RU2703972C1 - Method of space-time protection of information - Google Patents

Abstract

FIELD: telecommunications.

SUBSTANCE: invention relates to telecommunications. Method of space-time protection of information consists in that a message is divided into n blocks, the number of which is selected by key, the message is encrypted with a block cipher with complete cohesion of all blocks of the cryptogram, which are steganographically concealed in n information containers, formats of information containers, methods of introduction of information into containers and sequence of their transmission to receiving side are determined by key, information containers are demonstrated in the network is not permanent, but only for a short period of time, the beginning of demonstration of information containers, as well as their domain addresses are determined using a switch, wherein the replaceable and replacement containers are formed externally identical, duration of demonstration of information containers on the site is set as minimum, but sufficient for its downloading on the receiving side, in addition to information containers containing blocks of cryptogram, camouflaging containers are installed in the network.

EFFECT: technical result is wider range of means.

1 cl, 8 dwg, 3 tbl

Description

Analysis of the current status of the issue

The invention relates to the field of telecommunications and is intended to protect classified information transmitted through the global network.

A known method of covert transmission, based on the replacement of the least significant bit in the container [6, 10]. Using statistical information processing methods, you can detect the attachment located in the container.

There is a method of introducing additional information into digital images, in which to counteract statistical analysis methods, only part of the least significant bits in bytes of the color representation of the original image are used, and the remaining bits are used for subsequent correction of the most important statistical parameters [11].

A known method of encrypting information [12], according to which the message is divided into blocks of small length (4 ... 6 characters). The message blocks are alternately placed in a specific place of the phrase, which is known on the receiving side. The signature (hash function) of the phrase with the inserted block of characters is calculated. The signature is sent to the receiving side. On the receiving side, a complete enumeration of the block symbols is made and signatures are computed each time. The calculated signature values are compared with the accepted signature value. At the time of their coincidence, it is believed that the selected value of the characters corresponds to the transmitted value. Cryptographic stability is enhanced due to the fact that the cryptanalyst does not know the original phrase, which is of a sufficiently large length. For this reason, the selection of the source text by a cryptanalyst takes a long time. The task of a legitimate user is much simpler; he will need to do an exhaustive search of 4 ... 6 characters.

The rational idea of this technical solution is to split the text into small blocks. However, computers of high power are able to calculate (select) a signature in an acceptable time.

For the secret transfer of information using a wide variety of steganographic containers. In [13, 14], a method for covert information transfer in sound files of the MIDI format is described. Information hiding is based on coding of notes chords. The order of recording notes in the control signals determines the secretly transmitted character. Hacking such a cipher is not difficult for professional cryptanalysts.

A known method for the hidden transmission of information with spatial dispersion of information in sound files [8]. Information is hidden in the samples of a sound file in the WAV format, and the introduction is carried out not only in the lower digits of the samples, but also in the higher ones. At the same time, the selection of the sample number and the used discharge occurs by key. Placing the entire cryptogram in one file enables the cryptanalyst to apply statistical methods to detect attachments and developed cryptanalysis methods of the extracted cryptogram.

The stegosystem [15] allows you to covertly transfer pictures and music. The device divides the source (hidden) file and the container file into a set of data blocks of the same size, numbers the data blocks of the container file (forms indexes), compares each data block of the hidden file with the data blocks of the container, searches for the most similar data blocks in the container, determines the index numbers the most similar data blocks in the container for each data block from the hidden file and hides all indexes received in the lower order of the lower words of the container.

The idea of covertly transferring one picture in another picture is that the original picture and graphic container are divided into blocks of the same size. Each block of the transmitted pattern is replaced by the block of the container, which has the greatest resemblance to the replaced block. The logical operation Exclusive OR is used to find the most similar blocks.

Thus, the transmitted picture is replaced by numbers (indices). The received picture will differ from the transmitted one, since it consists of fragments of another picture. It is clear that the reproduction at the reception will be more accurate, the more completely matching blocks in the transmitted picture and the container.

