Step 1980 judges whether subscript i exceeds length (lm) expressly, if not, then forwards step 1930 to, continues to encrypt expressly next; If forward step 1990 to.
Step 1990, the sequence C that generates in the ciphering process is exported as ciphertext, simultaneously current authentication value is stored in the telegram end of ciphertext, as the authentication department of ciphertext.
Figure 10 is the structural drawing of random series decipher in the decrypting process.To ciphertext at random the a130 of portion be decrypted.In decrypting process, bring in constant renewal in key stream, make key stream present aperiodicity.Value with key stream returns to and the encrypting plaintext identical state of key stream before simultaneously, so that correct deciphering.
Random series decipher 2600 comprises key stream 2610, as the carrier of the key stream of infinite loop.
Random series decipher 2600 comprises ciphertext portion 2620 at random, and this sequence is the ciphertext a140 of portion at random of ciphertext.This ciphertext portion at random is the input of Chaos decipher 2630.
Random series decipher 2600 comprises Chaos decipher (random series) 2630, with 2610 parameters of key stream, to the ciphertext of input at random portion 2620 decipher by turn, generate Chaos value 2640.
Random series decipher 2600 comprises Chaos value 2640, and this value is used for upgrading authentication value and key stream for Chaos decipher 2630 utilizes the value that obtains after the chaotic function calculating.
Random series decipher 2600 comprises key updating device 2650, with key stream 2610 and Chaos value 2640 parameters, upgrades the value of key stream 2610.
Random series decipher 2600 comprises authentication value renovator 2680, is parameter with current authentication value 2690 and Chaos value 2640, upgrades current authentication value 2690.
Random series decipher 2600 comprises authentication value 2690, is used for comparing the legitimacy of verify data with the authentication value of ciphertext telegram end.
Figure 10 A is the logical flow chart that the random series decipher is decrypted portion at random in the decrypting process.Figure 10 A has described the concrete treatment scheme of Chaos decipher 2630 in detail.It produces Chaos value 2640 with ciphertext 2620 parameters of portion at random, and then utilizes key updating device 2650 to upgrade key streams 2610, utilizes authentication value renovator 2680 renewal authentication values simultaneously.
Step 2720, initialization key flow index p=1, authentication value V=0, i=1.
Step 2730-2780 is the decryption processing process of random series decipher to each byte of random series:
Step 2730, with ciphertext at random portion i byte CRi and p byte Kp of key stream be parameter, calculate the Chaos value, process is as follows:
(1) initialization array u[256] be false,
(2) calculate x 0=fcr N(K p)
(3) j from 1 to 256, repeated execution of steps (4) step (6)
(4) calculate x j=fcr (x J-1)
(5) calculate y j=x jEach byte XOR and
(6) search u[yj (mod256) successively], u[yj+1 (mod256)], u[yj+2 (mod256)],,, make u[yj+t (mod256) up to finding certain t]=false, if yj+t (mod256)=CRi then forwards (7) to, otherwise make u[yj+t (mod256)]=true
(7) Ci Shi xj is the Chaos value
Step 2750 is a parameter with the Chaos value, utilizes authentication value renovator 2680, upgrades authentication value V:
V=V+fcr (Chaos) wherein Chaos is the Chaos value
Step 2760 is a parameter with the Chaos value, utilizes key updating device 2650, upgrades key stream:
K p=r(K p)Chaos
K p+1=K pChaos
Wherein, represents the XOR method; The operation of r () expression byte inverted sequence (abcd → dcba); Chaos represents the Chaos value.
Step 2770 is upgraded current ciphertext with head position i=i+1, mobile cryptographic key stream current pointer: p=(p+1) mod lk, and wherein lk is a key length.
Step 2780 judges whether subscript i exceeds the length (LR) of ciphertext with head, if not, then forwards step 2730 to, continues the next random number of deciphering; If forward step 2790 to.
Step 2790, all values and the current pointer p that keep key stream also have current authentication value, continue during in order to decrypting ciphertext to use.
Figure 11 is the structural drawing of decrypt ciphertext device in the decrypting process.Ciphertext 2820 is decrypted the plaintext of the recovery of generation.In decrypting process, bring in constant renewal in key stream, make key stream present aperiodicity.
Decrypt ciphertext device 2800 comprises key stream 2810, as the carrier of the key stream of infinite loop.
Decrypt ciphertext device 2800 comprises ciphertext 2820, and this sequence is the ciphertext part a140 of ciphertext message.This ciphertext is the input of Chaos decipher 2830.
Decrypt ciphertext device 2800 comprises Chaos decipher (ciphertext) 2830, with 2810 parameters of key stream, the ciphertext 2820 of input is deciphered by turn, generates Chaos value 2840 and plaintext 2870.
Decrypt ciphertext device 2800 comprises Chaos value 2840, and this value is used for upgrading authentication value and key stream for Chaos decipher 2830 utilizes the value that obtains after the chaotic function calculating.
