KR101790325B1 - Encryption and Decryption System - Google Patents

Abstract

The present invention relates to an encryption and decryption system, and more particularly, to an encryption / decryption system for storing multiple types of data, comprising: a preprocessor for defining a partial character set used for encryption / decryption in initializing the encryption / decryption system; A character set conversion unit for converting an input value input to the encryption / decryption system into a character set for internal processing of the encryption / decryption system, and a character set conversion unit for converting a character set converted by the character set conversion unit into a partial character set An encryption / decryption unit for performing encryption / decryption using shape-preserving encryption for each block of the partial character set discriminated by the partial character set discriminating unit, and an encrypting / decrypting unit for encrypting / A format reconstruction unit for reconstructing each block of the partial character set and a reconstruction unit for reconstructing To the character set, it characterized in that it comprises an encryption / decryption system output character set to the inverse transform unit configured to convert the character set of the present invention relates to an encryption / decryption system.
The encryption / decryption system may further include a setting unit that specifies a function used for encryption / decryption at the time of initialization of the encryption / decryption system, and a random number bit string generating unit that generates a random number bit string using the counter value And an encryption / decryption system for generating an encryption value using an input value input to the encryption / decryption system and a random number bit string generated by the random number bit string generation unit .

Description

[0001] The present invention relates to an encryption and decryption system,

The present invention relates to an encryption and decryption system for preserving multiple forms.

In general, encryption refers to the conversion of digital data into a code according to a certain system. Thus, by converting information into a cipher text format whose meaning is unknown, the information can be stored in a storage device in the form of a cipher text or transmitted through a communication line, thereby preventing the digital data from being read during storage and transmission. Encryption is the conversion of information into ciphertext using a specific bit stream cryptographic key, and decryption is the restoration of original information using a decryption key. A person who does not have a decryption key can not correctly recover the information, so that the information is protected unless the decryption key is known to a third party.

A common encryption algorithm converts a bit string to a bit string. However, in the case of data having a specific form other than a bit string such as a credit card number or a resident registration number, the result of applying the encryption algorithm does not maintain the original data form. Therefore, in an application environment in which data is stored in a given form, such as a database, and a variety of services are provided by utilizing the data, various problems may occur due to changes in stored data types due to encryption. Typical problems include additional storage space and the need to drastically change database statements for data utilization. In particular, in a legacy system in which the size of stored data is fixed at design time, data type change by encryption may not be permitted. In this case, it is necessary to apply a cryptographic algorithm that preserves the form and size of the plaintext in order to protect the stored data. A cryptographic algorithm that converts values of this type to values of the same type is called Format-Preserving Encryption.

Korean Patent Registration No. 10-1516574 proposes a shape preservation cipher scheme to solve the problems in the encryption and decryption process. However, there are restrictions on the type and length of values that can be inserted into plain text, and there is also a restriction on the length of a string composed of characters of various character sets (for example, a string composed of numerals, English, Korean, and Japanese characters) "123214afbbsg Korean It does not include the processing of "ue"). It does not include a method of setting a tweak value for generating a secure password value.

Therefore, it is possible to encrypt / decrypt a character string composed of characters of various kinds of character sets without restriction on the type and length of the values that can be inserted into the plain text, and it is excellent in security and encryption / It is required to introduce encryption / decryption system technology capable of processing fast and efficiently.

Therefore, the inventor of the present invention has studied for a long time to solve such a problem, developed through trial and error, and finally completed the present invention.

SUMMARY OF THE INVENTION The present invention has been made to solve the above problems,

The present invention provides an encryption / decryption system for storing multiple types, comprising: a preprocessor for defining a partial character set used for encryption / decryption at the time of initializing the encryption / decryption system; A partial character set discrimination unit for discriminating the character set converted by the character set conversion unit as a partial character set; and a partial character set discrimination unit for discriminating the partial character set discriminated in the partial character set discrimination unit An encryption / decryption unit for performing encryption / decryption using shape-preserving encryption for each block of the discriminated partial character set; and a format reconstruction unit for reconstructing each block of the partial character set encrypted / decrypted by the encryption / And the type-reconfiguring unit converts the reconstructed character set into an output character set of the encryption / decryption system There is no restriction on the type and length of values that can be inserted into the plain text by extracting the characters belonging to the character set in the character string, and there are no restrictions on the types of characters And an encryption / decryption system capable of encrypting / decrypting a string composed of a set of characters.

It is another object of the present invention to provide an encryption / decryption system for storing multiple types, the system comprising: a setting unit for defining a function used for encryption / decryption in initializing the encryption / decryption system; And a random number bit string generated by the random number bit string generation unit to generate an encryption value. The encryption unit may include an index The index information included in the tweak value includes the configuration, order, and position of the character set included in the character string, Decryption system < RTI ID = 0.0 > system < / RTI > To provide a system.

In using the variable-length block cipher function in the counter mode, if only the plain-text input value is changed as in the conventional block cipher, the size of the plain-text input value becomes relatively small, so the security strength becomes very weak according to the size thereof. For example, only 16 types of input values of the variable length block cipher function having 4 bits as inputs and 16 output values exist. At this time, when the counter value is incremented by 1, the input value by the counter is repeated with the interval of 16, so the result value is repeated. This results in a very weak security strength compared with the use of information of 128 bits or more as a cryptographic key. However, in the case of the present invention, the above example is merely an example in that there is no restriction on the type and length of values that can be inserted into a plain text.

It is a further object of the present invention to provide a method and system for encrypting / decrypting data, comprising the steps of: Decryption system in which a period in which the result value is repeated is increased to solve a security problem.

When encrypting data sets of the same type, setting keys individually for each element data requires secure storage space proportional to the size of the data set, and a system for managing each key is very complicated There is no choice but to make it. In addition, if the size of the element data is small, the space for storing the key may be much larger than the space for storing the data. Therefore, a method of defining a parameter such as a cryptographic key or a tweak value necessary for encrypting element data by a relation between element data is preferable in terms of storage space. At this time, the method of changing the encryption key depending on the element data greatly degrades the encryption / decryption rate for the data because the key scheduling process performed in most symmetric key ciphers must be performed every time the key is changed.

It is a further object of the present invention to provide a method and system for encrypting / decrypting data, in which the encryption / decryption system, And to provide an encryption / decryption system for solving the problem of lowering the encryption / decryption rate for data.

In order to achieve the above object, the present invention proposes an encryption / decryption system as follows.

The present invention provides an encryption / decryption system for storing multiple types, comprising: a preprocessor for defining a partial character set used for encryption / decryption at the time of initializing the encryption / decryption system; A partial character set discrimination unit for discriminating the character set converted by the character set conversion unit as a partial character set; and a partial character set discrimination unit for discriminating the partial character set discriminated in the partial character set discrimination unit An encryption / decryption unit for performing encryption / decryption using shape-preserving encryption for each block of the discriminated partial character set; and a format reconstruction unit for reconstructing each block of the partial character set encrypted / decrypted by the encryption / And the type-reconfiguring unit converts the reconstructed character set into an output character set of the encryption / decryption system The character set can include an inverse.

The pre-processing unit may include a partial character set defining unit that defines a partial character set including at least once each character for all representable characters, and a partial character set defining unit for defining a partial character set for each partial character set defined in the partial character set defining unit. A partial character set defining an encryption / decryption sequence between sets, and an encryption / decryption sequence defining unit for defining a sequence between each character belonging to the same partial character set for each partial character set defined in the partial character set defining unit And a character sequence definition portion for performing a character sequence determination.

At this time, in many cases, a character string is not generally regarded as a bit string, but a bit string or a byte string can be regarded as one of the strings in the preprocessing unit.

If there is a character not included in the partial character set defined by the preprocessing unit, the input value can be output as it is.

The encryption / decryption unit of the encryption / decryption system for storing multiple types may include a shape preserving cryptographic function for converting an input value into a ciphertext / plaintext having the same length as an input value.

The present invention relates to an encryption / decryption system for storing multiple types, comprising: a setting unit for defining functions used for encryption / decryption at the time of initialization of the encryption / decryption system; and a random number bit string And an encryption unit for generating an encryption value using an input value input to the encryption / decryption system and a random number bit string generated by the random number bit string generation unit.

The setting unit may include a function providing unit that provides a variable block encryption function, a first spreading function, and a second spreading function to be used in the encryption / decryption system.

In addition, the variable block cryptographic function may include a message authentication code including a shape preserving cryptographic function in which a tweak value is available, a message authentication code including a block cipher, or an encryption key.

The random number bit string generating unit may include a spread value generating unit for generating a spread value by applying a spread function to the counter value and a spread value encrypting unit for encoding the spread value using the variable block cryptographic function.

In the diffusion value generation unit for generating a diffusion value by applying a diffusion function to the counter value, a combined value of the nonce value and the counter value may be a counter value.

A diffusion value encryption unit for encrypting a spread value using the variable block encryption function, wherein the spread value encryption value is transmitted to the encryption unit when the spread value encryption value belongs to a root zone.

If the spreading value encryption value to which the first spreading function of the spreading value encryption unit is applied does not belong to the range, (a) a second spreading function is applied to the spreading value encryption value, and (b) (C) variable-size ciphering is repeated until the spreading-value cipher value belongs to the root, so that the spreading-value cipher belonging to the root of the cipher-combining unit can be transmitted.

The function to be applied to the spread value generator may include an equivalent function that does not change the counter value with respect to the counter value, a function that circulates the counter value as a bit string, a function that changes the order of the partial block, A variable block cryptographic function using arbitrary tweaks, a function for sorting the quotient and remainder values by the modulo according to the bit size of the module, or a combination function of these functions.

The encryption unit may generate an encryption value by combining the input value with the spread value encryption value transmitted from the random number bit string generation unit to the encryption unit.

