RU2459275C1 - Method for unit coding of m message represented in binary form - Google Patents

Abstract

FIELD: electricity.

SUBSTANCE: method of unit coding of a message M represented in a binary form includes the following sequence of actions: generation of a secret key in the form of a set of subkeys K, Q₁, Q₂,…Q_u. R₁, R₂…,R_h, where h≥1, breakdown of the message into subunits M₁ M₂,…,M_U; M_u+1, M_u+2,…,M_2u;…; M_iu+1 M_iu+2,…,M_(i+1)u;…; M_(w._1)u+1,…, M_wu, where i=1, 2,…, w, u≥1 and w≥1, formation of data units B_i, where i=1, 2,…, w, by generation of additional messages T⁽¹⁾, T⁽²⁾,…, T^(h) , breakdown of messages T^(j) where j=1, 2,…, h, into subunits T₁ ⁽ⁱ⁾ T₂ ^(j)…T_w ^(j), coding of subunits M_(i-1)u+1 M_(i-1)u+2,… M_jU depending on subkeys Q₁ Q₂,…, Q_U, coding of subunits T_i ⁽¹⁾, T_i ⁽²⁾,…, T_i ^(h) depending on subkeys R₁ R₂,…,Rh and combination of transformed subunits M_(i-1)u+1 M_(i-1)u+2,…, M_iu, T_i ⁽¹⁾, T_i ⁽²⁾,…, T_j ^(h), and coding of data units B_i depending on a subkey K.

EFFECT: increased information capacitance of a cryptogram without reduction in its resistance level.

3 cl, 1 ex

Description

The invention relates to the field of telecommunications and computer technology, and more particularly to the field of cryptographic methods and devices for protecting information transmitted over telecommunication networks by encryption (The interpretation of the terms used in the description is given in the Appendix) of messages (information).

There are known methods of encrypting electronic messages presented in digital form, namely in the form of binary data, performed using a secret key, for example, a method implemented as an RC5 block encryption algorithm [B. Schneier, "Applied Cryptography", Second Eddition, John Wiley & Sons , Inc., New York, 1996, p. 344-346]. The method includes generating a secret key in the form of a set of subkeys, splitting an n-bit binary information block into n / 2-bit information subunits A and B, and sequentially converting these subunits. The subunits are transformed by sequentially performing linear and nonlinear operations on them, using the summation modulo 2 ^m , where m = n / 2 = 8, 16, 32, 64, bitwise summation modulo 2 and a cyclic shift to the left, and the number the bit by which the converted subblock is shifted depends on the value of the other subblock. The latter property is characteristic of the RC5 method and determines the dependence of the cyclic shift operation at the current step of the conversion of the subunit on the initial value of the input data block. The information subblock, for example subblock B, is transformed by superimposing subblock A onto subblock B using the bitwise summing operation modulo 2 B: = B⊕A. After that, the operation of cyclic left shift by the number of bits equal to the value of subunit A is performed on subblock B: B: = B <<< A. Then, over the subblock B and one of the subkeys K, the summation operation is performed modulo 2 ^m , where m is the length of the subblock in bits: B: = (B + K) mod2 ^m . After that, subunit A is similarly converted. Depending on the size of the key, several such iterations of the conversion of both subunits are performed. This method provides a fairly high encryption speed in software implementation. The disadvantage of the RC5 encryption method is its low resistance to differential and linear types of cryptanalysis [Kaliski BS, Yin YL On Differential and Linear Cryptanalysis of the RC5 Encryption Algorithm. Advances in Cryptology - CRYPTO 95. Proceedings, Springer-Verlag, 1995, p. 171-184].