Decrypt ciphertext device 2800 comprises key updating device 2850, with key stream 2810 and Chaos value 2840 parameters, upgrades the value of key stream 2810.
Decrypt ciphertext device 2800 comprises plaintext 2870, the result that Chaos decipher (ciphertext) 2830 generates.
Decrypt ciphertext device 2800 comprises authentication value renovator 2880, is parameter with current authentication value 2890 and Chaos value 2840, upgrades current authentication value 2890.
Decrypt ciphertext device 2800 comprises authentication value 2890, is used for comparing the legitimacy of verify data with the authentication value of ciphertext telegram end.
Figure 11 A is the logical flow chart that the decrypt ciphertext device is decrypted ciphertext in the decrypting process.Figure 11 A has described the concrete treatment scheme of Chaos decipher 2830 in detail.It serves as that input generates plaintext 2870 with ciphertext 2820 and key stream 2810, and produces Chaos value 2840, utilizes key updating device 2850 to upgrade key streams 2810 simultaneously, and utilizes authentication value renovator 2880 to upgrade authentication value.
Step 2920 keeps ciphertext key stream pointer p and the authentication value V in portion's decrypting process at random, makes i=1.
Step 2930-2980 is the decryption processing process of decrypt ciphertext device to each byte of ciphertext:
Step 2930 is a parameter with i byte Ci of ciphertext and p byte Kp of key stream, calculates the Chaos value, and process is as follows:
(1) initialization array u[256] be false,
(2) calculate x 0=fcr N(K p)
(3) j from 1 to 256, repeated execution of steps (4) step (6)
(4) calculate x j=f (x J-1)
(5) calculate y j=x jEach byte XOR and
(6) search u[yj (mod256) successively], u[yj+1 (mod256)], u[yj+2 (mod256)],,, make u[yj+t (mod256) up to finding certain t]=false, if yj+t (mod256)=Ci then forwards (7) to, otherwise make u[yj+t (mod256)]=true
(7) Ci Shi xj is the Chaos value, and j is plaintext value
Step 2940, the j that obtains in the step 2930 (7) promptly run after fame the literary composition value:
M i=j
Step 2950 is a parameter with the Chaos value, utilizes authentication value renovator 2880, upgrades authentication value V:
V=V+f (Chaos) wherein Chaos is the Chaos value
Step 2960 is a parameter with the Chaos value, utilizes key updating device 2850, upgrades key stream:
K p=r(K p)Chaos
K p+1=K pChaos
Wherein, represents the XOR method; The operation of r () expression byte inverted sequence (abcd → dcba); Chaos represents the Chaos value.
Step 2970 is upgraded current ciphertext position i=i+1, mobile cryptographic key stream current pointer: p=(p+1) mod lk, and wherein lk is a key length.
Step 2980 judges whether subscript i exceeds length (lm) expressly, if not, then forwards step 2930 to, continues the next ciphertext of deciphering; If forward step 2990 to.
Step 2990, the sequence M that generates in the decrypting process is as expressly output, simultaneously the authentication value of the telegram end of current authentication value and ciphertext made comparisons, identical then authenticate legal, otherwise illegal.
Figure 12 is the pie graph of the ciphertext form of this encryption method uniqueness.The storage format of having represented the resulting ciphertext value of encrypting plaintext.
Ciphertext form a100 comprises header portion a160.Version information a110 and ciphertext header a120 comprising encryptor/decryptor.
Ciphertext form a100 comprises message part a170.Comprising ciphertext a130 of portion and the a140 of ciphertext portion at random.
Ciphertext form a100 comprises newspaper and is part a180.Comprising authentication value a150.
Of the present invention a kind of be a kind of degree of safety very fast encryption device and encryption method of speed higher the time based on chaology high-speed encryption device and encryption method; it is suitable for being applied in the data transmission procedure that the very high while data volume of safety requirements is very big on the Internet; can be applied in for example data communication under the http protocol of data protection that Internet goes up communication, the data encryption on the virtual individual private talk various network protocols such as (VPN) of ipsec protocol.In addition, can also be applied in the data protection field of encryption, to the encrypting storing of significant data, file.For example, encryption, the ENCRYPTION FOR DATA BASE that is applied in password encryption, file preserved the field.Before can or preserving data in the transmission data, utilize privately owned key, data are encrypted by calling encryption processing module; Before receiving data or reading several getting, utilize identical key, call the decryption processing module data are decrypted.
In sum, will appreciate that provided by the invention a kind ofly based on chaology high-speed encryption device and encryption method, it can be protected fast and effectively to data.Should be understood that foregoing only relates to illustrative example of the present invention, can make various changes to it, and can not deviate from the spirit and scope of the present invention that limit by following claim.