In addition, the encryption value can be modulo-coded to belong to the range to generate ciphertext / plaintext.

According to the present invention, the following effects can be obtained depending on the configuration and use of the encryption / decryption system of the present invention.

The present invention provides an encryption / decryption system for storing multiple types, comprising: a preprocessor for defining a partial character set used for encryption / decryption at the time of initializing the encryption / decryption system; A partial character set discrimination unit for discriminating the character set converted by the character set conversion unit as a partial character set; and a partial character set discrimination unit for discriminating the partial character set discriminated in the partial character set discrimination unit An encryption / decryption unit for performing encryption / decryption using shape-preserving encryption for each block of the discriminated partial character set; and a format reconstruction unit for reconstructing each block of the partial character set encrypted / decrypted by the encryption / And the type-reconfiguring unit converts the reconstructed character set into an output character set of the encryption / decryption system There is no restriction on the type and length of values that can be inserted into a plain text through the method of converting an external input character set into an internal processing character set including the character set inversion section and composed of characters of various kinds of character sets It is possible to encrypt / decrypt the character string.

 The pre-processing unit may include a partial character set defining unit that defines a partial character set including at least once each character for all representable characters, and a partial character set defining unit for each partial character set defined in the partial character set defining unit A partial character set encryption / decryption sequence defining unit for defining a sequence of encryption / decryption between partial character sets, and an ordering unit for determining, for each partial character set defined in the partial character set defining unit, , A sequence is defined between characters belonging to the same set for each partial character set and a character is uniquely identifiable by the following sequence is taken, To encrypt / decrypt a string composed of characters of various kinds of character sets A faster and more efficient for the data that is effective and in order to enable the order to the secure encryption captures the order information to tweak results by increasing the cycle in which the values are repeated, has the effect of solving the security problem.

 The encryption / decryption system according to the present invention is characterized in that, when there is a character which is not included in the partial character set defined by the preprocessing unit, the encryption / decryption system outputs the input value as it is to the partial character set defined by the pre- It is possible to obtain an effect of implementing an encryption / decryption system free from the problem of encryption even if there is a character that is not included.

 The present invention further includes a form preserving cryptographic function for converting the input value into a ciphertext / plaintext having the same length as the input value in the encryption / decryption system excluding the preprocessor, It is possible to convert a value of a specific type into a value of the same type without changing the value.

 The present invention provides an encryption / decryption system for storing multiple types, comprising: a random number bit string generating unit for generating a random number bit string by using a setting unit and a counter value defining a function used for encryption / decryption at the time of initialization of the encryption / And an encryption unit for generating an encryption value using an input value input to the encryption / decryption system and a random number bit string generated by the random number bit string generation unit, Decryption can be performed based on a modified counter mode in which encryption and decryption are performed by providing different counter values and information of respective counter values as indexes in a tweak value.

The setting unit may include a function providing unit for providing a variable block cipher function, a first spreading function, and a second spreading function to be used in the encryption / decryption system, wherein the variable block cipher function includes: And a message authentication code including a message authentication code including a block cipher or a message authentication code including a block cipher so as not to repeat the key scheduling so that the tweak value includes the relationship information between the element data, The effect of solving the problem of the decryption rate drop is derived.

The random number bit string generating unit may include a spread value generating unit for generating a spread value by applying a spread function to the counter value and a spread value encrypting unit for encoding a spread value using a variable block cipher function, It is possible to generate different diffusion values even if the data have the same value, without the restriction on the type and the length of values that can be inserted into the encryption key.

According to the present invention, the counter value is obtained by decreasing the statistical predictability by using the combined value of the nonce value and the counter value as the counter value, thereby further improving the security.

The spread value encryption unit may transmit the spread value cipher value to the cipher combining unit when the spread value cipher value belongs to the root zone and to transmit the spread value cipher value to which the first spread function of the spread value cipher unit is applied (A) applying a second spreading function to the spreading value encryption value, (b) performing a modulo operation so that the spreading value encryption value belongs to a domain, and (c) The variable value cipher is repeatedly subjected to variable block cipher until the ciphertext is ciphered, and a spreading cipher value belonging to the ciphertext is transmitted to the cipher combining unit by eliminating the statistical property in the cycle depending on the bit size of the modulo, It is possible to improve the property.

The encryption unit may combine the input value with a spreading value encrypted value transmitted from the random number bit string generating unit to the encryption unit to generate an encrypted value and compress the encrypted value to generate a ciphertext / , Thereby obtaining an effect of efficiently generating a ciphertext / plaintext.

BRIEF DESCRIPTION OF THE DRAWINGS Figure 1 is a diagram of an encryption / decryption system for preserving multiple forms of the present invention.
2 is a diagram of a character set conversion unit and a character set inversion unit;
FIG. 3 is a diagram of a partial character set discriminating unit and a form reorganizing unit. FIG.
4 is a diagram relating to a preprocessing section;
5 is a diagram relating to a character string;
6 is a diagram relating to an encryption / decryption unit;
7 is a diagram of an encryption / decryption system using a counter mode based on a shape preservation password according to the present invention.
8 is a diagram of an encryption / decryption system for preserving multiple forms of the present invention.
9 is a diagram illustrating a random number bit string generating unit and a cipher combining unit.

Hereinafter, preferred embodiments of the encryption / decryption system according to the present invention will be described in detail with reference to the accompanying drawings. In the following description, well-known functions or constructions are not described in detail to avoid unnecessarily obscuring the subject matter of the present invention. Unless defined otherwise, all terms used herein are the same as the general meaning of the term understood by those of ordinary skill in the art to which this invention belongs and, if conflict with the meaning of the terms used herein, And the definition used in the specification.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS FIG. 1 is a block diagram of an encryption / decryption system 100 according to the present invention. Referring to FIG. 1, the encryption / decryption system 100 for storing a multi- It is possible to encrypt / decrypt a text string without restriction on the type and length of the value that can be inserted into a plain text (for example, a character string "123214afbbsg Korean ai," composed of numerals, Decryption system.

The encrypting / decrypting system 100 for storing such a multi-type includes a preprocessing unit 110, a character set conversion unit 120, a partial character set discrimination unit 130, an encryption / decryption unit 140, a format re- 150 and a character set inversion unit 160. [

The preprocessing unit 110 defines a partial character set related to encryption / decryption when the encryption / decryption system 100 is initialized.

The character set conversion unit 120 converts an input value input to the encryption / decryption system 100 into a character set for internal processing of the encryption / decryption system 100.

The partial character set discrimination unit 130 discriminates the character set converted by the character set conversion unit 120 as a partial character set.

The encrypting / decrypting unit 140 encrypts / decrypts each block of the partial character set discriminated by the partial character set discriminating unit 130 using shape-preserving encryption.

The format reconstruction unit 150 rearranges each block of the partial character set encrypted / decrypted by the encryption / decryption unit 140. [

The character set inversion unit 160 converts the character set reconstructed by the format reconstruction unit 150 into an output character set of the encryption / decryption system.

The encrypting / decrypting system 100 for storing the above-described multi-types allows encryption / decryption of a character string composed of characters of various kinds of character sets without restriction on the type and length of values that can be inserted into a plain text .

FIG. 2 is a diagram of a character set conversion unit 120 and a character set inversion unit 160, which are configurations of an encryption / decryption system 100 for storing multiple forms according to the present invention. Encryption / decryption is performed through conversion / inverse transformation between sets.

FIG. 3 is a diagram of a partial character set discrimination unit 130 and a format reconstruction unit 150, which are structures of an encryption / decryption system 100 for storing multiple forms according to the present invention. , And again shows the part where the format is reorganized into the original string.

4, the preprocessing unit 110 includes a partial character set defining unit 111, a partial character set encryption / decryption order defining unit 112 And a partial character set character sequence definition unit 113. [

The partial character set definition unit 111 defines a partial character set including at least once each character for all expressible characters.

The partial character set encryption / decryption sequence definition unit 112 defines an encryption / decryption sequence between partial character sets for each partial character set defined by the partial character set definition unit 111. [

The partial character set character sequence defining unit 113 defines a sequence of characters between the partial character sets belonging to the same partial character set for each partial character set defined by the partial character set defining unit 111 .

The encryption / decryption system 100 outputs the input value as it is when there is a character that is not included in the partial character set defined by the preprocessing unit 110, It is possible to obtain an effect of implementing an encryption / decryption system free from the problem of encryption.

The preprocessing unit 110 assigns a processing order to the character set, and preferably performs the processing that is not required to be performed redundantly in encryption once, thereby enabling encryption / decryption to be performed quickly and efficiently Effect. Also, if the order of processing between character sets is changed, the result of encryption varies because the counter value of the corresponding partial character set changes. As a result, a variety of results can be obtained for a character string composed of various languages, thereby improving the security.

In this specification, a character set refers to a character to be encrypted in a character string. Referring to FIG. 5, a character string is a column composed of characters represented by a certain bit, one character is represented within the corresponding bit size, and all characters do not have the same bit size. Generally, you do not often see a string as a bit stream. It is to be noted that the character string in the present specification is a broad concept including both a bit string and a byte string.

In a method of handling character systems in electronic devices, the most common character set is the Unicode character set. The Unicode character set is commonly used worldwide because it allows the character systems used in various countries of the world to be used simultaneously in one character set. When there is one Unicode character, the character can be identified as belonging to any partial character set.