A known method of encrypting a message M [B. Schneier, "Applied Cryptography", Second Eddition, John Wiley & Sons, Inc., New York, 1996, p.193-194], presented as a binary sequence, by generating a secret key K, splitting the message M into blocks M ₁ , M ₂ , ..., M _k , where k is the number of blocks in the message. Blocks of binary data M _i , i = 1, 2, ..., k, have a fixed bit width n, where n≥64 bits. The block M _{1 is} encrypted with the secret key, obtaining the cryptogram block C ₁ , then, starting from the value i = 2 and up to the value i = k, the cryptogram block C _i-1 and the block M _i obtained by summing are summed using the bitwise summing operation data block is encrypted with a secret key, resulting in the current cryptogram block C _i . The set of blocks of the cryptogram C ₁ , C ₂ , ..., C _k is a cryptogram containing the message M in a hidden form. Removing the message M from the cryptogram is practically possible only using the secret key used in encryption, which ensures protection of the information contained in the message M when it is transmitted over open communication channels. This method provides an improvement in the statistical properties of the cryptogram, however, it has the disadvantage that the ability to independently decrypt individual blocks of the cryptogram is lost.

The closest in technical essence to the claimed method of block encryption of message M, presented in binary form, is the method described in RF patent No. 2103829 [Moldovyan A.A., Moldovyan N.A., Moldovyan P.A. A method of encrypting binary information. RF patent No. 2103829. IPC ⁶ H04L 9/20. Bull. No. 3 dated 01/27/1998]. The prototype method includes the formation of a secret key, splitting the message M into sub-blocks M ₁ , M ₂ , ..., M _u ; M _{u + 1} , M _{u + 2} , ..., M _2u ; ...; M _{iu + 1} , M _{iu + 2} , ..., M _{(i + 1) u} ; ...; M _{(w-1) u + 1} , ..., M _wu , where i = 1, 2, ..., w, u≥1 and w≥1, the generation of binary vectors V ₁ , V ₂ , ..., V _D , where D ≥1, the formation of data blocks B ₁ , B ₂ , ..., B _w , each of which includes at least one of the sub-blocks M ₁ , M ₂ , ..., M _u ; M _{u + 1} , M _{u + 2} , ..., M _2u ; ...; M _{iu + 1} , M _{iu + 2} , ..., M _{(i + 1) u} ; ...; M _{(w-1) u + 1} , ..., M _wu and one of the binary vectors V ₁ , V ₂ , ..., V _D , and the encryption of data blocks B ₁ , B ₂ , ..., B _w depending on the secret key.

The disadvantage of the prototype method is the decrease in the information capacity of the cryptogram due to the fact that binary vectors are generated according to a random law and after decryption do not carry useful information.

The purpose of the proposed technical solution is to develop a method for block encryption of message M, presented in binary form, providing an increase in the information capacity of the cryptogram by forming encrypted blocks B ₁ , B ₂ , ..., B _w by combining data sub-blocks belonging to message M and at least , one additional message T.

This goal is achieved by the fact that in the method of block encryption of message M, presented in binary form, which consists in generating a secret key, dividing the message into subunits M ₁ , M ₂ , ..., M _u ; M _{u + 1} , M _{u + 2} , ..., M _2u ; ...; M _{iu + 1} , M _{iu + 2} , ..., M _{(i + 1) u} ; ...; M _{(w-1) u + 1} , ..., M _wu , where i = 1, 2, ..., w, u≥1 and w≥1, forming data blocks B ₁ , B ₂ , ..., B _w , each which includes at least one of the subunits M ₁ , M ₂ , ..., M _u ; M _{u + 1} , M _{u + 2} , ..., M _2u ; ...; M _{iu + 1} , M _{iu + 2} , ..., M _{(i + 1) u} ; ...; M _{(w-1) u + 1} , ..., M _wu , and the encryption of data blocks B ₁ , B ₂ , ..., B _w depending on the secret key,

new is that the secret key is formed in the form of a set of subkeys K, Q ₁ , Q ₂ , ..., Q _u , R ₁ , R ₂ , ..., R _h , where h≥1, the formation of data blocks In _i , where i = 1, 2, ..., w, carried out by additional formation of messages T ⁽¹⁾ , T ⁽²⁾ , ..., T ^(h) , splitting messages T ^(j) , where j = 1, 2, ..., h, into subunits T ₁ ^(j) , T ₂ ^(j) , ..., T _w ^(j) , encryption of the sub-blocks M _{(i-1) u + 1} , M _{(i-1) u + 2} , ..., M _iu depending on the connections Q ₁ , Q ₂ , ..., Q _u , encryption of the subunits T _i ⁽¹⁾ , T _i ⁽²⁾ , ..., T _i ^(h) depending on the connections R ₁ , R ₂ , ..., R _h and the union of the converted subunits M _{(i-1) u + 1} , M _{(i-1) u + 2} , ..., M _iu , T _i ⁽¹⁾ , T _i ⁽²⁾ , ..., T _i ^(h) , and the cipher The data blocks B _i are executed depending on subkey K.