The idea [15] can be used for the covert transfer of one sound file in another sound file (in the container). In this case, similar samples (samples) are searched for and only the container’s sample numbers are transmitted.

The considered technical solution allows you to secretly transfer pictures and sound recordings, perform file compression of some formats. However, this idea does not allow secretly transmitting information using containers of other formats, for example, text documents.

The closest technical solution (prototype) is the method of steganographic transmission of information on a TCP / IP network [7], in which additional information is covertly transmitted by changing the length of TCP / IP packets. All transmitted packets in accordance with the secret key are divided into information and masking. Masking packages are not used to attach additional information. The length of these packets is changed randomly. Masking packets are used only to complicate cryptanalysis. Using camouflage and information packets, camouflage (meaningless) text is transmitted over the network. Additional information is hidden in the length of only information packets.

In the considered technical solution, the effective idea of spatio-temporal spraying of information was used. In accordance with this idea, the transmitted information is crushed into small parts and sprayed in space and time. In this case, the introduction of additional information does not occur in all packets, but only in information packets and not in all bits of the binary number that determines the length of the packet, but only in bits that also determine the secret key.

The described technical solution cannot be used directly (without significant modifications) for embedding additional information in audio, graphic, video files, etc. It is intended for the introduction of additional information only in TCP / IP packets and their transmission in networks with the TCP / IP protocol.

The technical result of the proposed method is to increase the cryptographic strength.

The essence of the proposed method of space-time information protection is that the message is divided into n blocks, the number of which is selected by key, the message is encrypted with a block cipher with full coupling of all cryptogram blocks, cryptogram blocks are steganographically hidden in n information containers, information container formats, methods information is introduced into containers and the sequence of their transmission to the receiving side is determined by the key, information containers are not constantly shown on the network, but only briefly at the same time, the start time of the demonstration of information containers, as well as their domain addresses, are determined using a key, while the replaced and replacement containers are formed outwardly identical, the duration of the demonstration of information containers on the site is set to minimum, but sufficient for downloading on the receiving side, in addition to information containers, containing cryptogram blocks, camouflage containers are placed on the network.

The increase in cryptographic strength is achieved by the fact that the message is encrypted with a cryptographic cipher, the cryptogram is divided into blocks of different lengths, cryptogram blocks are steganographically embedded in information containers of various formats, information containers are briefly placed on Web pages at times that are unknown to cryptanalysts, but are known on the receiving side, information containers briefly replace the original containers (objects) of the Web page, and the replaced and replacement containers are externally indistinguishable , All parameters and stegosystem cryptosystem defined by the current session key, in addition, in a communication session are formed not only information containers, but also camouflage.

Here is a glossary of terms that will be used to describe the invention.

Block - fragment, part of the cryptogram.

Temporary spraying (separation) of a message is a method of transmitting data in a short period of time according to a previously agreed schedule.

Publish time is the time interval during which the information (or camouflage) container (stego) replaces the original empty container of the Web page.

Camouflage container - a container containing an attachment that is not related to the transmitted message.

A container is a digital file (usually multimedia) designed to play sound, display a picture, display a video, which is an executable program, a Web page, a message on a social network, etc. which can be used for covert information transfer

Twin containers are containers that look the same in appearance, but one of them contains an attachment (it is a stegocontainer).

A cryptographic key is secret information, according to which a readable, meaningful text turns into an unreadable text (cryptogram), and it is computationally difficult to turn a cryptogram into a meaningful text without knowing the key.

A steganographic key is secret information that determines the order in which a message to be hidden is recorded in the container (in which color component, in which pixel, in which sample (sample), in which bit of the sample, in which video frame).

Cryptanalyst (adversary, intruder) - an individual (or organization) who logically or mathematically tries to decrypt a message, extract content from a container without possessing keys.

An empty container (or just a container, an original container) and a container of stego are two twin files that equally successfully perform the main function (display a picture, play sound, show video), characterized in that the stego contains an embedded message.

