LT5901B - Method of the preservation of the safe state of safety related electronic systems with composite fail-safety, especially on the railways, when creating fingerprints - Google Patents

Abstract

The invention relates to a method of the preservation of the safe state of safety related electronics systems with composite fail – safety, especially on the railways, during the creation of fingerprints, where at least two units create fingerprints together, whereas none of them allows the creation of such fingerprint. The process of the fingerprint creation is decomposed into sequences of the creation of partial fingerprints in the specified time succession, the result of which is the original fingerprint, and if a failure is detected in some of the cooperating unit units, the faultless unit cooperating with the faulty unit will refuse to create the partial fingerprint, which will disable the creation of the original fingerprint.

Description

A method of preserving security-related electronic systems consisting of composite fault-tolerant modules, in particular used in railway systems during fingerprinting.

TECHNICAL FIELD

The present invention relates to methods which describe security solutions consisting of electronic systems consisting of composite fault-tolerant modules, which are particularly applicable in railway systems during fingerprinting.

TECHNICAL LEVEL

From a general point of view, the highest level of resilience of essential applications can be divided into technical and functional resilience. Functional resilience in railway safety technologies is primarily related to traffic safety algorithms, which reduce the risks posed mainly by the resilience of the installation itself, especially in connected rail infrastructure (eg track circuits, semaphore, spikes, etc.). On the other hand, technical resilience focuses on the risks that arise mainly from the failure modes of the resilience installation itself. Thus, in terms of technical resilience, the design of such installations must take into account the effect of failure modes on the functioning of the resilient installation itself in providing resistance. With respect to the impact of individual failure modes, it is necessary to ensure that systems with higher resilience requirements remain resilient to any eventual hardware accidental failure condition. This principle is called "fault tolerant" and there are several ways to achieve this, including intrinsic fault tolerance, composite fault tolerance, and reactive fault tolerance. According to the principle of self-resistance, failure resistance is ensured by the fact that failure of any probable device (installation) does not destroy the resistance. Faults shall be resolved, for example, by the physical characteristics of the components used and their connection. In this case, the coping of the fault (detection and removal) is essentially provided by the laws of physics.

On the other hand, complex and reactive resistance uses detection to achieve resistance and thus prevent hazards. Compound

-2 In the case of fault tolerance, faults are detected by voting. In the case of reactive resistance, fast and reliable detection is guaranteed by a dedicated device for this purpose. However, this special device does not directly perform the resistance function but merely oversees the proper performance of the resistance function performed by the parent (functional) device. When a dedicated unit detects that the parent unit is no longer performing the resiliency function, the dedicated unit ensures that the system with higher resistance requirements switches to a resilient state. With some simplification, it could be said that the principle of voting for composite failure is replaced by detection by a special reactive immunity device. The current high-risk resilience installations typically use all three principles, and in some cases it is very difficult to decide which one is related.

In the case of composite fault tolerance, the resilience function (traffic safety algorithms) is performed by more than one device (installation) or part of the installation together with other devices. In this case, independent devices make majority decisions, voting on their outputs and functions. For example, the decision is made by two out of two, two out of three, three out of five devices, and so on. A resilient installation may be, for example, the ETCS (European Train Control System) radio block center, which generates commands for trains via GSM by two out of three devices in the system (deciding on their function outputs by majority). Because of the likelihood of a GSM connection being attacked, it is necessary to use cryptographic protection using a DĖ (data encryption standard) block cipher. In the case of composite failure technology, it is necessary that a dangerous failure condition in one device be detected and rectified within a time sufficient to prevent the same failure condition in the other device. It is imperative that the fault condition be resolved faster than the selected detection mode (vote) will fail due to further gradual system failure.