Also new is that u = 1 and h = 1 are used.

The reduction in the number of simultaneously encrypted messages simplifies the implementation of the claimed method.

Also new is that the values u = 1 and h = 1 and subkey R equal to subkey K are used.

Reducing the number of different private key subkeys simplifies the procedure for generating the private key, which simplifies the hardware implementation of the claimed method.

Thanks to this new set of essential features, by jointly encrypting two or more messages, the information capacity of the cryptogram is enhanced and the possibility of independently extracting each of the jointly encrypted messages from the cryptogram, i.e. the ability to decrypt individual messages by using the K subkey and the subkeys related to messages that need to be extracted from the cryptogram in the decryption procedure. For example, if you need to extract the message M from the cryptogram by decrypting it, use the subkey K, Q ₁ , Q ₂ , ..., Q _u , if necessary, extract the message T ^(j) - connect the K and R _j , where j = 1, 2, ... , h, if necessary, extract messages T ⁽¹⁾ , T ⁽²⁾ , ..., T ^(h) - connect K and R ₁ , R ₂ , ..., R _h , etc. That is, by choosing the subkeys used for decryption, it is possible to extract from the cryptogram any set of jointly converted messages, leaving the remaining messages protected from unauthorized reading.

The analysis of the prior art made it possible to establish that there are no analogues in known sources of information characterized by a combination of features identical to all the features of the claimed technical solution, which indicates the compliance of the claimed invention with the condition of patentability “novelty”. Search results for known solutions in this and related fields of technology in order to identify features that match the distinctive features of the claimed object from the prototype showed that they do not follow explicitly from the prior art. The prior art also did not reveal the popularity of the impact provided by the essential features of the claimed invention, the transformations on the achievement of the specified technical result. Therefore, the claimed invention meets the condition of patentability "inventive step".

,

,…,

. Подблоки Т_i ⁽¹⁾, T_i ⁽²⁾,…, Т_i ^(h) могут быть преобразованы с помощью одной и той же процедуры блочного шифрования F или в общем случае с помощью различных процедур шифрования F^(j), где j=1, 2,…, h. Преобразованные значения этих подблоков равны

,

,…,

. Таким образом, блоки данных B_i имеют вид следующей конкатенации преобразованных подблоков:The possibility of implementing the claimed method and the correctness of its operation is explained by the fact that each data block In _i , where i = 1, 2, ..., h, is a concatenation of the converted subunits M _{(i-1) u + 1} , M _{(i-1) u + 2} , ..., M _iu and the converted subunits T _i ⁽¹⁾ , T _i ⁽²⁾ , ..., T _i ^(h) . The subblocks M _{(i-1) u + 1} , M _{(i-1) u + 2} , ..., M _iu can be transformed using the same block ciphering procedure E _Q , where the subscript denotes the value of the encryption key for the procedure used block encryption, or in the general case using various encryption procedures E ^(z) , where i = 1, 2, ..., u. The converted values of these subunits are equal

,

, ...,

. The subblocks T _i ⁽¹⁾ , T _i ⁽²⁾ , ..., T _i ^(h) can be transformed using the same block encryption procedure F or, in general, using different encryption procedures F ^(j) , where j = 1, 2, ..., h. The converted values of these subunits are equal

,

, ...,

. Thus, the data blocks B _i have the form of the following concatenation of the converted subunits:

The data blocks B _i are encrypted using some block encryption procedure Ф _К through the subkey K. The converted value B _i is the i-th cryptogram block, which we denote as С _i :

