KR20240057966A - Low Power Encryption Methods and Systems - Google Patents

Abstract

The present invention relates to an encryption method and encryption system that consumes less power while a mobile device is in operation. The encryption method according to an embodiment of the present invention includes the steps of connecting a data link between a mobile device and a repeater, encrypting a key and counter stream to generate at least one encryption block, storing the encryption block, and determining whether the mobile device is in operation. It includes the step of determining, when determining that it is in operation, dividing the data to be encrypted into plaintext blocks of the same size as the encryption block, and encrypting the plaintext block. The encryption system according to the present invention can encrypt data obtained during operation of a mobile device with low power, thereby increasing the operating time of the mobile device and providing high security.

Description

Low Power Encryption Methods and Systems

This invention relates to a low-power encryption method, and more specifically, to a method of generating an encryption block when connecting a data link and encrypting data using a pre-generated encryption block while operating a mobile device.

UAV (Unmanned Aerial Vehicle) began to be developed for military purposes, but thanks to recent technological developments, it has been used in industries such as broadcast filming, communication relay, agriculture, traffic surveillance, disaster response, reconnaissance, delivery, and leisure. The market is rapidly expanding into the private sector. UAVs perform their missions through remote control or automatic control using wireless communication technology, and must continuously communicate with the ground control system to properly perform a given mission, and the reliability of the wireless communication system is very important.

The UAV's wireless communication channel uses a wireless network that is always open, making it highly vulnerable to wireless security attacks. In addition, UAVs are subject to various security threats such as communication hacking, controller hacking, and sensor hacking, and UAVs are in an environment where there is a very high possibility of physically damaging the UAV through hacking or hijacking the UAV and exploiting it for other purposes. .

Regarding wireless communication of UAVs, data link spoofing is a very serious security problem as it can completely take over control of the UAV.

Conventional UAV data link security technology encrypts data using encryption algorithms such as DES (Digital Encryption Standard), AES (Advanced Encryption Standard), ARIA (Academy, Research Institute, Agency), and SEED, and then modifies and modulates the modem. It is implemented in a structure that transmits and receives through . The transmitter encrypts the transmission data, modulates it through a modem, and transmits it wirelessly, and the receiver typically demodulates and decrypts the received data to restore the data.

At this time, the encryption of data is implemented by being built into the data processing unit, which is a modem unit that performs modulation and demodulation in the data link, or is interfaced with a separate external encryption device to encrypt/decrypt the transmitted and received data. In addition, the general encryption key operation method of UAV is to receive the encryption key from a control device that controls the data link or an external storage medium and store it inside the UAV, and the symmetric key method is generally used in which the UAV and the control station or radio station use the same key. am.

Generally, the data transmitted and received in the UAV's data link is UAV Tele-Command (TC), Telemetry (TM), or observation image information from the ground control system. In particular, since TC/TM data has a form that repeats in a certain pattern within the system standard, there is a very high possibility that a third party can infer or estimate the original data when collecting or observing data that is repeatedly transmitted and received over the radio.

The conventional general UAV data link security structure is difficult to maintain a high level of security in terms of the characteristics of transmitted and received data, encryption application method, and key management structure.

In addition, advanced encryption methods have the problem that they consume a lot of power during the encryption process, which is critical to the flight time of the UAV.

One embodiment of the present invention seeks to provide a low-power encryption method and encryption system designed to reduce the amount of power consumed for encryption while operating a mobile device.

However, the technical challenges that this embodiment seeks to achieve are not limited to the above technical challenges, and other technical challenges may exist.

The present invention is intended to achieve the above-mentioned object, and the encryption method according to an embodiment of the present invention includes the steps of connecting a data link between a mobile device and a repeater, encrypting a key and counter stream to generate at least one encryption block, The step of storing the encrypted block is performed, and when it is determined that the mobile device is in operation, the method includes dividing the obtained data into plaintext blocks of the same size as the encrypted block and encrypting the plaintext block.