One of the important procedures to ensure the operation of the composite fault tolerance principle is the process of eliminating the fault detected. Usually, irreversible disconnection of a malfunctioning device is used to stop it from working. Because powering off the unit usually requires disconnecting the power supply, there may then be some issues when restarting the system normally. Another often

-3Used method - isolation of a malfunctioning component, for example, a malfunctioning device is disconnected functionally and hardware is not required. One possibility to implement this approach is the availability of resilience-relevant information to perform resilience-critical activities, such as conducting selected communications between resilience installations. The common component that messages must contain is the security code, which is part of the message that accompanies the transmitted data to verify its integrity and authenticity. The security code may be cryptographic or non-cryptographic. In the document CZ 296129, the security code form is adapted for the purpose of composite fault tolerance, but this solution is suitable for some cyclic codes and cannot be used for linear or cryptographic codes. This is why it is not suitable for transmission systems where the attack on the information being transmitted (i.e., in particular by altering its content or authenticity) cannot be excluded. The procedure described in DE 102007032805A1 may be used to calculate the cryptographic security code, but only for a specific composition. This is for a limited number of security codes, which limits its use. The object of the present invention is a process that can be adapted to virtually any type of security code (hereinafter referred to as data fingerprint).

THE SUBSTANCE OF THE INVENTION

The present invention relates to a method of preserving security-related electronic systems consisting of composite fault-tolerant modules, particularly in rail systems during fingerprinting, where at least two devices together form a fingerprint, since neither of them individually allows such fingerprinting. . The invention is based on the fact that the fingerprinting process is broken down into sequences of partial fingerprinting within a specified time interval, resulting in an initial fingerprint, and when a malfunction is detected in one of the interoperable devices, of the original fingerprint. Therefore, the initial fingerprint can only be formed from devices without any fault sequence. The resilience system incorporating the above-mentioned devices may be the center of a radio communication unit for radio control of trains.

- 4 Fingerprinting is the result of a function from which a given source data (input information) generates a sample of characteristic data to a source data using a defined specific reduction. For example, such a function can be created using a cyclic code where the fingerprint is the remainder after the input information has been shared by the cyclic code generating polynomial. This fingerprint is then used, for example, to verify the integrity or authenticity of the data.

In the case of linear codes, when the fingerprint is formed using a generating matrix, the resulting partial fingerprint is formed as a part of the initial fingerprint, in which the reverse is divided into partial strokes, thereby creating partial transformations that will form the initial fingerprint of the resulting partial fingerprint. For this purpose, the columns of the generating matrix are rearranged.

If a block cipher is used to initialize the CBC-MAC data fingerprint, the block cipher is modified so that the partial fingerprint obtained by the CBC method differs from the original CBC-MAC data fingerprint and the original CBC-MAC data fingerprint the imprint is formed by additional partial transformations of the resulting partial fingerprint.

If a DĖ (data encryption standard) block cipher is used, with the input data input, the encryption part, and the reverse output reset of the encrypted data block, this reverse output is decomposed into partial resets, which creates partial transformations for the initial fingerprint of the resulting fingerprint. prints.

If an AES (Advanced Encryption Standard) block cipher is used that counts blocks (rounds) using a specific key for each round, a different key is added to the encrypted data from the source data block in each round, and the last round key is added to the first CBC method count step a round key, this ensures the difference between the received partial fingerprint and the original fingerprint; the resulting fingerprint

-5final partial transformation is changed to the form where it is the initial fingerprint, and the reverse is split into partial transforms that transform the partial fingerprint to the original fingerprint.

In the case of linear codes, where the fingerprint is generated using a generating matrix, the fingerprint verification is performed by an incoming partial fingerprint which, in a flawless authentic message, coincides with an inbound fingerprint and is obtained when the devices interact. If a multiple polynomial verification system is used with a minimum common multiple of the generating cyclic security code polynomial, then these multiple polynomials are used for integrity and authentication purposes.

If a DĖ block cipher is used, the reverse CBC-MAC data fingerprint verification uses a reverse process of three mutually distinct keys K _s i, K _S 2, K _S 3, whereby the resulting initial CBC-MAC data fingerprint is first decrypted using the third key K _S 3 and then encrypted using the second key K _S 2; if the fingerprint being verified is authentic and seamless, the result of these operations is equivalent to the fingerprint of the message generated by the first key K _s1 .