Spatial information spraying is a data transmission method in which a message is split into possibly small components (sentences, words, symbols, blocks of characters, byte groups, bytes, groups of bits, bits) and transmitted in parts, distributing them over several communication channels.

Session key - secret information that determines the parameters of cryptographic and steganographic data conversion in the current communication session (the number of cryptogram blocks, the length of each cryptogram block, container format, domain address, time of publication, the order in which information is written to the stegocontainer, cryptographic key, etc. )

Message - a set of signs or primary signals displaying this or that information. For example, the text of an e-mail is a combination of characters such as letters, numbers, punctuation marks, special characters. Examples of messages are: an article, telegram text, email text, SMS, MMS, computer output data, speech, music, a picture, a photograph, a blog entry, etc. A synonym for the term “message” is the term “plain text”.

Stego - a container containing a message hidden in it.

Cipher - an algorithm, a text conversion system with a secret (key) to ensure the secrecy of the transmitted information.

Consider the operations that must be performed to implement the proposed method of transmitting information.

1. On the transmitting side, the message is encrypted with a block cipher with full coupling of all blocks.

2. The number of blocks into which the message is split (and the cryptogram) on the transmitting side is determined by the session key. In each communication session, the number of transmitted blocks and their length are different. Denote the number of cryptogram blocks in this communication session by n. The length of each block of the cryptogram (expressed, for example, in bits) is denoted by the vector of natural numbers K = (k ₁ , k ₂ , ..., k _n ). In the first limiting case, the number of cryptogram blocks is equal to the number of bits in the cryptogram (each cryptogram block consists of one bit). In the second limiting case, the entire cryptogram is the only undivided block.

3. Each cryptogram block is steganographically embedded in a separate container. Obviously, the number of containers (as well as the number of blocks of the cryptogram) pseudo-randomly varies in the range from unity to a number equal to the number of bits in the cryptogram.

4. Information containers (stegocontainers) are placed (published) on the Internet on different servers, different sites of one server, different pages of one site, or in different places of one page. In addition, posting is possible on social networks, in mailboxes, etc. This provides spatial dispersion (separation) of the transmitted information. For successful cryptanalysis, a cryptanalyst must intercept all spatially dispersed blocks of the cryptogram.

5. Domain addresses, electronic mail addresses, social networks where information containers are located, are not known to cryptanalysts. Preliminarily, a list of domain addresses of pages that can potentially be used for hidden information transfer (for spatial dispersion of information) is compiled between subscribers (legal users). The number of domain addresses used by agreement of the parties is denoted by d. The number of domain addresses that can be used to transmit information in all visible (upcoming) communication sessions is chosen to be much larger than the number n (d >> n). The used domain addresses of information containers in the current communication session are determined by the session key (selected from a pre-compiled list of possible addresses).

6. Information containers (stego) are placed on servers (sites, pages) for a short time, replacing the twin containers there. Replaceable containers and replacement containers are formed (created) in such a way that they cannot be distinguished organoleptically (visually or by ear). Replaceable and replaceable containers look the same outwardly. Both those and other containers retain their consumer properties (continue to work like ordinary objects). After the publication time has expired, information containers are replaced with the original containers (reverse replacement occurs).

7. In addition to information containers, the communication system under consideration uses camouflage containers that contain some attachments (camouflage text, misinformation), but do not contain fragments of the transmitted message. Camouflage containers are used only to impede the work of cryptanalysts. The number of camouflage containers is denoted by m. The domain addresses of camouflage containers are randomly selected on the sending side and are not coordinated with the receiving side, since they are not used for message transmission. They only distract the enemy, complicate the interception of information blocks. Thus, in addition to n information blocks, m camouflage blocks are formed on the transmitting side. Each camouflage block (container) can be updated on a Web page several times in one communication session. In this case, the information block is placed in the container (published) only at the time moment, which is determined by the session key. This makes it easy to separate information blocks from camouflage ones on the receiving side. In principle, on each page you can alternate the placement of information and camouflage containers. In other words, the number of web pages used may be less than the number of cryptogram blocks.

