WO2020168629A1 - 基于位置换和位变换的加密解密方法和装置 - Google Patents
基于位置换和位变换的加密解密方法和装置 Download PDFInfo
- Publication number
- WO2020168629A1 WO2020168629A1 PCT/CN2019/083409 CN2019083409W WO2020168629A1 WO 2020168629 A1 WO2020168629 A1 WO 2020168629A1 CN 2019083409 W CN2019083409 W CN 2019083409W WO 2020168629 A1 WO2020168629 A1 WO 2020168629A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- bit
- plaintext
- key
- stream
- pointer
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/065—Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
- H04L9/0656—Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher
- H04L9/0662—Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher with particular pseudorandom sequence generator
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/001—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using chaotic signals
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/065—Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
- H04L9/0656—Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/14—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Definitions
- the invention relates to an encryption and decryption method and device based on position conversion and bit conversion, belonging to the field of digital communication technology and information encryption.
- the invention can generally be used for network communication information encryption, aerospace digital remote control commands and data encryption, UAV digital remote control communication data encryption, early warning aircraft digital communication command system information encryption, GPS satellite digital communication data encryption, mobile phone communication encryption, email encryption , Electronic financial data transmission encryption, etc.
- image encoding it can encrypt images in various formats to protect image intellectual property rights. After the military, political, and diplomatic documents are encrypted, they can be transmitted through the civil communication network, saving the cost of document transmission.
- Stream cipher is usually a kind of symmetric key technology. Because of its simple implementation and fast encryption speed, errors in ciphertext transmission will not spread in plaintext. It has become an important type of cipher system. At present, the stream cipher technology still maintains its advantages in the field of confidential institutions and mobile communications, and is one of the most common cryptographic systems today. To ensure information security, the development and design of many stream cipher technologies are basically carried out in a confidential state. countries often restrict the export of stream cipher technology and products as military products.
- the traditional stream cipher technology uses the exclusive OR operation between the key stream and the plaintext, randomly changing 1 to 0, and changing 0 to 1 to obtain the ciphertext; during decryption, the key stream and the plaintext are XORed to restore The original binary characters are output, and the plaintext is obtained. Therefore, the essence of the stream cipher is to transform the plaintext on the binary bits according to a certain rule to obtain the ciphertext.
- the quick sort algorithm proposed by Tony Hoare was rated as one of the top ten algorithms in the 20th century, and its main idea is based on the replacement of elements.
- the stream cipher RC4 method developed by Ron Rivest of the Massachusetts Institute of Technology is perhaps the most widely used stream cipher in the world. Its main idea is to generate a key stream based on the replacement of the initial key stream.
- the method of the present invention is an innovative method in the field of stream cipher encryption and decryption. It is different from the previous traditional stream cipher encryption technology in that it does not rely on XOR operations, but is based on replacement and transformation operations on a plaintext binary bit stream. And the uniformity of the key stream is not strictly required. Another important difference between the method of the present invention and the traditional stream cipher technology is that the permutation rules adopted by the method are used for plaintext instead of the key stream.
- the method of the present invention uses a string of existing known coding sequences as the initial key stream (which can be called a true random sequence).
- the initial key stream can come from various types of files, such as documents, audio, video, pictures, etc., or from pseudo-random sequences generated by various key stream generators and various chaotic signals, etc., that is, the initial key
- the coding uniformity of the stream in binary has little effect on this algorithm. Under the premise of the current technology, when the key length is 128 bits, it is almost impossible to search for the key using an exhaustive method (violent method) on a computer.
- the first aspect of the technical solution of the present invention is an encryption and decryption method based on position conversion and bit conversion.
- the method includes the following steps:
- the initial key file comes from a known encoding sequence and is used as a shared file for encryption and decryption;
- step S1 includes:
- Initialize the plaintext file load the plaintext file that needs to be encrypted, set the number of key file symbols, and the byte length of the key file can be customized;
- the coding sequence used for the initial key file comes from any one or a combination of text documents, audio, video, pictures, images, graphics, pseudo-random codes, and chaotic values.
- step S2 includes:
- bit transformation operation rules can be provided.
- bit operation rule includes any one or any combination of the following operation rules:
- Rule 2 Reverse the true value or false value of the key stream.
- step S3 includes:
- the position conversion calculation step includes:
- S312. Scan the plaintext and the key in the first pass, move the first pointer and the second pointer toward each other, and replace the bit value of the plaintext when both the first pointer and the second pointer point to the false value bit of the key stream;
- S314. Scan the plaintext and the key in the second pass, move the first pointer and the second pointer toward each other, and replace the bit value of the plaintext when both the first pointer and the second pointer point to the truth bit of the key stream.
