KR100709758B1 - Mixed encryption system - Google Patents

Abstract

The present invention relates to an encryption system, and more particularly, to a hybrid encryption system capable of performing an authentication function of an asymmetric encryption system using a symmetric encryption system. The hybrid encryption system generates a pseudo random number, converts the pseudo random number to generate authentication data, and generates first data by mixing the pseudo random number and arbitrary data extracted from the pseudo random number with plain text to be encrypted to generate key data. Means and a second encrypting means for encrypting the plain text with key data generated by the first encrypting means, the receiving end combining the cipher text generated by the second encrypting means and the authentication data generated by the first encrypting means. It characterized in that the transmission.

Description

Mixed encryption system {Mixed encryption system}

1 is a block diagram showing the configuration of a hybrid encryption system according to the present invention.

FIG. 2 is a detailed view of the first encryption means in FIG. 1.

3 is a detailed view of a pseudo random number generator of FIG. 2.

4 is a diagram for describing a data converter of FIG. 2.

FIG. 5 is a data format diagram output from the data format unit of FIG. 2.

6 is a detailed view of the mixing unit in FIG. 2.

FIG. 7 is a detailed view of the data calculator of FIG. 2.

FIG. 8 is a detailed view of the second encryption means in FIG. 1.

9 is a detailed view of an operation unit of FIG. 8.

The present invention relates to an encryption system, and more particularly, to a hybrid encryption system capable of performing an authentication function of an asymmetric encryption system using a symmetric encryption system.

The rapid development of telecommunications and networks has formed the mainstream of the global technology flow as a national infrastructure industry. These telecommunications and networks have created an information technology (IT) industry, which requires encryption technology to protect information. However, since IT requires real-time processing of data and large data transfer, it becomes difficult to process real-time and large data when it is encrypted. Therefore, many researches are currently underway to solve such problems.

Currently used cryptographic algorithm has the following problems to provide satisfactory service for rapidly developing IT and network users.

Compared to the asymmetric type, the symmetric cryptography system has a higher processing speed and the processing time is determined by the data capacity, and generally has a transmission rate of several hundred Mbps. However, as the number of users increases, the number of keys to be processed increases, which is very disadvantageous in a network environment. In addition, there is a disadvantage that the treatment speed is lowered if the ratio is increased.

In contrast, the asymmetric encryption system has a low processing speed of several hundred Kbps, but it has the advantage of being suitable for the network environment because it performs encryption by exposing a part of the use key. However, the asymmetric cryptographic system has a lower processing speed than the symmetric cryptographic system, and thus the application is limited.

The technical problem to be achieved by the present invention is to provide a hybrid encryption system for encrypting data using the processing speed of the symmetric encryption system and the authentication function of the asymmetric encryption system.

The hybrid encryption system for solving the technical problem to be achieved by the present invention generates a pseudo-random number, converts the pseudo-random number to generate authentication data, and the plain text to encrypt with the pseudo-random and any data extracted from the pseudo-random number First encryption means for mixing the generated key data; And second encryption means for encrypting the plain text with key data generated by the first encryption means, wherein the cipher text generated by the second encryption means and the authentication data generated by the first encryption means are combined to the receiving end. Characterized in that the transmission.

Hereinafter, with reference to the accompanying drawings will be described in detail the present invention.

1 is a block diagram showing a configuration of a hybrid encryption system according to the present invention, comprising a first encryption means 100 operating by an asymmetric encryption algorithm and a second encryption means 110 operating by a symmetric encryption algorithm. do. The first encryption means 100 generates a pseudo random number, converts the pseudo random number to generate the authentication data (A), mixes arbitrary data extracted from the pseudo random number and the pseudo random number, and the plaintext (X) to be encrypted. Generate data K. The second encryption means 110 encrypts the plain text X with the key data generated by the first encryption means 100. The data Y combined with the cipher text generated by the second encryption means 110 and the authentication data generated by the first encryption means 100 is transmitted to the receiving end through the transmission medium.