If an AES block cipher is used, the reverse CBC-MAC data fingerprint verification uses a reverse process, in which the resulting initial CBC-MAC data fingerprint is first decrypted, then the last data block is decrypted by XOR and goes back to the first data block; if the message is authentic and seamless, the result of the calculation is equal to the initialization vector.

Compared to the known prior art solutions, the main advantage of this method of preserving the resilient state in the event of security-related electronic fingerprint module composite failures, provided by the present invention, is that this technique does not require special hardware for comparing or voting, which would otherwise be required to implement the principle of self-resistance. This procedure

-6 allows to simplify hardware design, reduce costs, and increase reliability of electronic systems related to resistance.

BRIEF DESCRIPTION OF THE DRAWINGS

1-9 illustrate embodiments of the present invention, which will be described in more detail below.

The binary (n, k) linear system block code consists of k information bits (information part) and c = n-k control bits (control part), which are arranged in the received message as shown in FIG. 1 in the diagram below.

If a block cipher is used to initialize the CBC-MAC data fingerprint, the block cipher is modified so that the partial fingerprint obtained by the CBC method differs from the original CBC-MAC data fingerprint and the original CBC-MAC data fingerprint the imprint is formed by additional partial transformations of the partial fingerprint. The initial CBC-MAC computation process using the DES block cipher is shown in FIG. 2 in the diagram below.

The CBC-MAC calculation method described below is based on the fact that the inversion of the input set-point IP for the DES block cipher is not known in any device, so that a correct result requires pairs of devices to generate the required transformation by interacting with each other. 3. An initial diagram for calculating the block code of DĖ is given in FIG. 4. As with DĖ, the AES block cipher is also executed in rounds as shown in FIG. 5 illustrates the computational structure of an AES block cipher.

Depending on the key length (128, 192 and 256 bits), the corresponding number of cycles is executed (# = 10, 12 and 14 rounds). Before and after each round, the corresponding part of the expanded key (code) is subjected to an XOR operation, after which the processed code acquires the status information value. Since the CBC-MAC calculation is also based on the XOR operation, it is possible to take advantage of the commutativity of this operation and rearrange the CBCMAC calculation so that the last 16B of the extended key is pre-applied to the XOR operation of the key 16B. The numerical change is shown in FIG. 6 (initial) and FIG. 7 (new).

-7When a DĖ block cipher is used, the process of verifying the initial CBC-MAC data fingerprint may also involve a process that does not use its recovery (which is a commonly recommended method). This process is based on a reverse procedure, where the initial CBC-MAC data fingerprint is formed using three different keys. In the resulting telegram you need to decrypt (D) CBC-MAC using the third key K _S 3, then encrypt (E) using the second key ks2. then make sure that the result matches the fingerprint of the message generated with the first key K _s i (see Fig. 8).

Next, FIG. The diagram in Figure 9 depicts a valid message fingerprinting system for verifying its integrity and authenticity, which always requires the interaction of two devices.

PREFERRED EMBODIMENTS

The combined fault-tolerance of electronic systems related to railway safety implies the principle of maintaining their safety when more than one device interacts with other independent devices to perform the resistance function. For example, if independent devices decide on the performance of their functions on a majority basis, i.e., two out of two, two out of three, three out of five, and so on.