는, 독일어의 문자체계에서는 사용하지만, 영어의 문자체계에서는 사용하지 않는다. 따라서, 영어의 문자체계에 대한 형태보존 암호화와, 독일어의 문자체계에 대한 형태보존 암호화는, 정의역과 치역에 있어서, 문자 'a'와 같이 서로 공통되는 문자와 문자

와 같이 서로 공통되지 않는 문자가 존재한다. This distinction is defined as a standard according to the character system used in each country. Although this standard does not uniquely match any partial character set for any character, it is possible to distinguish partial character sets such that partial character sets do not have a common element through selection of an appropriate character scheme. For example, the letter 'a' is also used in the English character system, but the same character is used in the German character system. However,

Is used in the German character system, but not in the English character system. Therefore, the morphological preservation encryption for the English character system and the morphological preservation encoding for the German character system are the same as those for the character 'a'

There are characters that are not common to each other.

In performing the shape preserving encryption for a certain string, when the character 'a' is encrypted, there arises a problem as to what character system should be interpreted. In contrast, the Unicode support system determines in advance that the character 'a' belongs to the corresponding character system by specifying the character system to be interpreted in advance. This method does not coexist with the two-character system, so in some situations it may include additional information to be interpreted as a specific character system.

In other cases, Hangul is used only in the Korean character system. And Hiragana is used only in the Japanese character system. Hence, Hangeul and Hiragana are divided into partial character sets which have no common elements. As a result, for strings consisting of Hangeul and Hiragana, each character can be uniquely identified as belonging to one of the character sets of Hangeul and Hiragana.

A typical coexistent character system is a number system for decimal numbers. For example, numbers and Hangul are used in Korea's address system. For large areas, it is called Hangul. Many complex objects such as buildings and floors on the roadside are named by numbers. Numbers are also used, such as postal codes, to make addressing easier, especially in large areas, such as postal services.

On the other hand, even in the case of KS X 1001 complete character set other than Unicode, partial character sets according to character systems such as numbers, Hangeul, Hiragana, Katakana, and Hanja can be distinguished from each other and coexist.

Unicode is a continuous character system, which is different from the national character system. Preferably, when a non-Unicode KS X 1001 completion character set is used as a character set for internal processing in an encryption / decryption system, the number of characters constituting the character set is relatively smaller than that of Unicode, , The encryption speed can be relatively fast. Although there are some cases where the number of cases is relatively small compared to Unicode, the KS X 1001 completion character set also has 2350 constituent characters, so there is no problem in security.

FIG. 6 is a block diagram of the encryption / decryption unit 140 of the encryption / decryption system 100 for storing multiple types according to an embodiment of the present invention. , The alphabet, and the partial character set of the complete Hangul. The characters classified into the corresponding partial character set are divided into block units that can be processed by the encryption / decryption unit 140, and are numbered according to the order of each block, and encrypt / decrypt them with a counter value. Particularly, FIG. 6 shows a case where a maximum of 4 Hangul characters constitute one block. In the present invention, in the encrypting / decrypting system 100, the configuration excluding the pre-processing unit 110 may be configured to save the form so as to belong to the same set as the input value with respect to an arbitrary input value, . This leads to the effect that a particular type of value can be converted to a value of the same type without any significant modification of the database statement for additional storage space or data utilization.

For example, the address string composed of Korean and numerals is composed of an algorithm 6 of item 5, an algorithm 5 of item 4, an algorithm 2 of item 1, [Algorithm 1] 'algorithm 1 and the shape preservation cipher FEA-1.

로 이용된다.
자연수열에 의해 결정되는 함수

는 상기 알고리즘 6의 단계 1 에서의 대응으로 정의된, 문자열에서에 포함된 문자가 어느 부분문자집합에 속하는지를 의미하는 함수이다.
함수

는 특수 문자집합에 대해서는 1을 4에 대응시키는 함수이고, 숫자 문자집합에 대해서는 1부터 3까지의 정수를 5, 6, 7 에 대응시키는 함수이고, 완성형 한글 문자집합에 대해서는 1부터 5까지의 정수를 1, 2, 3, 8, 9 에 대응시키는 함수로서, 입력 문자열에서 해당 글자가 몇 번째에 위치하는가를 의미한다. 이를 번째 위치와 런렝스의 순서쌍으로 표현하면, 각각 (5,3) 과 (1,3), (8,2) 로 표현 가능하고, 문자열의 배열위치와 런렝스의 순서쌍으로 변환하면 각각 (4,3) 과 (0,3), (8,2) 가 되며, 이 대응을 도 3에서 설명하고 있다.
정수열

는 각각의 부분문자집합에 대해서 정의된다. 본 예시에서는

이 48인 경우를 설명한다. 숫자 문자 3글자 표현에 필요한 정보량은 10비트이므로, 한 블록 안에 모두 표현이 가능하다. 따라서

,

로 정의된다. 완성형 한글 문자에 대해서 4글자의 연속한 표현에 필요한 정보량은 45비트이며, 5글자의 연속한 표현에 필요한 정보량은 56비트이다. 따라서 48비트 한 블록으로 표현 가능한 글자 수는 완성형 한글 4글자이다. 그리고 문자열 내의 형식에서 결정한 완성형 한글의 전체 글자 수는 5글자이므로

,

,

로 정의된다.
알고리즘 5의 입력값은 평문 정수열 859, 1683, 703, 32, 1, 9, 3, 0, 1 과 알고리즘 6에 입력된 논스의 값이다.
알고리즘 5의 단계 1에서의 처리 결과는, 숫자 문자집합에 대해서 정의되는 부분 정수열은 정수열에서 5, 6, 7번째 정수인 1, 9, 3이 된다. 완성형 한글 문자집합에 대해서 정의되는 부분 정수열은 정수열에서 1, 2, 3, 8, 9 번째 정수로 구성된 정수열 859, 1683, 703, 0, 1 이 된다.
알고리즘 5의 단계 2에서는 각 부분 문자집합의 정수열에 대해 알고리즘 2를 수행한다. 이때 입력하는 평문 문자열은

을 이용하여 정의되는 부분 정수열로 나누어 처리한다. 숫자 문자에 대해서는 정수열 1, 9, 3 에 대해 카운터 값을

의 계산 결과인 0으로 하여 암호화한다. 완성형 한글 문자집합에 대해서는 2개의 정수열 859, 1683, 703, 0 과 1 로 나누어 각각 카운터 값을 1과 2로 하여 암호화한다. 따라서 알고리즘 2의 수행에 대해서는 정수열 1, 9, 3 의 경우와 정수열 859, 1683, 703, 0 의 경우와 정수열 1 의 경우를 나누어 설명한다.
정수열 1, 9, 3 에 대한 알고리즘 2의 전제조건 자연수열은 10, 10, 10 이므로,

의 값은 1000 이다. 알고리즘 2의 단계 1에서 정의한 수학식에 의해 정수

의 값은 193으로 계산된다. 알고리즘 2의 단계 2에서는 알고리즘 1을 이용하여 암호화를 수행하게 된다. 그 결과는 알고리즘 1의 확산함수의 선택과 입력 논스의 값 및 전제조건의 암호값에 의존하여 바뀌게 되는데, 본 예시에서는 특정한 선택의 결과로서 379의 정수값을 얻는 경우를 고려한다. 이어서 알고리즘 2의 단계 3에서 정의된 수학식에 의해 정수 379 로부터 정수열 3, 7, 9 를 얻는다. 이 값은 모두 암호화 대상이므로 알고리즘 2의 단계 4에서 알고리즘 2의 출력값으로서 정수열 3, 7, 9 를 출력한다.
정수열 859, 1683, 703, 0 에 대한 알고리즘 2의 전제조건 자연수열은 2350, 2350, 2350, 2350 이므로,

의 값은 30498006250000 이다. 알고리즘 2의 단계 1에서 정의한 수학식에 의해 정수

의 값은 11157290644550 으로 계산된다. 알고리즘 2의 단계 2에서는 알고리즘 1을 이용하여 암호화한 결과로서, 예를 들면 5292804701843 과 같은 정수가 출력된다. 해당 값을 이용하면 알고리즘 2의 단계 3에서 정의된 수학식에 의해 정수열 407, 1957, 869, 2193 을 얻을 수 있다. 이 값은 모두 암호화 대상이므로 알고리즘 2의 단계 4에서 알고리즘 2의 출력값으로서 정수열 407, 1957, 869, 2193 을 출력한다.
정수열 1 에 대한 알고리즘 2의 전제조건 자연수열은 2350 이므로,

의 값은 2350 이다. 알고리즘 2의 단계 1에서 정의한 수학식에 의해 정수

의 값은 1 으로 계산된다. 알고리즘 2의 단계 2에서는 알고리즘 1을 이용하여 암호화한 결과로서, 예를 들면 1465 와 같은 정수가 출력된다. 해당 값을 이용하면 알고리즘 2의 단계 3에서 정의된 수학식에 의해 정수열 1465 를 얻을 수 있다. 이 값은 모두 암호화 대상이므로 알고리즘 2의 단계 4에서 알고리즘 2의 출력값으로서 정수열 1465 를 출력한다.
이로서 알고리즘 5의 단계 2는 종료되고, 이어서 알고리즘 5의 단계 3이 수행된다. 알고리즘 5의 단계 3에서는 3개의 암호 정수열 3, 7, 9 와 407, 1957, 869, 2193 와 1465 에 대해서 첨자에 의해 정렬을 수행한다. 여기에서 첨자에 의한 정렬이란 함수

의 대응과 수열

에 의해 각 정수열을 구분하였던 것을 알고리즘 5의 입력 정수열에 되돌리는 작업을 의미한다. 따라서 각 암호 정수열의 정수를 알고리즘 5에 입력된 평문 정수열 859, 1683, 703, 32, 1, 9, 3, 0, 1 에 되돌리면 407, 1957, 869, 32, 3, 7, 9, 2193, 1465 와 같은 정수열을 얻을 수 있다.
알고리즘 5의 단계 4에서는 정수열 407, 1957, 869, 32, 3, 7, 9, 2193, 1465 를 출력하며, 이것으로 알고리즘 6의 단계 3이 종료된다.
알고리즘 6의 단계 4에서는 정수열 407, 1957, 869, 32, 3, 7, 9, 2193, 1465 를 문자열로 변환한다. 이 변환으로 얻어지는 문자열은 408번째, 1958번째, 870번째 완성형 한글 문자에 이어서 32번째 특수 문자, 4번째 숫자 문자, 8번째 숫자문자, 10번째 숫자문자, 그리고 2194번째, 1466번째 완성형 한글문자로 구성된 문자열이므로 "느쿡뭏 379퓽왠" 과 같이 완성된다.
알고리즘 6의 단계 5에서는 문자열 "느쿡뭏 379퓽왠" 을 출력하는 것으로 알고리즘 6을 종료한다.
본 예제에서, 알고리즘 1의 암호화 함수 대신의 복호화 함수를 이용함으로써, 암호화와 동일한 과정을 통해 복호화를 수행할 수 있다.

