RU2475838C1 - Device for cryptographic information protection - Google Patents

Abstract

FIELD: information technology.

SUBSTANCE: disclosed is a device for cryptographic information protection, having three AND elements, read-only memory, four shift registers and two counters with overflow triggers, characterised by that the device is built-in with an additional flip-flop, second ROM, a unit of group AND circuits, a decoder, a unit of OR circuits, a counter with an overflow trigger, an arithmetic logic unit and a self-controlled synchronisation unit, wherein the device for cryptographic information protection consists of series circuits of components and units in form of a first terminal, the self-controlled synchronisation unit having two input "Start" and "Stop" external terminals, and a second series circuit of units is formed from the output of the first ROM through a unit of AND circuits.

EFFECT: high level of cryptographic protection, while maintaining high speed of operation of the device hardware.

6 dwg, 6 tbl

Description

The present invention relates to computer technology, discrete automation and communication systems and can be used to protect information in information processing systems and remote control in real time (mobile means, critical facilities, closed commercial or official communication).

Known software systems for encrypting binary information based on block ciphers using methods of logical conversion of information using a private key with subsequent dissemination of information [1, 2, 8-10]. The transformation of information in most cases is associated with the addition modulo two (XOR operation) pieces of information with a secret key code. After the XOR operation, part of the message is subjected to mixing, and the other is rearranged first (the basis of the Feistel method, etc.). These procedures are repeated 32-64 times.

The disadvantage of existing software systems is the low speed, requiring even tens of minutes for ultra-fast computers to encode or decode information, which is completely unacceptable for real-time systems.

Methods are also known, including non-linear operations such as raising to a power of n and addition modulo P (n <P). These methods are described in [1, 2, 8-10], as well as in the inventions. Although these analogues have a higher speed than software systems, nevertheless they are difficult to implement.

Three useful models of the authors of the present invention are known (No. 82974, No. 82889, No. 82890, BI No. 3, 2009), in which new methods and algorithms for converting and dispersing information are used, allowing for hardware implementation without a multi-cycle procedure to implement cryptographic protection in a few tens of microseconds or upon transition to ultrafast LSIs and in units of microseconds. However, each of these solutions has disadvantages.

In RF patent No. 82890, only one key is used, consisting of a set of coefficients (L ₁ , L ₂ ... L _k ) of the polyadic number system.

In the patent of the Russian Federation No. 82974, despite the presence of a large number of constant keys (up to several thousand) stored in a permanent storage device, a procedure is used with the dependence of modifying the key from a previous piece of information, which makes the system vulnerable to decryption, because the last "portion" of information remains unchanged, and assuming the existence of precisely this recurrent reverse recovery procedure, the possibility of decryption remains due to enumerated changes in the contents of the decoder ROM using a random number sensor.

In the patent of the Russian Federation No. 82889, with the original procedure for dispersing information, there is still a need for one secret key of limited capacity, which, as you know, does not make it possible to achieve the required level of cryptographic information.

By the number of matching elements and blocks closest to the proposed invention is a patent of the Russian Federation No. 82974 [5].

The aim of the present invention is to increase the level of cryptographic protection while maintaining the speed of hardware implementation of devices.

The goal is achieved by creating a new device that uses parts of previous patents of the authors.

The integration of the above utility models 82974,82889, 82890, 63588, 82888 is not done by mechanical serial connection of five devices according to patents, but the creation of a new device with changes in the composition of the blocks and the connections between them and the introduction of additional functionality that is not characteristic of analogues and prototypes.