8. The type (format) of information and camouflage containers used in each communication session is unknown to cryptanalysts. Containers can be sound files, graphics (bitmap, vector, fractal [9]), video, HTML pages, text documents, chats, social networks, email, databases, executable files, etc. After the introduction of additional information, containers should not lose their consumer properties (image quality remains almost unchanged, sound remains the same, HTML pages and executable files continue to function stably ...). The format of the information containers is determined by the session key.

9. The method of implementation in the selected container and steganographic key cryptanalyst is unknown. For example, the LSB method or the format steganography method can be used to embed the BMP format in a graphic file. Spraying of embedded information on a file is carried out in a pseudo-random order (by key), injection can be carried out only in blue components or only in red, etc. The message can be embedded at the end of an MP3 file or in certain frames of a video clip, can be recorded in subtitles. As a container, you can use the sound MIDI file [13, 14]. In this case, information is hidden by imperceptibly changing the volume and duration of the notes, or encoded by the location of the notes in the chord. Given the large number of formats and methods for introducing additional information, it is difficult to detect all the implemented introductions of additional information in containers of different formats.

10. The start time of the demonstration of the information container is determined pseudo-randomly by the session key. The duration of the publication (the duration of the placement of the information container on the server) is selected as the minimum necessary. The time for demonstrating this is made small, but sufficient so that the receiving party can reliably read the information. Thus, a temporary dispersion of information is carried out.

11. The increase in cryptographic strength as a result of applying the principle of temporary separation of the message occurs due to the fact that during the communication session, the original object is repeatedly replaced by twin containers (camouflage), but only the steg container transferred at a predetermined time contains information useful to the recipient. At the same time, the twin masking containers contain misinformation (there is an attachment in the container, but it is not part of the transmitted message). The replaceable (original) container and the stegocontainer are indistinguishable (twins), they cannot be distinguished organoleptically (by ear or visually). Detection of an attachment to a container is possible only programmatically using computer technology (for example, by periodically comparing the contents of a container with its earlier contents).

12. The timing of the transmission of cryptogram blocks is made inconsistent (non-linear). The cryptogram blocks at the end of the message (cryptograms), or in the middle of the message, in the last third, in the first quarter, etc. can be transmitted first. The choice of the cryptogram block transmitted at the given time is pseudo-random. The transmission time of fragments of the cryptogram is also chosen pseudo-randomly. Fragments of the cryptogram are shuffled when they are transferred to the server. Thus, additional encryption of the cryptogram is carried out by the method of permutation of cryptogram blocks.

13. If a cryptanalyst detects several stegocontainers and extracts fragments of the cryptogram from them, the cryptanalyst must solve the combination problem of determining the correct sequence for placing blocks of the cryptogram, and then select the key. When using a cryptographic cipher in combination with a permutation cipher, this task becomes computationally complex. Using a cipher with full coupling of all blocks of the cryptogram makes it necessary to look for (extract from containers) all blocks of the cryptogram.

14. The successful implementation of the method of spatio-temporal spraying of information is facilitated by the large number of services available on the Internet (social networks, instant messengers, chats, e-mail, cloud data storage, audio and video clip databases, photo albums, electronic text books, audio books, HTML pages, etc.). Monitoring a large number of servers, sites, pages will require the creation by a cryptanalyst of a cryptanalysis system with a large computing power. At the same time, cryptanalysts need to separate information blocks from camouflage blocks, to crack cryptographic and steganographic keys. The implementation of this method of information protection leads to several barriers: cryptographic, steginographic and hardware. The hardware barrier requires the use of computing power of high power, capable of monitoring the enormous number of containers in the global network.