Claims (19)

1, a kind of computer encryption device by forming based on the computer dynamic encryption equipment and the decipher that mix blunt principle, is used for former data are encrypted and the password literary composition is decrypted, and it is characterized in that described encryption equipment comprises:
One encrypts pretreatment unit, generates the ciphertext header;
One initial key reforming unit changes into key stream with primary key;
One random sequence generator generates a string random series;
One random series stirrer utilizes key stream that random series is encrypted, and upgrades key stream simultaneously;
The encryption equipment of one plaintext utilizes key stream to plain text encryption, brings in constant renewal in key stream simultaneously;
One produces the device of authentication value, and final key stream is changed into authentication value; Described decipher comprises:
One deciphering pretreatment unit is obtained the ciphertext header;
One initial key reforming unit changes into key stream with primary key;
One random series purifier utilizes key stream to ciphertext portion's deciphering at random, upgrades key stream simultaneously;
One decrypt ciphertext device utilizes key stream to decrypt ciphertext, upgrades key stream simultaneously; With
The device of one verification authentication value changes into authentication value with final key stream, and with the authentication value of ciphertext relatively.
2. according to the computer encryption device of claim 1, it is characterized in that:
The encryption pretreatment unit of described encryption equipment, by the device of determining the encryption equipment version information, the device of obtaining the device of ciphertext header and encrypting the ciphertext header is formed, and this device version information comprises version number, and this ciphertext header comprises the ciphertext length of portion and the length of telegram end authentication value at random;
The initial key reforming unit of described encryption equipment, by obtain to every value of key do the arithmetic computing conversion usefulness seed device and comprise that the maker of initial key stream of the encryption equipment of chaotic function forms;
The random sequence generator of described encryption equipment; By the device that obtains the seed of random sequence generator from system, obtain the device of system's random series from system, the renovator of chaos random number generator and seed is formed;
The random series stirrer of described encryption equipment comprises that random series is carried out Chaos encrypts the device that generates the Chaos value;
The encryption equipment of the plaintext of described encryption equipment, by encrypting the device that generates the Chaos value to expressly carrying out Chaos, the Chaos value is converted to the ciphertext converter of ciphertext value, utilizes key stream renovator that the Chaos value upgrades key stream and the authentication value renovator composition that utilizes Chaos value that authentication value is upgraded;
The device of the generation authentication value of described encryption equipment comprises and utilizes the device of Chaos value renewal as the authentication value of the authentication department of ciphertext telegram end;
The deciphering pretreatment unit of described decipher, by the device of obtaining the encryption method version information from the ciphertext header, the device of decrypting ciphertext header and the device of obtaining this ciphertext header are formed, this version information comprises the ciphertext header of ciphertext header, and this ciphertext header comprises the ciphertext length of portion and the length of telegram end authentication value at random;
The initial key reforming unit of described decipher, the device of seed of arithmetic computing is made in conversion to every value of key and the maker of initial key stream is formed by obtaining;
The random series purifier of described decipher, by to ciphertext at random portion carry out the device that Chaos deciphering generates the Chaos value, this device comprises the decipher of the chaotic function of the method for adjustment of using hash function, utilizes the Chaos value to key stream key stream renovator that upgrades and the authentication value renovator composition that utilizes the Chaos value that authentication value is upgraded;
The decrypt ciphertext device of described decipher, decipher the device that generates Chaos value and plaintext by ciphertext being carried out Chaos, utilize the Chaos value key stream key stream renovator that upgrades and the authentication value renovator composition that utilizes the Chaos value that authentication value is upgraded;
The device of the verification authentication value of described decipher by the device of obtaining authentication value from the ciphertext message, utilizes the Chaos value to upgrade the device of authentication value and form by the device of authentication value verification msg legitimacy, and wherein authentication value is the authentication department of ciphertext telegram end.
3. according to the computer encryption device of claim 1 or 2, it is characterized in that in the described encryption equipment:
The device of the encryption ciphertext header in the described encryption pretreatment unit comprises the encryption equipment of chaotic function and the adjusting gear of hash function;
Described random sequence generator comprises the random sequence generator that operating system is intrinsic, and described chaos random number generator comprises the encryption equipment and the hash function adjusting gear of chaotic function, and the renovator of described seed comprises the return device of getting to data;
The Chaos encryption equipment device of described random series stirrer comprises the encryption equipment of chaotic function and the adjusting gear of hash function, described ciphertext converter comprises the XOR calculation element to each byte, and described key stream renovator comprises that byte inverted sequence calculation element and the described authentication value renovator of XOR calculation element comprise chaotic function device and totalizer;