The cryptographic information protection device (Fig. 1) consists of sequential circuits of elements and blocks in the form of a first terminal (1) connected through the first element And (2) with a single trigger input Tr (3), the unit outputs of which are connected to the first inputs of the second and of the third elements And (4), And (5), the outputs of which are connected respectively to the sequential inputs of the first and second shift registers РгС (6), РгС (7), the parallel outputs of which are connected, respectively, to the higher and lower bits of the register of the information word РГХ (8 ), exit cat It is connected to the input of the first read-only memory device ROM1 (9), connected by the output to the input of the third shift register PrC (10), the zero output of the highest level of which is connected with the second input of the second element And (4), and the single output is connected with the second input of the third element And (5) and the first input of the self-controlled SBS synchronization block (11), which also has inputs from the unit outputs of the second, third and fourth triggers Tr (12), Tr (13), Tr (14) associated with the overflow outputs of the first, second and third counters Cr1 (15), Cr2 (16), Cr3 (17) ootvetstvenno, wherein the self-controlled SBS block synchronization (11) has two external input terminals Start (18) and the stop (19); the second serial chain of blocks is formed from the output of the first read-only memory ROM1 (9) through the block of AND-BI circuits (20), then the block of OR-OR circuits (21) associated with the input of the ALU arithmetic-logic device (22) associated with the fourth shift register РГС (23), which has a serial input to the terminal (24) and a result register РРР (25), connected through the block of group circuits AND (26) by the least significant bits of the inputs of the second read-only memory ROM2 (27), the outputs of which are connected to the second inputs block OR circuits (21), third inputs otorrhea connected to the outputs of the register information word prx (8). Moreover, the parallel outputs of the first counter Cr1 (15) are connected by the high bits of the inputs of the second read-only memory ROM2 (27) and with the inputs of the DC decoder (28), the outputs of which are connected to the synchronization inputs of the corresponding groups of the block of group circuits And (26); and the outputs of the self-monitoring block synchronization SBS (11) C ₁ C ₂ ... With _p connected with all the control inputs of the elements and blocks of the device cryptographic information protection.

The width of the memory registers is different. For the registers Pg3 (10), PgX (8), PgP (25), the bit capacity is m, for Pg (6), (7) it is m / 2, and the bit capacity of the ALU and Pg (27) is determined by the number of the group (k), by which is divided by m, and the values (p) of the coefficients L ₁ L ₂ ... L _k . For m = 16, the bit capacity of Pr (27) is p ≤ 24. Respectively, the bit capacity of the counters is also different: Cr1 (15) - the bit capacity is determined by the bit depth of the binary code of the groups K, for Cr (2) it is m, and for Cr (3) it is p.

For the SBS synchronization block (11), the characteristic of self-controlled was applied in order to note its fundamental difference from the previously used synchronization blocks in analogues and prototypes. Although hereinafter, to shorten the text, it will be called as the SBS synchronization block (11) without the word self-controlled.

The proposed device operates in the following sequence according to the algorithm (figure 2):

- after applying the Start signal to the terminal (18) of the SBS synchronization block (11), the serial reception of m-bits of the input message through terminal 1 begins with the simultaneous dispersion of information by the code PrgS3 (10) in PrgSdv 1 (6) and PrgSdv (7) and the connection them into a single concatenation on the register PrX (8), when i = m. The ROM constants (19) are chosen so that the numbers “1” and “0” in them are the same, but they are located in random order, i.e. the number of ones and zeros is m / 2. Then C (i) = (i) / D (i) = 1; In (i) = (i) / D (i) = 0, where (i) is the i-th digit of the information word; C (i) is the value of the i-th category of the register РГС2 (5); B (i) is the value of the i-th category of the register РГС1 (4); D (i) is the value of the ith discharge of the constant in the RSSS (10). The previous x (t-1) value of the information message scattered by the first procedure and recorded in the ROM address register is considered as an address for selecting the secret key code from ROM-1 (9) with writing it to the accumulating adder of the ALU arithmetic-logic device (22 ) In the following cycles, the information word x (t), also previously “confused” (scattered), is received on ALU (22). Next, find the value of x (t) according to the procedure x (t) = x⊕K (x-1), where K (x (t-1)) is a constant determined by the address x (t-l); ⊕ - disambiguation operation (XOR).