FIG. 2 is a detailed view of the first encryption means 100 of FIG. 1, which includes a pseudo random number generation unit 100-1, a first data extraction unit 100-2, a second data extraction unit 100-3, Data conversion unit 100-4, data format unit 100-5, buffer 100-6, interface unit 100-7, mixing unit 100-8, data operation unit 100-9 and data It consists of the output part 100-10.

The pseudo random number generating unit 100-1 generates a pseudo random number using the generated polynomial, and divides the block into eight blocks of 16 bits. The pseudo random number generator 100-1 includes 16 linear feedback shift registers (LFSRs) including eight stages.

The generated polynomial used in the present invention is shown in Equation (1).

In the generated polynomial of Equation 1, the tap coefficient g ₁ = g ₆ = g ₈ = 1 is satisfied and all initial tap coefficient values except 0 are used.

In the present invention, only the most significant bit (MSB) and least significant bit (LSB) of Equation 1 are used. In general, the random number generation period of the pseudo random number generator 100-1 is expressed as 2 ^m −1, where the larger the value and the longer the period, the safer the linear characteristic. Therefore, the pseudo-random number generation unit 100-1 having a long m value is designed, which has good characteristics in terms of safety, but the processing time is long in proportion to the cycle, and especially in a synchronous system, it takes a long time to acquire a synchronization whenever an error occurs. Loss has its drawbacks. Therefore, in the present invention, rather than using all pseudorandom numbers existing in one cycle, the initial random number is used for encryption to reduce the cycle time for the periodic system. That is, the pseudo-random output Z _m that is output when the time passes for the initial value of the LFSR is used as the output of the LFSR.

FIG. 3 is a detailed view of the pseudo random number generator 100-1, which is designed using the same number of eight 8-stage LFSR generators. The LFSR generator 100-11 to the fifteenth LFSR generator 100 are the same. Up to -12) use the same generation polynomial. The output sequence up to 8T after the initial input is applied has all 128 bits.

The first data extractor 100-2 extracts an MSB for each of 8 bits from a 128-bit output sequence output from the pseudo random number generator 100-1 and stores a total of 16 bits of MSB.

The second data extractor 100-3 extracts the LSB for each of the 8 bits from the 128-bit output sequence output from the pseudo random number generator 100-1 and stores 16 LSBs in total.

The data converter 100-4 formats the 128-bit data output from the pseudo random number generator 100-1, outputs the mixed data to the mixer 100-8, and generates 16-bit authentication data A. The 32-bit data is output to the data format unit 100-5 by performing logical operation on the data generated when the authentication data is generated.

FIG. 4A shows a 128-bit output sequence output from the pseudo random number generator 100-1, and FIG. 4B shows a 16-bit authentication data A generated and outputted to the data format unit 100-5. A diagram for explaining data generation of bits.

The 128-bit data shown in FIG. 4A is expressed as a matrix.

In order to treat data for the diagonal matrix in the matrix of Equation 2 as separate data, data formatting is performed as shown in FIG. 4B. Separate data created at this time is rect and orth. Each data has a size of 16 bits and extracts only the diagonal of the square matrix for the 128-bit incoming data to facilitate the restoration and generation of data values for rect and orth.

  In order to extract the diagonal values of the square matrix, the rect and orth values are extracted by dividing the two blocks by 64 bits in Equation (2). Equation 3 represents two separate blocks.

Here, the range of the two blocks is shown in Equation 4.

Here, ax + bx is used as an input of the mixing unit 100-5, and rect a and b and orth a and b generate and output 16-bit authentication data A by performing an exclusive OR operation, and rect a And b and orth a and b are simply combined to output 32-bit data to the data format unit 100-8.

The data format unit 100-5 performs a formatting function for newly relocating data for 8T time with respect to the pseudo random number generated by the pseudo random number generator 100-1. The data format unit 100-5 may include 32-bit data (A DATA in FIG. 5) output from the data converter 100-4 and 16-bit MSB data (output from the first data extractor 100-2). A new 64-bit key sequence is generated from the 16-bit LSB data (C DATA in FIG. 5) output from B DATA of FIG. 5 and the second data extracting unit 100-3.

