RU2226041C2 - Method for binary data cryptographic conversion - Google Patents

Abstract

FIELD: electrical communications and converter engineering. SUBSTANCE: proposed method can be used in communication systems, computing and data-processing systems during data exchange and includes following procedures: input data are divided into fixed-length blocks and coded by means of arithmetic operation with cryptographic pseudorandom functions F1, F2, and F3 dependent of mentioned key sequence; data are entered during each step for arithmetic coding in character-by-character manner and coded with aid of F2 conversion implementing character table and occurrence probability interval table of F3 conversion implementing characters; character table is updated by interchanging characters in character table; then occurrence probability intervals are exchanged in mentioned table, whereupon converted input data are transferred to input data block. EFFECT: enhanced reliability of protection against cryptographic analysis and unauthorized data decoding. 3 cl, 1 dwg

Description

The invention relates to the field of telecommunications and computer technology, and more particularly to the field of methods and devices for cryptographic data conversion, and can be used in communication, computing and information systems for cryptographic closing of binary information in the exchange of data by government, law enforcement, defense, banking and industrial institutions when it becomes necessary to store and transmit confidential information.

A known method of encrypting binary information and a device for implementing the method is "Alber" [1], in which a set of information and key p-bit registers is used to implement cryptographic text conversion. The input data is divided into blocks of variable length from m cells, including p bits in each. Next, the contents of these cells are transformed using n-fold addition modulo 2 or modulo 2 ^p with the contents of the second p-bit cell of the information register, to the resulting sum are added modulo 2 or modulo 2 ^{p the} contents of the next p-bit cell of the key register , the result is transformed by the p-bit functional transformation block f, the contents of the rth (3≤r≤m-1) cell of the information register are added modulo 2 or modulo 2 ^p to the result obtained.

However, this method has disadvantages that are associated with the ability to analyze encrypted data by using the differential cryptanalysis method. This is due to the fact that the addition of a ^p -bit cell with zero modulo 2 or modulo 2 ^p does not lead to a change in the contents of this cell, and in case of a change, the dependence of the change in the contents of this cell on the current at the time of encryption of the information and key contents can be detected registers.

There is also a method of encrypting data blocks [2], which is focused on encrypting input data blocks by attaching pseudorandom binary blocks of the same length to input blocks and using non-repeating combinations of generated subkeys. The method includes generating an encryption key, generating K≥1 data blocks containing P≥1 sections of binary information and converting the data blocks under the control of the encryption key. Additionally, D≥1 binary vectors are generated, and data blocks are formed by attaching binary vectors to portions of the binary information code. Binary vectors are generated according to a random or pseudo-random law. Binary vectors are attached to sections of the binary code of information depending on the encryption key or according to a fixed rule.

However, the method has the disadvantage that the input data is processed in large blocks, and not character by character; the size of the binary vector of the output data is twice as large as the size of the input vector, which reduces the performance of both the direct task of encrypting information and the inverse of decrypting it, also reduces the reliability of work and increases the energy cost of further processing, transmission and storage of encrypted information.

The closest in technical essence to the proposed is a method of protecting information from unauthorized access [3], adopted as a prototype, which consists in the fact that on the transmitting side, the original information is distorted using a key sequence, and on the receiving side, the distorted information is restored using the same key , while the source data is processed character by character. The essence of the prototype method is that the original information file is divided into information blocks of variable length i (i = 1, 2, 3, ...), after which a variable shift of the ASCII code of each block symbol by t (t = 1, 2, 3, ...) bits. The shift can be carried out both left and right, while to prevent information loss, the shift is carried out in a closed ring in the block, the result of the conversion is recorded in memory at the address of the source file.

The user-defined key is w (w = 1, 2, 3, ...) a bit unsigned integer. The converted file can be quickly restored by reverse shifting the characters of the file blocks.

The disadvantages of the prototype are low resistance to unauthorized decryption of information encrypted with it; the need to store a key sequence of large volume that determines the length of each encrypted block; the absence of a procedure for getting rid of information redundancy in the input data, and as a result of this - increased energy costs for further processing, transmission and storage of redundant information.

The technical result obtained from the implementation of the invention is the elimination of these shortcomings, that is, increasing the complexity of cryptanalysis and unauthorized decryption of information encrypted with it, as well as reducing energy costs for processing, transmitting and storing information.