Note: just as the ROM address register is part of the ROM, the accumulating adder is part of the ALU and is not taken out as a separate block in the structure of the cryptographic information protection device.

The message x (t) transformed in this way is converted from binary to polyadic code according to the formula

R (x) = a ₀ + x ₁ L ₁ + x ₂ L ₁ L ₂ + ... + L ₁ L ₂ ... L _p x _p ,

where x ₁ x ₂ , ... x _n is the arithmetic value of the codes of the groups x _i (i = 1, 2, ... p) of the transformed message, fixed on PrP (25) and divided into p groups. The coefficients L ₁ , L ₂ ... Lp can be any, including L _i = L _j , but any L> 2 ^{m / p} , because in m / p discharge of the group ah the number is written (2 ^{m / p} -1).

An example for two-bit groups is given in table 1. As you can see, the value of the first and fifth groups is taken equal to 5. The number that can be obtained with the selected values of L _i is equal to Q (x).

Q = 5.1 + 35.3 + 315.2 + 3465.0 = 18065

The maximum number that can be written in a group of two digits (x _i ) is three, then

Q = (5 + 35 + 315 + 3465 + 17325); 3 = 21.145 × 3 = 63.435 <2 ¹⁶

Here Q is the maximum possible polyadic number corresponding to the information word; R _i are the coefficients of the polyadic number system corresponding to each digit of the number. That is, a 10-bit number represented in a binary positional code is converted to a 16-bit binary code of a polyadic number. A specific number x _i (t) with the values x _i from Table 1 (line 2) will be 18065.

For three-digit groups, an example is given in Table 2. As can be seen in this case, the 12-bit information word x (t) will be converted to a 19-bit polyadic number. Table 3 shows an example for 16-bit x (t), which will be converted to a 22-bit binary code of the polyadic number.

Thus, each m - bit part of the message is scattered, added to the secret key, the value of which is selected from ROM1 (9) and the conversion of this part of the message into a binary r-bit code of the polyadic number. Moreover, r ≤ 1.5m and may not be a multiple of 2 to the integer.

It is easy to see that by performing the inverse transformations by dividing by R ₅ , then the remainder by R ₄ , etc. to R _i , we obtain the coefficients 1, 0, 2, 3, 1 corresponding to the values of x _i . In all examples (Tables 1, 2, 3), for simplicity of explanation, the constant a _{0 was} taken equal to "0".

Table 2 gives an example of dividing x (t) into four groups of 3 digits in each. All blocks and logical elements of the present invention, typical, do not have specific features, except for the block of group circuits AND (26) and the synchronization block BS (11).

The block of group circuits I (26) differs from the typical set of parallel working circuits AND in that they are divided into groups according to (2, 3 or 4 bits) with common synchronization inputs for the group connected to the outputs of the DC decoder (28). Permanent storage devices (ROM) are typical, but the contents of the numerical part of the ROM are determined in accordance with the principles laid down in the invention.

1) ROM (27) allows you to implement the operation of multiplying m bit numbers by the coefficients P _i by direct reading. With an n-bit result code (ROM output), a ROM volume of n2 ^{m +} p is required, where p is the number of bits needed to represent the largest constant number. To obtain the correct result, the constants P (i) must be of the same bit depth as x, i.e. must have bit depth m. In the classical execution of the operation of multiplication by a tabular method, the volume of the ROM is determined by the value n2 ^2m . With n = m-12, V = 12 * 2 ²⁴ = 192 * 2 ²⁰ = 200 Mbps. The invention uses the technique of finding the result of multiplying a variable x (t) by a constant of the same bit m through a ROM of volume V = n2 ^{m + p} , and not through a ROM of volume V = n2 ^2m by the method of direct reading of the result. With m = 16 and n = 3, the ROM volume will be reduced by more than 8000 times compared to the direct reading of the result. Since the number of constants P _{i is} limited (k = 4, 5, 6), for their representation in the address of the ROM it is enough to take p = 2-3 digits. The constants themselves are known in advance, and the value of X (m / k) is the unknown part of the message X (t) that has arrived at the moment, then the contents of the ROM can be determined in advance so that by the value of X (t) the resolution is m / k (indicated here X (m)) and the constant number (p), it was possible to determine the value n of the bit response as the result of the multiplication operation. The rationale for the choice of the number k = 4, 5, 6 is given further in the text of the description of the invention.