- the position conversion calculation step includes:
- the above method further includes: respectively creating corresponding plaintext encrypted random numbers, ciphertext encrypted random numbers, and key encrypted random numbers for the plaintext file, ciphertext file, and key file, and generating according to the value of the encrypted random number Corresponding work pointer; read the work pointer displacement of the plaintext file, ciphertext file, and key file; loop through the work pointer many times, and at the same time, according to the value of the key stream binary bit pointed to by the work pointer, the plaintext file Perform multiple iterations to obtain a ciphertext file.
- the second aspect of the technical solution of the present invention is a computer device, including a memory, a processor, and a computer program stored in the memory and capable of running on the processor, and the processor implements the above-mentioned steps when the program is executed.
- the third aspect of the technical solution of the present invention may also be a computer-readable storage medium on which a computer program is stored, and the computer program implements the above-mentioned steps when executed by a processor.
- the source of the initial key stream is wide, and the code uniformity of the initial key stream is not high, that is, the code uniformity of the initial key stream has little effect on this algorithm. This is another important difference between this method and traditional stream cipher technology.
- the key stream generator is designed based on bit operation rules.
- the initial key can be of any length. As the length of the key byte increases, the encryption complexity also increases.
- the relationship between plaintext and ciphertext in this encryption method is not the traditional one-to-one, one-to-many relationship. It is disordered encryption, that is, the relationship between plaintext and ciphertext is the most complex many-to-many relationship.
- the password uniformity is higher than that of the traditional stream cipher method.
- Fig. 1 is an overall flow chart of the method according to the present invention.
- Figure 2 shows the bit transformation process of the initial key stream according to an embodiment of the present invention.
- Fig. 3 shows the bit transformation process of the plaintext stream according to the embodiment of the present invention.
- Fig. 4 shows a non-packet position change process of a plaintext stream according to an embodiment of the present invention.
- Fig. 5 shows an extended ASCII code representation of the initial key stream according to an embodiment of the present invention.
- Fig. 6 shows a key stream obtained after bit transformation according to the initial key stream in an embodiment of the present invention.
- Fig. 7 shows the ciphertext generated after encryption according to the method of the present invention in an embodiment of the present invention.
- Fig. 8 shows a ciphertext generated after encryption using a traditional method according to an embodiment of the present invention.
- Fig. 9 shows a non-packet position change process of a ciphertext stream according to an embodiment of the present invention.
- Fig. 10 shows the bit transformation process of the pseudo-plaintext stream according to an embodiment of the present invention.
- the method of the present invention directly performs position transposition and bit conversion on the plaintext according to a certain rule that depends on the key stream, and then generates the ciphertext.
- the method according to the present invention generally includes the steps: S1, open up memory space, prepare corresponding storage space for plaintext files, ciphertext files and key files, where the initial key file comes from a known coding sequence, And as a shared file for encryption and decryption; S2, according to the bit operation rules to change the bit value of the initial key stream, so as to obtain the bit transformed key stream, and then change the plaintext bit according to the bit operation rules that depend on the key stream Value; S3.
- the target ciphertext is obtained and then stored as a file.
- a string of existing known coding sequences (which can be called true random sequences) is used as the initial key stream.
- the initial key stream can come from various types of files, such as documents, audio, video, pictures, etc., and can also come from pseudo-random sequences and various chaotic signals generated by various key stream generators.
- This algorithm is based on data stream encryption technology, which is a binary stream discrete bit-map encryption system established by a key.
- the encryption system uses five tuples (M, C, K, E, D) as the theoretical basis for encryption and decryption.
- M is a set of plaintext symbols
- C is a set of cryptographic symbols
- P is a set of reference byte symbols (also called a key set)
- E is a set of encryption algorithms
- D is a set of decryption Algorithm sets, these sets have the following characteristics:
- len (M) is the number of bytes of plaintext
- 8 ⁇ len (M) is the number of bits of the plain text
- M i (i ⁇ [0, len (M) -1]) is a plaintext byte (byte );
- m j ⁇ 0,1 ⁇ , j ⁇ [0,8 ⁇ len(M)-1] is a binary bit (bit) of the plaintext.
- len(K) is the number of bytes of the key
- 8 ⁇ len(K) is the binary digits of the key
- K i (i ⁇ [0,len(K)-1]) is a word of the key Section (byte)
- key j ⁇ 0,1 ⁇ , j ⁇ [0,8 ⁇ len(K)-1] is a binary bit (bit) of the key.
