RU2140716C1 - Method for cryptographic conversion of digital data blocks - Google Patents

Abstract

FIELD: electrical communications and computer engineering. SUBSTANCE: method involves generation of block for each of N≥2 binary vectors, sequential conversion of binary vectors, and shaping of cryptogram block using converted binary vectors. Novelty is that control code V is additionally generated and during conversion of at least one binary vector the latter is subjected to at least one controlled two-way operation depending on value of control code V. Novelty is also that secret key is additionally generated and control code V is shaped according to secret key. One more novelty is that secret key is additionally generated and control key V is shaped according to current value of data block being converted. EFFECT: increased number of operations depending on converted block which raises stability of cryptographic conversion. 4 cl, 5 dwg, 5 tbl, 9 ex

Description

 The invention relates to the field of telecommunications and computer technology, and more particularly to the field of cryptographic methods and devices for encrypting messages (information).

In the aggregate of the features of the proposed method, the following terms are used:
- the secret key is binary information known only to a legitimate user;
- subkey - section of the secret key;
- cryptographic conversion is the conversion of digital information that provides the influence of one bit of the source data on many bits of the output data, for example, to protect information from unauthorized reading, the formation of a digital signature, and the generation of a modification detection code; types of cryptographic conversion are one-way conversion, hashing and encryption;
- cryptogram block - a block of converted data obtained as a result of a one-way conversion or encryption procedure;
- one-way conversion is the conversion of an m-bit input data block into an m-bit output data block (cryptogram block), which makes it easy to calculate the cryptogram block from the input block, and the calculation of the input block, which would be converted into a randomly selected cryptogram block, is an almost impossible task;
- hashing information is some way of generating a so-called hash code, the size of which is fixed (usually 128 bits) for messages of any size; Hash procedures ensure that the hash code is dependent on each bit of the message.

- encryption is a process of converting information that depends on the secret key and converts the source text (data) into ciphertext (cryptogram), which is a pseudo-random sequence of characters from which it is practically impossible to obtain information without knowing the secret key;
- decryption is the opposite of the encryption process; decryption provides recovery of information from the cryptogram with the knowledge of the secret key;
- the cipher is a set of elementary steps for converting input data using a secret key; the cipher can be implemented as a computer program or as a separate device;
- a binary vector is a sequence of zero and one bits, for example (101101011); the specific structure of the binary vector can be interpreted as a binary number, if we assume that the position of each bit corresponds to a binary digit, i.e. a binary vector can be associated with a numerical value, which is determined uniquely by the structure of the binary vector;
- cryptanalysis - a method of calculating a secret key to obtain unauthorized access to encrypted information or developing a method that provides access to encrypted information without calculating a secret key;
- cryptographic strength is a measure of the reliability of encrypted information protection and represents the complexity, measured in the number of elementary operations that must be performed to recover information from a cryptogram with knowledge of the conversion algorithm, but without knowledge of the secret key; in the case of one-sided transformations, cryptographic strength is understood as the complexity of calculating the input value of a block from its output value;
- cyclic shift operations that depend on the data being converted or that depend on the binary vector — these are cyclic shift operations by the number of bits specified by the value of the binary vector; operations of cyclic shift to the left (right) are indicated by the sign "<<<"(>>>"), for example, the entry B ₁ <<< B ₂ indicates the operation of cyclic left shift of the binary vector B ₁ by the number of bits equal to the value of the binary vector B ₂ ; similar operations are basic for the RC5 cipher;
- a single operation is an operation performed on one operand (data block or binary vector); the binary value after performing some given unary operation depends only on its initial value; examples of single operations are cyclic shift operations;
- two-place operation is an operation performed on two operands; the result of some given two-place operation depends on the value of each operand; examples of double operations are the operations of addition, subtraction, multiplication, etc.