In the following text, the method of preserving electronic systems consisting of composite fault-tolerant railway-related modules during fingerprinting will be described by analyzing the cases where there are linear codes and DES (data encryption standard) and AES (advanced encryption standard) block ciphers that form initial CBC-MAC data fingerprint by CBC (Encryption Block Lock) and modifies the block cipher so that the resulting partial CBC-MAC data fingerprint is different from the original CBC-MAC data fingerprint, partial fingerprint transformations. This fingerprint is the result of a function from which a given source data generates a sample of characteristic data in a specific reduction defined by the source data. The purpose of this fingerprint is, for example, to verify the integrity or authenticity of the data

-8Line code is defined by a generating matrix describing the transformation of source data into a fingerprint. As mentioned above, fingerprinting is the result of a function that generates a sample of characteristic data from a given source data by means of a specific reduction defined for the source data and, for example, to verify data integrity. In the following paragraphs, we will consider a binary (n, k) linear system block code consisting of k information bits (information part) and c = n-k control bits (control part), which are arranged in the received message as shown in FIG. 1 in the diagram below.

The binary (n, k) linear (block) system code is described in detail by a generating binary matrix of the following form. Each vector of bit c in line B, · is a corresponding contribution to the checksum if bit i of the message is not null.

'i o ··· oą '1 0 ··· QB _x p- G = [£, £] = 0 1 ··· qb ₂ «· · · · m = [e, bp] = 0 1 ··· qb ₂ p 0 0 - 1B _ 0 0 ··· lB _n P

If the required P shift is performed on the B, · line bits of the B matrix, then the new generating M matrix forms a fingerprint in which the bits are mixed accordingly. Thus, the resulting partial fingerprint is formed by the M matrix such that it is a displacement of the initial fingerprint determined by the P displacement matrix. In terms of coding theory, this is the equivalent linear code in this case. Then multiplication of systematic binary code by generating M matrix implies applying XOR operation to S; for the addition of vectors to the control. Thus, from the generating M matrix, the calculation only needs to leave the BP matrix. The P resets required for device interactions are part of the information in the data structure, which is identified as a restart tag. The procedures for working with the restart tag (resistance relevant information) are described in detail in patent document CZ 298373.

- 9 Since all cyclic codes are linear, the procedure described above can also be used for all cyclic codes created on second characteristic (GF (2 ^m )) algebraic bodies. All of these codes can be understood as binary linear codes. This group of cyclic codes includes all currently adopted resistance codes for relevant applications of railway safety equipment.

If a block cipher is used to initialize the CBC-MAC data fingerprint, the block cipher is modified so that the partial fingerprint obtained by the CBC method differs from the original CBC-MAC data fingerprint and the original CBC-MAC data fingerprint the imprint is formed by additional partial transformations of the partial fingerprint.

The initial CBC-MAC computation process using the DES block cipher can be seen in FIG. 2 in the diagram below.

The calculation of the initial CBC-MAC data fingerprint is initiated by applying the XOR operation to the first 64-bit data block with the initialization vector. Block (cipher data encryption standard) block ciphers with a Ksi key are used to work with the result when the input reset is first used in the calculation of the DSI, and a reverse reset is used after the encryption process itself. An additional 64-bit data block is added to the result obtained by the operation XOR and the computation proceeds in a similar manner. If the increment in the DES algorithm is decomposed into factors prior to the XOR operation, a process is performed in which the computation of one increment (reciprocal increment) is skipped at each step. The reversal is used only once at the end of the calculation.

The method of calculating the CBC-MAC described below is based on the fact that the reverse of the input switch IP DES block cipher is not known on any device and therefore, to achieve the correct result, interactions between pairs of devices will occur which will produce the required transformation in mutual interaction. 3. An initial calculation diagram of the DĖ block cipher is shown in FIG. 4.

-10AES (Advanced Encryption Standard) block cipher calculation (encryption and decryption) scheme has several fundamental differences compared to the DĖ block cipher. The first difference is that encryption and decryption are specialized immutable procedures. Since the development of CBC-MAC only requires an encryption procedure, the following description is limited to modifying this procedure to meet the requirements of composite fault tolerance. Another difference between AES and DES is that the AES does not use any input and output resets, but with some effort the resets can be inserted into the AES encryption procedure, but this increases the computing power requirement. That is why it is better to modify the calculation of the AES so that no intermediate result is used in the fingerprint, and the necessary overlay is only included in the final calculation procedure.