The encryption method and encryption system according to the present invention can encrypt data obtained during operation of a mobile device with low power, thereby increasing the operation time of the mobile device and providing high security.

Figure 1 is a diagram showing a conventional CTR encryption method.
Figure 2 is a diagram for explaining the operating environment of an encryption system according to an embodiment of the present invention.
Figure 3 is a diagram for explaining the configuration of an encryption system according to an embodiment of the present invention.
Figure 4 is a diagram for explaining the operation of the encryption block generator and storage unit according to an embodiment of the present invention.
Figure 5 is a diagram for explaining the operation of the encryption unit.
Figure 6 is a diagram illustrating a decryption process of an encryption system according to an embodiment of the present invention.
Figure 7 is a flowchart showing the encryption method of the device according to the present invention.

The above-described objects, features and advantages of the present application will become more apparent through the following detailed description in conjunction with the accompanying drawings. However, since the present application can make various changes and have various embodiments, specific embodiments will be illustrated in the drawings and described in detail below.

Like reference numerals throughout the specification in principle refer to the same elements. In addition, components with the same function within the scope of the same idea shown in the drawings of each embodiment will be described using the same reference numerals, and overlapping descriptions thereof will be omitted.

If it is determined that a detailed description of a known function or configuration related to the present application may unnecessarily obscure the gist of the present application, the detailed description will be omitted. In addition, numbers (eg, first, second, etc.) used in the description of this specification are merely identifiers to distinguish one component from another component.

In addition, the suffixes “module” and “part” for components used in the following examples are given or used interchangeably only for the ease of writing the specification, and do not have distinct meanings or roles in themselves.

In the following examples, singular terms include plural terms unless the context clearly dictates otherwise.

In the following embodiments, terms such as include or have mean the presence of features or components described in the specification, and do not exclude in advance the possibility of adding one or more other features or components.

In the drawings, the sizes of components may be exaggerated or reduced for convenience of explanation. For example, the size and thickness of each component shown in the drawings are arbitrarily shown for convenience of explanation, and the present invention is not necessarily limited to what is shown.

If an embodiment can be implemented differently, the order of specific processes may be performed differently from the order described. For example, two processes described in succession may be performed substantially simultaneously, or may proceed in an order opposite to that in which they are described.

In the following embodiments, when components are connected, this includes not only the case where the components are directly connected, but also the case where the components are indirectly connected by intervening between the components.

For example, in this specification, when components, etc. are said to be electrically connected, this includes not only cases where the components are directly electrically connected, but also cases where components, etc. are interposed and indirectly electrically connected.

In this specification, 'mobile device' refers to all devices that communicate while moving, and specifically includes two-wheeled vehicles, passenger cars, vans, special vehicles, agricultural machinery, urban air mobility, drones, and robots. Additionally, these mobile devices include an encryption system and require a process of encrypting and transmitting the acquired data, or receiving and decrypting the encrypted data.

Figure 1 is a diagram illustrating an encryption algorithm called conventional counter mode (CTR). Referring to FIG. 1, the counter mode is configured to use nonce and counter values. A nonce refers to a random value exchanged between communication devices during the key exchange process. In a general case, the nonce and counter are set to 96 bits and 32 bits, respectively. The nonce remains the same when generating an encryption block stream (key stream), but the counter uses a different value for each individual key stream. Generally, the counter uses a value incremented by 1 for each key stream.

Hereinafter, embodiments of this invention will be described in more detail with reference to the attached drawings.

The encryption system according to the present invention encrypts and stores counter-based data when the mobile device is charging or when a data link is connected, and when the mobile device is actually in operation, the obtained data is encrypted using a pre-generated encryption block and a simple operation. It is designed to minimize power consumption when the mobile device is in operation. The present invention appears to be particularly useful in mobile devices that need to minimize power consumption while moving, such as drones, electric vehicles, and robots.