- len(C) is the number of bytes in the ciphertext
- 8 ⁇ len(C) is the number of binary digits in the ciphertext
- C i (i ⁇ [0,len(C)-1]) is a byte of the ciphertext
- c j ⁇ 0,1 ⁇ , j ⁇ [0,8 ⁇ len(C)-1] is the ciphertext A binary bit of the text.
- the information in the M, K, and C sets is a byte symbol set composed of binary symbols ⁇ 0, 1 ⁇ . Among them, the number of symbol ⁇ 1 ⁇ in each set is denoted as sum(M), sum(K), sum(C), and sum(M) may not be equal to sum(C).
- the elements of the encryption algorithm set E are a set of position transposition and bit transformation rules used for encryption operations.
- the element of the decryption algorithm set D is a set of position transposition and bit transformation rules used for decryption operations, where the rules in set E should have a unique rule corresponding to it in set D, and the encryption rules and decryption rules are reciprocal of.
- examples 1, 2, and 4 all adopt simpler replacement rules, that is, all elements (binary bits in plain text) are replaced as a group.
- Example 3 uses packet permutation in order to demonstrate the code uniformity of the method according to the present invention.
- the initial key stream K in Example 1 obtains the key K'through bit transformation, and refers to the plaintext M.
- ⁇ 0X31,0X32,0X33,0X34 ⁇ is the extended ASCII code (hexadecimal) of the initial key "1234", convert it to binary to get ⁇ 00110001,00110010,00110011,00110100 ⁇ .
- K' represents the final key obtained after bit transformation of the specific bits of the initial key K, ⁇ 0XA3, 0X7B, 0X17, 0XA6 ⁇ is its extended ASCII code (hexadecimal) representation, convert it to In binary, ⁇ 10100011,01111011,00010111,10100110 ⁇ is obtained.
- ⁇ 0X61,0X61,0X61,0X61 ⁇ is the extended ASCII code (hexadecimal) of the plaintext "aaaa”, convert it to binary to get ⁇ 01100001,01100001,01100001,01100001 ⁇ .
- M' represents a pseudo-plaintext sequence generated by bit inversion of some binary bits of the plaintext according to the specific bits of the key ("false" value binary bits).
- ⁇ 0X3D, 0XE5, 0X89, 0X38 ⁇ is the extended ASCII code (hexadecimal) of M', convert it to binary to get ⁇ 00111101,11100101,10001001,00111000 ⁇ , as shown in Figure 3.
- ciphertext which is an encrypted output sequence.
- ⁇ 0X1A,0XC2,0X6B,0XDC ⁇ is the ciphertext
- the plaintext, the key and the ciphertext all adopt a logical structure like a circular queue, which can be calculated at any position in the queue.
- the working pointers p 1 and p 2 point to the plaintext M[0], M[31], and q 1 , q 2 point to the keys K[0], K[31 ], r 1 , r 2 point to ciphertexts C[0], C[31].
- C, X, Y, and Z are predetermined integers, in this case 0, 1, 3, 0 respectively.
- the gray shading part of the initial key K represents a specific bit that satisfies the above formula.
- the bit conversion rule applied to the plaintext in this example is: according to the specific bit of the key K', bit-wise inversion, in this example it is a binary bit of "false" value.
- the gray shading in the plaintext M represents the plaintext corresponding to the "false" value part of the key K', and the gray shading part in the pseudo-plaintext sequence M'is the result of bit-wise inversion of the gray shading part in the plaintext M.
- the gray shading part of the plaintext M represents a specific bit that satisfies the above formula.
- the position swap rule applied to the plaintext in this example is: simultaneous bidirectional scanning of the corresponding bits of the pseudo plaintext stream M', key stream K', and ciphertext space C, i 1 and i 2 , j 1 and j 2 , k 1 and k 2 move towards each other at the same time.
- Example 2 Assuming that the files all use the extended ASCII code (IBM extended character set) as the encoding method, according to the encryption algorithm shown in Method 1 of Example 1, the plaintext M in Example 2 undergoes position loop and bit transformation under the action of the key K, and finally Get ciphertext C.
- extended ASCII code IBM extended character set
- Example 1 shows that for the same plaintext character "OX61", the corresponding ciphertext characters are "0X1A”, “0XC2", “0X6B", “0XDC”; at the same time, as shown in example 2, for different Plain text "0X39”, “0XE1”, “0X69”, “0X78", the same cipher text "0X61” may be obtained through the method of the present invention, which shows that the plain text and the cipher text encrypted according to the method of the present invention are one This kind of unordered correspondence, take the extended ASCII code as an example, that is, after each 8-bit binary plaintext character is encrypted, there are 256 possible 8-bit binary ciphertext characters corresponding to it, and each 8-bit binary After decrypting the ciphertext characters, there are 256 possible eight-bit binary plaintext characters corresponding to it.