도 7은 본 발명인 형태보존 암호 기반 카운터 모드 이용 암호화/복호화 시스템에 관한 도면으로, 도 7을 참고하여 설명하면, 상기 암호화/복호화 시스템(100)은, 기존 형태보존 암호화 시스템과는 달리 카운터 모드 이용 암호화/복호화부(140)를 구성하여 암호화/복호화하는 시스템인 점에서 그 차이가 있다.

도 8은 본 발명의 다른 실시예에 따른 다중 형태를 보존하는 암호화/복호화 시스템(100a)에 관한 도면으로, 도 8을 참고하여 설명하면, 모두 다른 형태로 암호화 될 수 있도록 인덱스로서 서로 다른 카운터값을 부여하고, 인덱스로서 각각의 카운터값의 정보는 트윅값에 포함시켜 암호화 및 복호화를 수행하는 변형 카운터 모드 기반의 형태 보존 암호화/복호화 시스템을 말한다.

이러한 다중 형태를 보존하는 암호화/복호화 시스템(100a)은, 설정부(170), 난수 비트열 생성부(180) 및 암호결합부(190)를 포함할 수 있다.
상기 설정부(170)는, 상기 암호화/복호화 시스템의 초기화 시 암호화/복호화에 사용하는 함수를 규정하는 구성을 말한다.
상기 난수 비트열 생성부(180)는, 카운터값을 이용하여 난수 비트열을 만드는 구성을 말한다.
상기 암호결합부(190)는, 상기 난수 비트열 생성부(180)에서 생성한 난수 비트열을 이용하여 암호화값을 만드는 구성을 말한다.

상기 설정부(170)는, 상기 다중 형태를 보존하는 암호화/복호화 시스템(100a)에서 사용할 가변 블록 암호화 함수, 제1 확산 함수 및 제2 확산 함수를 제공하는 함수 제공부를 포함할 수 있다.

상기 가변 블록 암호화 함수는 트윅값이 이용 가능한 형태보존 암호화 함수, 블록암호를 포함한 메시지 인증 코드 또는 암호키를 포함한 메시지 인증 코드를 포함할 수 있다. 상기 설정부(170)의 구성을 통해 키 스케쥴링을 반복하지 않도록 트윅값에 요소데이터 사이의 관계 정보를 포함시켜 암호화하도록 함으로써, 데이터에 대한 암호화/복호화 속도의 저하 문제를 해결하는 효과를 도출할 수 있게 된다.
"With the rubbing of 193" → "Feeling 379 퓽Wan"
The precondition for applying Algorithm 6 to the string "Rule 193 with Unicode Characters" is as follows.
In this example, the processing order for the character set to be encrypted is defined in the order of a numeric character set, an alphabet character set, and a complete character set, and the remaining character sets are all unencrypted. However, since there is no character belonging to the English alphabet character set in the input string "193 with rubbing", the corresponding character set is not processed. As a result, the numeric character set is processed first, and then processing for the complete Hangeul character set is performed.
Partial character sets belonging to a character set include a numeric character set, a complete character set, and a special character set. A numeric character set is a set of strings representing ten numbers from 0 to 9. In particular, it is a set of characters corresponding to the portion corresponding to the character codes 0x0030 to 0x0039 of Unicode. The complete Hangul character set usually targets the Hangul character set defined in KS X 1001. In this example, however, only characters defined in KS X 1001 are selected from Unicode Hangul characters to form a set. As a result, a set containing only 2350 characters out of 11172 characters from Unicode 0xAC00 to 0xD7A3 is defined. A special character set is a set of 33 characters that correspond to the Unicode characters 0x0000 through 0x0020, and in particular contain a space character such as 0x0020.
A front-end function that maps a numeric character to an integer is a function that maps the Unicode character 0x0030 to the number 0, and then maps the characters up to 0x0039 to the numbers up to 9. This corresponds to the number of digits from 0 to 9 minus one, and corresponds to the integer that the numeric character means. The shear function that matches the complete Hangul character to an integer is a function that matches the value obtained by subtracting 1 from the value of how many times the Hangul character appears in the order of the Hangul character codes defined in KS X 1001 . A shear function that maps special characters to integers is a function that maps Unicode characters to integers. This means that the special character corresponds to an integer obtained by subtracting 1 from the value of how many times the special character appears as a Unicode character.
The input value for applying the algorithm 6 to the string "193 distinct by rubbing" is the value of the randomly generated nonces with the string "rubbing 193".
When Step 1 of Algorithm 6 is applied, each character of the string "Rule 193 with rubbing" consists of a complete Hangul character, a complete Hangul character, a complete Hangul character, a special character, a numeric character, a numeric character, a numeric character, It can be seen that it is a Korean character.
When Step 2 of Algorithm 6 is applied, each character of the string "193 distinct by rubbing" is composed of 860th, 1684th and 704th successive Hangul characters, 33th special character, 2nd, 10th, Character, the first and second complete Hangul characters. Therefore, each character in the string can be converted into an integer sequence of 859, 1683, 703, 32, 1, 9, 3, 0,
In Step 3 of Algorithm 6, one of Algorithms 2 to 5 is applied. Here, Algorithm 5 is applied.
It is preferable that the preprocessing unit 110 processes the encryption key and the natural sequence, which are prerequisites for applying the algorithm 5, However, it can be processed at a necessary point other than the pre-processing unit 110. [
In the case of the present example, since the information necessary for the pre-processing exists in the present stage in the natural sequence of the prerequisite conditions, the number of natural sequences 2350, 2350, 2350, 33, 10, 10, The natural sequence of this precondition

.
Function determined by natural sequence

Is a function indicating which partial character set belongs to the character included in the character string, which is defined as the correspondence in the step 1 of the algorithm 6.
function

Is a function that maps 1 to 4 for a special character set and a function that maps integers 1 to 3 to 5, 6, and 7 for a numeric character set, and integers from 1 to 5 for a complete Hangul character set To 1, 2, 3, 8, and 9, which means the position of the corresponding character in the input string. (5,3), (1,3) and (8,2), respectively, and converted into an ordered pair of string positions and run-lengths, , 3) and (0, 3), (8, 2). This correspondence is shown in Fig.
Water heat

Is defined for each partial character set. In this example

The case of 48 is explained. Since the amount of information required to represent a letter character is 10 bits, it can be expressed in one block. therefore

,

. For the complete Hangul character, the amount of information required for continuous representation of 4 characters is 45 bits, and the amount of information required for continuous representation of 5 characters is 56 bits. Therefore, the number of characters that can be expressed in one block of 48 bits is 4 characters of complete Korean alphabet. The total number of characters in the complete Hangul character decided by the format in the string is 5 letters

,

,

.
The input values of the algorithm 5 are the values of the nonces inputted to the plaintext constants 859, 1683, 703, 32, 1, 9, 3, 0,
As a result of the processing in the step 1 of the algorithm 5, the partial integer rows defined for the numeric character set are 1, 9, and 3 as the 5th, 6th, and 7th integers in the integer row. The partial constants defined for the complete Hangul character set are the constants 859, 1683, 703, 0, and 1, which are 1, 2, 3, 8,
In step 2 of algorithm 5, algorithm 2 is performed on integer strings of each partial character set. The input plain text string is

And a partial integer sequence defined by using the partial sequence. For numeric characters, the counter value for integer 1, 9,

0 " The complete Hangul character set is divided into two integer columns 859, 1683, 703, 0 and 1, and the counter values are set to 1 and 2, respectively. Therefore, the execution of Algorithm 2 is divided into the case of integer 1, 9, and 3, the case of integer columns 859, 1683, 703, 0, and the case of integer 1.
Since the prerequisite natural sequence of Algorithm 2 for integer 1, 9, and 3 is 10, 10, and 10,

Lt; / RTI > According to the equation defined in the step 1 of the algorithm 2,

Is calculated as 193. In step 2 of algorithm 2, encryption is performed using algorithm 1. The result is changed depending on the selection of the diffusion function of the algorithm 1, the value of the input nonce, and the cryptographic value of the precondition. In this example, a case of obtaining an integer value of 379 as a result of a specific selection is considered. Next, the constants 3, 7, and 9 are obtained from the integer 379 by the mathematical expression defined in the step 3 of the algorithm 2. Since all of these values are to be encrypted, step 4 of the algorithm 2 outputs the integer numbers 3, 7, and 9 as the output values of the algorithm 2.
Since the prerequisite natural sequence of the algorithm 2 for the integer sequences 859, 1683, 703, and 0 is 2350, 2350, 2350, and 2350,

Is 30498006250000. According to the equation defined in the step 1 of the algorithm 2,