Figure 2 is a diagram for explaining the operating environment of an encryption system according to an embodiment of the present invention. Referring to FIG. 2, the encryption system of the mobile device according to an embodiment of the present invention is connected to the control system through a wired or wireless communication network. The encryption system of the mobile device can exchange keys with the control system or receive and decrypt encrypted data from the control system, and can encrypt and control externally acquired data, data generated from the mobile device, or data stored in advance. It can be sent to the system.

Figure 3 is a diagram for explaining the configuration of an encryption system according to an embodiment of the present invention. Referring to Figure 3, the encryption system 100 of the present invention includes a communication unit 110, a determination unit 120, a data acquisition unit 130, an encryption block creation unit 140, a storage unit 150, and an encryption unit. (160) and may include a tag unit (170).

The encryption system 100 may communicate with a control system or another encryption system through the communication unit 110. The communication unit 110 can connect to a network to transmit and receive various data. The communication unit 110 may largely include a wired type and a wireless type. Since the wired type and the wireless type each have their own advantages and disadvantages, in some cases, the encryption system 100 may be provided with both the wired type and the wireless type at the same time. Here, in the case of the wireless type, a WLAN (Wireless Local Area Network) type communication method such as Wi-Fi can be mainly used. Alternatively, in the case of the wireless type, cellular communication, for example, LTE, 5G, and 6G communication methods can be used. However, the wireless communication protocol is not limited to the above-described example, and any appropriate wireless type of communication method can be used. In the case of the wired type, LAN (Local Area Network) or USB (Universal Serial Bus) communication are representative examples, but other methods are also possible.

The encryption system 100 may obtain encrypted mobile device control information from the control system 300-n through the communication unit 110. In addition, the encryption system 100 can communicate with the encryption system 100-n of another mobile device through the communication unit 110 and obtain the encrypted location information, movement information, etc. of the other mobile device. . In addition, the encryption system 100 can transmit encrypted mobile device location information, movement information, and acquisition information to the control system 300-n through the communication unit 110, and the encryption system 100 of another mobile device -n) Encrypted mobile device location information, movement information, and acquisition information can be transmitted.

The determination unit 120 of the encryption system 100 determines whether the encryption system 100 or the mobile device is in operation. According to another embodiment of the present invention, the determination unit 120 of the encryption system 100 determines whether the encryption system 100 or the mobile device is charging. According to one embodiment of the present invention, the operation of the encryption system varies depending on whether the encryption system or the mobile device is in operation, and the determination unit 120 can determine whether the encryption system or the mobile device is charging or operating. . The determination unit 120 may determine whether the encryption system or the mobile device is charging or operating in a physical manner or in a non-physical manner.

The data acquisition unit 130 of the encryption system 100 acquires data to be encrypted. More specifically, the data acquisition unit 130 may include various measuring devices such as various sensors including LIDAR, GPS sensors, speedometers, cameras, and infrared cameras. According to a specific embodiment of the present invention, the data acquisition unit 130 may acquire video and image information around the encryption system through a camera, lidar sensor, etc. Additionally, the data acquisition unit 130 may acquire movement information, location information, etc. of the mobile device using a GPS sensor, speedometer, etc. That is, the data acquisition unit 130 can acquire data to be encrypted through various types of sensors. In addition, the data acquisition unit 130 may acquire data to be encrypted previously stored in the storage unit 150. That is, the data to be encrypted includes data acquired externally through the data acquisition unit and data previously stored in the storage unit 150.

Figure 4 is a diagram for explaining the operation of the encryption block generator 140 and the storage unit 150 according to an embodiment of the present invention.

Referring to FIG. 4, the encryption block generator 140 can generate at least one encryption block by encrypting the key and counter stream when the mobile device is connected to the data link.

The encryption block generator 140 of the encryption system 100 encrypts the key and counter stream to generate at least one encryption block. More specifically, the counter stream input to the encryption block generator 140 means a value that is a combination of a nonce and a counter. The nonce refers to a random value exchanged between the encryption system and the control system during the key exchange process, and the counter refers to a number that sequentially increases from 1 according to the bit size. The encryption block generator 140 can ensure that the values of the encryption blocks generated by encrypting the counter stream and the key all have different values. The encryption block generator 140 can encrypt the counter stream using a block cipher engine.