- the concatenation operation is the operation of combining several binary vectors, as a result of which a new binary vector is formed, including all the bits of each of the combined binary vectors, and the relative position of the bits corresponding to the original binary vectors does not change; for example, the concatenation of binary vectors W ₁ = (101101011) and W ₂ = (011101010) is written as W ₁ | W ₂ = (101101011011101010); these binary vectors can be combined by the concatenation operation in yet another way: W ₂ W ₁ = (0111010101010101101011).

 Known methods for block data encryption, see for example the DES cipher [B. Schneier, "Applid Cryptography", Second Eddition, John Wiley & Sons, Inc., New York, 1966, pp. 336 - 339]. In this method, the encryption of 64-bit data blocks T is performed by generating a secret key, generating 32-bit binary vectors L and R from the data block (the high 32 bits of the data block are taken as L and the lower 32 bits of the data block are taken as R) and performing 16 rounds of encryption. One round of encryption consists in generating an additional binary vector F by converting the binary vector R and converting the binary vector L in accordance with the expression L: = L ⊕ F, where ⊕ is the bitwise summation operation modulo two, ": =" is the assignment operation. Before performing the second and subsequent rounds, the binary vector L is assigned the value R, and the binary vector R is assigned the value L, obtained immediately after the previous round. This method has a high conversion rate when implemented in the form of specialized electronic circuits. However, the known analogue method uses a small secret key (56 bits), which makes it vulnerable to cryptanalysis based on key selection. The latter is associated with the high computing power of modern computers of mass application.

Closest in technical essence to the claimed method of cryptographic conversion of digital data blocks is the method implemented in the RC5 software cipher and described in the monograph [B. Schneier, "Applied Cryptography", Second Eddition, John Wiley & Sons, Inc., New York, 1966, pp. 344-346]. The prototype method includes the formation of a secret key in the form of a set of subkeys, the formation of two n-bit binary vectors (A and B) over a data block and the conversion of binary vectors in turn. The conversion of n-bit, where n = 8, 16, 32, binary vectors A and B is carried out by performing single and double operations on them. As two-place operations, the addition operations for module 2 ⁿ and the bitwise summation operation for module 2 are used. The operation of cyclic left shift is used as a single operation, and the number of bits by which the transformed binary vector is shifted depends on the value of another binary vector, this determines the dependence of the cyclic operation shift at the current step of converting the binary vector from the original value of the input data block. A two-place operation is performed on a binary vector and a subkey, as well as on two binary vectors. A characteristic of the prototype method is the use of a cyclic shift operation, depending on the value of the input block. A binary vector, for example B, is transformed in the following way. The bitwise summing operation is performed modulo 2 over A and B and the value obtained after performing this operation is assigned to the binary vector B. This is written as the ratio B: = B ⊕ A, where the “: =” sign denotes the assignment operation and the “⊕” sign denotes the operation of bitwise summing modulo 2. After that, the operation of cyclic left shift by the number of bits equal to the value of A is performed on B: B: = B <<< A. Then, on the binary vector and one of the connections S, the modulo 2 ⁿ summation operation is performed where n is the length of the binary vector in bits: B: = B + S mod 2 ⁿ . After that, the binary vector A is converted in a similar way. Several such steps are performed for converting both binary vectors. The final step is to form the cryptogram block C from the values of the transformed binary vectors by combining them: C: = A | B, where "|" is the concatenation operation.

 This method provides a high encryption speed when implemented in the form of a computer program. However, the prototype method has drawbacks, namely, it does not provide high resistance of cryptographic data conversion to differential and linear cryptanalysis [Kaliski B.S., Yin Y.L. On Differential and Linear Cryptanalysis of tne RC5 Encryption Algorithm. Advances in Cryptology - CRYPTO '95 proceedings, Springer-Verlag, 1995, pp. 171-184]. This drawback is due to the fact that the efficiency of using operations that depend on the data being transformed, which are variable encryption parameters, in order to complicate the known methods of cryptanalysis is reduced by the fact that the number of possible cyclic shift operations is equal to the number of binary bits of the binary vector n and does not exceed 32.