The implementation of the invention

The main idea of the proposed technical solution is that it is necessary to split the transmitted message into a large number of parts (blocks), to encrypt these blocks using a cipher in which the content of each cryptogram block is dependent (linked) on the contents of other blocks, the cryptogram blocks should be steganographically inserted into containers of various formats, in different ways, to place these containers (information) on the network for a very short time at pseudorandom moments in time, and all communication system parameters must be defined share a session key. In addition to information containers, camouflage containers are formed on the transmitting side, which contain only misinformation.

When generating a cryptogram, an encryption method is used in which each block of the cryptogram becomes dependent on all blocks of the cryptogram.

This idea is implemented as follows.

Assume that the Cipher-Block Chaining mode of the DES cipher is used for block coupling [1, 2], the coupling in which occurs in accordance with the expression:

where C _i is the next block of the cryptogram; k is the encryption key; E _k is the encryption transformation on the key k; M _i - another block of plaintext; С ₀ - initialization vector (pseudo-random vector); ⊕ - logical operation Exclusive OR.

From the expression (1) it can be seen that the absence of the block C _i-1 by the cryptanalyst makes it impossible to decrypt the next block of the cryptogram C _i . However, all other blocks of the cipher program will be decrypted normally.

Cryptogram block coupling can be done differently:

In the absence of a block C _t, it is impossible to decrypt all blocks with indices i≥t + 1.

However, decryption of blocks with less than t sequence numbers is possible.

So, the block coupling mode (2) has a drawback: the absence of several blocks at the reception still allows you to get a part of the plaintext.

To eliminate this drawback, it is proposed that the encryption transformation (2) be repeated, and in the second encryption, the blocks of cryptograms received after the first encryption (first pass) are rearranged in places (first - last, second - penultimate etc.):

P ₁ = C _m , P ₂ = C _m-1 , ..., P _m-1 = C ₂ , P _m = C ₁ .

The new sequence of blocks is re-encrypted according to the algorithm (2):

Z _i = E _k (P _i ⊕Z ₀ ⊕Z ₁ ⊕ ... ⊕Z _i-2 ⊕Z _i-1 ).

Such an information processing algorithm makes each block of the cryptogram Z _i dependent on all its blocks (there is a complete coupling of all blocks of the cryptogram). In this case, decryption is not possible, even if the cryptanalyst somehow determined the initialization vector. For decryption, all blocks of the cryptogram are needed.

After creating the cryptogram, cryptogram blocks are sprayed into individual containers. The selection of the container number for each block of the cryptogram occurs pseudo-randomly (by key). In FIG. 1 shows that the cryptogram block 1 fell into the information container 4, the cryptogram block 4 is steganographically placed in the container 5, etc. The figure shows that in the communication session, not all pre-selected (agreed) containers are used, but only a part of them. For example, containers 1 and 3 remained unchanged (empty).

As containers, files of various formats are used (graphics, music, video, executable files, text documents, etc.). The choice of container type is made by key. Information embedding parameters are also carried out using the steganographic key (selection of the used sound sample, color component of the graphic, video frame, etc.).

The key also determines the domain address where the information container will be placed.

The drawing of FIG. 1 illustrates the principle of spatial dispersion of information.

Information containers are briefly published on the global network on Web pages S1 ... Sn (Fig. 2). In the figure, information containers (stego) are highlighted in gray (numbers 1 ... 5). The timing of the publication of information containers is determined by the session key. These points in time are known only on the transmitting and receiving sides. Demonstration of the information container is carried out briefly only for a time sufficient to reliably read the contents of the container on the receiving side. After the publication time has expired, the information container is replaced with the original container, which does not contain secret attachments (it may contain embedded misinformation). In addition to information containers, a web page also publishes (places) camouflage containers 6 ... 15, which do not carry useful information. The drawing of FIG. 2 illustrates the principle of temporarily dispersing information.

A feature of the publication of containers is that the replaced and replacement containers are externally completely identical (they must be twins). A cryptanalyst can discover a stegocontainer with embedded information only by continuously scanning the container and comparing the previous contents of the container with the subsequent one.