According to another embodiment, the encryption block generator 140 may generate an encryption block when the determination unit 120 determines that the mobile device is charging.

The storage unit 150 of the encryption system 100 refers to a configuration for storing one or more encryption blocks generated through the encryption block generation unit 140 as a vector array. The storage unit 150 stores encryption blocks as a vector array to further improve the speed of selecting encryption blocks in the future.

Figure 5 is a diagram for explaining the operation of the encryption unit 160.

The encryption unit 160 of the encryption system 100 is configured to encrypt acquired data. More specifically, the encryption unit 160 may encrypt data obtained from the data acquisition unit 130.

The encryption unit 160 may divide the data obtained from the data acquisition unit 130 into a certain size. If necessary, the encryption unit 160 may divide the obtained data into plaintext blocks of the same size as the encryption blocks. According to one embodiment of the present invention, the encryption unit 160 can divide the obtained data into n plaintext blocks, and repeat the step of encrypting the plaintext blocks n times to encrypt all n plaintext blocks. (n is an integer).

The encryption unit 160 can generate a random initial vector (IV) and use it to encrypt data. The encryption unit 160 can improve the security of the encryption system by encrypting data using a random initial vector so that when data with the same content is encrypted and transmitted in different packets, they have different values. Referring to FIG. 5, the encryption unit 160 may generate a random initial vector and encrypt the value obtained by merging the initial vector with the counter with a key to obtain a first initial counter block and a second initial counter block.

More specifically, the encryption unit 160 obtains a first initial counter block by encrypting the value merged with the initial vector and the counter (00000001) with the key, and encrypts the value merged with the initial vector and the counter (00000002) with the key. Thus, the second initial counter block can be obtained. That is, the encryption unit 160 can obtain a first initial counter block and a second initial counter block by encrypting the initial vector and the merged value of the two different counters with each key.

At this time, the encryption unit 160 may perform encryption using a block cipher engine. The reason for producing multiple initial counter blocks is to increase the complexity of encryption. If necessary, the encryption unit can obtain three or more initial counter blocks.

The encryption unit 160 can select one of the stored encryption blocks using the first initial counter block and operate it with the plaintext block to encrypt the plaintext block.

More specifically, the encryption unit 160 can select one of the encryption blocks stored in the storage unit using the first initial counter block. The encryption unit 160 may encrypt the plaintext block by calculating the value calculated from the selected encryption block and the second initial counter block with the plaintext block. If necessary, the operation performed in the encryption unit may be an XOR operation.

The encryption unit 160 can encrypt a plurality of plaintext blocks. More specifically, the encryption unit 160 can select one of the stored encryption blocks using the first initial counter block, which is referred to as the first encryption block. The encryption unit 160 may perform a first operation on the first encryption block with the second initial counter block and perform an operation on the first operation value with the first plaintext block to encrypt the first plaintext block.

The encryption unit 160 can select one of the stored encryption blocks using the encrypted first plaintext block, which is called a second encryption block. The encryption unit 160 may perform a second operation on the second encryption block with the second initial counter block and perform a second operation on the second plaintext block to encrypt the second plaintext block.

The encryption unit 160 can encrypt the M plaintext block. The encryption unit 160 can select one of the stored encryption blocks using the encrypted M-1 plaintext block, which is called the M-th encryption block. The encryption unit 160 may perform the M operation on the M encryption block with the second initial counter block, and operate the M operation value with the M plain text block to encrypt the M plain text block (M is an integer, 2< M≤n).

The encryption unit 160 may perform first to nth operations, which may be XOR operations.

When encryption of the n-th plaintext block is completed, the tag unit 170 may generate an authentication tag to verify the integrity of the encrypted data. The tag unit 170 generates an authentication tag using the general technology of GCM (Galois/Counter Mode), and a detailed description thereof will be omitted.