 The basis of the invention is to develop a method of cryptographic conversion of digital data blocks, in which the input data is converted in such a way as to increase the number of different operation options, depending on the variable parameters of the cryptographic conversion - the input block and / or secret key, thereby increasing the strength to differential and linear cryptanalysis.

 The problem is achieved in that in the method of cryptographic conversion of digital data blocks, which consists in generating binary vectors N ≥ 2 by a data block, sequentially converting binary vectors and generating a cryptogram block from converted binary vectors, new according to the invention is that the control code is additionally generated V and when converting at least one binary vector over the binary vector, at least one controlled two-place operation is performed, depending u from the value of the control code V.

 Thanks to this solution, an increase in the number of possible operation options depending on the block being transformed is ensured, which provides an increase in the resistance of the cryptographic transformation to differential and linear cryptanalysis.

 Also new is the fact that the control code V is generated by the value of one of the binary vectors. Thanks to this solution, an additional increase in resistance to differential and linear cryptanalysis is provided.

 Also new is the fact that they additionally form a secret key, and the control code V is formed using a secret key. Thanks to this solution, it provides increased cryptographic resistance to attacks based on failures of the encryption device.

 Also new is the fact that they additionally form a secret key, and the control code V is generated by a secret key and by a binary vector.

 Thanks to this solution, an additional increase in cryptographic resistance to attacks based on failures of the encryption device is provided.

 By the formation of a control code using a binary vector (secret key), we mean the establishment of a certain set of single and zero signals at the control input of a managed operating unit that implements a controlled two-place operation, depending on the value of the binary vector (secret key). In particular, a control code can be generated, which is equal, for example, to a plug or one of the binary vectors.

 Below the essence of the claimed invention is explained in more detail by examples of its implementation with reference to the accompanying drawings.

In FIG. 1 shows the designation of a controlled two-place operation (a - controlled summation; b - controlled multiplication), where W ₁ and W ₂ are input binary vectors of length | W ₁ | and | W ₂ | over which a controlled two-place operation is performed, R is an output binary vector of length | R | representing the result of the operation, V is a control code of length | V |, on which the controlled two-place operation depends. In the general case, the number of bits in the input binary vectors, the control code, and the output binary vector can be arbitrary, i.e. different ratios between the numbers | W ₁ |, | W ₂ |, | V | and | R |. A specific variant of the ratio of these numbers refers to a specific type of controlled two-seater operation, implemented using special operating units. The controlled summation operation performed on the operands W ₁ and W ₂ will be denoted as follows: (W ₁ , W ₂ ) ^[V] , i.e. as a result of this operation, we obtain the binary vector R: R = (W ₁ , W ₂ ) ^[V] . The controlled multiplication operation is denoted by (W ₁ ⊕ W ₂ ) ^[V] , i.e. as a result of such an operation, we obtain the binary vector R: R = (W ₁ ⊕ W ₂ ) ^[V] .

A controlled two-place operation is understood as an operation performed on two operands, depending on some binary code called a control code, and implemented using a specially designed operational unit, which cannot be represented as a combination of known operating units used in cryptographic conversion devices, the input of which the binary vector served W _1, W ₂ and V. Thus, under controlled two-place operation we understand a new type of operation, but the mozh t be replaced by a plurality of transformation operations used in the prior art cryptographic transformation. Consider examples of constructing controlled double-seat operations.

Example 1: controlled summation operation. This operation is performed on two n-bit binary vectors A and B under the control of an (n - 1) -bit control code V. Denote the binary vectors and the control code as a sequence of bits: A = (a _n , a _n-1 , .. ., a ₂ , a ₁ ), B (b _n , b _n-1 , ..., b ₂ , b ₁ ) and V = (υ _n-1 , υ _n-2 , ... υ ₂ , υ ₁ ). In this example, controlled summation is performed according to the rules of ordinary binary vector summation modulo 2 ⁿ , except that the transfer from the i-th digit is canceled when the condition υ _i = 0 is fulfilled. Thus, there are 2 ^n-1 modifications of the controlled summation operation, which differ in combinations of binary digits, the transfer of which is ignored (zeroed). Let A = (11011101) and B = (10010101), then for V = (1101011) we have R = (A, B) ^[V] = (01001010) (transfer that would take place from the third to the fourth digit in the usual summation modulo 2 ^n, in the case of this variant of controlled summation, it is reset, since 0) is located in the third category of the control code.