FIG. 3 illustrates the procedure for steganographically embedding the “z” symbol in an image file of the BMP format using the LSB method. When using the LSB method, information is introduced by replacing the last (least significant) bit of the color component. We assume that the symbol "z" is represented by a binary eight-digit number 01111010 (coding CP-1251).

In FIG. Figure 3 shows a fragment of the memory dump of the original (empty container). Addresses and contents of memory cells are represented in hexadecimal notation.

The hexadecimal number 36, recorded at address 0A, indicates from which address the image recording starts (this is the offset from the beginning of the file, the length of the header).

We agree that, in accordance with the key, the following addresses of the memory cells into which the “z” symbol will be embedded will be pseudo-randomly generated: 93, 4f, 88, 57, 7a, 6d, 41, 75.

The changes necessary to record information in the source container are shown in the table.

The table shows that in the source file the contents of those memory cells were made for which the last bits did not match the value of the embedded bit. At the address 93 (hexadecimal number system), the hexadecimal number 19 (binary number 00011001) is written in the source file. In the last (youngest) bit of the hexadecimal number 19 is the binary number 1. In this place you need to write a logical 0, since in the high bit of the character "z" is 0. To write a logical zero in the information container in this cell you need to write the hexadecimal number 18 ( this number in binary representation ends with zero). The hexadecimal number 2e is located in the cell with the address 4f in the source file. After replacing the last bit in the number 2e with a logical unit, the number 2f will be placed in this cell. In cell 88, the number 4f is written in the original container. In binary representation, this number ends with a logical unit. Since it is required to write the number 1 here, the contents of the cell should not change (there is already one in the last digit).

A similar situation has developed with cells 7a, 6d and 75. In these cells, it is not necessary to make corrections to the last bits. They accidentally coincided with the recorded information.

After the cryptogram is embedded in the container, the visually obtained pattern (photograph) cannot be distinguished from the original (Fig. 4).

Depending on the session key, the implementation could take place in a graphic container differently, for example, using not the LSB method, but the format steganography method.

The idea of format steganography as applied to a BMP image file is that if the width of the picture (expressed by the number of pixels) is not a multiple of four, then additional alignment cells appear in the file. These cells (their contents) are not used or displayed in any way. Everything that fits into these cells in the figure remains invisible.

The pattern of the appearance of additional alignment memory cells (bytes) in a BMP image file is illustrated using Table 2.

It can be seen from the header (Fig. 5) that the size of this picture is 6 × 2 pixels (information about the size of the picture is located in cells 12 and 16 of the memory dump.

To record information about the pixels of the first row, 18 cells are required (from the cell with hexadecimal address 36 to cell 47). Then there are two memory cells designed to supplement the number 20. It is here (addresses 48 and 49) that two hidden bytes 4E and 65 (hexadecimal number system) are located. The next 18 memory cells describe the second line of the picture. Cells 5C and 5D contain bytes 55 and 6E.

Thus, in the figure is hidden the word NeUn (coding CP-1251).

On the transmitting side, write to all additional bytes of the picture. The steganographic key determines which cells contain information bytes, and the remaining additional memory cells in the picture contain misinformation.

At some value of the session key, a sound file of the WAV format and the LSB implementation method can be selected as a container.

In FIG. 6 shows a memory dump of some sound file. The header is located in the dump section from start address 00 to cell 2b. Next are the samples (samples). The header contains a description of this file. In this case, file parameters such as the number of bytes in one sample and the number of sound channels are of interest.

Bytes at addresses 16 ... 17 indicate that this sound file is monaural. A unit indicates that one channel is being used. The stereo file is marked with the number 2, etc. Cells 20 and 21 contain information that indicates how many bytes are used to represent one sample. In this case, each sample is represented by two bytes.

