Method to code data unit represented as bit string

FIELD: information technologies.

SUBSTANCE: method to code a data unit represented as a bit string consisting in formation of a secret key in the form of subkeys K and Q, which represent bit strings, formation of an auxiliary n-bit string T, formation of an n-bit auxiliary cryptogram CM by performance of operation of E coding on the data unit M depending on K according to the formula CM=EK(M), formation of an n-bit auxiliary cryptogram CT by performance of operation of E coding on the n-bit string T depending on Q according to the formula CT=EQ(T), formation of 2n-bit cryptogram C depending on subkeys K and Q and auxiliary cryptograms CM and CT, differing by the fact that the subkey K is formed as a 2n-bit string, representing concatenation o two n-bit strings k1 and k2, the subkey Q is formed as a 2n-bit string, representing concatenation of two n-bit strings q1 and q2, the (n+1)-bit string m is formed, and the 2n-bit cryptogram C is formed as concatenation of two binary polynomials of degree n-1, being the solution to the system of two linear equations k1C1+k2C2=CM mod m and q1C1+q2C2=CT mod m with two unknown binary polynomials C1 and C2, in which m is an additionally formed polynomial of degree n, and n-bit strings k1, k2, q1, q2, CM, CT are considered as binary polynomials of degree n-1, and (n+1)-bit string m is considered as a binary polynomial of degree n.

EFFECT: increased level of protection of coded information.

2 cl

 

The invention relates to the field of telecommunications and computing, and more particularly to the field of cryptographic methods and devices for protecting information transmitted over telecommunication networks by encrypting1(1The interpretation used in the description of terms are given in Appendix 1) messages (information).

There are ways to encrypt electronic messages, represented in digital form, namely, in the form of binary data, performed by a secret key, for example, a method, implemented in the form of a block encryption algorithm RC5 [B. Schneier, "Applied Cryptography", Second Eddition, John Wiley & Sons, Inc., New York, 1996, PP. 344-346]. The method includes forming a secret key in the form of a set of plug, split n-bit binary unit of information on n/2-bit information sub-blocks A and B and the serial conversion of data sub-blocks. The sub-blocks is converted by a serial execution over them linear and nonlinear operations, which are operations of summation modulo 2mwhere m=n/2=8, 16, 32, 64, bitwise sum modulo 2 and the cyclic shift to the left, and the number of bits to be shifted transform the sub-block depends on the value of the other sub-blocks. The latter property is characteristic for the method RC5 and determines the dependence of the cyclic operation is on shift at the current step of the transform sub-blocks from the original values of the input data block. The sub-block information, for example, subsection B, transform, by imposing A subblock to subblock B using the bitwise sum modulo 2 B:=B⊕A. then over the subblock B perform the operation of cyclic shift to the left by the number of bits equal to the value of sub-block A:B:=B<<<A. Then on the sub-block B and one of the plug K perform the operation of summation modulo 2mwhere m is the length of the subblock in bits: B:=(B+K)mod 2m. Then similarly converted subsection A. depending on the size of the key is performed several iterations of the transformation of both sub-blocks. This method provides a relatively high speed of encryption in the software implementation. The lack of encryption RC5 is a low resistance to differential and linear types of cryptanalysis [Kaliski B. S., Yin Y. L. On Differential and Linear Cryptanalysis of the RC5 Encryption Algorithm. Advances in Cryptology - CRYPTO 95. Proceedings, Springer-Verlag, 1995, pp. 171-184].

There is a method of encrypting the n-bit data blocks [B. Schneier, "Applied Cryptography", Second Eddition, John Wiley & Sons, Inc., New York, 1996, pp. 193-194] by generating a secret key K, split the message M into n-bit blocks of data M1, M2, ..., Mkwhere k is the number of blocks in the message; n≥64 bits, and then encrypting the data blocks M1, M2, ..., Mkmoreover , the encryption process is performed in the following way. Encrypt a block of M1a secret key, receiving unit of the cryptogram C1then, starting with the value i=2 and to the value i=k, summarize using the bitwise summation block of the cryptogram Ci-1and the block Miobtained by summing the data block encrypted by a secret key, receiving the current block of the cryptogram Ci. The collection of blocks of the cryptogram C1C2, ..., Ckis a cryptogram containing the message in a hidden form. Removing the message from the cryptogram is practically possible only using the secret key used in the encryption, which provides protection of information contained in the message during its transmission through open communication channels. This method provides an improvement of the statistical properties of the cryptogram, but it has the drawback consisting in the fact that you lose the opportunity of independent decryption blocks cryptogram.