We compile for A = (10111011) and B = (01010101) a table of values R = (A, B) ^[V] , obtained depending on the choice of the modification of controlled summation, which is determined by the value V.

The first line shows the value of R corresponding to the value V = (1111111), for which the usual summation of binary vectors A and B modulo 2 ⁿ is realized. The last line shows the value of R corresponding to the value V = (0000000), for which bitwise summation of binary vectors A and B modulo 2 ⁿ , denoted by the symbol "⊕", is realized. Operation "⊕" corresponds to one of 2 ^n-1 modifications of the operation of controlled summation. The results in the intermediate lines correspond to a number of other modifications determined by combinations of discharges, the transfer of which is zeroed (see Table 1)
In FIG. Figure 2a shows the structure of the operating unit that implements the operation of controlled summation described in Example 1. This operational block, the controlled adder Σ ₁ , consists of a half adder σ ′ and (n-1) adders σ _i where i = 2, ..., n. The bits of the first bit a ₁ and b ₁ are fed to the half-adder, and the bits of the i-th bit a _i and b _i are sent to the i-th adder. The right output of the half-adder and all adders forms the value of the corresponding bits of the binary vector R. On the left output of these nodes, a carry bit is generated, which is applied to one of the inputs of the logical element And (in the diagram indicated by the & sign). The second input of the AND gate, the output of which is connected to the right input of the i-th adder, is supplied with the (i-1) th bit of the control code υ _i-1 . Due to the fact that the carry bit passes through the And element, it is reset to zero when the corresponding control bit is zero. The carry bit from the nth bit f is ignored, i.e. it is not used when generating the value of R. The output binary vector R is formed as a sequence of bits (r _n , r _n-1 , ..., r ₁ , r ₁ ) on the right output of the adders, i.e. we have R = (r _n , r _n-1 , ..., r ₁ , r ₁ ).

Example 2: managed summation operation. This operation is performed on two n-bit binary vectors A = (a _n , a _n-1 , ..., a ₂ , a ₁ ) and B = (b _n , b _n-1 , ..., b ₂ , b ₁ ) under the control of the n-bit control code V = (υ _n , υ _n-1 , ... υ ₂ , υ ₁ ) In FIG. Figure 2b shows the structure of the operating unit that implements the operation of controlled summation for Example 2. This operational block, the controlled adder Σ ₂ , consists of n adders σ _i where i = 1,2, ..., n. the structure of this operation block is similar to the block in FIG. 2a, except that instead of a half-adder, an adder σ _{1 is used} , the control bit υ ₁ is fed to the right input of it and the bit υ _{i + 1} is fed to the upper input of the element & _i instead of the bit υ _i .

In this example, controlled summation is performed according to the rules of ordinary binary vector summation modulo 2 ⁿ , except that the transfer from the ith digit is zeroed when the condition υ _{i + 1} = 0 is fulfilled. The transfer bit from the nth bit f is ignored. Bit υ ₁ can be considered as a carry bit from the control code. Since there are two values of the bit υ _1, in this version of the operation of controlled summation there are twice as many different modifications compared to Example 1. Their number is 2 ⁿ , i.e., each value of the n-bit control code V corresponds to a unique modification of the operation of controlled summation.

We compose for A = (10111011) and B = (01010101) and several different control codes V a table of values R = (A, B) ^[V] obtained by setting various modifications of the operation of controlled summation (see Table 2).