Figure 6 is a diagram illustrating the decryption process of the encryption system 100 according to an embodiment of the present invention. The encryption unit 160 can obtain plaintext by interpreting the encrypted network packet received from the control system or another encryption system. However, since the decryption process is carried out by reversing the encryption process, a detailed explanation thereof will be omitted.

Hereinafter, an encryption method for a device according to another embodiment of the present invention will be described.

Figure 7 is a flowchart showing the encryption method of the device according to the present invention.

Referring to FIG. 7, the encryption method of the device includes the steps of connecting the data link of the mobile device, encrypting the key and counter stream to create an encryption block, and storing the encryption block. When it is determined that the mobile device is in operation, , It may include dividing the obtained data into plaintext blocks of the same size as the encryption blocks, and encrypting the plaintext blocks.

Data links in flight systems such as UAVs control the aircraft and on-board equipment through wireless data communication between the ground equipment and the aircraft, and transmit mission video information obtained from the aircraft and status information on the on-board equipment to the ground to facilitate various missions. It is a system that supports this and can be composed of an aircraft data communication device, a ground repeater, and a ground control device data communication device.

The data link connection step (S2100) of the mobile device refers to the step of connecting the mobile device to communicate with ground equipment and a ground repeater. Since this is the same as the conventional data link connection step, detailed description thereof will be omitted.

When the mobile device is connected to the data link, the device can generate at least one encryption block by encrypting the key and counter stream (S2200). The counter stream is a combined value of a nonce and a counter, and the device can generate a plurality of encryption blocks by encrypting the key and counter stream. If necessary, the device can use a block cipher engine to generate an encryption block that encrypts the key and counter stream.

In the encryption block storage step (S2300), the device may store at least one generated encryption block as a vector array. The device can reduce future power consumption by pre-executing the high-power consumption steps of the encryption process when the mobile device is connected to the data link. The device can improve the selection speed of encryption blocks in subsequent steps by vectorizing and storing encryption blocks.

If necessary, the device can acquire data to be encrypted (S3100) if it is determined that the mobile device is in operation. More specifically, the device may include various sensors including GPS sensors, speedometers, etc., measuring devices, cameras, etc., and may obtain various types of data from these. Additionally, the device can obtain data to be encrypted stored in the storage unit. In other words, the data to be encrypted includes both data acquired externally by the device and data previously stored in the storage unit.

The device may encrypt the acquired data if it determines that the mobile device is in operation. More specifically, the device can encrypt data through the step of dividing the acquired data (S3200) and encrypting the plaintext block (S3300).

In the acquired data division step, the device may divide the acquired data into plaintext blocks of the same size as the encryption blocks. More specifically, the device can select only the part containing the data to be transmitted among the acquired data and divide it into plaintext blocks of the same size as the encrypted blocks. The device can obtain a plaintext block by extracting and dividing only data acquired from a specific sensor among the acquired data, or extracting and dividing only data acquired at a specific time.

In the encryption phase, the device can generate random initial vector (IV) values. The device can generate an initial counter block by encrypting the value of merging the initial vector with the counter with a key. At this time, the device can perform encryption using a block cipher engine. If necessary, the device may generate at least one initial counter block. The device may select one of the encryption blocks using the first initial counter block and operate it with the plaintext block to encrypt the plaintext block.

According to the present invention, as the number of initial counter blocks generated by the device increases, the encryption system can have better security, while the power consumption used for encryption increases, so the number of initial counter blocks can be adjusted as needed. can be selected appropriately.

According to a specific embodiment of the present invention, the device can encrypt a random initial vector (IV) to obtain a first initial counter block and a second initial counter block, that is, two initial counter blocks.

The device is capable of encrypting multiple plaintext blocks.

The method for encrypting two plaintext blocks is as follows.