The set of cryptogram blocks C _i , where i = 1, 2, ..., w, is the cryptogram obtained as a result of encrypting message M. The block encryption procedure Φ _{K is} easily reversible with a known value of K, therefore, for all values i = 1, 2, ... , w when decrypting the cryptogram block C _i using the key K, the value of the data block B _{i is} restored, which contains the values of the converted subunits M _{(i-1) u + 1} , M _{(i-1) u + 2} , ..., M _iu and subunits T _i ^(1), T _{i ^{(2), ..., T i (h}} ), and the transformation of these sub-blocks was performed using a block encryption procedure, each of which reversible at a known key used for encryption. Therefore, using the appropriate subkeys to perform the decryption procedure, you can decrypt the subblocks related to an arbitrary set of messages M and T ⁽¹⁾ , T ⁽²⁾ , ..., T ^(h) . This corresponds to the fact that only messages matching the used set of subkeys are extracted from the same cryptogram.

. Блок данных E_Q(M_i)||Е_R(Т_i) разбивается на два 64-битовых подблока данных E_Q(M_i) и E_R(T_i). Каждый из последних двух подблоков расшифровывается с использованием процедуры расшифрования, специфицируемой стандартом блочного шифрования DES и обозначаемой как E^-1, по подключу Q, в результате чего формируются два 64-битовых подблока следующего вида:

и

причем второй подблок данных представляет собой псевдослучайную последовательность битов, поскольку подключи шифрования и расшифрования не одинаковы (R≠Q). Расшифрованные блоки М_i, где i=1, 2,…, 8192, объединяются в единое расшифрованное сообщение М. При этом отличить совокупность всех подблоков

от случайной последовательности битов вычислительно невозможно, поэтому без знания подключа R ознакомление с сообщением T вычислительно невозможно.Example 1. Joint encryption of two messages M and T, each of which has a size of 64 kbytes, is carried out using the block encryption procedure E, implemented according to the American standard block encryption DES [Menezes AJ, Vanstone SA Handbook of Applied Cryptography. - CRC Press, 1996, p.250-256], and the F block encryption procedure implemented by the IDEA block encryption algorithm [Menezes AJ, Vanstone SA Handbook of Applied Cryptography. - CRC Press, 1996, p.263-266]. The message M is divided into subunits M ₁ , M ₂ , ..., M _w , where w = 8192. The message T is divided into subunits T ₁ , T ₂ , ..., T _w , where w = 8192. A secret key is generated in the form of a set of subkeys K, Q (Q ≠ K) and R (R ≠ K; R ≠ Q), where Q and R are 64-bit subkeys; K - 128-bit subkey. The data blocks B _i , where i = 1, 2, ..., 8192, are formed by encrypting the sub-block M _i using the block encryption procedure E on the Q plug, encryption of the subblock T _i using the block encryption E on the R plug-in and combining the converted subunits M _i and T _i into a single data block B _i = E _Q (M _i ) || E _R (T _i ). After the formation of the data block B _i, it is encrypted using the block ciphering procedure F by connecting K: C _i = F _K (B _i ) = F _K (E _Q (M _i ) || E _R (T _i )). The set of converted data blocks In _i , i.e. a sequence of 128-bit blocks C _i , where i = 1, 2, ..., 8192, form a cryptogram of 128 kB in size, which contains two messages of 64 kB in size. When you enter the decryption procedure for the subkeys K and Q, each block of the cryptogram C _i , where i = 1, 2, ..., 8192, is decrypted as follows. The decryption procedure specified by the IDEA block encryption algorithm and denoted as F ^-1 is performed by connecting K, as a result of which a 128-bit data block is formed

. The data block E _Q (M _i ) || E _R (T _i ) is divided into two 64-bit data subunits E _Q (M _i ) and E _R (T _i ). Each of the last two subunits is decrypted using the decryption procedure specified by the DES block encryption standard and designated as E ^-1 , by connecting Q, as a result of which two 64-bit subunits of the following form are formed:

and

moreover, the second data sub-block is a pseudo-random sequence of bits, because the encryption and decryption subkeys are not the same (R ≠ Q). The decrypted blocks M _i , where i = 1, 2, ..., 8192, are combined into a single decrypted message M. At the same time, distinguish the set of all subunits

from a random sequence of bits is computationally impossible, therefore, without knowledge of the subkey R, familiarization with the message T is computationally impossible.