Example 3: controlled summation operation. This operation is performed on two n-bit binary vectors A = (a _n , a _n-1 , ..., a ₂ , a ₁ ) and B = (b _n , b _n-1 , ..., b ₂ , b ₁ ) under the control of the n-bit control code V = (υ _n , υ _n-1 , ... υ ₂ , υ ₁ ) In FIG. 2c shows the structure of the operation block that implements the operation of controlled summation for example 3. This operation block is indicated by the letter Σ ₃ Bit a _i is sent to the left input of the i-th adder; on the middle input - bit b _i and on the right input - bit υ _i . The left output of the i-th adder and the right output of the (i + 1) -th adder are the inputs of a single-bit adder modulo two (indicated by the ⊕ node), and the output of this single-bit adder is the (i + 1) -th output of the managed operation unit. The left output of the nth adder and the right output of the first adder are inputs of a one-bit adder modulo two, the output of which is the first output of the controlled adder Σ ₃
Example 4: controlled summation operation. This operation is performed on two n-bit binary vectors A and B under the control of an n-bit control code V. FIG. 2d shows the structure of the operating unit that implements the summation operation managed for Example 4. This operation block denoted by the letter Σ and ₄ consists of a half-adder σ n on the left input i-th bit half-adder is fed a _i, to the right input - bit b _i. The left output of the ith half-adder and the control bit υ _i are fed to the two inputs of the & _i element. The right output of the (i + 1) -th half-adder and the output of the & _i element are two-bit adder inputs modulo two, and the output of this one-bit adder is the (i + 1) -th output of the controlled operation unit. The output of element & _n and the right output of the first adder are inputs of a single-bit adder modulo two, the output of which is the first output of the controlled adder Σ _{4 /}
Example 5: controlled multiplication operation. This operation is performed on two binary vectors A = (a _n , a _n-1 , ..., a ₂ , a ₁ ) and B = (b _g , b _n-1 , ..., b ₂ , b ₁ ) under the control of the h-bit, where h = n + g - 1, of the control code V = (υ _h , υ _h-1 , ... υ ₂ , υ ₁ ) The implementation of the controlled multiplication operation in this example includes the following steps:
1. By the value of A, a table is formed. 3 containing g rows and g + n - 1 columns (see end of description)
The first row of this matrix is formed by adding g - 1 zero to the left of the sequence of bits a _n , a _n-1 , ..., a ₁ , a ₁ . Each next line is obtained from the previous one by reducing the number of zeros on the left by one and adding one zero on the right. Thus, each line contains a section of bits a _n , a _n-1 , ..., a ₁ , a ₁ , which moves from the extreme right position in the upper line to the leftmost position in the lower line.

2. From the constructed matrix, all rows are selected for the number i of which the relation b _i = 1 is fulfilled. Each such row is considered as an h-bit binary vector. Let j have such binary vectors: A ' ₁ , A' ₂ , ..., A ' _j .

 3. Set the counter s: = 1 and the initial value of the binary vector R: = 1.

4. Perform the operation of controlled summation from example 2:
R: = (R, A ′ ₁ ) ^[V] .

 5. If s <j, then increment j: = j + 1 and go to step 4.

 6. STOP.

The value of R at the output of step 6 is taken as the result of a controlled operation of multiplication. Since the result of step 4 depends on the value of the control code V, the multiplication result also depends on the value V. Denote the controlled multiplication operation as (A ⊕ B) ^[V] . Other types of controlled multiplication operations can be obtained by performing steps 1 to 6, if you use the operation of controlled summation in step 4, for example, from examples 1,3 and 4.