In the step of encrypting the plaintext block, the device encrypts the value of merging the initial vector (IV) with the counter with the key to obtain a first initial counter block and a second initial counter block, and uses the first initial counter block to The first encryption block can be selected. The device may perform a first operation on the first encryption block with the second initial counter block and operate the first operation value with the first plaintext block to encrypt the first plaintext block.

The device selects a second encryption block using the encrypted first plaintext block, performs a second operation on the second encryption block with the second initial counter block, and operates the second operation value with the second plaintext block to generate the second plaintext. Blocks can be encrypted.

The device may repeatedly perform the encryption step, the calculation step, and the encryption step. More specifically, the device can encrypt the Mth plaintext block (2<M≤n, where M,n is an integer).

The device selects the M encryption block using the encrypted M-1 plaintext block, performs the M operation on it with the second initial counter block, and operates the M operation value with the M plaintext block to create the M plaintext block. It can be encrypted. At this time, the operation may be an XOR operation.

The device can encrypt plaintext blocks by repeating calculation and encryption. The device can encrypt all of the acquired data by repeating the calculation and encryption steps as many times as the number of divided plaintext blocks.

If all data is encrypted, the device can acquire new data or end encryption. When new data is acquired, the device may generate a new random initial vector value and repeatedly proceed with the encryption step from the data acquisition step.

According to another embodiment of the present invention, the device encryption method includes the steps of determining whether the mobile device is charging, if it is determined that the mobile device is charging, generating an encryption block by encrypting the key and counter stream, and storing the encryption block. If it is determined that the mobile device is not charging, it may include a data acquisition step, dividing the obtained data into plaintext blocks of the same size as the encryption block, and encrypting the plaintext block.

In the step of determining whether the mobile device is charging, the device may determine whether the mobile device is charging. The device can determine whether power is supplied to the mobile device from outside using physical or non-physical methods. Since the following steps are the same, detailed description thereof will be omitted.

According to another embodiment of the present invention, the present invention may include an encryption program stored in a computer-readable medium to execute the encryption method described above.

The encryption system and encryption method according to the present invention allows the device to perform a process with high power consumption when connected to a data link, and only performs simple calculations when the device is in operation, thereby reducing power consumption during operation of the mobile device. A high level of security was maintained.

The features, structures, effects, etc. described in the embodiments above are included in at least one embodiment of the present invention and are not necessarily limited to only one embodiment. Furthermore, the features, structures, effects, etc. illustrated in each embodiment can be combined or modified and implemented in other embodiments by a person with ordinary knowledge in the field to which the embodiments belong. Therefore, contents related to such combinations and modifications should be construed as being included in the scope of the present invention.

In addition, although the above description focuses on the embodiment, this is only an example and does not limit the present invention, and those skilled in the art will be able to understand the above without departing from the essential characteristics of the present embodiment. You will see that various modifications and applications not illustrated are possible. In other words, each component specifically shown in the embodiment can be modified and implemented. And these variations and differences in application should be construed as being included in the scope of the present invention as defined in the appended claims.

100: Encryption system 110: Department of Communications
120: judgment unit 130: data acquisition unit
140: encryption block generation unit 150: storage unit
160: Encryption unit 170: Tag unit

Claims (16)