This technical result is achieved due to the fact that in the known method of cryptographic conversion of binary data, namely, that on the transmitting side, the original information is distorted using the key sequence, and on the receiving side, the distorted information is restored using the same key sequence, while the original data is processed character by character, the input data is converted by arithmetic coding with the entered cryptographic transformations by coding depending on the key sequence, and during coding, they are transformed using the coding function E (the function of arithmetic coding is chosen as the function E according to [5]) together with cryptographic transformations F ₁ , F ₂ and F ₃ into a real number from the interval [0, 1), which is written by a binary sequence of finite variable length and together with the key sequence uniquely determines the input data.

Moreover, as a transformation function F ₂ , a linear congruent transformation function of the form F (x) = ax + b mod с is used, with the initial value x depending on the key sequence (i.e., x is a sequence of values of the key sequence), where the constants a and b are chosen so that the calculated sequence does not have a period of maximum length, and the constant c is chosen equal to M, where M is the number of all possible values of the generated blocks from the input data sequence.

And as a component of the transformation functions F ₁ and F ₃ use the normalized linear congruent transformation function of the form

,

,

with an initial value of x (i.e., x is a sequence of values of the key sequence), depending on the key sequence and different for both F ₁ and F ₃ , where the constants a and b are chosen so that the calculated sequence does not have a period of maximum length, and the constant c for F ₁ and F ₃ is chosen equal to the integer part 0.25N, where N is a fixed prime integer of a large order, chosen arbitrarily before encoding.

In other words, this technical result is achieved essentially by introducing symbolic cryptographic transformations depending on this key sequence using the method of arithmetic coding of binary information, which consists in the fact that, when encoding, the input data is converted using the encoding function E into a real number from interval [0,1), which is called the mapping interval. The result of the function E (see [4, 5]) is a real number from the mapping interval, which is written in a binary sequence of finite length and uniquely determines the input data. Thus, the input and output are a binary sequence of variable length. Before starting the encoding process, the input data is divided into blocks of a fixed length, and encoded alternately, as in the prototype. A block value is a binary representation of the bits of a block. The set of values of all blocks forms the alphabet, and the values of the blocks themselves are symbols of the alphabet. The number of possible values of generated blocks from the input data sequence is denoted by M. As the input data is encoded, the display interval decreases, and the number of bits for its representation increases.

Each symbol of the alphabet is associated with the a priori probability of its occurrence in the input data stream. Additionally, each symbol is assigned a probability interval on the interval [0, 1), such that its length is equal to the probability of occurrence of this symbol. The lower limit of probability is denoted by L, and the upper limit of probability by N. In this case, the set of pairs [L _(symbol) , H _(symbol) ) for all symbols of the input data uniquely determines the probability model for the appearance of each symbol in the encoded text.

The next coded input data symbols reduce the size of the display interval based on the values of their a priori probabilities determined by the existing model. More likely characters do this to a lesser extent than less likely characters, adding fewer bits to the output. In the encoding process, the probabilistic model is modified to take into account the actual occurrence of characters in the input. This effect is achieved by increasing the likelihood of the appearance of the current symbol and a corresponding decrease in all others. Thus, optimal compression of the input data is achieved [4,5]. This compression method is called adaptive compression. In order to signal the end of coding, a special character is used, which is designated EOF.

The process of encoding text can be described using a formal algorithmic language as follows (see [5]):

1. Initial construction of a probabilistic model (probabilities can also be chosen arbitrarily),

L = 0.0, H = 1.0;

2. (Character) = The next character of the input text,

Interval = H-L,

H = L + Interval · N _(symbol) ,

L = L + Interval · L _(character) ,

Change the probabilistic model depending on (Symbol);

3. If (Symbol) is not equal to EOF go to step 2;

4. Output = L.

Then the decoding process of the input data stream can be described using the formal algorithmic language as follows (also see [5]):

1. Initial construction of a probabilistic model,

(Number) = Read binary data;

2. (Symbol) = Find the symbol in the interval of which falls (Number),

Add to output (Symbol),

Interval = H _(character) -L _(character) ,

Number = Number-L _(character) ,

Number = Number / Interval,

Change the probabilistic model depending on (Symbol);

3. If the Symbol is not equal to EOF, go to step 2.

The initial construction of the probabilistic model and its change during processing of the next symbol must coincide for the encoding and decoding processes, otherwise the input data will not be properly decoded.