Example 6: controlled summation operation. This operation is performed on two n-bit binary vectors A and B under the control of the n-bit control code V. Denote the binary vectors and the control code as a sequence of bits: A = (a _n , a _n-1 , ..., a ₂ , a ₁ ), B = (b _n , b _n-1 , ..., b ₂ , b ₁ ) and V = (υ _n , υ _n-1 , ... υ ₂ , υ ₁ )
In this example, controlled summation is performed using the operation node (controlled adder Σ ₅ ) shown in FIG. 3a and consisting of a half adder σ ′ and adders σ _i where i = 2, ..., n, (the number of adders is n-1). The bits of the first bit a ₁ and b ₁ , the non-left and middle inputs of the i-th adder σ _i, where i = 2,3, ..., n, are the bits of the i-th bit of binary vectors, i.e. bits a _i and b _i . The output of the half adder and all adders is the input of the corresponding controlled elementary switch S _i , i = 1,2,3, ..., n, to the control input of which the corresponding bit υ _{i of the} control code is supplied. (The switch S _i works as follows. With a single control signal (u ₁ = 1), the left input is switched with the left output and the right input with the right output. With a zero control signal (u _i = 0) the left input is switched with the right output and the right input with the left output. The elementary switch is implemented using the simplest combinational circuit with high speed.). The left output of the switch S _i , where i = 1,2,3,. . . , n-1, is connected to the right input of the adder σ _{i + 1} The signal f at the left output of the switch S _{n is} ignored, i.e. not used when generating the value of the summation result R. The right outputs of all the switches S _i are the corresponding outputs of the controlled adder Σ ₅ (The binary output vector R is formed as a sequence of bits (r _n , r _n-1 , ..., r ₂ , r ₁ ) on the right output of the switches S _i , i.e., we have R = (r _n , r _n-1 , ..., r ₂ r ₁ ).)
These examples show the feasibility of controlled double-seat operations with a large number of possible modifications. Other types of controlled double-seat operations can be made up, which are easily implemented as controlled operating units based on standard electronic circuit nodes.

 Consider the options of the proposed method of cryptographic conversion of digital data blocks.

Example 7: one-way conversion of a 64-bit data block T. This example is illustrated in FIG. 3b. Form two binary vectors A = T div 2 ³² and B = T mod 2 ³² , i.e. binary vector A contains the upper 32 bits of the data block, and binary vector B contains the lower 32 bits of the data block. Next, perform the conversion in accordance with the following algorithm.

 1. Set the counter for the number of rounds of conversion r: = 1.

2. Using the binary vector B, generate the control code V by performing the permutation π ₁ over B: V = π ₁ (B) where the permutation π ₁ is implemented using the operation block π ₁ in FIG. 3. (In electrical circuits, this operating unit is implemented as a simple interweaving of conductors.)
3. Depending on the value of V, convert the binary vector A by performing the controlled summation from Example 2 over A and B: A: = (A, B) ^[V] .

4. Transform the binary vector A by performing the permutation operation π _{2 on it} : A: = π ₂ (A)
5. Convert the binary vector A in accordance with the following formula: A: = A ⊕ B.

6. Generate the control code V by binary vector A by performing permutation π ₁ over A: V = π ₁ (A)
7. Depending on the value of V, convert the binary vector B by performing the controlled summation from Example 3 over A and B: B: = (B, A) ^[V] .

8. Converter binary vector B by performing the permutation operation π _{2 on it} : B: = π ₂ (B)
9. Convert the binary vector B in accordance with the formula: B: = B ⊕ A.

 10. If r <16, then increment r: = r + 1 and go to step 2.

 11. STOP.

The cryptogram block C is formed by combining the transformed binary vectors A and B: C = A | B.
Example 8: encryption of a 64-bit data block T. This example is illustrated in FIG. 4. Generate a secret key, presented in the form of the following set of n-bit round subkeys: K ₁ , K ₂ , ..., K ₃₂ . Form two binary vectors A = T div 2 ³² and B = T mod 2 ³² from the data block. Encrypt the data block in accordance with the following algorithm.

 1. Set the counter for the number of rounds of encryption r: = 1.

2. Generate the control code V by binary vector A and connect K _{r + 16} by combining A and K _{r + 16} in accordance with the expression: V = A | K _{r + 16} .
3. Depending on the value of V, generate the binary vector P by performing the operation of controlled multiplication from Example 5 over A and K _r : P: = (A ⊕ K _r ) ^[V] .