In the encryption method,
A data link connection step of the mobile device;
Encrypting the key and counter stream to generate at least one encryption block;
storing the encryption block;
determining whether the mobile device is in operation;
If it is determined that it is in operation, dividing the encryption target data into plaintext blocks of the same size as the encryption blocks;
Including, encrypting the plaintext block,
Encryption method.
According to claim 1,
The step of encrypting the plaintext block is,
generating a random initial vector (IV);
generating a first initial counter block by encrypting a value obtained by merging the initial vector with a counter and the key;
selecting one of the stored encryption blocks using the first initial counter block;
Comprising the step of encrypting the plaintext block by operating the selected encryption block with the plaintext block,
Encryption method.
According to claim 1,
Further comprising: determining whether the mobile device is charging,
If it is determined that the mobile device is charging,
Encrypting the key and counter stream to generate at least one encryption block;
Proceed with the step of storing the encryption block,
If it is determined that the mobile device is not charging,
Obtaining data to be encrypted;
Splitting the obtained data into plaintext blocks of the same size as the encryption blocks;
Comprising: encrypting the plaintext block,
Encryption method.
According to clause 2,
The step of encrypting the plaintext block is,
Obtaining a first initial counter block and a second initial counter block by encrypting a value obtained by merging the initial vector (IV) with a counter with the key;
selecting a first encryption block using the first initial counter block;
A first operation step of calculating the first encryption block with a second initial counter block;
Computing the first operation value with a first plaintext block to encrypt the first plaintext block;
selecting a second encryption block using the encrypted first plaintext block;
a second operation step of calculating the second encryption block with the second initial counter block;
Encrypting the second plaintext block by calculating the second operation value with the second plaintext block.
According to clause 4,
The division step is,
Splitting the obtained data into n plaintext blocks of the same size as the encryption block,
The step of encrypting the plaintext block is,
It includes the step of encrypting the M plaintext block,
The step of encrypting the M plaintext block is,
selecting an M-th encryption block using the encrypted M-1 plaintext block;
an M-th operation step of calculating the M-th encryption block with the second initial counter block;
Encrypting the M-th plaintext block by operating the M-th operation value with the M-th plaintext block (2<M≤n, M,n is an integer);
An encryption method comprising:
According to clause 5,
Further comprising: generating an authentication tag to verify the integrity of the encrypted data,
Encryption method.
According to clause 6,
The encryption block creation step is,
Generating the encryption block using a block cipher engine,
Encryption method.
According to clause 7,
The above calculation is,
Characterized by an XOR operation,
Encryption method.
An encryption system that performs encryption, comprising:
A communication unit 110 that transmits and receives data through a network;
A determination unit 120 that determines whether the mobile device is in operation;
a data acquisition unit 130 that acquires data from the outside;
An encryption block generator 140 that generates at least one encryption block by encrypting a key and a counter stream when connecting the data link of the mobile device;
A storage unit 150 that stores the encryption block;
When the determination unit 120 determines that the mobile device is in operation,
Including an encryption unit 160 that encrypts the data acquired through the data acquisition unit 130,
Encryption system.
According to clause 8,
The encryption unit 160,
Splitting the obtained data into plaintext blocks of the same size as the encryption blocks,
The value obtained by merging the randomly generated initial vector (IV) with the counter is encrypted with the key to obtain the first initial counter block and the second initial counter block,
Select one of the encryption blocks stored in the storage unit 150 using the first initial counter block,
Characterized in encrypting the plaintext block by calculating a value obtained by calculating the second initial counter block and the selected encryption block with the plaintext block,
Encryption system.
According to claim 10,
The encryption unit 160,
Select a first encryption block using the first initial counter block, perform a first operation on the first encryption block with the second initial counter block, and operate the first operation value with the first plaintext block to obtain a first plaintext block. Encrypt it,
Select one of the encryption blocks using the encrypted first plaintext block, perform a second operation on it with the second initial counter block, and operate the second operation value with the second plaintext block to create a second plaintext block. encrypted,
Encryption system.
According to claim 11,
The encryption unit 160,
The data acquired through the data acquisition unit 130 is divided into a certain size to generate n plaintext blocks,
Select the M encryption block using the encrypted M-1 plaintext block, perform the M operation on the M encryption block with the second initial counter block, and calculate the M operation value with the M plaintext block. Decrypt M to encrypt the plaintext block (2<M≤n, M,n is an integer),
Encryption system.
According to claim 12,
The above calculation is,
Characterized by an XOR operation,
Encryption system.
According to claim 13,
The encryption block generator 140,
Characterized by encrypting the counter stream using a block cipher engine,
Encryption system.
According to claim 14,
Further comprising a tag unit 170 that generates an authentication tag to verify the integrity of the encrypted data,
Encryption system.
An encryption program stored in a computer-readable medium for executing any one of the methods of claims 1 to 8.