In ROM1 (9), 2 ^m constants with a capacity of m (secret keys) are written, sorted using a random number sensor so that there is no direct correlation between the address number and the constant value. Moreover, the constants are such that they have an equal number of "0" and "1".

The SBS synchronization block (11) is designed according to the transition graph (Fig. 3) obtained from the graph diagram of the algorithm (Fig. 2). The structure of SBS (11) is not typical, because based on the use of useful models of authors according to patents of the Russian Federation No. 63588 Bi No. 15, 2007 and No. 82888 Bi No. 13, 2009.

в табл.4. На основании ГСА фиг.2 по методике [3], а также [4, 11, 12] СБС (11) проектируется как автомат Мура с мультиплексором для выделения одного единственного логического условия α_j Є {α} по коду a(t). Ha ГСА фиг.2 множество {α} представлено в виде β, m, k, n, e, гдеA formalized description over time of the operation of the cryptographic information protection device is presented in the form of GAW in figure 2 with the interpretation of synchronization commands

in table 4. Based on the GAW of FIG. 2, according to the method of [3], as well as [4, 11, 12], SBS (11) is designed as a Moore automaton with a multiplexer to extract a single logical condition α _j Є {α} by the code a (t). Ha GAA figure 2, the set {α} is presented in the form β, m, k, n, e, where

β is the value “1” or “0” at the output of PgC3 (10);

m is the bit depth of the information word;

k is the number of groups;

n is the word length of the output word;

e - sign of the end of the program (end).

In Fig. 4, M (33) is indicated - a multiplexer with information inputs from the memory register R _q1 (32) and with address inputs from the circuit F ₃ (45). R _{q1, 2, 3, 4} - storage registers; K (41) - control circuit; Tr 34, 43, 44 - triggers; DC - decoder; CD is an encoder for translating an MGC code into a DNA code. F ₃ (45) is a combination scheme for translating a DNA code into the sequence number of the logical condition α.

In the circuit of the automaton of the SBS synchronization block (11), shown in Fig. 4, a control circuit of the correctness of transitions from the state a (t) to a (t + 1) is introduced. For control, the method proposed in the utility model patent [5] was used, which consists in the fact that a (t + 1) is represented as a modified geometric code (CIM), while the states a (t) are represented as a binary non-positional code ( DNA). CIM is based on the representation of every two bits of the binary positional code (DPC) in the form of a three-digit code with the correspondence 00-001, 01-010, 10-100. Combination 11 will require a change in the group of older MGK bits. Correspondence of duodenum - MGC - DNA is presented in table 5.

As can be seen from table 5, in the CIM in each group of three categories, a combination with only one unit is possible.

If for example, denote in the form y ₁ y ₂ ... y _{8 the} outputs of the combinational circuit F ₁ in Fig.6, then the absence of error is determined by the expression

.

.

Then the error is fixed in the case of:

The formula (ERR) corresponds to the control circuit of Fig. 5. In the diagram in blocks with a crosshair, strikethrough denotes the switching of outputs y ₁ y ₂ ... y ₈ into groups in accordance with the entry for ERR.

From Fig.6, presented for example, the principle of creating a control circuit for a larger number of variables y ₁ y ₂ ... y _{n is} clear.

The need to control the correct functioning of the SBS synchronization block (11) is determined by the fact that in the cryptographic information protection device of Fig. 1 (in the presence of ~ 30 elements and blocks in the main circuit), it is SBS (11) that works on each clock cycle of a pulse generator (GI). Therefore, the correctness of the results of the entire device primarily depends on the correct operation of the SBS (11).