Lt; RTI ID = 0.0 > 11157290644550 < / RTI > In step 2 of the algorithm 2, an integer such as 5292804701843 is output as a result of the encryption using the algorithm 1, for example. By using the corresponding values, the integer rows 407, 1957, 869, and 2193 can be obtained by the mathematical expression defined in Step 3 of Algorithm 2. Since these values are all to be encrypted, in step 4 of the algorithm 2, the integer values 407, 1957, 869, and 2193 are output as the output values of the algorithm 2.
The prerequisite natural sequence of Algorithm 2 for integer 1 is 2350,

Lt; / RTI > According to the equation defined in the step 1 of the algorithm 2,

Is calculated as 1. In Step 2 of Algorithm 2, an integer such as 1465 is output as a result of encryption using Algorithm 1, for example. Using this value, the integer 1465 can be obtained by the mathematical expression defined in Step 3 of Algorithm 2. Since all of these values are to be encrypted, in step 4 of the algorithm 2, the integer number 1465 is output as the output value of the algorithm 2.
Step 2 of algorithm 5 is then terminated, and step 3 of algorithm 5 is then performed. In step 3 of algorithm 5, alignment is performed by subscripts for three cipher constants 3, 7, 9 and 407, 1957, 869, 2193 and 1465. Here, the subscript sort function

And

To the input constants of the algorithm 5, as shown in Fig. Therefore, if the constants of the respective cipher constants are returned to the plaintext constants 859, 1683, 703, 32, 1, 9, 3, 0 and 1 inputted to the algorithm 5, then 407, 1957, 869, 32, 3, 7, 9, 2193, 1465. < / RTI >
In step 4 of the algorithm 5, the integer strings 407, 1957, 869, 32, 3, 7, 9, 2193, and 1465 are output.
In step 4 of the algorithm 6, the integer strings 407, 1957, 869, 32, 3, 7, 9, 2193 and 1465 are converted into strings. The string obtained by this conversion consists of the 328th special character, the 4th numeric character, the 8th numeric character, the 10th numeric character, and the 2194th and 1466th complete Korean characters following the 408th, 1958th, and 870th complete Hangul characters Since it is a string, it is completed like "뭏 뭏 379 퓽 Wan".
In Step 5 of Algorithm 6, algorithm 6 is terminated by outputting the string " No Cook 379 ".
In this example, by using a decryption function instead of the encryption function of the algorithm 1, decryption can be performed through the same process as encryption.

7, the encryption / decryption system 100 according to the present invention includes a counter mode encryption / decryption system using a counter mode, There is a difference in that the encryption / decryption unit 140 is constituted to encrypt / decrypt the encrypted data.

FIG. 8 is a diagram of an encryption / decryption system 100a for preserving multiple types according to another embodiment of the present invention. Referring to FIG. 8, And a modified counter mode based shape preserving encryption / decryption system for encrypting and decrypting information by including information of each counter value as an index into a tweak value.

The encrypting / decrypting system 100a for storing such a multi-type may include a setting unit 170, a random number bit string generating unit 180 and a cryptographic key combining unit 190. [
The setting unit 170 defines a function used for encryption / decryption at the time of initialization of the encryption / decryption system.
The random number bit string generating unit 180 generates a random number bit string using the counter value.
The cryptographic combination unit 190 is configured to generate an encrypted value using the random number bit string generated by the random number bit string generation unit 180.

The setting unit 170 may include a function providing unit for providing a variable block cipher function, a first spreading function, and a second spreading function to be used in the encryption / decryption system 100a for storing the multiple types.

The variable block encryption function may include a message authentication code including a shape preservation encryption function with tweak value available, a message authentication code including a block secret, or an encryption key. It is possible to obtain the effect of solving the problem of lowering the encryption / decryption rate for the data by including the relationship information between the element data in the tweak value so as not to repeat the key scheduling through the configuration of the setting unit 170 .

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

9, the random number bit string generating unit 180 includes a random number bit string generating unit 180 and a cryptographic key combining unit 190. The random number bit string generating unit 180 generates a spreading function And a spread value encryption unit 182 for encrypting the spread value using a variable block encryption function.

The diffusion value generator 181 may apply the diffusion function using the combined value of the nonce value and the counter value as a counter value.

The diffusion value encryption unit 182 transmits the spread value encryption value to the encryption unit 190 when the spread value encryption value belongs to the root zone. If the spreading value encryption value to which the first spreading function of the spreading value encryption unit 182 is applied does not belong to the range, (a) a second spreading function is applied to the spreading value encryption value, (b) (C) the variable value cipher is repeatedly subjected to variable block cipher until the cipher value of the spread value cipher is in the range, and the spreading cipher value cipher belonging to the root value is sent to the cipher combining unit 190 Transmission configuration.

The function to be applied to the diffusion value generator 181 may include an equivalence function that does not change the counter value with respect to the counter value, a function that circulates the counter value as a bit string, a function that changes the order of the partial block, A variable block cryptographic function using arbitrary tweaks, a function to sort the modulo quotient and residual values according to the bit size of the module, or a composite function of these functions have.

The encryption unit 190 may generate an encryption value by combining an input value with a spreading value encryption value transmitted from the random number bit string generating unit 180 to the encryption combining unit 190. [

In addition, the encryption value can be modulo-coded to belong to the range to generate ciphertext / plaintext.

Hereinafter, the algorithm 1 used in the random number bit stream generation unit 180 and the cryptographic combination unit 190 will be described. In the case of the random number bit string generating section 180, steps 1 to 4 of the algorithm 1 are associated. In the case of the cryptographic combiner 190, steps 5 and 6 of the algorithm 1 are involved.

: 암호화 함수에 이용되는 키이다. 랜덤으로 생성되는 것이 바람직하다.

: 평문 집합의 요소 개수이며 암호문 집합의 요소 개수와 동일하다.

입력:

: 평문으로서, 부등식

을 만족하는 정수이다.

: 카운터값으로서

비트 값이다.

: 논스값으로서

비트 값이다. 랜덤으로 생성되는 것이 바람직하다.

출력:

: 암호문으로서, 부등식

을 만족시키는 정수이다.

단계 :
1.

2.

3.

4. 만약

을 만족시키면:
a.

b.

c.

d. 만약

을 만족시키면 단계 4.c로 이동
5.

6. 결과값으로

를 반환

상기 알고리즘에서

은

의 비트길이를 의미한다. 따라서 부등식

을 만족시킨다.
상기 알고리즘에서

은 트윅의 비트길이를 의미한다. 해당 비트길이는 알고리즘 1에서 이용하는 암호화 함수에 의해 결정되는 값이다.
상기 알고리즘에서 이용된 수학식

은 비트열

에서 최상위

번째 비트부터

번째 비트까지의 부분 비트열을 의미한다.
상기 알고리즘에서 이용된 수학식

는 트윅 값이 이용가능한 블록 암호화 함수이다. 특히

비트의 블록

를

비트의 트윅

를 이용하여

비트의 암호문을 생성한다. 이러한 암호화 함수는 예를 들면 하기와 같이 구성될 수 있다.
1) 형태보존 암호화 함수
2)

:

는

를 키로 하는 128비트 블록을 암호화 하는 함수이며, 트윅

는 최대 128비트의 비트열이다. 또한 연산자

는 오른쪽 시프트 연산이며, 생성 비트열에서 부분

비트를 임의로 결정하는 함수로 대체될 수 있다.
3)

:

은

를 키로 하는 메시지 인증 코드이다.

는 트윅으로서 길이는 가변이며,

는

의 출력값의 비트길이이다. 여기에서도 2)의 경우와 마찬가지로 오른쪽 시프트 연산자

는 생성 비트열에서 부분

비트를 임의로 결정하는 함수로 대체할 수 있다.

상기 수학식의

와

는 각각 제1 확산 함수와 제2 확산 함수이다.

비트 입력값에 대해

비트 값을 결정론적으로 출력한다. 확산 함수

과

는 동일한 함수로 설정할 수 있으나, 다른 함수임이 바람직하다. 예를 들면 하기와 같이 구성될 수 있다.
1)

: 동치함수
2)

: 비트열을 오른쪽으로

비트 순환시키는 함수
3)

: 비트열을

비트 단위 블록으로 쪼개어 각 블록의 순서를 역순으로 하는 함수.
4)

:

비트 출력값을 갖는 해시함수
5)

:

비트 트윅

를 이용한 블록 암호화 함수

알고리즘 1은 카운터값이 0에서 시작하여 동일한 값으로 되돌아오기 직전까지의 수열에 대해 사용할 수 있다. 해당 수열의 최대 주기는

이다. 특히, 동일한 입력 평문값

에 대해 카운터를 1씩 증가시켜 얻어지는 출력값

의 수열은, 암호함수

가 출력값에 대해 충돌확률이 충분히 작다면, 주기를 최대의 경우

이 되도록 구성할 수 있다.

알고리즘 1은 단계 1-4와 같이 카운터값으로부터 암호키

에 대한 지식 없이는 계산적으로 예측 불가능한,

을 만족하는 정수를 생성하는 부분과, 단계 5와 같이 해당 비트열을 입력값

와 결합하여 암호화를 수행하는 부분으로 구성된다.

단계 4의 결과,

값은

의 범위를 만족시킨다. 이 값이 어떠한 값으로 대응될지에 대해서는 단계 4에서 결정된 트윅값

에 의해 다양한 변화를 줄 수 있다.
단계 4에서, 임의의 초기값

에 대해 함수

의 재귀적 호출로 얻어지는 수열은

의 약수를 주기로하여 반복된다. 이때 초기치를 단계 4에서

값을

의 만족시키는 범위로 변경하게 되면, 해당 주기 내에서 반복의 종료 조건을 만족시키는 경우가 반드시 존재한다. 만약 초기값이

이라면 반복의 종료 조건

을 만족시키지 않는 함수 가 존재한다.