- the block encryption method is also used.
- the 256'a' of the plaintext M are divided into 11 groups of encryption under the action of the key K', and the resulting ciphertext has up to 158 different characters (this value varies with the algorithm and the key), and use There are only 16 different ciphertext characters obtained by the traditional stream cipher method.
- the ciphertext generated after encryption using the method of the present invention is shown in FIG. 7, which can be compared with the ciphertext generated after encryption by the traditional method shown in FIG. 8.
- K ⁇ "I love you China!!!" ⁇ (a total of 8 bytes 128-bit binary, the extended ASCII code of K is shown in Figure 5)
- M ⁇ "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
- M represents plain text, a total of 256 bytes, which is an encrypted input sequence.
- K represents the initial key stream, a total of 16 bytes (that is, 128-bit binary), and the key space size is 256 bytes, therefore, the initial key stream is used to fill the key space 16 times, when it represents For extended ASCII code, as shown in Figure 5.
- K' represents the key stream
- C 1 , X 1 , Y 1 , Z 1 , C 2 , X 2 , Y 2 , Z 2 are predetermined integers, in this example, the value is 0 , 1 , 3 , 0 , 0 , 1 , 7 , 0.
- the key stream K′ obtained after bit transformation from the initial key stream K is shown in FIG. 6.
- C represents the ciphertext encrypted by the method of the present invention, which is an encrypted output sequence. If calculated in a byte (8-bit binary) unit, it contains a total of 158 different extended ASCII characters.
- C_old represents the ciphertext obtained by the original stream cipher method based on the exclusive-or operation. If calculated in bytes (8-bit binary), it contains 16 different extended ASCII characters.
- the overall level of the number of binary codes of different ciphertexts obtained by using the method of the present invention is higher than that of the original stream cipher method based on the exclusive OR operation, that is, the code distribution of the ciphertext obtained by using the method of the present invention is more uniform.
- n represents the total number of symbols in the file
- n/r represents the expected value of various symbols uniformly appearing in all 256 codes.
- the value range of ⁇ in this example is [0,65280]; the uniformity ⁇ of ciphertext C is calculated as 264; the uniformity ⁇ of ciphertext C_old is calculated as 6912;
- Method 1 In order to test the influence of the number of groups on the code uniformity, 41 grouping experiments were carried out, and the comparison results of the code uniformity are shown in Table 1. Among them: The main difference between Method 1 and Method 2 lies in the different rules applied by the key stream generator.
- j is called the "bit order", which is the number of the binary bits of the key stream, starting from 0 in this example.
- Table 1 below shows the comparison of code uniformity when using block encryption.
- the code uniformity of the ciphertext file encrypted using the method of the present invention is better than that of the traditional method (the larger the value, the lower the code uniformity).
- the code uniformity is slightly lower, but it is still stronger than the traditional method. This is mainly caused by the different key stream generators, and the value of the number of packets is a relatively safe choice.
- Decryption is the inverse operation of the encryption process. By scanning the key stream and the ciphertext stream, calculate the storage address of each binary bit of the ciphertext in the plaintext space, and then map it to the plaintext space to obtain the plaintext M.
- the decryption process of the ciphertext obtained in Example 1 is shown in Figure 2, Figure 9 and Figure 10.
- ⁇ 0X1A, 0XC2, 0X6B, 0XDC ⁇ is the cipher text
- K ⁇ "1234" ⁇ represents the initial key.
- ⁇ 0X31,0X32,0X33,0X34 ⁇ is the extended ASCII code of the initial key "1234", convert it to binary to get ⁇ 00110001,00110010,00110011,00110100 ⁇ 2 .
- K' represents the final key obtained by bit transformation on the specific bits of the initial key K.
- ⁇ 0XA3, 0X7B, 0X17, 0XA6 ⁇ is the extended ASCII code (hexadecimal) of the key, convert it to binary to get ⁇ 10100011,01111011,00010111,10100110 ⁇ 2 .
- M' is a pseudo-plaintext sequence obtained by ciphertext C according to the position swap rule.
- ⁇ 0X3D, 0XE5, 0X89, 0X38 ⁇ is the extended ASCII code (hexadecimal) of M', convert it to binary to get ⁇ 00111101,11100101,10001001,00111000 ⁇ 2 .
- ⁇ 0X61,0X61,0X61,0X61 ⁇ is the extended ASCII code (hexadecimal) of the plaintext "aaaa”, convert it to binary to get ⁇ 01100001,01100001,01100001,01100001 ⁇ .
- the decryption process is shown in Figure 9 and Figure 10.