In Fig. 4, all the elements and blocks of the SBS machine (11) are numbered starting with numbers more than 30 so that in the descriptions the blocks of the main device and the synchronization block differ in numbers.

All blocks in the SBS machine (11) are synchronized by clock pulses, except for the CD encoder (40) for converting MGCs to DNA and the F ₃ circuit (45) for translating DNA into serial number α _j Є {α}. The corresponding Boolean functions are determined by table 4 and their implementation by the standard method is trivial.

The circuit of the SBS automaton (11), shown in Fig. 4, is clocked from a clock pulse generator that generates a sequence of time-disjoint pulses τ ₁ τ ₂ τ ₃ τ ₄ , with τ ₁ (t) & τ ₂ (t) & τ ₃ ( t) & τ ₄ (t) = ø. Such generators are known [13] or can be performed on the basis of a typical pulse generator with one output of a GI (46) according to the scheme of Fig. 5, which indicates: GI (46) - pulse generator; Cr (47) - two-digit counter; DC (48) - decoder for two inputs with four outputs; OR (50) - scheme for transferring Tr (49) to the zero state by the signal to end the program (e) or an external Stop signal (19); (18) - Start signal input.

For proper operation, the Start signal should be given by the button (18) after pressing the button (51) so that the SBS blocks (11) and all necessary blocks of the entire cryptographic protection device are set to the initial “zero” state. This action is performed by element (52).

The control unit of the SBS unit (11) issues synchronization commands B ₁ B ₂ ... B ₁₆ in accordance with the flow chart of FIG. 2. The combinational circuit F ₁ (38) is implemented according to the transition table (Table 6) obtained from the transition graph of Fig. 3. Instead of the combinational circuit F ₁ (38), a memory device (ROM) or a programmable logic matrix (PLM) can be used.

The automatic machine of the SBS block (11) of Fig. 4 operates under the action of pulses τ ₁ τ ₂ τ ₃ τ ₄ according to the conditions:

τ ₁ - count M (3); <R _q 5> → R _q 7; On DC (12)

τ ₂ - count F ₁ (8) → Зп R _q (9); Mouth “0” Tr (13)

τ ₃ - count CD (10); Count K (11); ZpM (3); Rp R _q (5)

τ ₄ - off DC (12); Mouth “0” Tr (4).

The structural organization of automata and their functioning in time are described in detail in the literature [3, 13, 14], including automata with a multiplexer [4, 5], therefore, the sequence of connections and internal elements of the synchronization block is not described.

The proposed cryptographic information protection device is fundamentally different from the known solutions cited in patents and in the cited scientific literature, by a complex of blocks and relations between them, which convert the binary code of an information message (which is considered as an integer in a binary positional number system), into a new binary number with several bases of numbering (polyadic system). Moreover, before this polyadic number is received, part of the message (information word) is subjected to the procedure of dispersing information and adding it to one of several thousand secret keys. Despite the limited number of coefficients of such a system L ₀ L ₁ ... L _k (where the value (k) can be chosen equal to 3, 4, 5, 6), the presence of repeating coefficients in the series L ₀ L ₁ ... L _k , as well as the presence of a constant term and ₀ make it impossible to find specific values of L _i , if the enemy even knows that a polyadic number system is used.

The cryptographic stability is also increased due to the presence of the mixing unit and the applied conversion (in almost all inventions, including here) using the addition operation modulo 2. Since for several transformations of m-bit parts of the complete message, the operation Y (t) = x (t ) + Kx (t-1), where Kx (t-1) is a constant (secret key) of bit m selected from ROM, then this procedure actually ensures the execution of the logical addition operation by mod2 (XOR) as if with a single secret key with bit r2 ^m , where r is the number of different m-times line sections in the full text of the message. If all ROM constants are used for encoding, but 30% of them are the same, then M = 0.7m2 ^m . Even taking the cases of 50% coincidence, we get M = 2 ^m-1 .