128 bits of the plain text (X, input data) are input to the mixing unit 100-8 through the buffer 100-6 and the interface unit 100-7.

The mixing unit 100-8 uses a 128-bit plain text input through the interface unit 100-7 and a pseudo-random 128-bit output from the data converting unit 100-4 to extend an ID that can be used for the encryption key. The mixture is output to the data operation unit 100-9.

FIG. 6 is a detailed view of the mixing unit 100-8 in FIG. 2, and includes an exclusive OR operation unit 100-81 and a data replacing unit 100-82.

The mixing unit 100-8 divides the plain text (input data) 128 bits into eight blocks of 16 bits each, and divides the 128-bit key sequence outputted from the data converter 100-4 into eight blocks of 16 bits. Split into

When the set of plain text is I and the set of output data of the data converter 100-4 is K, the expressions of I and K are expressed by Equation 5.

In Equation 5, i and k are stream data each consisting of 16 bits. For each block, when the result calculated by the exclusive OR operation unit 100-81 is M, the input data on which the exclusive OR operation is performed are expressed as in Equation (6).

In Equation 6, since M is also a 16-bit 8 block, it has the same sequence as in Equation 7.

Substituting Equation 5 into Equation 6 results in Equation 8.

The data substitution unit 100-82 transposes the matrix for Equation 8, and this is expressed as Equation 9 in terms of the transpose matrix.

The 64 bits generated through the above operation are input to the data operation unit 100-9.

The data operation unit 100-9 generates new block data by calculating a 64-bit output from the mixing unit 100-8 and a 64-bit output from the data format unit 100-5. 7 is a detailed view of the data calculating unit 100-9 and includes a first logical calculating unit 100-91, a second logical calculating unit 100-92, and a data combining unit 100-93.

The first logical operation unit 100-91 exclusively ORs the upper 32 bits of the 64 bits output from the data format unit 100-5 and the upper 32 bits of the 64 bits output from the mixing unit 100-8. It computes and outputs 32 bits of data.

The second logic operation unit 100-92 exclusively performs the lower 32 bit data of the 64 bits output from the data format unit 100-5 and the lower 32 bit data of the 64 bits output from the mixing unit 100-8. It performs a mismatch operation and outputs 32 bits of data.

The data combiner 100-93 combines the 32-bit data output from the first logic operator 100-91 and the 32-bit data output from the second logic operator 100-92 to output 64-bit data. .

The data output unit 100-10 generates key data K by combining the 64-bit data output from the data operation unit and the 16-bit authentication data output from the data conversion unit 100-4 to generate key data K. Output to (110).

8 is a detailed view of the second encryption means 110 in FIG. The technique used in the second encryption means 110 is a Feistel structure or a Substitution and permutation network (SPN) structure. The encryption method of the second encryption means 110 performs a certain number of iterations until the basic stability is obtained for one round. On the other hand, the encryption method of the first encryption means 100 has a LFSR period characteristic close to an infinite sequence in order to obtain the existing stability. However, an increase in repetition or an increase in the length of the LFSR period is a factor that degrades the efficiency of the symmetric cryptosystem. Therefore, the second encryption means 110 sets the stage length of the LFSR to a constant size using a single round without repetition, and can actually generate a very long cycle sequence using a plurality of set LFSRs.

The detailed view of the second encryption means 110 shown in FIG. 8 takes almost the same form as a general Feistel structure, and performs initial substitution in the substitution unit 110-1 for 128-bit input data as shown in Equation 10. After performing the internal operation using the key data K output from the first encryption means 100 and the operation result of the operation unit 110-3, the initial substitution result is alternately outputted.

Equation 10 is the same as the general Feistel structure, but there is no i parameter for iteration, but only equations for before and after. Here, the input 128 bits are separated by left and right 64 bits after initial substitution in the substitution unit 110-1.

The right 64 bits of the left and right 64 bits are shifted to the left, and the left 64 bits are subjected to the operation of the key data K and the operation unit 110-3 and then the operation of the exclusive OR operation unit 110-3. To the right. After performing this operation, the reverse initial replacement unit 110-1 performs reverse initial replacement and then outputs encrypted data.