As with DES, the AES block cipher is also executed in rounds (see Figure 5, which shows the structure of the AES block cipher). Depending on the key length (128, 192 and 256 bits), the corresponding number of cycles is executed (# = 10, 12 and 14 rounds). Before and after each round, the corresponding part of the expanded key is subjected to an XOR operation, after which the processed code acquires the status information value. Since the CBC-MAC calculation is also based on the XOR operation, it is possible to take advantage of the commutativity of this operation to rearrange the CBC-MAC calculation so that the last 16B of the expanded key is pre-applied to the XOR operation of the key 16B. 6 (initial) and FIG. 7 (new).

Unlike the original calculation (see Figure 6), the last and first parts of the expanded key are always applied simultaneously after the last round. As a result, the result is always modified at the end of the calculation by the first 16B of the key. This result is made with the necessary adjustments, and then the rebuilt part of the key is applied to the rebuilt intermediate result. In this way, the required partial fingerprint is obtained and will be completed in the same way as in other cases of interaction between specified devices.

The calculation procedure shown in the diagram "New Counting Scheme" (Fig. 7) can be accelerated by applying the XOR operation to the first key, after which it becomes a key of the last round when the key is expanded. Because of this modification, one key application against is omitted in subsequent calculations starting with the second block

-11 in the first round. This divides the entire CBC-MAC calculation into three parts. In the initial part, the first part of the expanded key (i.e., the first 16B of the secret key) is used before the first round and then each additional corresponding part after each round.

The first part of the expanded key is no longer used in recalculation, while the other parts are always used only after each round. In the final modification, the result is rearranged and modified by the rebuilt first part of the expanded key.

The basic principle of technical resistance to fingerprint verification is based on the fact that the verification process does not produce the correct fingerprint. Thus, no screening procedure using fingerprinting is allowed. Such a procedural check could easily be abused and enable the fingerprint recipient and their verifier to create such a fingerprint themselves due to a failure.

In the case of acyclic linear codes the following can be done: firstly, the M-matrix is used to form a reordered fingerprint, which is then compared to the resulting fingerprint, which is adapted by the interaction of the required number of devices. This process must also be used for cyclic codes if the relevant generating polynomial cannot be broken down into a useful factor system. This type of linear resistance code has not yet been applied anywhere.

If there is a polynomial system (polynomial checks) with a minimum common multiple of the generic polynomial of the cyclic resistance code, the process of fingerprint verification by the generating polynomial can be replaced by a polynomial check. This procedure is described in detail in CZ 296129.

Fingerprint verification of the original CBC-MAC data when a DĖ block cipher is used upon receipt can also be used for a process that does not involve its rebuilding (which is the most recommended method). This process is based on the reverse procedure used when initializing CBC-MAC data

-12 fingerprint using three different keys. From the resulting telegram you need to decrypt (D) the CBC-MAC using the third key K _s3 , then encrypt (E) the second key K _S 2, and then verify that the result matches the fingerprint of the message generated with the first key K _s i ( 8).

This verification procedure has several advantages over the procedure described in the previous paragraph. Interoperability between devices is not required to verify the integrity and authenticity of the received message, but it is required for its creation.

For fingerprint verification of the original CBC-MAC data, once the AES block cipher is used, a process similar to that described in the previous paragraph can be used. From the resulting telegram it is necessary to decrypt the block with the initial CBC-MAC data fingerprint using a secret key, then perform a reverse process (decryption of the last block of data XOR, ...) until the initialization vector from which the initial CBC-MAC data fingers are started printout calculation. If agreed upon, this will mean that the message received is seamless and authentic. Since the AES block code decryption procedure can be used on one device indefinitely, this verification procedure is implemented without the need for additional devices.

The verification process can also use the unfinished process of constructing the initial CBC-MAC data fingerprint on the received message data. If an XOR operation is applied to the result before the final modification of the original CBC-MAC data fingerprint construction using the resulting initial CBC-MAC data fingerprint, then the first 16B of the used secret code must be retrieved to produce a seamless authentic message.