We do not know the unified methodology for assessing the cryptographic stability of the hardware implementation of cryptographic information protection devices, because it may not exist.

However, from sources [1, 2, 8, 9, 10] it is known that with a secret key length of M = 128, hacking by simple selection is practically unrealistic on modern computers. However, for some software protection systems, the value of M is selected with a margin of M = 512. In the proposed device, the value of M is estimated as follows.

The width of the information word and secret key with an equal number of "0" and "1" is equal to m. Without the equality requirements “0” and “1”, the number of keys would be 2 ^m . However, although the secret keys are constants randomly mixed, so there is no direct correspondence between the keys by their address, nevertheless, the actual number of different constants is less than 2 ^m due to the requirement of equal numbers of “0” and “1” in a constant. Considering m = 4.6 and 8 it is logical to conclude that the number of different constants is more than (m / 3) 2 ^m . Really:

For m = 8

For m = 12 M = 4 * 2 ¹² = 2 ¹⁴ > 16000

For m = 16 M = 5 * 2 ¹⁶ = 320,000,000

those. already at m = 12, the proposed device provides protection equivalent to using a secret key with a resolution of M = 16000. In addition, additional protection should be taken into account due to the polyadic system and the discrepancy between the length of the information word received from the media (m) and the length of the encrypted word transmitted to the communication channel (n).

It is known that decryption of a message by simple exhaustive search on ultra-high-speed computers is impossible for an acceptable time at M = 128, because the number of combinations is 2 ^M. Therefore, in all known software algorithms, the value M = 128-512. But even with such values of M, software methods of cryptographic protection require tens of minutes to implement, and with a value of M> 1000 they are not implemented at all, because requires many months of continuous computer work. In the present invention, the cryptographic protection procedure is carried out in units of microseconds even at M> 16000. Indeed, let m = 16, then the bit depth of the output word is 22. Since reception and transmission are carried out synchronously by a sequential code, then 22 + 16 clock pulses will be required for reception and transmission. Information processing according to the algorithm of figure 2 will require another 20 pulses to form 45 micro-operations, most of which are implemented in parallel on the structure of figure 1. Therefore, the total number of clock signals ≤ 60. The most complex operations in the structure of figure 2 is the addition and reading of the result from the ROM, the feasibility time of which is almost the same. Instead of ROM, faster programmable logic arrays (PLMs) can be taken. Today, for high-speed integrated circuits, the execution time of these operations for 10-20 ns is not limit. Then, taking even 20 ns, we get the overall speed equal to 60 * 20 ns = 1.2 μs. With a sync pulse duration of τ = 0.05 μs, the full time for crypto protection of an informational 16-bit word is t.

t = 60 * 0.05 μs = 3 μs.

For integrated circuits of medium speed, τ = 0.1 μs, then t = 6 μs. Such a result cannot be obtained on any of the known analogues with the degree of protection that is provided in the present invention.

Methods for quantifying the degree of protection of devices are not known to the authors. As for the invention, here the degree is the highest in comparison with the known solutions, as proved above.

The advantage of the invention is its high performance, and the achieved level of cryptographic protection does not require the repetition of the operation in several rounds as in the well-known algorithms of Feistel, Blowfish.

The difference of the proposed device is also the presence of several settings:

1 - values of m, k;

2 - the value of the coefficients L ₀ L ₁ ... L _p polyadic number system.

Obviously, the values L ₀ L ₁ ... L _p as well as m, k can change periodically with the replacement of the contents of ROM1 and ROM2 in the equipment for receiving and transmitting messages.

3 - the value of the constant term a ₀ in the polyadic number system;

4 - the introduction of secret keys with an equal number of "1" and "0" for mixing information;

5 - use for the operation of logical addition not one key of bit m, but 2 ^m keys to “cover” the entire message;

6 - the possibility of hardware implementation with the bit depth of the transmitted information word, not a multiple of an integer power of two, as in typical microcontrollers used for the “hacking” procedure;

7 - effectively built block synchronization with built-in control.