The first four bytes of the memory dump contain “RIFF” characters. The letters are presented in hexadecimal notation in accordance with the code table CP-1251. Using the abbreviation RIFF (Eng. Resource Interchange File Format) one of the formats of container files, which is designed to store streaming multimedia data (video, audio). The most famous containers using the RIFF format are: AVI (video), WAV (audio), RMI (MIDI tracks). The RIFF format uses a byte order in which the least significant byte is located in memory first (little-endian).

So, when writing information to the container, you need to keep in mind that the sample consists of two bytes and the least significant byte is written first in memory.

Suppose that the character “z”, its binary code and 1111010 are required to be steganographically written to the container.

The changes necessary to record information in the source container are shown in the table.

Information is recorded in the lower bytes of samples by adjusting the low bits in accordance with the recorded information. It is clear that the addresses of the memory cells are formed according to the pseudo-random law and transmitted to the receiving side in the form of key information.

When using a file containing a stereo audio signal, the possibilities of steganographic concealment of information are further expanded. Information can be hidden not only in different samples, but also in different channels, defining channels and samples according to the pseudo-random law. It is clear that the use of files recording quadro sound or sound of 5 + 1, 7 + 1 formats makes the work of a steganoanalyst almost hopeless.

There is a way to record additional information not only in the lower digits of the samples, but also in the higher digits of the samples [3]. This further expands the number of keys.

The implementation of cryptogram blocks can be done in a wide variety of containers.

Consider another example of the implementation of information. Here, the container is a Midi sound file. A Midi file is a set of control commands that indicate an executable note, volume, and duration of its sound. Moreover, such scores are written for each musical instrument included in the ensemble. A slight change in the volume or duration of a note cannot be recorded even by a professional, especially since instrumental music is often performed with improvisation.

In FIG. 7 shows the control commands of some instrumental work. The second column on the right shows the volume of the first eight notes (these values are indicated by a rectangle). The number of such numbers in the column is equal to the number of notes in the work. Encoding of embedded information can be done in this way: an even number - 0, an odd number 1. The key determines in which notes the volume adjustment is made.

In FIG. 8 shows the window of the music editor with control commands. In the first column on the right are the commands that determine the duration of each note. You can encode hidden information in the same way as in the previous case.

Information can be pseudo-randomly sprayed between tracks (sets of commands for several instruments), alternating recording in control commands that determine the duration and volume of the notes.

As containers, you can use video subtitles [4], text documents [4], HTML pages [5], harmonics amplitudes of the compressed audio signal [6], echo parameters [6], TCP packets [7], video files [ 16], executable files, etc.

The presence of a large number of container formats and the method of implementation turns steganographic protection of information into a powerful barrier.

Positive features of the technical solution

The main advantage of the proposed method is to increase the cryptographic stability of the transmitted message.

Confirmation of the high cryptographic strength of the proposed method of information transfer are the following considerations.

To perform cryptanalysis, a cryptanalyst must solve such problems.

1. Determine in which containers there are attachments (highlight information containers). To find information containers in the network, a cryptanalyst must overcome the spatio-temporal barrier. Reading the container should occur at a given time and at a given location in the global network.

2. After detecting the information container, the cryptanalyst needs to select a steganographic key (determine the method of implementation and the procedure for recording information in the container).

3. The cryptanalyst must arrange the extracted blocks of the cryptogram in the original order, since they were shuffled during the transfer. The absence of at least one cryptogram block leads to additional computational difficulties. Even if the cryptanalyst managed to get the initialization vector from other sources, the absence of even one cryptogram block makes it necessary to solve a computationally complex problem. This is explained by the coupling made of all blocks of the cryptogram.

4. To crack a cryptogram, you need to pick up a key.

Such a task is non-trivial and computationally complex. Provided that the keys are cryptographically reliable, this task at this level of science and technology is insoluble in an acceptable amount of time. Cryptanalysis of the considered cryptosystem is most limited by the insufficient computing power of modern computers and networks.