The Chaos encryption equipment device of the encryption equipment of described plaintext comprises the encryption equipment of chaotic function and the adjusting gear of hash function, described ciphertext converter comprises the XOR calculation element to each byte, described key stream renovator comprises byte inverted sequence calculation element and XOR calculation element, and described authentication value renovator comprises chaotic function device and totalizer;
The device of the described renewal authentication value of the device of described generation authentication value comprises chaotic function device and totalizer.
4. according to the computer encryption device of claim 1 or 2, it is characterized in that in the described decipher:
The device of the decrypting ciphertext header of described deciphering pretreatment unit comprises the encryption equipment of chaotic function and the adjusting gear of hash function;
The maker of the initial key stream of described initial key reforming unit comprises the encryption equipment of chaotic function;
The key stream renovator of described random series purifier comprises byte inverted sequence calculation element and XOR calculation element, and described authentication value renovator comprises chaotic function device and totalizer.
The Chaos decipher of described decrypt ciphertext device comprises the decipher of chaotic function and the adjusting gear of hash function; Described key stream renovator comprises byte inverted sequence calculation element and XOR calculation element; Described authentication value renovator comprises chaotic function device and totalizer;
The device of the renewal authentication value of the device of described verification authentication value comprises chaotic function device and totalizer; The device of described verification msg legitimacy is comparison means by turn.
5. computer encipher method is based on and mixes blunt principle former data are encrypted and with computer encipher, decryption method that the password literary composition is decrypted, be it is characterized in that described encryption method comprises step:
Encrypt pre-service, generate the ciphertext header;
Initial key transforms, and primary key is changed into key stream;
Random series generates, and generates a string random series;
Random series stirs, and utilizes key stream that random series is encrypted, and upgrades key stream simultaneously;
Encrypting plaintext utilizes key stream to plain text encryption, brings in constant renewal in key stream simultaneously; With
Produce authentication value, final key stream is changed into authentication value; Described decryption method comprises step:
The deciphering pre-service obtains the ciphertext header;
Initial key transforms, and primary key is changed into key stream;
Random series is purified, and utilizes key stream to ciphertext portion's deciphering at random, upgrades key stream simultaneously;
Decrypting ciphertext utilizes key stream to decrypt ciphertext, upgrades key stream simultaneously; With
The verification authentication value changes into authentication value with final key stream, and with the authentication value of ciphertext relatively.
6. according to the computer encipher method of claim 5, it is characterized in that in the described encryption method:
Described encryption pre-service comprises the method for determining the encryption method version information, obtain the method for ciphertext header and the method for encrypting the ciphertext header, this version information comprises version number, and this ciphertext header comprises the ciphertext length of portion and the length of telegram end authentication value at random;
Described initial key conversion comprises the method for the adquisitiones and the initial key stream of the seed of changing usefulness, and wherein seed is the arithmetical operation that every value of key is done;
Described random series generates and comprises the method that obtains the seed of random sequence generator from system, obtain the method for system's random series from system, the update method of chaos random digit generation method and seed, wherein seed comprises the system time of microsecond level and current process number and random series comprises the random series that the intrinsic random sequence generator of operating system generates;
Described random series stirs and comprises that random series is carried out Chaos encrypts the method that generates the Chaos value, the Chaos value is converted to the ciphertext conversion method of ciphertext value, utilizes key stream update method that the Chaos value upgrades key stream and the authentication value update method of utilizing the Chaos value that authentication value is upgraded;
Described encrypting plaintext method comprises encrypts the method that generates the Chaos value to expressly carrying out Chaos, the Chaos value is converted to the ciphertext conversion method of ciphertext value, utilizes key stream update method that the Chaos value upgrades key stream and the authentication value update method of utilizing the Chaos value that authentication value is upgraded;
The method of described generation authentication value comprises the method for the method of utilizing the Chaos value to upgrade authentication value and authentication value and the merging of ciphertext value, and wherein authentication value is the authentication department of ciphertext telegram end; In the described decryption method:
Described deciphering preprocess method comprises the method for version information that obtains the ciphertext header that comprises the ciphertext header of encryption method from the ciphertext header, deciphering comprise ciphertext at random the ciphertext header of the length of the length of portion and telegram end authentication value method and obtain the method for this ciphertext header;
Described initial key method for transformation comprises the method for the adquisitiones of changing seed and initial key stream;