단계 5의 모듈로 연산

은

의 값이

보다 큰 경우에

을 빼는 연산으로 대체할 수 있다.
복호화 알고리즘은 단계 5 의 연산을

로 바꿈으로서 정의할 수 있다.
[Algorithm 1]
precondition:

: This is the key used for the encryption function. It is preferably generated randomly.

: The number of elements in the plaintext set and equal to the number of elements in the set of ciphertexts.

input:

: As a plain text, inequality

Lt; / RTI >

: As a counter value

Bit value.

: As a nonce value

Bit value. It is preferably generated randomly.

Print:

: Cipher text, inequality

Lt; / RTI >

step :
One.

2.

3.

4. If

:
a.

b.

c.

d. if

If it satisfies, go to step 4.c
5.

6. As the result

Return

In the algorithm

silver

Lt; / RTI > Therefore,

Lt; / RTI >
In the algorithm

Means the bit length of the tweak. The bit length is a value determined by the encryption function used in Algorithm 1.
In the algorithm used in the above equation

Bit string

At the top

From the ith bit

Lt; th > bit.
In the algorithm used in the above equation

Is a block encryption function with tweak values available. Especially

Block of bits

To

Bit tweak

Using

Bit cipher text. This encryption function can be configured as follows, for example.
1) Shape-preserving cryptographic function
2)

:

The

Is a function for encrypting a 128-bit block using a key

Is a bit string of a maximum of 128 bits. Also,

Is a right shift operation,

It can be replaced with a function that arbitrarily determines the bit.
3)

:

silver

As a key.

Is a tweak, the length is variable,

The

Is the bit length of the output value. Here, as in the case of 2), the right shift operator

Lt; RTI ID = 0.0 >

The bit can be replaced with a function that randomly determines.

In the above equation

Wow

Are the first diffusion function and the second diffusion function, respectively.

For bit input values

And outputs the bit value deterministically. Diffusion function

and

Can be set to the same function, but it is preferable that the function is another function. For example, as follows.
One)

: Equivalent function
2)

: Move the bit string to the right

Functions that cycle bits
3)

Bit string

A function that breaks up into blocks of bits and reverses the order of each block.
4)

:

Hash function with bit output value
5)

:

Beatwick

Block encryption function using

Algorithm 1 can be used for a sequence up to just before the counter value starts at 0 and returns to the same value. The maximum period of the sequence is

to be. In particular,

The output value obtained by incrementing the counter by 1

The sequence of < RTI ID = 0.0 >

If the probability of collision with the output value is sufficiently small,

. ≪ / RTI >

Algorithm 1 decrypts the cipher key from the counter value

Without knowledge of the computationally unpredictable,

, And a part for generating the integer satisfying the input value

And performs encryption in combination with the encryption key.

As a result of step 4,

The value is

≪ / RTI > As to what value this value is to correspond to, the threshold value determined in step 4

Can make various changes.
In step 4, any initial value

About functions

The sequence obtained by recursive invocation of

Is repeated. At this time,

Value

, There is always a case where the end condition of the repetition is satisfied within the period. If the initial value is

End condition of the iteration

Function that does not satisfy Lt; / RTI >

Modulo operation in step 5

silver

The value of

If greater than

Can be replaced with an operation to subtract.
The decryption algorithm uses the operation of step 5

Can be defined.

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

Hereinafter, the random number bit string generating unit 180 and the algorithm 1 used by the cryptographic unit 190 will be described. The description of the present invention will be continued below.

9 is a diagram illustrating a random number bit string generating unit 180 and an encryption unit 190 according to the present invention. Referring to FIG. 9, Decryption system that encrypts and decrypts each of the counter values by adding other counter values to the tweak value as indexes and information of each counter value as an index.

When encrypting data sets of the same type, setting individual keys for each element data requires secure storage space proportional to the size of the data set, and the system for managing each key becomes very complex There is no other choice. Also, if the size of the element data is small, the space for storing the key may be much larger than the space for storing the data. Therefore, a method of defining a parameter such as a cryptographic key or a tweak value necessary for encrypting element data by a relation between element data is preferable in terms of storage space. At this time, the method of changing the encryption key depending on the element data greatly degrades the encryption / decryption rate for the data since the key scheduling process performed in most symmetric key cryptosystems must be performed every time the key is changed.

In order to solve the speed reduction problem, in the present invention, the tweak value is encrypted by including the relationship information between the element data so as not to repeat the key scheduling.

For example, the element data can be divided into a plurality of data items, each of which can be uniquely identified by ordering element data, that is, monotone increasing indexes. When index information is used as part of the tweak value in the shape preservation encryption, Can be encrypted with different output values, even if they are the same value. Also, since the encryption key is set depending only on the data set, encryption and decryption can be performed on any arbitrary element belonging to the data set by only one key scheduling with respect to the underlying symmetric key encryption.

In using the variable block encryption function in the counter mode, if only the plain text input value is changed as in the conventional block cipher, the size of the plain text input value becomes relatively small, so the security strength becomes very weak according to the size thereof.

For example, there are only 16 input values of the variable block cipher function having 4 bits as input, and there are only 16 output values. At this time, when the counter value is incremented by 1, the input value by the counter is repeated with the interval of 16, so the result value is repeated. This results in a very weak security strength compared with the use of information of 128 bits or more as a cryptographic key.

Therefore, in the present invention, for example, in order to securely encrypt 16 or more data in order when the condition of the problem in the above example is satisfied, the remaining sequence information other than 4 bits is put in the tweak, This cycle is repeated. However, in the case of the present invention, the above example is merely an example in that there is no restriction on the type and length of values that can be inserted into a plain text.

In order to encrypt a value in a range other than a binary number, for example, CEA (Cycle-Walking) is recommended in the FEA described in ITU-T Recommendation TTAK.KO-12.0275. At this time, in order to implement the counter mode, the following problems can be found and a configuration for solving the problems can be made.

을 치역의 요소 개수로 나눔으로서 몫과 나머지로 분해하여 각각을 트윅과 평문으로하여 암호화 할 수 있다. 그러나 128비트 정수의 나눗셈과 같은 연산을 한번 수행해야 한다는 점은 성능적으로 고려해봐야 한다. 이 방법은, 알고리즘 1에서 제1 확산 함수

을 상위

비트의 값을 나머지로 하고 하위

비트의 값을 몫으로 하는 함수로 정의하고, 제2 확산 함수

를

에만 대응시키는 상수 함수로 정의하여 구현할 수 있다.

둘째, 첫번째 경우에서 일반적인 128비트 정수의 나눗셈을 피하기 위해

을

에 의한 나눗셈을 이용하는 것을 고려할 수 있다. 이때

에 의한 나눗셈은 비트열에 대한 시프트 연산으로 구현할 수 있으므로, 나눗셈을 매우 빠르게 처리할 수 있다는 장점이 있다. 이렇게 정의한 암호화 함수의 치역의 요소 개수는 최종적으로 출력해야 하는 치역의 요소 개수와 서로 다르게 되므로, CW 를 이용해야 한다. 그러나

의

에 의한 나눗셈의 나머지는 정의역의 요소 개수보다 큰 값을 가질 수 있으므로, 상기 알고리즘 1에서 CW의 종료 조건

을 만족시키지 않는

가 FEA 에 대해서도 존재하므로, FEA의 CW가 종료하지 않을 수 있다. 이 경우에

의

에 의한 나눗셈의 나머지에 대해서

비트 정수의 나눗셈을 이용할 수 있다.

비트 정수의 나눗셈은 128비트 정수의 나눗셈보다 빠르게 처리할 수 있는 경우가 있다는 장점이 있다. 그러나

개의 연속한 암호값에 대해서 후반

개의 값은 전반

개의 반복이므로, 취약점을 갖는다는 문제가 있다.

셋째, 두번째 경우에서 가까운 과거의 출력값이 상관관계를 갖는 것을 막기 위해서, CW에 이용되는 입력값을 제2 확산 함수

를 이용하여 랜덤하게 변경시켜 준다면, 주기 내에서의 직접적인 반복은 없앨 수 있다. 하지만, 여전히

개를 단위로 하여 치역의 값이 반드시 1번 또는 2번 등장한다는 특징에 의해 통계적인 추측이 가능하다는 취약점을 갖는다.

넷째, 주기 내에서의 통계적인 추측을 어렵게 하기 위해서, 제1 확산 함수

을 좋은 성질을 갖는 함수로 선택한다면, 수로서 1씩 증가하는

의 변화를 비트열로서

의 전체로 균등하고 랜덤하게 확산시킬 수 있다. 그 결과로서

개를 단위로 하여 존재하는 통계적인 성질을 없앨 수 있다.

First, the combined value of the nonce and counter

Can be divided into a quotient and a remainder by dividing by the number of elements of the range, and can be encrypted by tweaking and plain text, respectively. However, performance must be considered when performing operations such as division of 128-bit integers once. In this method, the first diffusion function

Top

Let the value of the bit be the remainder,

The value of the bit is defined as a quotient, and the second diffusion function

To

As a constant function.

Second, to avoid the division of a common 128-bit integer in the first case

of

May be considered. At this time

Division can be implemented by a shift operation on the bit stream, so that the division can be performed very quickly. The number of elements of the range of the cryptographic function defined above is different from the number of elements of the final output range, so CW should be used. But

of

The rest of the division by CW may have a value larger than the number of elements of the domain,

Does not satisfy

Is also present for FEA, CW of FEA may not be terminated. In this case

of

For the remainder of division by

You can use bit integer division.

The advantage of division of bit integers is that they can be processed faster than division of 128-bit integers. But

For consecutive cipher values,

The values of

There is a problem of having a vulnerability.