4. Using the value of P, generate two binary vectors H = P div 2 ³² and L = P mod 2 ³² .

5. Convert the binary vector H by performing a summation operation on L and H modulo 2 ³² : H: = (L + H) mod 2 ³² .

 6. Convert the binary vector B by the formula: B: = B ⊕ h.

 7. If r <16, then increment r: = r + 1, take the binary vector A as the binary vector B, and the binary vector B as the binary vector A, and go to step 2.

8. STOP
Let us explain step 7. Before starting the execution of the (i + 1) -th, where i = 1,2, ..., 15, rounds, the binary vector A (B) is assigned the value B (A) obtained after the i-th round. The cryptogram block C is formed by combining the transformed binary vectors A and B: C: = A | B. The decryption of the cryptogram block is carried out using the same algorithm, except that in step 2, the K _33-r subkey is used instead of the K _{16 + r} subkey, and in step 3, the K _17-r subkey is used instead of K _r .

Example 9: encryption of a 64-bit data block T. Example 8 is illustrated in FIG. 5. Generate a secret key, presented in the form of the following set of n-bit round subkeys: K ₁ , K ₂ , ..., K ₁₆ and Q ₁ , Q ₁ , ..., Q ₁₆ . Form two binary vectors A = T div 2 ³² and B = T mod 2 ³² from the data block. Encrypt the data block in accordance with the following algorithm.

 1. Set the counter for the number of rounds of encryption r: = 1.

2. Generate a control code V: V: = Q _r on the Q _r subkey.

3. Depending on the value of V, generate the binary vector F by performing the operation of controlled summation from polymer 2 over the binary vector a and the subkey K _r : F: = (A, K _r ) ^[V] .

4. Represent binary vector F as a concatenation of 4-bit binary vectors f _i : F: = f ₁₆ | f ₁₅ | ... | f ₁ , where i = 1,2, ..., 16.

Выполнение операции подстановки состоит в следующем. Вычисляется значение j = i mod 4. Вместо двоичного вектора со значением f_i подставляется двоичный вектор со значением стоящим на пересечении j-й строки и f_j-го столбца.5. Convert the binary vector F in accordance with the expression:
F: = S (f ₁₆ ) | S (f ₁₅ ) | ... | S (f ₁ ),
where "S (f _i )" is the designation of the substitution operation performed on the 4-bit binary vector f _i , where i = 1,2, ..., 16, according to the following table:

The implementation of the substitution operation is as follows. The value j = i mod 4 is calculated. Instead of the binary vector with the value f _{i, the} binary vector with the value at the intersection of the jth row and the fth _jth column is substituted.

 6. Convert the binary vector F by performing on it the operation of cyclic left shift by 11 bits: F: = F <<< 11.

 7. Convert the binary vector B by the formula: B: = B ⊕ F.

 8. If r <16, then increment r: = r + 1, take the binary vector A as the binary vector B, and the binary vector B as the binary vector A, and go to step 2.

 9. STOP.

The cryptogram block C is formed by combining the transformed binary vectors A and B: C = A | B. Decryption of the cryptogram block is performed using the same algorithm, except that in step 2, the Q _17-r subkey is used instead of the Q _r subkey, and in step 3, the K _17-r subkey is used instead of K _r .

 The above examples show that the proposed method of cryptographic transformations of digital data blocks is technically feasible and allows us to solve the problem. Controlled two-place operations with a large number of possible modifications can be easily implemented in cryptographic conversion devices using high-speed controlled operating units based on standard electronic circuit nodes.

Claims (4)

 1. The method of cryptographic conversion of digital data blocks, which consists in generating N≥2 binary vectors from a data block, converting binary vectors one by one and generating a cryptogram block from converted binary vectors, characterized in that they additionally form a control code V when converting at least one binary vector over a binary vector perform at least one controlled two-place operation, depending on the value of the control code V.  2. The method according to claim 1, characterized in that the control code V is formed by the value of one of the binary vectors.  3. The method according to claim 1, characterized in that it further form a secret key, and the control code V is formed by a secret key.  4. The method according to claim 1, characterized in that it further form a secret key, and the control code V is formed by a secret key and a binary vector.

Images