FIG. The diagram in Figure 9 depicts a valid messaging fingerprinting system that allows verification of its integrity and authenticity, which always requires the interaction of two devices.

(Note: The presence of at least one other device on the same installation is required for the device to form a fingerprint. For this, see the description below).

-13 In a "two of three" system, three devices are involved in the formation of a fingerprint, none of which knows the entire procedure of forming a fingerprint, and is always formed by the forced interaction of two of the three devices. Using the data of the created message u (marked as DATA field in the picture), the F (u) fingerprint is formed as follows.

1. Using the Fpaic function, each of the three devices (A, B, C) forms a received partial fingerprint (F) from a data integrity check called PAIC (Primary Authorization Integrity Check). The F _PA ic function generates a received partial fingerprint, which is rebuilt using a P _PA ic rebuild to prevent a valid message containing that data; that is, it is a composite function F _PA ic = Ppaic ° FF The _PA ic function is the same for all three devices and must be implemented in order to prevent a valid fingerprint F (o) from being executed without success. Thus, it is not possible to perform the F function first and then the P _P aic rebuild the composite F _PA ic function must be indivisible in the device.

2. Device A performs a data field processing using the PAIC function Ραβί to generate a Secondary Authorization Integrity Check (SAICab), which is a partial transformation of the received partial fingerprint, which will perform a PAIC field that is unique to the system, the bitrate can be performed only by unit A and can only be used to interact with unit B. At the same time, the P _A d shift is used to form the second secondary authorization fingerprint SAICac for interaction with the C device.

3. At the same time, device B uses the P _BA i and Pbci transitions to form the secondary authorization fingerprints SAICba and SAICbc4 from the PAIC field for interaction with A and C devices. At the same time, Device C uses Pcai and Pcbi transitions to form SAICca and SAICcb secondary authorization fingerprints from the PAIC field for interaction with A and B ·

5. Each set of Ρχγι (where X and Y can have the meanings A, B, or C) is unique in the system; is known only to device X and can only be used to interact with device Y.

-146. This is followed by the exchange of secondary fingerprints (partial transformations of the received partial fingerprint) between the devices: Device A sends the SAICab fingerprint to Device B and the fingerprint SAICac to Device C, Device B sends the fingerprint SAICba to Device A and the fingerprint SAICbc to device C, finally device C sends the fingerprint SAICca to device A and the fingerprint SAICcb to device B (see picture).

7. Device A processes the secondary authorization fingerprint SAICba (received from device B) using the P _B a2 representation that forms the final authorization fingerprint FAICba · At the same time, the Pca2 representation applies to the SAICca authorization fingerprint (obtained from device C) and final authorization fingerprint FAICca8. At the same time the B device is used Pabž permutations that of the secondary authorization fingerprint SAICab (obtained from a device) to create the final authorization fingerprint FAICab, as well as P _C B2 permutations that of the secondary authorization fingerprint SAICcb (derived from the C unit) would produce the final authorization fingerprint FAICcb9. Finally, Device C uses the Pac2 reset to create the final authorization fingerprint SAICac (obtained from Device A) to create the final authorization fingerprint FAICac, as well as the Pbc2 reset to create the secondary authorization fingerprint SAICbc (obtained from Device B) fingerprint FAICbc ·

10. Again, each set of P _XY2 (where X and Y can have values A, B, or C) is unique in the system; is known only to the Y device and can only be used to process the secondary fingerprint created by the X device.

11. The γγι and Ρχγ ₂ rearrangements (X and Y may have the meanings A, B, or C) are chosen such that the composition of the γγι and Ρχγ ₂ rearrangements produces the same rearrangement for each pair of X, Y which is a P _PA ic ' ¹ rearrangement. Ppaic Conversions (ie, Pabi ° Pab2 = Paci ° Pac2 = ... = Pcbi ° Pcb2 = Ppaic ' ¹ ) · Therefore, if all devices are malfunctioning, all final fingerprints on FAIC _X y will be the same. (Because, for example, FAICab = Pab2 (Pabi (F _PA ic (w)))) = Ppaic ¹ (Ppaic (F (u)) = F (u).