- X, Y, and Z are predetermined integers, in this example 0, 3, and 0 respectively.
- the gray shading part of the initial key K represents a specific bit that satisfies the above formula.
- the position swap rule applied to the ciphertext in this example is: simultaneously scan the corresponding bits of the ciphertext C, key stream K', and pseudo-plaintext space M', i 1 and i 2 , j 1 and j 2 , k 1 and k 2 move towards each other at the same time.
- the bit transformation rule applied to the pseudo-plaintext M' is: according to the specific bit of the key K', the bit-wise inversion, in this example, it is a binary bit with a "false" value.
- the gray shading in the pseudo-plaintext M' represents the pseudo-plaintext corresponding to the "false" value of the key K', and the gray shading in the plaintext M is the result of bit-wise inversion of the gray shading in the pseudo-plaintext sequence M' .
- the final plaintext M is shown in Figure 10.
- bit transformation rules can use mathematical formulas, pseudo-random sequences and various chaotic signals generated by various key stream generators, and any random files with uniform binary code distribution.
- " means logical OR operation; C, X, Y, Z are predetermined integers, and Y should be a prime number.
- j is called the "bit order", which is the number of the binary bits of the key stream. Since the plaintext, key, and cipher text all adopt a circular queue structure, the starting value of j can be any legal position in the key stream.
- a dual key stream is used, and the corresponding bit of the initial key stream is reversed according to the true value or false value of another key stream, thereby forming a key stream generator.
- Rule 1 Two scans, the first pass replaces the corresponding bits of the plaintext according to the false value bits of the key stream, and the second pass replaces the corresponding bits of the plaintext according to the truth bits of the key stream.
- the first pass scans the plaintext and the key, and moves the low and high pointers toward each other. When both low and high point to the false bit of the key stream, the bit value of the plaintext is replaced.
- the second pass scans the plaintext and the key, and moves the low and high pointers toward each other. When both low and high point to the true value of the key stream, the bit value of the plaintext is replaced.
- Rule 2 In one scan, the corresponding bits of the plaintext are replaced according to the false and true bits of the key stream.
- Rule 3 One scan, according to the true value bit and false value bit of the key stream, replace the corresponding bit of the plaintext.
- the design of the encryption and decryption method set is based on the combination of the bit transformation rule set and the position transformation rule set, and the design and combination methods of each set are flexible and diverse. Take the encryption and decryption method used in Example 3 as an example to illustrate the algorithm design process of this method.
- the initial key flow is:
- Plaintext storage space M new char[M_bytes+1];
- Ciphertext storage space C new char[M_bytes+1]
- p_str is a pointer to a character string, and the parameter n represents a binary bit whose subscript is n;
- Function return value return the value (0,1) of the nth bit (bit) of the string pointed to by p.
- p_str is a pointer to a character string, and the parameter n represents a binary bit whose subscript is n;
- p_str is a pointer to a character string, and the parameter n represents a binary bit whose subscript is n;
- the total number of different symbols (codes) radix is 256
- lambda is the code uniformity of the ciphertext calculated by this method
- max_lam is the maximum code uniformity.
- the ciphertext file C is:
- the key file K’ is:
- the ciphertext storage space C new char[C_bytes+1];
- p_str is a pointer to a character string, and the parameter n represents a binary bit whose subscript is n;
- Function return value return the value (0,1) of the nth bit (bit) of the string pointed to by p.
- p_str is a pointer to a character string, and the parameter n represents a binary bit whose subscript is n;
- p_str is a pointer to a character string, and the parameter n represents a binary bit whose subscript is n;
- Function function call de_bit_transfor function and de_bit_replace function, and use group replacement method to complete decryption.
- the solution of the present invention is different from the previous traditional stream cipher encryption technology mainly in that it does not rely on the exclusive OR operation, but is based on the replacement and transformation operations on the plaintext binary bit stream, and the key The uniformity of the flow is not strictly required.
- the main principles of the technical solution of the present invention are summarized as follows.
- the initial key stream can come from various types of files, such as documents, audio, video, pictures, etc., or from pseudo-random sequences generated by various key stream generators and various chaotic signals, etc., that is, the initial key
- the coding uniformity of the stream in binary has little effect on this algorithm. Under the premise of the current technology, when the key length is 128 bits, it is almost impossible to search for the key using an exhaustive method (violent method) on a computer.
- the applicant’s previous invention patents for stream ciphers are based on hash functions.
- the problem is that the hash function can only change the positions of “0” and “1” in the plaintext and map them to the password.
- the code distribution of the plaintext or the key is biased toward all "0” or all "1” in the binary system (that is, when there are too many bytes like 0X00 or 0XFF), there is a situation that encryption fails or is easily attacked.