и

причем первый подблок данных представляет собой псевдослучайную последовательность битов, поскольку подключи шифрования и расшифрования не одинаковы (R≠Q). Расшифрованные блоки T_i, где i=1, 2,…, 8192, объединяются в единое расшифрованное сообщение Т. При этом отличить совокупность всех подблоков

от случайной последовательности битов вычислительно невозможно, поэтому без знания подключа Q ознакомление с сообщением М вычислительно невозможно.Similarly, it is easy to show that when decrypting the K and R subkeys, the 128-bit block of the cryptogram C _i , where i = 1, 2, ..., 8192, is converted into two 64-bit subblocks

and

moreover, the first sub-block of data is a pseudo-random sequence of bits, because the encryption and decryption subkeys are not the same (R ≠ Q). The decrypted blocks T _i , where i = 1, 2, ..., 8192, are combined into a single decrypted message T. In this case, distinguish the set of all subunits

from a random sequence of bits is computationally impossible, therefore, without knowledge of the subkey Q, familiarization with the message M is computationally impossible.

Thus, Example 1 shows that decrypting the same cryptogram of 128 kb in size with a different set of subkeys results in two different messages of 64 kb in size.

Example 2. Joint encryption of three messages M, T ⁽¹⁾ and T ⁽²⁾ . Message M is 32 KB in size. Messages T ⁽¹⁾ and T ⁽²⁾ have the same size equal to 16 kbytes. The message M is divided into 32-bit subunits M ₁ , M ₂ , ..., M _2i-1 , M _2i , ..., M _2w-1 , M _2w , where i = 1, 2, ..., w; w = 4096 (u = 2). Messages T ⁽¹⁾ and T ⁽²⁾ are divided into 32-bit subunits T ₁ ⁽¹⁾ , T ₂ ⁽¹⁾ , ..., T _w ⁽¹⁾ and T ₁ ⁽²⁾ , T ₂ ⁽²⁾ , ..., T _w ⁽²⁾ , where w = 4096. The secret key is generated as a set of subkeys K, Q ₁ , Q ₂ , R ₁ and R ₂ , where K is a 128-bit subkey, and subkeys Q ₁ , Q ₂ , R ₁ and R ₂ are 32-bit binary vectors, having an odd value when interpreted in the form of binary numbers. The data blocks In _i , where i = 1, 2, ..., 4096, are formed by performing the following steps:

;1) the encryption of the sub-block M _2i-1 using the block encryption procedure E _Q on subkey Q ₁ described by the formula

;

по подключу Q₂, описываемой формулой

;2) the encryption of the sub-block M _2i using the block encryption procedure

by connecting Q ₂ described by the formula

;

по подключу R₁, описываемой формулой

;3) sub-block encryption T _i ⁽¹⁾ using the block encryption procedure

by connecting R ₁ described by the formula

;

по подключу R₂, описываемой формулой

4) sub-block encryption T _i ⁽²⁾ using the block encryption procedure

by connecting R ₂ described by the formula

5) combining the converted subunits M _2i , M _2i-1 , T _i ⁽¹⁾ and T _i ⁽²⁾ into a single 128-bit data block

After the formation of the data block B _i, it is encrypted using the block encryption procedure F described in example 1, by connecting K:

The set of converted data blocks In _i , i.e. a sequence of 128-bit blocks C _i , where i = 1, 2, ..., 4096, form a 64 kbyte cryptogram, which contains three messages M, T ⁽¹⁾ and T ⁽²⁾ in a converted form with a total size equal to the size cryptograms. Equality of the total size of encrypted messages and the size of the cryptogram holds for arbitrary encrypted messages. This means that the particular embodiment of the claimed method considered in Example 2 provides the maximum possible information capacity of the cryptogram.