According to the proposed method, the initial construction of the probabilistic model, as well as its change during processing of the next character, is modified using the key sequence K, also called the key. Thus, without the proper key, it is impossible to adequately restore the original input data converted using this method.

For this, it is proposed to introduce three additional types of cryptographic transformations into the encoding algorithm, and, in particular, into the probabilistic model of input data symbols.

The first type of additional cryptographic conversion changes the initial table of a priori probabilities by increasing the probability of occurrence of some symbols and decreasing others, using some function F ₁ depending on the key sequence K. This type of additional cryptographic conversion is used once at the beginning of the encoding and decoding process.

The second and third types of additional cryptographic conversion operate at each encoding step, that is, once during the encoding of each symbol.

The second type of additional cryptographic conversion modifies the table of probability intervals of all symbols, rearranging the probability intervals on the interval [0, 1) using the F ₂ transformation depending on the key sequence K and the end-to-end number of the current symbol. This type of additional cryptographic conversion does not affect the length of the output data, but only affects the processing speed of the encoded sequence during decoding and therefore is most preferred when not all of the proposed types of additional cryptographic conversion of the probability model are used.

The third type of additional cryptographic conversion modifies the table of probability intervals of all symbols, reassigning each symbol a new probability interval on the interval [0, 1) using the F ₃ transformation depending on the key sequence K and the end-to-end number of the current symbol. This type of additional cryptographic conversion, unlike the second and first types, affects the length of the output data.

According to the proposed method, all three types of additional cryptographic transformations of the arithmetic coding algorithm are used as a cryptographic data conversion. As the transformation F ₁ , a pseudo-random function is selected, depending on the key sequence K, with a real result on the interval [0,0,25]. The probability P _{i of} each i-th (i = 1, 2,3, ..., M) symbol increases by the result of F ₁ :

P _i = P _i + F ₁ (K, i)

After that, all P _i are normalized so as to correspond to the condition of the complete system i of incompatible events [7], so that

To do this, all P _i are multiplied by the normalizing factor 0 <μ≤1, which is calculated by the formula

As the transformation F ₂ , a pseudo-random function is selected depending on the key sequence K, with an integer result on the interval [1, M]. The set of its 2M first values is divided into pairs (a _q , b _q ), where q = 1, ..., M. Then a permutation of the symbol a _q with the symbol b _q in the symbol table is performed.

As the transformation F ₃ , a pseudo-random function is selected that depends on the key sequence K, with an integer result on the interval [1, M]. The set of its 2M first values is divided into pairs (a _q , b _q ), where q = 1, ..., M. Then, the probability intervals of the symbol a _q and symbol b _q are exchanged in the table of probability intervals, that is:

La _q is replaced by Lb _q and Lb _q is replaced by La _q;

Ha _q is replaced by Hb _q and Hb _q is replaced by Ha _q.

In the reverse cryptographic transformation, the sequence of actions is preserved and all types of additional cryptographic transformations are performed in a similar way.

The invention is illustrated in figure 1, which shows a block diagram of a device for implementing the method using a computer or computing device.

A device for implementing the method consists of a key sequence input unit 1; input input unit 2; block 3 storing the table of processed characters; a probability interval table storage unit 4 for each symbol; an operation unit 5 implementing the transformation F ₁ ; an operation unit 6 implementing the transformation F ₂ ; an operation unit 7 implementing the F ₃ transformation; operating unit 8, which implements arithmetic compression using block 2, block 3 and block 4; block 9 output.