Described random series method of purification comprise to ciphertext at random portion carry out the method that Chaos deciphering generates Chaos value, utilize key stream update method that the Chaos value upgrades key stream and the authentication value update method of utilizing the Chaos value that authentication value is upgraded;
Described decrypting ciphertext method comprises that ciphertext is carried out the Chaos deciphering generates Chaos value and method expressly, utilizes the Chaos value to key stream key stream update method of upgrading and the authentication value update method of utilizing the Chaos value that authentication value is upgraded; With
Described verification authentication value method comprises the method that obtains authentication value from the ciphertext message, utilizes the Chaos value to upgrade the method for authentication value and the method by authentication value verification msg legitimacy, and wherein authentication value is the authentication department of ciphertext telegram end.
7. according to the computer encipher method of claim 5 or 6, it is characterized in that in the encryption preprocess method of described encryption method that the method for encrypting the ciphertext header comprises the encryption method of chaotic function and the method for adjustment of hash function.
8. according to the computer encipher method of claim 5 or 6, it is characterized in that in the initial key method for transformation of described encryption method that the method for initial key stream comprises the encryption method of chaotic function.
9. according to the computer encipher method of claim 5 or 6, it is characterized in that in the generation of random series method of described encryption method, the chaos random digit generation method comprises the encryption method and the hash function method of adjustment of chaotic function, and the update method of seed comprises the inverse approach of getting to data.
10. according to the computer encipher method of claim 5 or 6, it is characterized in that in the random series stirring means of described encryption method, the Chaos encryption method comprises the encryption method of chaotic function and the method for adjustment of hash function, the ciphertext conversion method comprises the XOR method to each byte, the key stream update method comprises byte inverted sequence method and XOR method, and the authentication value update method comprises chaotic function and additive operation.
11. computer encipher method according to claim 5 or 6, it is characterized in that in the encrypting plaintext method of described encryption method, the Chaos encryption method comprises the encryption method of chaotic function and the method for adjustment of hash function, the ciphertext conversion method comprises the XOR method to each byte, the key stream update method comprises byte inverted sequence method and XOR method, and the authentication value update method comprises chaotic function and additive operation.
12., it is characterized in that in the method for generation authentication value of described encryption method, the method for upgrading authentication value comprises chaotic function and additive operation according to the computer encipher method of claim 5 or 6.
13., it is characterized in that in the deciphering preprocess method of described decryption method, the method for decrypting ciphertext header comprises the encryption method of chaotic function and the method for adjustment of hash function according to the computer encipher method of claim 5 or 6.
14., it is characterized in that in the initial key method for transformation of described decryption method that seed is the arithmetical operation that every value of key is done according to the computer encipher method of claim 5 or 6, the method for initial key stream comprises the encryption method of chaotic function.
15. computer encipher method according to claim 5 or 6, it is characterized in that in the random series method of purification of described decryption method, the Chaos decryption method comprises the decryption method of chaotic function and the method for adjustment of hash function, the key stream update method comprises byte inverted sequence method and XOR method, and the authentication value update method comprises chaotic function and additive operation.
16. computer encipher method according to claim 5 or 6, it is characterized in that in the decrypting ciphertext method of described decryption method, the Chaos decryption method comprises the decryption method of chaotic function and the method for adjustment of hash function, the key stream update method comprises byte inverted sequence method and XOR method, and the authentication value update method comprises chaotic function and additive operation.
17. according to the computer encipher method of claim 5 or 6, it is characterized in that in the method for verification authentication value of described decryption method, the method for upgrading authentication value comprises chaotic function and additive operation, the method for verification msg legitimacy is for comparing by turn.
18. according to the computer encipher method of claim 5 or 6, it is characterized in that resulting ciphertext value in the step of described encrypting plaintext, its storage format comprises the ciphertext header, ciphertext message portion and ciphertext telegram end portion.
19. according to the computer encipher method of claim 18, it is characterized in that described ciphertext header comprises version information and ciphertext header, described ciphertext message portion comprises ciphertext portion and ciphertext portion at random, described ciphertext telegram end portion comprises authentication value.
CN 02129354 2002-09-04 2002-09-04 Computer encryption unit and encryption method Expired - Fee Related CN1266616C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN 02129354 CN1266616C (en) 2002-09-04 2002-09-04 Computer encryption unit and encryption method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN 02129354 CN1266616C (en) 2002-09-04 2002-09-04 Computer encryption unit and encryption method