8 and Equation 10 are performed only for one round, because the operation unit 110-3 performs encryption using the key data K input from the first encryption means 100. It is because it can be raised even higher. Determination of the ratio of the operation unit 110-3 is critically affected by expansion, rearrangement, and substitution. Such expansion, rearrangement, and substitution are determined by a predetermined table. The initial and reverse initial substitutions, which must be determined first, are performed on input and output 128 bits.

Hybrid encryption systems use an efficient linear transformation that mixes nonlinear operations with as many different data bits as possible, as well as nonlinear operations, to resist various statistical analysis methods. The reason for using a mixture of linear and nonlinear operations is because the probability of success in the DC and LC cryptographic analysis, which is a cryptographic technique, depends in large part on how the linear transformation is used. Therefore, we implemented the concept of bit permutation and matrix among the most widely used linear transformations to implement a hybrid encryption system.

FIG. 9 is a detailed view of the calculator 110-3 in FIG. 8. The data expander 110-31, the exclusive-OR calculator 110-32, the data compressor 110-33, and the S-box 110 are illustrated in FIG. 8. -34), expansion / replacement portion (110-35).

The data expansion unit 110-31 is a linear encryption block used to increase the degree of secretion by matching the number of bits between the key data and the divided right data as an expansion rearrangement function. The key data has a size of 80 bits, and the divided right data has a size of 64 bits. In order to perform a modular sum of the key data and the divided right data, the data expander 110-31 needs to expand the divided right data to 80 bits. Extends right data to 80 bits. The data extension unit 110-31 repeatedly calculates any one 16-bit data of the divided right 64-bit data twice and outputs 80-bit data.

The exclusive OR operation unit 110-32 performs an exclusive OR operation on the 80 bits of the key data and the 80 bits of the output of the data expansion unit 110-31.

The data compression units 110-33 compress and output the 80 bits of the output of the exclusive OR operation units 110-32 into 72 bits. The data compression unit 110-33 receives an 80-bit input and performs a compression process according to a preset table in order to calculate 72-bit data. The data compressor 110-33 erases data corresponding to the 9th, 19th, 29th, 39th, 49th, 59th, 69th, 79th of the 80 bits of data and outputs 72 bits of data.

The S-box (110-34), that is, the non-linear S function divides 72 bits output from the data compression unit (110-33) into 12 blocks of 6 bits each, and replaces 6 bits of each block with 4 bits for nonlinear output. The data output from the S-boxes 110-34 is a total of 48 bits. Inside the S-box 110-34, there are 12 lower S functions S1 to S12 that output 4 bits as a 6-bit input, and a combination of lower S functions is used to cover the entire S-box 110-34. It can be configured, it can be expressed by the equation (11).

Equation 11 is an expression representing an S-box (110-34), that is, a nonlinear S function.

delete

To determine the S function, the input and output of the S function must be configured to have a special relationship. Since the most core of the second encryption means 110 is in the S function, the nonlinearity of the S function is a parameter to be considered very important.

The hybrid encryption system implemented in the present invention is different from the conventional encryption system because it does not repeat and performs only one round. In other words, even if the rearrangement relationship for the S function is ignored, the nonlinear characteristic of the S function does not change.

The expansion / replacement unit 110-35 performs expansion and substitution functions on the 48 bits output from the S-box 110-34. The expansion / replacement unit 110-35 expands and outputs the 64-bit using the 48-bit output of the S-box 110-34.

The hybrid encryption system shown in FIG. 1 is remarkably different from the existing hybrid encryption system. In other words, the existing hybrid encryption system has a long period of LFSR in order to increase the degree of secretion, and the resulting value of the input data (X) also increases. In addition, resource management necessary for encryption should be kept in mind by using input data (X) and key data separately. In particular, since the key data exists as a fixed value, the unauthorized key data acquisition has an important factor that obviates the need for encryption. However, the hybrid encryption system proposed in the present invention generates key data used for encryption based on incoming information data, so that the encryption pattern changes according to the data.