The cross-compliance check of the DATA field of different devices is performed before the start of the fingerprint calculation. Also, before inserting the DATA field into the FAIC fingers

-15print The machine verifies that the FAIC fingerprint matches the data it provides.

The present invention relates to the maintenance of the resilience of safety-related electronic systems consisting of composite fault-tolerant modules, particularly in rail systems during fingerprinting.

Claims (9)

DEFINITION OF INVENTION 1. A method of preserving security-related electronic systems consisting of composite fault-tolerant modules, in particular for use in railway systems during fingerprinting, where at least two devices together form fingerprints, since none of them allows such fingerprinting, by breaking down the fingerprinting process into partial fingerprinting sequences over a specific time period resulting in an initial fingerprint, and when at least one of the interoperable devices detects a failure, the inexperienced interacting device refuses to form a partial fingerprint, which prevents subsequent fingerprinting prints. 2. A method as claimed in claim 1, wherein, in the case of linear codes, the fingerprint formed by the generating matrix is formed as a partial fingerprint reset, in which the reverse stroke is decomposed into partial resets, thereby generating partial transformations from the resulting partial fingerprint. The printout will form the initial fingerprint 3. The method of claim 1, wherein, if the initial CBC-MAC data fingerprint is formed using a block cipher to form the CBC-MAC data fingerprint, the block cipher is modified so that the partial fingerprint obtained by the CBC method differs from the original CBC- The MAC data fingerprint, and the initial CBC-MAC data fingerprint is formed by additional partial transformations of the resulting partial fingerprint. 4. The method of claim 3, wherein, if a block encryption code of the DES (data encryption standard) is used with the input data input IP of the original data block, the encryption part and the encrypted data block reverse output, then this reverse output is decomposed, and this creates partial transformations to form the initial fingerprint from the resulting partial fingerprint. -175. The method of claim 3, wherein, if an AES (Advanced Encryption Standard) block cipher is used that counts the blocks (rounds) using a specific key for each round, a different key is added to the encrypted data from the original data block in each round and the last round the key is added to the first round key of the next step of the CBC method calculation, this ensures the difference between the received partial fingerprint and the original fingerprint; the resulting fingerprint is then further transformed into a shape that is a reshape of the original fingerprint, and the reverse reshuffle is split into partial shapes that convert a partial fingerprint to the original fingerprint. 6. A method as claimed in claim 2, characterized in that, in the case of linear codes, when fingerprinting is generated using a generating matrix, the fingerprint verification is performed by an incoming partial fingerprint which, in an authentic authentic message, coincides with the received fingerprint and retrieves. devices interacting as per application 1. 7. The method of claim 2, wherein the use of a multiple polynomial verification system having a minimum common multiple of the generating cyclic security code polynomial is used to verify integrity and authenticity. 8. A method according to claim 4, characterized in that, if a DĖ block cipher is used, the reverse CBC-MAC data fingerprint verification uses a reverse process with three mutually different keys (K ₈ i, K _S 2, K _S 3>) The CBC-MAC data fingerprint is first decrypted using the third key K _S 3, and then encrypted using the second key K _S 2! If the fingerprint being verified is authentic and seamless, the result of these operations is the same as the message generated by the first key K _s i, for fingerprinting. 9. The method of claim 5, wherein the AES block cipher uses an inverse process to verify the initial CBC-MAC data fingerprint, in which the resulting initial CBC-MAC data finger -18printing is first decrypted and then the last data block is decrypted by XOR and goes back to the first data block; if the message is authentic and seamless, the result of the calculation is equal to the initialization vector. 10. A method according to claim 1, characterized in that the resistance system comprising the devices referred to in claim 1 is a center of radio communication units for radio control of trains.