According to the proposed method, the device operates as follows. Using block 1 (an alphanumeric information input device, such as described in [6]), a secret key sequence is introduced into the device, which is transmitted to the input of block 5, block 6, and block 7 (operation blocks organized according to [8] ), and the output of block 5 to block 4, where the table of probabilities of occurrence of symbols is converted. The probability P _{i of} each i-th (i = 1, 2, 3, ..., M) symbol increases by the result of the transformation F ₁ :

P _i = P _i + F ₁ (K, i)

Then all P _i are multiplied by the normalizing factor 0 <μ≤1, which is calculated by the formula

Thus, the contents of block 3 and 4 are determined once at the beginning of coding using block 5 and a key sequence. Using block 2 (block 1 similar to the device), the data intended for encryption is entered one by one character into the device, after which the data is placed in block 8, where it is encoded using the tables from block 3 and block 4 [4]. Then, at each coding step, the contents of block 3 are updated using block 6 as follows: 2M of the first values are extracted from block 6, which are divided into M pairs (a _q , b _q ), where q = 1, ..., M. Then, using block 6, the symbol a _{q is replaced} with the symbol b _q in the symbol table of block 3. Also, at each coding step, the contents of block 4 are updated using block 7 as follows: 2M first values are extracted from block 7, which are divided into M pairs (a _q , b _q ), where q = 1, ..., M. Then the reassignment of the probability intervals of the symbol a _q and the symbol b _q is performed in the table of probability intervals, that is:

La _q is replaced by Lb _q and Lb _q is replaced by La _q;

Ha _q is replaced by Hb _q and Hb _q is replaced by Ha _q.

Then, the input data converted by the method described above is transmitted symbolically to block 9 (alphanumeric output device described, for example, in [8]), from where it can be directly extracted. The encryption process ends as soon as the last character of the input data is processed. After that, the encrypted data is extracted from block 9.

In reverse cryptographic conversion, a device identical to this is used to decrypt the data. Data decryption occurs in the same order.

Thus, in this method, the complexity of cryptanalysis and unauthorized decryption of encrypted information is increased, the energy cost of processing, transmitting and storing encrypted information is reduced, thereby achieving the technical result.

Sources of information:

1. RF patent No. 2099890 C1, cl. H 04 L 9/00.

2. RF patent No. 2103829 C1, cl. H 04 L 9/20.

3. RF patent No. 2130641 C1, cl. G 06 F 13/00, G 09 C 1/00, H 04 L 9/00 - prototype.

4. Witten Ian H., Neal Radford M., Cleary John G. Arithmetic coding for data compression. Communications of the ACM. - June 1987, Vol.30, N6.

5. Mastryukov D. Algorithms for information compression. Arithmetic coding. - M .: Monitor, N1, 1994.

6. Klingman E. Designing specialized microprocessor systems. - M .: Mir, 1985.

7. Gmurman V. Probability Theory and Mathematical Statistics. - M.: Higher School, 2000.

8. Zanger G. Electronic systems. Theory and application. - M .: Mir, 1980.

Claims (3)

1. The method of cryptographic conversion of binary data, namely, that on the transmitting side, the original information is distorted using a key sequence, and on the receiving side, the distorted information is restored using a key sequence with character processing, characterized in that the input binary data is divided into fixed blocks lengths and encode alternately, subjecting them to conversion by the method of arithmetic encoding with cryptographic functions F ₁ , F ₂ and F ₃ depending on yk pseudorandom functions are selected as the cryptographic transformation F ₂ and F ₃ , at each coding step enter data for arithmetic coding character-by-character and encode them using a symbol table implementing the F ₂ transformation and a table of probability intervals for the occurrence of the symbols implementing the F ₃ transformation , at each coding step, the symbol table is updated by extracting N of its first values from it, break them into pairs, rearrange the extracted characters in t blitz symbols, and at each step of the encoding table of intervals occurrence probability of each character is extracted its first N values, divide them into pairs and then performing the exchange intervals probability of occurrence in said table, after which the converted input data is transmitted to the output data block. 2. The method according to claim 1, characterized in that, as a transformation function F ₂ , a linear congruent transformation function of the form F (x) = ax + b · mod c is used, with an initial value depending on a given key sequence, where a and b are chosen so that the generated sequence does not have a period of maximum length, and the constant c is chosen equal to M, where M is the number of characters. 3. The method according to claim 1, characterized in that as a component of the transformation functions F ₁ and F ₃ , use the normalized linear congruent transformation function of the form

with the initial value depending on the given key sequence and different for both F ₁ and F ₃ , where the constants a and b are chosen so that the generated sequence does not have a period of maximum length, the constant c for F ₁ and F ₃ is chosen equal to the integer part 0, 25N, where N is a fixed prime integer of a large order, chosen arbitrarily before encoding.

Images