Publications (2)

Publication Number Publication Date
CN1480851A CN1480851A (en) 2004-03-10
CN1266616C true CN1266616C (en) 2006-07-26

Family

ID=34144126

Family Applications (1)

Application Number Title Priority Date Filing Date
CN 02129354 Expired - Fee Related CN1266616C (en) 2002-09-04 2002-09-04 Computer encryption unit and encryption method

Country Status (1)

Country Link
CN (1) CN1266616C (en)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1815948B (en) * 2005-06-30 2010-04-28 西南交通大学 Chaotic-hash structuring method based composite non-linear digital wave-filter
CN1909447B (en) * 2005-08-03 2010-04-28 盛大计算机(上海)有限公司 Method for network data communication by using dynamic encryption algorithm
CN101216868A (en) * 2007-01-05 2008-07-09 李树德 Method and system for encrypting by using chaotic cipher stream
CN101232367B (en) * 2008-01-23 2010-06-30 黑龙江大学 Chaos encrypting and decrypting method without multiply and divide of chaos function and circuit thereof
CN103973427B (en) * 2013-08-27 2017-12-08 哈尔滨理工大学 Encryption method based on virtual computing and data-optimized Chaotic Parallel data
CN106611130A (en) * 2016-12-29 2017-05-03 北京奇虎科技有限公司 File processing method and device
CN109327466B (en) * 2018-11-16 2021-08-06 广州创想云科技有限公司 Data encryption transmission method, electronic equipment and storage medium
CN109347862A (en) * 2018-11-21 2019-02-15 安徽云融信息技术有限公司 A kind of personal information data encryption processing system and method
CN117857078B (en) * 2023-11-23 2024-06-11 烟台新韦达智慧科技有限公司 Variable-length hybrid dynamic transmission encryption and decryption method and device

Also Published As

Publication number Publication date
CN1480851A (en) 2004-03-10

Similar Documents

Publication Publication Date Title
CN1203431C (en) Encipher decipher devices and device for producing expanded key, method and recording medium therefor
CN1124545C (en) High-speed cryptographic processing apparatus, cryptographic processing method, and storage medium
CN1125407C (en) Information processing apparatus, information processing method, information processing system and recording medium
CN1266876C (en) Data communication system, encryption device and deciphering device
CN1282324C (en) Device and method for data encipher
CN1147087C (en) Encrypting device for guaranteeing communication safety between apparatus
CN1182475C (en) Information processing apparatus, information processing method, information processing system and recording medium
CN1272929C (en) Encryption/decryption method and identification method and device using multi affine cryptographic key system
CN1242587C (en) Method and apparatus for robust high-speed cryptosystem
CN1312630A (en) Encryption apparatus based on block encryption type, its method and decoding device and method thereof
CN1822538A (en) Ciphering method, ciphering device, deciphering method and deciphering device
CN1921382A (en) Encrypting-decrypting method based on AES algorithm and encrypting-decrypting device
CN1879138A (en) Encryption device, encryption method, and computer program
CN1714377A (en) Pseudo-random number generation method and pseudo-random number generator
CN1871810A (en) Authentication system, and remotely distributed storage system
CN1235446A (en) Elliptical curve converting device and device and system for use thereof
CN1396568A (en) Digital works protection system, recording medium device, transmission device and playback device
CN1714542A (en) Identification information protection method in WLAN interconnection
CN1266616C (en) Computer encryption unit and encryption method
CN1518268A (en) Common secret key changing method and communication equipment
CN1886713A (en) Confidential information processing system and lsi
CN1909449A (en) Method, apparatus, and program for processing information
CN1695340A (en) Data processing method, its program, and its device
CN1381782A (en) Information security device, prime genrating device and prime genrating method
CN1925390A (en) Practical unexposed public key encrypting system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
C19 Lapse of patent right due to non-payment of the annual fee
CF01 Termination of patent right due to non-payment of annual fee