, обратная процедуре блочного шифрования E_Q, описывается формулой

. Действительно процедура расшифрования по этой формуле восстанавливает значение 32-битового подблока:It is easy to show that when performing the decryption procedure on the K and R ₁ subkeys from the 128-bit block of the cryptogram C _i , where i = 1, 2, ..., 4096, the sub-block T _i ⁽¹⁾ is extracted. The set of decrypted blocks T _i ⁽¹⁾ where i = 1, 2, ..., 4096, forms a restored message T ⁽¹⁾ . When the decryption procedure for the subkeys K and R ₂ is performed, the message T ^{(2) is} restored. When performing the decryption procedure on the subkeys K, Q ₁ , Q ₂ , R ₁ and R ₂ , all three jointly converted messages M, T ⁽¹⁾ and T ^{(2) are} restored. The correctness of the decryption of messages M, T ⁽¹⁾ and T ^{(2) is} based on the use of encryption procedures that are reversible with a known encryption key. The reversibility of the F block encryption procedure is shown in the book [Menezes AJ, Vanstone SA Handbook of Applied Cryptography. - CRC Press, 1996, p.263-266]. The reversibility of the block encryption procedure E _Q over the subkey Q described by the formula E _Q (M ') = M' ^Q Qmodp = C '(where p = 2 ¹⁶ +1; M' is a 32-bit sub-block interpreted as a binary number) when using subkey Q having an odd value is shown in the general case in the following way. Since the number p-1 = 2 ¹⁶ is coprime with any odd number, then for any odd subkey Q exists and is easily calculated (using the advanced Euclidean algorithm [Moldovyan NA Theoretical minimum and digital signature algorithms. - SPb .: BHV - Petersburg, 2010. - 304 p.]) Is multiplicatively inverse modulo p-1 integer Q ^-1 . Since the number p is prime and Q <p, for any odd subkey Q exists and is easily calculated (using the extended Euclidean algorithm) the integer Q ' ^-1 multiplicatively inverse modulo p. Decryption procedure

inverse to the block encryption procedure E _Q is described by the formula

. Indeed, the decryption procedure using this formula restores the value of the 32-bit subunit:

.

.

The above examples show that the claimed method of block encryption of message M, presented in binary form, functions correctly, is technically feasible and allows us to solve the problem.

The inventive method of block encryption of message M, presented in binary form, can be used to develop means of secure broadcast messages with control of access to messages from the recipients while ensuring the identity of the decryption process of the same cryptogram. Such means of secure broadcast messaging solve the problem of traffic non-tracking when transmitting information over telecommunication channels.

INTERPRETATION OF THE TERMS USED IN THE DESCRIPTION OF THE APPLICATION

1. An electronic message (message), presented in binary form, is a binary digital electromagnetic signal, the parameters of which depend on the original message and how it is converted to electronic form.

2. Binary digital electromagnetic signal - a sequence of bits in the form of zeros and ones.

3. Parameters of a binary digital electromagnetic signal: bit depth and order of single and zero bits.

4. The bit depth of a binary digital electromagnetic signal is the total number of its single and zero bits, for example, the number 10011 is 5-bit.

5. Secret key - a binary digital electromagnetic signal used to generate a signature for a given electronic document. The secret key is represented, for example, in binary form as a sequence of digits "0" and "1".

6. The operation of raising a number S to a discrete power A modulo n is an operation performed on a finite set of natural numbers {0, 1, ..., n-1}, including n numbers that are the remainders of dividing all kinds of integers by n; the result of the operations of addition, subtraction and multiplication modulo n is a number from the same set [Vinogradov IM Fundamentals of number theory. - M .: Nauka, 1972. - 167 p.]; the operation of raising a number S to a discrete power Z modulo n is defined as a Z-fold sequential multiplication modulo n of the number S by itself, i.e. as a result of this operation, the number W is also obtained that is less than or equal to the number n-1; even for very large numbers S, Z and n, there are effective algorithms for performing the operation of raising to a discrete power modulo [see Moldovyan A.A., Moldovyan N.A., Guts N.D., Izotov B.V. Cryptography: high-speed ciphers. - SPb .: BHV - Petersburg, 2002. - p. 58-61]; the operation of raising the number S to a discrete power of Z modulo n is denoted as W = S ^Z mod n, where the multi-bit binary number W is the result of this operation.