Third, in order to prevent the output values of the past past from having a correlation in the second case, the input value used for the CW is called the second diffusion function

, The direct repetition within the period can be eliminated. However,

It has a vulnerability that statistical speculation can be made by the feature that the value of the range must appear once or twice in units of dogs.

Fourth, in order to make statistical guessing in the cycle difficult, the first diffusion function

Is selected as a function having a good property,

As a bit string

It is possible to uniformly and randomly diffuse the light beams. As a result

The statistical properties existing in units of dogs can be eliminated.

delete

delete

delete

delete

delete

delete

delete

delete

: 암호함수에 이용되는 키로서 랜덤으로 생성되는 것이 바람직하다.

: 개의 자연수.

: 알고리즘 1의 전제조건에 이용되는 값으로서 곱셈값

이다.

입력 :

: 평문 정수열로서 각각

를 만족한다.

: 카운터값으로서

비트 값이다.

: 논스값으로서

비트 값이다. 랜덤으로 생성되는 것이 바람직하다.

출력 :

: 암호 정수열로서 각각

를 만족한다.

단계 :
1. 평문열

을 이용하여 정수

를 계산한다.
2. 알고리즘 1에 대해

,

,

을 입력으로 하여 결과로서 정수

를 얻는다.
3. 정수

로부터 정수열

를 각각

로 계산한다. 여기에서

는 실수

에 대해

보다 크지 않은 최대의 정수이고,

는 정수

와

에 대해

를

로 나눈 나머지값이다.
4. 입력 정수열

전체가 암호화 대상이라면,

를 출력한다. 만약

가 암호화 대상이 아닌 경우에는 정수열

에서

를 제외하여

를 출력한다.

복호화의 경우에는 단계 2에서 알고리즘 1의 암호화 함수 대신 복호화 함수를 이용하면 된다.
상기 알고리즘 2에서와 같이

개의 자연수

를 알고리즘 1의 전제조건

로서 자연수의 곱셈값

을 이용하는 방법과는 달리, 하기 실시예 2 와 같이 알고리즘 1을 이용하는 방법도 있다.

[Algorithm 2]
precondition :

: It is preferable to generate randomly as a key used for a cryptographic function.

: Natural number.

: The multiplication value as a value used in the precondition of Algorithm 1

to be.

input :

: Each of the plaintext constants

.

: As a counter value

Bit value.

: As a nonce value

Bit value. It is preferably generated randomly.

Print :

: As cipher constants, respectively

.

step :
1. Plain column heat

Using an integer

.
2. About Algorithm 1

,

,

As a result,

.
3. Integer

From the heat pump

Respectively

. From here

Is a mistake

About

Is the largest integer not greater than < RTI ID = 0.0 >

Is an integer

Wow

About

To

.
4. Input water heat

If the whole is to be encrypted,

. if

Is not an encryption target,

in

Except

.

In the case of decryption, a decryption function may be used in place of the encryption function of the algorithm 1 in step 2.
As in the algorithm 2

Natural number of

Is the precondition of Algorithm 1

The multiplication value of the natural number

There is also a method using the algorithm 1 as in the second embodiment.

: 암호함수에 이용되는 키로서 랜덤으로 생성되는 것이 바람직하다.

:

개의 자연수.

: 자연수열

를 중복 없는 자연수열

로 고쳐 적었을 때,

에 의해 정의되는 함수. 정의역을

로 하고 치역을

로 한다.

이 결정되는 것으로서 유일하게 결정될 수 있다.

: 함수

의 역상에 의한

의 분할은

개의 집합

으로 구성된다. 각

에 대해서 역상

의 요소수를

라 하였을 때, 역상

의 요소를 크기순으로 나열한 정수열을

라고 썼을 때, 정의역을

로 하고 치역을

로 하는 단사이며 단조증가하는 함수

를 정의할 수 있다.

이 결정되는 것으로서 유일하게 결정 될수 있다. 한편, 정의에 의해 합성함수

는 정의역의 모든 요소를

에 대응시키는 상수 함수이므로,

는 모두

와 같은 자연수이다.

입력 :

: 평문 정수열로서 각각

를 만족한다.

: 논스값으로서

비트 값이다. 랜덤으로 생성되는 것이 바람직하다.

출력 :

: 암호 정수열로서 각각

를 만족한다.

단계 :
1. 각각의

에 대해서 부분 정수열

을 구성한다.
2. 각각의

에 대해서

를 계산한다.
3. 각각의

에 대해 알고리즘 1을 수행한다. 여기에서 전제조건

은

로 한다. 평문은

로 입력하고 카운터값

는

로 입력하며 논스값은

으로 입력하여

개의 암호문

를 얻는다.
4. 각각의

와

에 대해서

를 계산한다. 만약 어떠한

에 대해서 암호화 대상이 아니라면, 각

에 대해서

로 정의한다. 여기에서

는 실수

에 대해

보다 크지 않은 최대의 정수이고,

는 정수

와

에 대해

를

로 나눈 나머지값이다.
5. 각

에 대해서 얻어진 정수열

를 모두 모아 첨자에 의해 정렬을 수행하여

을 얻는다.
6. 정수열

를 출력한다.

복호화의 경우에는, 단계 3에서 알고리즘 1을 수행할 때, 복호화 함수를 이용하면 된다.
상기 알고리즘 2 와 3 에서 가정되어 있는 사항으로서, 형태보존 암호는 임의의 크기를 갖는 수에 대해 적용 가능하다는 것이 있다. 그러나 형태보존 암호가 한번에 처리할 수 있는 수의 크기를 제한하는 것이, 실제 구현상에 있어서는 더 효율적인 구현을 이끌어 낸다.
형태보존 암호가

비트까지 처리할 수 있다고 가정하면, 다음과 같은 방법으로 긴 입력 정수열을 여러 개의 부분 정수열로 나누어 각각에 대해 암호화 및 복호화를 수행할 수 있다.

[Algorithm 3]
precondition :

: It is preferable to generate randomly as a key used for a cryptographic function.

:

Natural number.

: Natural sequence

Natural sequence without redundancy

When you rewrite it,

A function defined by. Domain

And

.

Can be determined solely as being determined.

: function

By the reversed phase of

The division of

A set of

. bracket

Inverse to

The number of elements in

In this case,

A sequence of elements in ascending order of magnitude

When you write,

And

And a monotone increasing function

Can be defined.

Can be determined solely as being determined. On the other hand, by definition,

All elements of the domain

And therefore,

All

Is a natural number.

input :

: Each of the plaintext constants

.

: As a nonce value

Bit value. It is preferably generated randomly.

Print :

: As cipher constants, respectively

.

step :
1. Each

Lt; RTI ID = 0.0 >

.
2. Each

about

.
3. Each

Algorithm 1 is performed. Here,

silver

. The plain text

And the counter value

The

And the nonce value is

By typing

Cipher text

.
4. Each

Wow

about

. If any

Is not an encryption target,

about

. From here

Is a mistake

About

Is the largest integer not greater than < RTI ID = 0.0 >

Is an integer

Wow

About

To

.
5. Each

The obtained pseudo heat

And the alignment is performed by subscripts

.
6. Pump heat

.

In the case of decoding, when performing the algorithm 1 in step 3, a decoding function may be used.
It is assumed in Algorithms 2 and 3 that the shape preservation cipher is applicable for numbers of arbitrary sizes. However, restricting the size of the number of pieces of shape-preserving cipher that can be processed at one time leads to a more efficient implementation in the real world.
Shape preservation password

It is possible to divide a long input sequence into several partial sequences and perform encryption and decryption for each.

: 암호함수에 이용되는 키로서 랜덤으로 생성되는 것이 바람직하다.

:

개의 자연수.

: 정수열.

에서부터

를 만족하도록 순차적으로 선택한다. 자연수열

의 분할에 대한 곱이 앞에서부터 제일 크게 되도록 선택하는 방법을 이용해

에 대해 유일하게 결정할 수 있다.

입력 :

: 평문 정수열로서 각각

를 만족한다.

: 논스값으로서

비트 값이다. 랜덤으로 생성되는 것이 바람직하다.

출력 :

: 암호 정수열로서 각각

를 만족한다.

단계 :
1. 정수열

에서 각

에 대해

를 이용하여 부분 정수열

를 첨자에 의해 선택한다.
2. 각

에 대하여 평문 정수열로서 부분 정수열

를 입력하고, 카운터값으로서

을 입력하고 논스값으로

을 입력하여 알고리즘 2를 수행한다. 알고리즘 2의 출력으로서 암호 정수열

를 얻는다.
3. 각

에 대한 암호 정수열

를 모두 모아 첨자에 의해 정렬하여 정수열

를 얻는다.
4. 정수열

를 출력한다.

[Algorithm 4]
precondition :

: It is preferable to generate randomly as a key used for a cryptographic function.

:

Natural number.

: Integer.

From

Are sequentially selected. Natural sequence

Using the method of selecting the product of the division of

≪ / RTI >

input :

: Each of the plaintext constants

.

: As a nonce value

Bit value. It is preferably generated randomly.

Print :

: As cipher constants, respectively

.

step :
1. Pump heat

In each

About

,

Are selected by subscripts.
2. Each

A partial padded string

And as a counter value,

And enter the value

To perform algorithm 2. As the output of the algorithm 2,

.
3. Each

Ciphers

Are collected and sorted by subscripts,

.
4. Water heat

.

: 암호함수에 이용되는 키로서 랜덤으로 생성되는 것이 바람직하다.

:

개의 자연수. 중복 없는 자연수열

로 고쳐 적을 수 있다.

,

: 알고리즘 3의 전제조건에서와 같이

에 의해 결정되는 함수이다.

:

에 대해 각각 정의되는 정수열.