- the introduction of the set of bit operation rules in the new method proposed in this paper can perfectly solve the above situation, so that there is no corresponding relationship between the number of "0" and "1” in the plaintext and the ciphertext.
- the method steps in the embodiments of the present invention can be implemented or implemented by computer hardware, a combination of hardware and software, or by computer instructions stored in a non-transitory computer-readable memory.
- the method can use standard programming techniques.
- Each program can be implemented in a high-level process or object-oriented programming language to communicate with the computer system.
- the program can be implemented in assembly or machine language.
- the language can be a compiled or interpreted language.
- the program can be run on a programmed application specific integrated circuit for this purpose.
- the method can be implemented in any type of computing platform that is operably connected to a suitable computing platform, including but not limited to a personal computer, a mini computer, a main frame, a workstation, a network or a distributed computing environment, a separate or integrated computer Platform, or communication with charged particle tools or other imaging devices, etc.
- a suitable computing platform including but not limited to a personal computer, a mini computer, a main frame, a workstation, a network or a distributed computing environment, a separate or integrated computer Platform, or communication with charged particle tools or other imaging devices, etc.
- Aspects of the present invention can be implemented by machine-readable codes stored on non-transitory storage media or devices, whether removable or integrated into a computing platform, such as hard disks, optical reading and/or writing storage media, RAM, ROM, etc., so that they can be read by a programmable computer, and when the storage medium or device is read by the computer, it can be used to configure and operate the computer to perform the processes described herein.
- machine-readable code or part thereof, can be transmitted through a wired or wireless network.
- machine-readable media include instructions or programs that implement the steps described above in combination with a microprocessor or other data processors
- the invention described herein includes these and other different types of non-transitory computer-readable storage media.
- the present invention also includes the computer itself.
- a computer program can be applied to input data to perform the functions described herein, thereby converting the input data to generate output data that is stored in non-volatile memory.
- the output information can also be applied to one or more output devices such as displays.
- the converted data represents physical and tangible objects, including specific visual depictions of physical and tangible objects generated on the display.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
Description
Claims (10)
- 一种基于位置换和位变换的加密解密方法,其特征在于,所述方法包括以下步骤:S1、开辟内存空间,为明文文件、密文文件及密钥文件准备对应的存储空间,其中初始的密钥文件来自已知编码序列,并且作为加密和解密的共用文件;S2、按照位运算规则以改变初始的密钥流的位值,从而得到位变换的密钥流,然后按照依赖于密钥流的位运算规则改变明文的位值;S3、在已经过位变换的明文流的基础上,按照依赖于密钥流的位置换规则,对位变换后的明文流进行位置换运算,并将其随机散布在密文流中,从而得到目标密文后储存为文件。
- 根据权利要求1所述的方法,其特征在于,所述步骤S1包括:初始化明文文件,加载需要加密的明文文件,设置密钥文件码元个数,其中密钥文件的字节长度能进行自定义设置;用于初始的密钥文件的编码序列来自于文本文档、音频、视频、图片、图像、图形、伪随机码、混沌值中的任一者或者任意多者的组合。