So far I looked at the center of the preferred embodiment for the present invention. Those skilled in the art will appreciate that the present invention can be implemented in a modified form without departing from the essential features of the present invention. Therefore, the disclosed embodiments should be considered in descriptive sense only and not for purposes of limitation. The scope of the present invention is shown not in the above description but in the claims, and all differences within the scope will be construed as being included in the present invention.

As described above, according to the present invention, in asymmetric cryptographic systems, the ratio depends on a solution of mathematical difficulty. Therefore, increasing the degree of secretion requires a more complex mathematical background. Implementing the encryption system for such a mathematical difficulty is difficult in real time processing, so it is uneconomical in terms of system efficiency. Therefore, in the present invention, the hybrid cryptographic algorithm is modified to perform asymmetric cryptographic system level services.

In the present invention, the proportional relationship between the increase in the degree of rain and the period of the pseudo random number generator, which are disadvantages of the existing hybrid encryption system, are not applied. In addition, since the iteration used in the existing symmetric cryptographic system is not used in the present invention, the processing speed is greatly increased. This enables real-time encryption in networks that require encryption and authentication for large plain texts.

Claims (7)

First encryption means for generating a pseudo random number, converting the pseudo random number to generate authentication data, and generating key data by mixing the pseudo random number and arbitrary data extracted from the pseudo random number and plain text to be encrypted; And Second encryption means for encrypting the plain text with key data generated by the first encryption means, And a cipher text generated by the second encrypting means and the authentication data generated by the first encrypting means. The method of claim 1, wherein the first encryption means A pseudo random number generator for generating a pseudo random number using a predetermined generation polynomial and dividing the pseudo random number into a predetermined number of blocks; An authentication data generation unit for formatting the entire pseudo random number into two blocks and extracting diagonal data of each block to generate the authentication data; And The first data obtained by logical operation of the pseudorandom number and the plain text, the arbitrary data extracted from the divided pseudorandom number, and the second data recombined by combining the diagonal data are combined with the authentication data. Mixed encryption system comprising a key data generation unit for generating. The method of claim 2, wherein the authentication data generating unit And an exclusive OR operation on the forward slash direction data of the first block and the second block and the reverse slash direction data of the first block and the second block, respectively. The method of claim 2, wherein the key data generating unit A mixing unit configured to perform an exclusive OR operation on the pseudorandom blocks and the plaintext of the same block number and pre-substitute the pseudorandom blocks; A data extraction unit for extracting upper and lower data of the divided pseudorandom block; A data format unit for formatting and rearranging the combined diagonal data and the upper and lower data at predetermined intervals; An operation unit configured to logically output data output from the data format unit and data output from the mixing unit; And And a data output unit for generating key data by combining the data output from the operation unit and the authentication data and outputting the key data to the second encryption unit. The method of claim 4, wherein the operation unit A first logical operation unit configured to perform an exclusive OR operation on upper data output from the data format unit and upper data output from the mixing unit; A second logical operation unit configured to perform an exclusive negation operation on the lower data output from the data format unit and the lower data output from the mixing unit; And And a data combiner for combining the operation results of the first and second logic operators. The method of claim 1, wherein the second encryption means A division unit that divides the plain text input in a predetermined unit into a predetermined unit; An encryption unit for encrypting the arbitrary divided plain text and the key data; And An arrangement unit for rearranging the arbitrary divided plain text and data output from the encryption unit, The second encryption means Mixed encryption system, characterized in that for performing the encryption once for the predetermined unit of plain text. The method of claim 6, wherein the encryption unit An expansion unit for expanding the divided plain text into a data sequence such as the key data; An operation unit configured to perform an exclusive OR operation on the expanded plain text and the key data; A compression unit compressing the calculated data into a predetermined data sequence; A first replacer for dividing the compressed data into a predetermined number of blocks and replacing and outputting data of the divided blocks; And And a second substitution part which substitutes and expands the substituted data. The first substituent is Combination encryption system, characterized in that composed of 12 sub-substitutions to replace each of the divided blocks.

Images