All of the listed advantages of the proposed device distinguish it from prototypes and analogues known to the authors.

The hardware implementation of the decoding algorithm, in principle, will not differ much from the structure of Fig. 1, however, the number of operations of the adder for encoding should include the subtraction and division of fixed-point numbers, and also change the functioning algorithm to the opposite with the same, in essence, commands (for small exception) and micro-operations.

Table 1 AT Content one Set “0” for Tr (3), SCh2 (16), ROM1 (9) 2 Mouth “0” Tr (13) Count. ROM1 (9) 3 Count And (2) through And (20) Count. P31 (9) with recording on RgC3 (10) four Writing R _q (6) through AND (4) 5 Mouth “0” Tr (13), +1 Sch2 (16) 6 Mouth “0” Sch1 (15) Count. PgC1 (6), PgC2 (7) with the record PgX (8) 7 Mouth “0” Tr (12) Count. RGX (8), logical. addition via OR (21) Write Prg (25) Write ROM1 (9) 8 Count Sch1 (15), RgR (25) and write ROM2 (27) 9 Count ROM2 (27), arithm. addition 10 +1 Sch1 (15) eleven Record of PrC2 (7) through I (5) 12 Mouth “0” Sch3 (17) 13 Mouth “0” Tr (14) Read the result of the sum. with a record of PrG4 (23) fourteen Wg Shift (23) fifteen +1 Sch3 (17) 16 Empty statement

Table 2 one n / m 3 3 3 3 2 x _i 3 5 7 9 3 L _i 21 17 13 eleven four N four 3 2 one 5 P _i 51051 2431 143 eleven 5 four 3 2 2 K = 482.724

Table 3 one n / m four four four four 2 x _i 5 3 eleven 7 3 N 17 23 21 17 four P 139587 8211 357 17 5 four 3 2 one

Table 4 one n / m 2 2 2 2 2 2 x _i one 0 2 3 one 3 L _i 5 eleven 9 7 5 four N 5 four 3 2 one 5 P _i 17325 3465 315 35 5 6 5 four 3 2 one

Table 5 N KDP MGK DNA 0 00000 01.001.001 0.00.00 one 00001 01.001.010 0.00.01 2 00010 01.001.100 0.00.10 3 00011 01.010.100 0.01.10 four 00100 01.010.010 0.01.01 5 00101 01.010.001 0.01.00 6 00110 01.100.001 0.10.00 7 00111 01.100.010 10/10/01 8 01000 01.100.100 10/10/10 9 01001 10.100.100 10/10/10 10 01010 10.100.010 10/01/01 eleven 01011 10.100.001 1.10.00 12 01100 10.010.001 1.01.00 13 01101 10.010.010 1.01.01 fourteen 01110 10.010.100 1.01.10 fifteen 01111 10.001.100 1.00.10 16 10,000 10.001.010 1.00.01

Table 6 a (t) a (t + 1) α Z 0 0 one - one one 2 - 2 2 3 - 3 3 four

0 four 3 16 β one 5 four 5 - 6 5 6 m one 7 5 3

0 8 6 7 - 9 7 8 - 10 8 9 - eleven 9 10 k one 12 9 fifteen

0 13 10 eleven - fourteen eleven 12 - fifteen 12 13 n one 16 12 fourteen

0 17 13 0 e one eighteen 13 one

0 19 fourteen 12 - twenty fifteen 8 - 21 16 5 -

Literature

1. Moldovyan, A.A. Cryptography / A.A. Moldovyan, N.A. Moldovyan, B.Ya.Sovetov. - St. Petersburg: Publishing House Doe, 2001 .-- 224 p.

2. Lagutin V.A. Leak and information protection in telephone channels / V.A. Lagutin. - M .: Energoatomizdat, 1998 .-- 364 p.