- 根据权利要求1所述的方法,其特征在于,所述步骤S2包括:借助各种密钥流生成器产生的伪随机序列和各种混沌信号,或者借助任意的在二进制上码分布均匀的随机文件,以提供位变换运算规则。
- 根据权利要求1或3所述的方法,其特征在于,在所述步骤S2中,所述的位运算规则包括以下运算规则中的任意一种或者任意多种的组合:规则1:将满足以下布尔函数的二进制位进行取反F(j)=(C+X×j)MOD Y==Z,其中,C、X、Z为事先确定的整数,Y为质数,j为密钥流二进制位的编号;“MOD”表示求余运算,“==”表示判断相等运算;规则2:根据密钥流的真值位或假值位取反。
- 根据权利要求1所述的方法,其特征在于,所述步骤S3包括:将位变换后的明文流进行一次或多次的分组位置换;和/或将初始密文作为参数进行一次或多次的分组位置换;以得到一次或多次加密后的密文文件。
- 根据权利要求5所述的方法,其特征在于,在所述步骤S3中,所述的位置换运算步骤包括:S311、在每个分组内设置双端指针,该两个指针的取值是由明文、密钥二进制流构成的循环队列的合法位置,并且该两个指针的初始距离被配置为明文、密钥的二进制流的长度;S312、第一趟扫描明文、密钥,相向移动第一指针和第二指针,当第一指针和第二指针均指向密钥流的假值位时,置换明文的位值;S313、重新设置分组内的双端指针,这两个指针相向移动,并且取值能够是明文、密钥二进制流构成的循环队列的合法位置,并且该指针的重置距离为明文、密钥的二进制流的长度;S314、第二趟扫描明文、密钥,相向移动第一指针和第二指针,当第一指针和第二指针均指向密钥流的真值位时,置换明文的位值。
- 根据权利要求5所述的方法,其特征在于,在所述步骤S3中,所述的位置换运算步骤包括:S321、在每个分组内设置双端指针,使这两个指针进行同向或相向移动,该两个指针的取值是由明文、密钥二进制流构成的循环队列的合法位置,并且对该两个指针的初始距离不进行配置;S322、只扫描明文、密钥一趟,移动第一指针和第二指针,当第一指针指向密钥流的假值位,第二指针指向密钥流的真值位时,置换第一指针和第二指针对应的明文的位值,当其中一个指针已经绕明文或密钥的循环队列走一圈时结束;S323、在指针结束位置进行明文的位值置换。
- 根据权利要求1所述的方法,其特征在于,还包括:对所述明文文件、密文文件和密钥文件分别创建对应的明文加密随机数、密文加密随机数和密钥加密随机数,根据加密随机数的值生成对应的工作指针;对明文文件、密文文件、密钥文件进行工作指针位移读取;对工作指针进行多次循环遍历,同时根据工作指针所指向的密钥流二进制位的值,对明文文件进行多次迭代,得到密文文件。
- 一种计算机装置,包括存储器、处理器及储存在存储器上并能够在处理器上运行的计算机程序,其特征在于,所述处理器执行所述程序时实现如权利要求1至8中任一项所述的方法。
- 一种计算机可读存储介质,其上储存有计算机程序,所述计算机程序被处理器执行时实现如权利要求1至8中任一项所述的方法。
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US17/428,405 US11750375B2 (en) | 2019-02-18 | 2019-04-19 | Encryption and decryption method and device based on bit permutation and bit transformation |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910119852.5A CN109951268B (zh) | 2019-02-18 | 2019-02-18 | 基于位置换和位变换的加密解密方法和装置 |
CN201910119852.5 | 2019-02-18 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2020168629A1 true WO2020168629A1 (zh) | 2020-08-27 |
Family
ID=67006803
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2019/083409 WO2020168629A1 (zh) | 2019-02-18 | 2019-04-19 | 基于位置换和位变换的加密解密方法和装置 |
Country Status (3)
Country | Link |
---|---|
US (1) | US11750375B2 (zh) |
CN (1) | CN109951268B (zh) |
WO (1) | WO2020168629A1 (zh) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116980232A (zh) * | 2023-09-21 | 2023-10-31 | 深圳市能数科技有限公司 | 一种数据处理方法、装置、计算机设备和可读存储介质 |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110489466B (zh) * | 2019-07-03 | 2023-09-08 | 平安证券股份有限公司 | 邀请码的生成方法、装置、终端设备及存储介质 |
CN110266488B (zh) * | 2019-07-15 | 2021-08-31 | 国网江苏省电力有限公司电力科学研究院 | 基于位置组合的密钥生成方法和加密传输数据方法及系统 |
CN110795747A (zh) * | 2019-10-18 | 2020-02-14 | 浪潮电子信息产业股份有限公司 | 一种数据加密存储方法、装置、设备及可读存储介质 |
CN116781790B (zh) * | 2023-08-25 | 2023-12-05 | 国网江西省电力有限公司电力科学研究院 | 仪器规约规范智能转换系统、方法、可读介质和电子设备 |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2000046954A1 (en) * | 1999-02-08 | 2000-08-10 | Qualcomm Incorporated | Method and apparatus for generating encryption stream ciphers |
CN105577364A (zh) * | 2011-10-27 | 2016-05-11 | 华为技术有限公司 | 一种加密方法、解密方法和相关装置 |
CN106953875A (zh) * | 2017-04-26 | 2017-07-14 | 吉林大学珠海学院 | 基于多密钥流密码的顺序加密方法 |
CN109194461A (zh) * | 2018-05-11 | 2019-01-11 | 吉林大学 | 基于双密钥流密码的单向链表顺序加密解密方法 |
Family Cites Families (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4936996B2 (ja) * | 2007-05-24 | 2012-05-23 | 株式会社東芝 | 非線形データ変換器、暗号化装置、および復号装置 |
JP5044848B2 (ja) * | 2007-12-04 | 2012-10-10 | 剣 竜沢 | Pi++ストリーム暗号の暗号方法および復号方法、並びにパイ・データに基づく暗号算法及び復号化算法 |
JP4687775B2 (ja) * | 2008-11-20 | 2011-05-25 | ソニー株式会社 | 暗号処理装置 |
CN203733220U (zh) * | 2013-12-20 | 2014-07-23 | 湖南三益科技有限公司 | 一种数码式电表 |
CN105281894B (zh) * | 2015-11-25 | 2018-10-23 | 深圳供电局有限公司 | 一种基于七阶幻立方的明文加密方法和系统 |