에서부터

와

를 만족하도록 순차적으로 선택한다. 여기에서

는 역상

의 요소수이다. 자연수열

의 분할에 대한 곱이 앞에서부터 제일 크게 되도록 선택하는 방법을 이용해

에 대해 유일하게 결정할 수 있다.

입력 :

: 평문 정수열로서 각각

를 만족한다.

: 논스값으로서

비트 값이다. 랜덤으로 생성되는 것이 바람직하다.

출력 :

: 암호 정수열로서 각각

를 만족한다.

단계 :
1. 각각의

에 대해서 부분 정수열

을 구성한다.
2. 각각의

와

에 대해서,

개의

를 전제조건의 자연수열로 하고, 부분 정수열

을 평문 정수열로 입력하고

을 카운터로 입력하여 알고리즘 2를 수행한다. 알고리즘 2의 출력으로 암호 정수열

를 얻는다.
3. 각각의

와

에 대한 암호 정수열

를 모두 모아 첨자에 의해 정렬하여 정수열

를 얻는다.
4. 정수열

를 출력한다.

[Algorithm 5]
precondition :

: It is preferable to generate randomly as a key used for a cryptographic function.

:

Natural number. Without duplication Natural sequence

Can be rewritten as.

,

: As in the precondition of Algorithm 3

. ≪ / RTI >

:

A string of integers, each defined for.

From

Wow

Are sequentially selected. From here

Inverse phase

of Number of elements. Natural sequence

Using the method of selecting the product of the division of

≪ / RTI >

input :

: Each of the plaintext constants

.

: As a nonce value

Bit value. It is preferably generated randomly.

Print :

: As cipher constants, respectively

.

step :
1. Each

Lt; RTI ID = 0.0 >

.
2. Each

Wow

about,

doggy

As a natural sequence of preconditions,

Into a plaintext string

Is input to the counter and the algorithm 2 is performed. As the output of Algorithm 2,

.
3. Each

Wow

Ciphers

Are collected and sorted by subscripts,

.
4. Water heat

.

: 암호화 함수에 이용되는 키이다. 랜덤으로 생성되는 것이 바람직하다.

: 문자집합에 속하는 부분 문자집합.

: 각

는 부분 문자집합

의 요소수.

: 부분 문자집합

의 요소를 정수의 부분집합

의 요소에 일대일로 대응시키는 전단사 함수.

입력 :

:

개의 문자로 구성된 문자열로서 각각의 문자

는 어떠한 부분 문자집합의 요소이다.

: 카운터값으로서

비트 값이다. 알고리즘 2를 이용하는 경우에 필요하다.

: 논스값으로서

비트 값이다. 랜덤으로 생성되는 것이 바람직하다.

출력 :

:

개의 문자로 구성된 문자열. 각각의 문자

는 문자

와 동일한 부분 문자집합의 요소이다.

단계 :
1. 입력 문자열

에 대해 각각의 문자가 속하는 부분 문자집합

을 찾는다. 이때, 함수

는 입력 문자열의 첨자 집합

의 요소를 부분 문자집합의 첨자 집합

의 요소에 대응시키며, 문자

는 부분 문자집합

의 요소이다.
2. 각 문자

를 정수

로 변환한다.
3. 알고리즘 2~5 중 하나에 대해서

를 전제조건의 자연수열로 하고, 정수열

을 평문 정수열로 입력하고, 입력된 논스값을 입력하고, 필요한 경우 카운터값을 입력하여 수행한다. 알고리즘의 수행 결과로 암호 정수열

을 얻는다.
4. 암호 정수열

와 역함수

를 이용하여 출력 문자열

을 얻는다.
[Algorithm 6]
precondition :

: This is the key used for the encryption function. It is preferably generated randomly.

: A partial character set belonging to a character set.

: Angle

Is a partial character set

Number of elements in.

: Partial character set

Elements of a subset of integers

One-to-one correspondence of the elements of the shear function.

input :

:

As a string consisting of four characters, each character

Is an element of any partial character set.

: As a counter value

Bit value. This is necessary when Algorithm 2 is used.

: As a nonce value

Bit value. It is preferably generated randomly.

Print :

:

A string of characters. Each character

Character

Is an element of the same partial character set.

step :
1. Input string

The partial character set to which each character belongs

. At this time,

Is a set of subscripts of the input string

Element of a partial character set

To the element of < RTI ID = 0.0 >

Is a partial character set

.
2. Each character

Integer

.
3. For one of the algorithms 2 to 5

As the natural sequence of the prerequisite condition,

Is entered as a plain-text integer, the input nonce value is input, and a counter value is input if necessary. As a result of the algorithm,

.
4. Password cipher

And inverse function

To output string

.

한다.5. Column

do.

The foregoing detailed description is illustrative of the present invention. In addition, the foregoing is intended to illustrate and explain the preferred embodiments of the present invention, and the present invention may be used in various other combinations, modifications and environments. That is, it is possible to make changes or modifications within the scope of the concept of the invention disclosed in this specification, within the scope of the disclosure, and / or within the skill and knowledge of the art. The above-described embodiments illustrate the best mode for carrying out the technical idea of the present invention, and various modifications required for specific application fields and uses of the present invention are also possible. Accordingly, the detailed description of the invention is not intended to limit the invention to the disclosed embodiments. In addition, the appended claims should be construed to include other embodiments.

100: Encryption / decryption system to preserve multiple types
100a: Encryption / decryption system to preserve multiple types
110:
111: partial character set definition unit
112: partial character set encryption / decryption sequence definition unit
113: partial character set character order definition unit
120: character set conversion unit
130: partial character set discrimination unit
140: Encryption / Decryption Unit
150: Format reconstruction unit
160: character set inversion section
170: Setting section
180: a random number bit string generating unit
181: diffusion value generating unit
182: diffusion value encryption unit

Claims (14)

An encryption / decryption system for storing multiple forms,
A pre-processing unit for defining a partial character set used for encryption / decryption at the time of initialization of the encryption / decryption system;
A character set conversion unit for converting an input value input to the encryption / decryption system into a character set for internal processing of the encryption / decryption system;
A partial character set discrimination unit for discriminating the character set converted by the character set conversion unit as a partial character set;
An encrypting / decrypting unit for performing encryption / decryption using shape preserving encryption for each block of the partial character set discriminated by the partial character set discriminating unit;
A format reconstruction unit for reconstructing each block of the partial character set encrypted / decrypted by the encryption / decryption unit; And
And a character set inversion unit for converting the partial character set reconstructed by the type reconstruction unit into an output character set of the encryption / decryption system.
The method according to claim 1,
Wherein the pre-processing unit includes: a partial character set defining unit defining a partial character set including at least once each character for all representable characters;
A partial character set encryption / decryption sequence defining unit for defining an encryption / decryption sequence between partial character sets for each partial character set defined in the partial character set defining unit; And
And a partial character set character sequence defining unit for defining an order of each character belonging to the same partial character set for each partial character set defined in the partial character set defining unit. Encryption / decryption system to preserve.
The method according to claim 1,
Wherein the encryption / decryption system outputs the input value as it is when there is a character which is not included in the partial character set defined by the preprocessing unit.
The method according to claim 1,
Wherein the encryption / decryption unit includes a shape preservation encryption function for converting an input value into a ciphertext / plaintext having a length equal to an input value.
An encryption / decryption system for storing multiple types including an encryption / decryption unit for performing encryption / decryption using shape-preserving encryption for each block of a partial character set,
A setting unit that defines a function used for encryption / decryption at the time of initialization of the encryption / decryption system;
A random number bit string generating unit for generating a random number bit string using the counter value; And
And an encryption unit for generating an encryption value using an input value input to the encryption / decryption system and a random number bit string generated by the random number bit string generation unit. Decryption system.
6. The method of claim 5,
Wherein the setting unit comprises a function providing unit that provides a variable block encryption function, a first spreading function, and a second spreading function to be used in the encryption / decryption system.
The method according to claim 6,
Wherein the variable block cryptographic function includes a message authentication code including a form preserving cryptographic function in which a tweak value is available, a message authentication code including a block cipher or a cipher key.
The method according to claim 6,
Wherein the random number bit string generator comprises: a spread value generator for generating a spread value by applying a spread function to the counter value;
And a spread value encryption unit for encrypting the spread value using the variable block encryption function.
9. The method of claim 8,
Wherein the spread value generation unit sets the combined value of the nonce value and the counter value as a counter value.
9. The method of claim 8,
Wherein the spread value encryption unit transmits the spread value encryption value to the encryption unit when the spread value encryption value belongs to the root zone.
9. The method of claim 8,
Wherein if the spreading value encryption value to which the first spreading function of the spreading value encrypting unit is applied does not belong to the root region,
(a) applying a second spreading function to the spreading factor encryption value,
(b) performing a modulo operation so that the spread value cipher value belongs to a domain,
(c) repeatedly performing variable block encryption of the spread value cipher value until the spread value cipher value belongs to the range,
And transmits a spreading value encryption value belonging to a root region to the encryption combining unit.
9. The method of claim 8,
Wherein the function to be applied to the spread value generator comprises:
An equivalent function that does not change the counter value with respect to the counter value, a function that circulates the counter value as a bit string, a function that changes the order of the partial block, a function that cuts the hash value of the counter value to a desired spread value size, A variable block cipher function using tweaks, a function for sorting the quotient and remainder values by the modulo in accordance with the bit size of the modulo, or a combination function of these functions. .
6. The method of claim 5,
Wherein the encryption combining unit combines the input value with the spreading value encryption value transmitted from the random number bit string generating unit to the encryption combining unit to generate an encryption value.
14. The method of claim 13,
Wherein the encryption / decryption system generates a ciphertext / plaintext by modulo the encryption value so as to belong to a range of the encryption / decryption system.

Images