3. Mukhopad Yu.F. Theory of discrete devices / Yu.F. Mukhopad. - Irkutsk: IrGUPS, 2010 .-- 172 p.

4. Mukhopad, Yu.F. Microelectronic control systems / Yu.F. Mukhopad. - Bratsk: BSU, 2009 .-- 285 p.

5. Mukhopad, Yu.F. The device of cryptographic information protection / Yu.F. Mukhopad, A.Yu. Muhopad, TB Agafonov // RF patent for utility model No. 82974. - BI No. 13, 2009.

6. Mukhopad, Yu.F. The device of cryptographic information protection / Yu.F. Mukhopad, A.Yu. Mukhopad B.N. Antoshkin // RF patent for utility model No. 82889. - BI No. 13, 2009.

7. Mukhopad, A.Yu. The device of cryptographic information protection / A.Yu. Muhopad, Yu.F. Muhopad // RF patent for utility model No. 82890. -BI №13, 2009.

8. Chmora A. Modern Applied Cryptography / A. Chmora. - M .: Helios ARV, 2001 .-- 244 p.

9. Ferguson N. Applied cryptography / N. Ferguson, Schneier. B.M., St. Petersburg, Kiev: Dialectics, 2005 .-- 421 p.

10. Shangin V.F. Information Security of Computer Systems and Networks / V.F.Shangin. - M .: Publishing House "Forum" - INFRA-M, 2008. - 415 p.

11. Muhopad Yu.F., Muhopad A.Yu., Badmaeva T.S. Self-controlled control unit. Patent for utility model of the Russian Federation No. 63588 BI No. 15. - 2007.

12. Muhopad A.Yu., Muhopad Yu.F. Firmware machine. Patent for utility model of the Russian Federation No. 82888, BI No. 13. - 2009.

13. Ugryumov EP Digital circuitry. - St. Petersburg: BhV - Peter, 2010 .-- 797 p.

14. Soloviev V.V. Klimovich A. Logical design of digital circuits on FPGA .- M .: Hot Line - Telecom, 2008. - 375 p.

Claims (1)

A cryptographic information protection device containing three AND elements, read-only memory, four shift registers and two counters with overflow triggers, characterized in that an additional trigger, a second read-only memory device, an AND block group circuit unit, a decoder are built into the device’s design , block of circuits “OR”, counter with overflow trigger, arithmetic logic device and self-controlled synchronization block, moreover, the cryptographic information protection device consists of the following chains of elements and blocks in the form of a first terminal connected through the first element AND to a single input of a trigger, the unit outputs of which are connected to the first inputs of the second and third elements AND, the outputs of which are connected respectively to the serial inputs of the first and second shift registers, the parallel outputs of which are connected respectively, with senior and junior sections of the register of the information word, the output of which is connected to the input of the first read-only register ROM1, connected by the output to the input of the third a shift register, the zero output of the highest level of which is connected with the second input of the second element And, and the single output is connected with the second input of the third element And and the first input of the self-controlled synchronization block, which also has inputs from the single outputs of the second, third and fourth triggers associated with overflow outputs the first, second, and third counters, respectively, with the self-checking synchronization block having two input external terminals “Start” and “Stop”, and the second serial chain of blocks is formed from the output of the first read-only memory ROM1 through the block of circuits "AND", then the block of circuits "OR" associated with the input of the arithmetic-logic device associated with the fourth shift register having a serial input to the terminal and the result register connected through the block of group circuits AND the least significant bits of the inputs of the second read-only memory ROM2, the outputs of which are connected to the second inputs of the OR block, the third inputs of which are connected to the outputs of the information word register, and the parallel outputs are of the counter are connected by high bits of the inputs of the second read-only memory ROM2 and with the inputs of the decoder, the outputs of which are connected to the synchronization inputs of the corresponding groups of the block of group circuits I, and the outputs of the self-monitoring synchronization block C ₁ C ₂ ... Ср are connected to all control inputs of the elements and blocks cryptographic information protection devices.

Images