CN107547189A (zh) * | 2016-06-28 | 2018-01-05 | 埃沙尔公司 | 免受侧信道分析的保护方法和设备 |
CN108429613A (zh) * | 2018-03-09 | 2018-08-21 | 国网陕西省电力公司电力科学研究院 | 一种基于en-present算法的电网信息加密方法 |
-
2019
- 2019-02-18 CN CN201910119852.5A patent/CN109951268B/zh active Active
- 2019-04-19 US US17/428,405 patent/US11750375B2/en active Active
- 2019-04-19 WO PCT/CN2019/083409 patent/WO2020168629A1/zh active Application Filing
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2000046954A1 (en) * | 1999-02-08 | 2000-08-10 | Qualcomm Incorporated | Method and apparatus for generating encryption stream ciphers |
CN105577364A (zh) * | 2011-10-27 | 2016-05-11 | 华为技术有限公司 | 一种加密方法、解密方法和相关装置 |
CN106953875A (zh) * | 2017-04-26 | 2017-07-14 | 吉林大学珠海学院 | 基于多密钥流密码的顺序加密方法 |
CN109194461A (zh) * | 2018-05-11 | 2019-01-11 | 吉林大学 | 基于双密钥流密码的单向链表顺序加密解密方法 |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116980232A (zh) * | 2023-09-21 | 2023-10-31 | 深圳市能数科技有限公司 | 一种数据处理方法、装置、计算机设备和可读存储介质 |
CN116980232B (zh) * | 2023-09-21 | 2024-01-12 | 深圳市能数科技有限公司 | 一种数据处理方法、装置、计算机设备和可读存储介质 |
Also Published As
Publication number | Publication date |
---|---|
CN109951268A (zh) | 2019-06-28 |
US11750375B2 (en) | 2023-09-05 |
CN109951268B (zh) | 2020-12-22 |
US20220150054A1 (en) | 2022-05-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2020168628A1 (zh) | 基于随机散列和位运算的加密解密方法和装置 | |
US11991275B2 (en) | System and method for quantum-safe authentication, encryption and decryption of information | |
WO2020168629A1 (zh) | 基于位置换和位变换的加密解密方法和装置 | |
US11233628B2 (en) | Equivocation augmentation dynamic secrecy system | |
US7945049B2 (en) | Stream cipher using multiplication over a finite field of even characteristic | |
US8127130B2 (en) | Method and system for securing data utilizing reconfigurable logic | |
CN104488218B (zh) | 加密装置、解密装置、加密方法、解密方法 | |
CN107147487B (zh) | 对称密钥随机分组密码 | |
CN109981249B (zh) | 基于拉链式动态散列和nlfsr的加密解密方法及装置 | |
CN103825723A (zh) | 一种加密方法和装置 | |
Joshy et al. | Text to image encryption technique using RGB substitution and AES | |
Widiasari | Combining advanced encryption standard (AES) and one time pad (OTP) encryption for data security | |
Bhat et al. | Information Security using Adaptive Multidimensional Playfair Cipher. | |
CN108777622B (zh) | 一种二进制流散列取模加密解密方法 | |
Kun et al. | An improved AES algorithm based on chaos | |
Kashyap et al. | Security techniques using Enhancement of AES Encryption | |
Haryono | Comparison encryption of how to work caesar cipher, hill cipher, blowfish and twofish | |
Samid | A Unary Cipher with Advantages over the Vernam Cipher | |
Pan et al. | Generating Dynamic Box by Using an Input String | |
Anil et al. | Securing Secret Messages: A Review | |
Nuthan et al. | Development of Randomized Hybrid Crypto system | |
Abdelbadie Abdallah et al. | COMPARATIVE STUDY OF CRYPTOGRAPHY TECHNIQUES | |
Khaing et al. | Image Encryption Based on AES Stream Cipher in Counter Mode | |
Vaudenay | Conventional Cryptography | |
Qiu et al. | Color Image Encryption Scheme Based on Chaotic Map |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 19916085 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 19916085 Country of ref document: EP Kind code of ref document: A1 |
|
32PN | Ep: public notification in the ep bulletin as address of the adressee cannot be established |
Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 20.01.2022) |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 19916085 Country of ref document: EP Kind code of ref document: A1 |