7. The Euler function of a natural number n is the number of numbers that are coprime with n and not exceeding n [Vinogradov IM Fundamentals of number theory. - M .: Nauka, 1972. - 167 p.].

8. The order q of the number a modulo n is the minimum of the numbers γ for which the condition a ^γ mod n = 1 is satisfied, that is, q = min {γ ₁ , γ ₂ , ...} [I. Vinogradov Fundamentals of number theory. - M .: Nauka, 1972. - 167 p.].

9. The operation of dividing the integer A by an integer B modulo n is performed as the operation of multiplying modulo n the number A by an integer B ^-1 , which is the inverse of B modulo n.

10. The calculation of the value of B ^-1 , which is the inverse of B modulo n, is performed as raising the number B to the power equal to q-1, where q is the order of the number B modulo n. A faster way to calculate the value of B ^-1 is to perform the extended Euclidean algorithm [N. Moldovyan Theoretical minimum and digital signature algorithms. - SPb .: BHV - Petersburg, 2010. - 304 p.].

11. Encryption is a cryptographic conversion of digital information that is performed using a secret key (depending on the secret key) and provides the influence of one bit of the source data on many bits of the output data, for example, to protect information from unauthorized reading.

12. Decryption is a process opposite to the encryption procedure, which ensures the recovery of information from a cryptogram while knowing the secret key.

13. A cipher (or encryption algorithm) is an algorithm for converting input data using a secret key.

14. A binary vector is a sequence of zero and one bits. The message, presented in binary form, is a binary vector.

15. Arithmetic operations on binary vectors and messages represented in binary form are performed by interpreting the binary vector as a number written in binary form and performing arithmetic operations on this number.

16. A cryptogram is a binary sequence obtained by encrypting the original message with a secret key.

17. The cryptogram block is a binary sequence obtained as a result of encryption of the original data block.

Claims (3)

1. The method of block encryption of message M, presented in binary form, which consists in generating a secret key, splitting the message M into subunits M ₁ , M ₂ , ..., M _u ; M _{u + 1} , M _{u + 2} , ..., M _2u ; ...; M _{iu + 1} , M _{iu + 2} , ..., M _{(i + 1) u} ; ...; M _{(w-1) u + 1} , ..., M _wu , where i = 1, 2, ..., w, u≥1 and w≥1, forming data blocks B ₁ , B ₂ , ..., B _w , each which includes at least one of the subunits M ₁ , M ₂ , ..., M _u ; M _{u + 1} , M _{u + 2} , ..., M _2u ; ...; M _{iu + 1} , M _{iu + 2} , ..., M _{(i + 1) u} ; ...; M _{(w-1) u + 1} , ..., M _wu , and encryption of data blocks B ₁ , B ₂ , ..., B _w depending on the secret key, characterized in that the secret key is formed as a set of subkeys K, Q ₁ , Q ₂ , ..., Q _u , R ₁ , R ₂ , ..., R _h , where h≥1, the formation of data blocks In _i , where i = 1, 2, ..., w, is carried out by additional formation of messages T ^{(1 )} , T ⁽²⁾ , ..., T ^(h) , message splits T ^(j) , where j = 1, 2, ..., h, into subblocks T ₁ ^(j) , T ₂ ^(j) , ..., T _w ^(j) , the encryption of the subunits M _{(i-1) u + 1} , M _{(i-1) u + 2} , ..., M _iu , depending on the connections Q ₁ , Q ₂ , ..., Q _u , the encryption of the subunits T _i ^{( 1)} , Т _i ⁽²⁾ , ..., Тi ^(h) depending on the connections R ₁ , R ₂ , ..., R _h and volume the unity of the converted subunits M _{(i-1) u + 1} , M _{(i-1) u + 2} , ..., M _iu , T _i ⁽¹⁾ , T _i ⁽²⁾ , ..., T _i ^(h) , and encryption data blocks In _i perform depending on the subkey K. 2. The method according to claim 1, characterized in that the values u = 1 and h = 1 are used. 3. The method according to claim 1, characterized in that the values u = 1 and h = 1 and the subkey R equal to the subkey K are used.