LITERATURE

1. Ferguson Niels, Schneier Bruce. Practical cryptography. - M .: Williams, 2005 .-- 424 p.

2. Panasenko S.P. Encryption algorithms. Special reference. - St. Petersburg: BHV-Petersburg, 2009 .-- 576 p.

3. Alekseev A.P. A method of steganographic introduction of additional information into samples of digital audio signals. Application 2016111525/08 (018191), IPC H04L 9/00 (2006.01) H04K 1/00 (2006.01). Positive decision of March 22, 2017; Russian Patent No. 2618379. Priority March 28, 2016. The date of state registration in the State Register of Inventions of the Russian Federation on May 3, 2017.

4. Alekseev A.P., Orlov V.V. Steganographic and cryptographic methods of information protection: a training manual. - Samara: IUNL PSUTI, 2010 .-- 330 p.

5. Alekseev A.P. Informatics 2015: textbook / Alekseev A.P. - M: SOLON-Press, 2015 .-- 400 p. ISBN 978-5-91359-158-6.

6. Agranovsky A.V., Devyanin P.N., Khadi R.A., Cheremushkin A.V. Basics of computer steganography. Textbook for universities. - M .: Radio and communications, 2003.152 s.

7. Orlov V.V., Alekseev A.P. A method of steganographic transmission of information in a TCP / IP network. Russian patent 2463670. Application 2010125304/08 (035921). Application submission date 06/18/2010. IPC G09C 1/00, H04L 9/00. Positive Res. March 23, 2012

8. Alekseev A.P. A method of steganographic introduction of additional information into samples of digital audio signals. Application 2016111525/08 (018191), IPC H04L 9/00 (2006.01) H04K 1/00 (2006.01). Positive decision of March 22, 2017; Russian Patent No. 2618379. Priority March 28, 2016. The date of state registration in the State Register of Inventions of the Russian Federation on May 3, 2017.

9. The way to embed information in an image compressed by the fractal method, based on the generated domain library. Patent of Russia No. 2530339 Published: 10.10.2014. Bull. No. 28.

10. Bender W., Gruhl D., Morimoto N., Lu A., Techniques for data hiding, IBM system journal, pp. 7 RU 2584454 C1 5 10 15 20 25 30 35 40 45 VOL 35 (3 & 4): pp . 313-336, 1996.

11. Provos N. Defending Against Statistical Steganalysis, Proceeding of the 10 USENIX Security Symposium, 2001, pp. 323-335.

12. A method of encrypting information. Patent of Russia No. 2584454. Posted: 05/20/2016 Bull. No. 14.

13. Alekseev A.P., Alenin A.A. Methods for embedding information in MIDI audio files // Infocommunication Technologies, Volume 9, No 1, 2011. Pp. 84-89.

14. United States Patent US 7402744 B1 Jull. 22, 2008.

15. United States Patent US 6023511 A Feb. 8, 2000. CRYPTOSYSTEM FOR ENCRYPTING DIGITAL IMAGE OR VOICE FILE.

16. United States Patent US 4969041 Nov. 6, 1990. EMBEDMENT OF DATA IN A VIDEO SIGNAL.

17. US patent US 4750173 A. Method of transmitting audio information and additional information in digital form.

18. US patent US 6023511 A. Cryptosystem for encrypting digital image or voice file.

19. US patent US 5850481 A. Steganographic system.

Claims (1)

The method of spatio-temporal protection of information, namely, that the message is divided into n blocks, the number of which is selected by key, the message is encrypted with a block cipher with full coupling of all cryptogram blocks, cryptogram blocks are steganographically hidden in n information containers, information container formats, implementation methods information in containers and the sequence of their transmission to the receiving side is determined by the key, information containers are not shown on the network constantly, but only briefly, temporarily I started the demonstration of information containers, and their domain addresses are determined using the key, while the replaced and replacement containers are formed outwardly identical, the duration of the demonstration of information containers on the site is set to minimum, but sufficient for downloading on the receiving side, in addition to information containers containing blocks cryptograms, camouflage containers are placed on the network.

Images