The closest in technical essence to the present method of encryption of data block M, represented as n-bit strings, a method described in patent No. 2459275 [Moldovyan A. A., Moldovyan N. A. Method of block encryption of message M represented in binary form. Patent No. 2459275] on p. 2 of the claims of the said patent. Prototype method includes forming secret what about the key, includes plug K and Q, the formation of the auxiliary n-bit block of binary data T, the formation of the n-bit auxiliary cryptogram CMby performing the above M the operation of block cipher E depending on K by the formula CM=EK(M), the formation of the n-bit auxiliary cryptogram CTby performing the above T the operation of block cipher E depending on Q by the formula CT=EQ(T), formation of the cryptogram C depending on the secret key and auxiliary cryptograms CMand CT.

Prototype method allows for the protection of information with the use of deceptive traps, which is that a potential attacker substitutes the part of the secret key, which is the connection Q, as a decryption key, and as an auxiliary n-bit block of binary data T used n-bit block of bogus messages. The unit cryptogram C is decrypted by converting it additional key leading to the auxiliary cryptogram C* representing concatenating two n-bit strings CMandCT:C=CMCT. Then p is HaVaYaH n-bit string C Tdecrypted by performing the operations of block D conversion inverse to the operation of block cipher E, i.e., by the formula T=DQ(CT). The same procedure of decryption is performed using the key K and the left n-bit string CMauxiliary cryptogramC=CMCT, namely M, is restored by the formula M=DK(CM). The disadvantage of the prototype is the fact that different parts of the auxiliary cryptogram C* used when decrypting data block M and block bogus messages T. It unmasks the presence in the cryptogram block C block data M.

The task, which directed the claimed technical solution is the development of a method for encrypting a data block M, represented as n-bit strings, providing effective disguise the existence of the n-bit data block M of 2n-bit block of the cryptogram C due to the formation of n-bit auxiliary cryptogram and use all its bits when performing procedures decryption as n-bit data block M and the auxiliary n-bit string T.

The technical result of the new method of encryption of a data block is provided in the form of a bit line, is to increase the level of security of information, encrypted with its use. This technical result is achieved in that in the method for encrypting a data block M, represented as n-bit string, which consists in forming a secret key in the form of a plug K and Q, which represent the bit line, forming an auxiliary n-bit string T, the formation of the n-bit auxiliary cryptogram CMby performing the above block of data M the operation of block cipher E depending on K by the formula CM=EK(M), the formation of the n-bit auxiliary cryptogram CTby performing the above n-bit string T of operation of block cipher E depending on Q by the formula CT=EQ(T), the formation of 2n-bit cryptogram C depending on plug K and Q and auxiliary cryptograms CMand CT,

what's new is that the connection K is formed in the form of a 2n-bit string that represents the concatenation of two n-bit strings k1and k2the connection form Q in the form of a 2n-bit string that represents the concatenation of two n-bit strings, q1and q2form (n+1)-bit string m and form a 2n-bit cryptogram C in the form of a concatenation of two binary polynomials of degree n-1, which is a solution of the system of two linear equations k1C1+k C2=CMmod m and q1C1+q2C2=CTmod m with two unknowns binary polynomial C1and C2in which m is additionally formed a polynomial of degree n and n-bit strings k1, k2, q1, q2CMCTtreated as binary polynomials of degree n-1 and (n+1)-bit string m is considered as a binary polynomial of degree n.

New is also that form the (n+1)-bit string m in the form of an irreducible binary polynomial of degree n.

The formation of the (n+1)-bit string m in the form of an irreducible binary polynomial of degree n reduces the complexity of computing the solution of a system of linear equations, which decreases the time required to encrypt the data block M, represented as n-bit strings.

Thanks to this new essential features due to the formation of n-bit auxiliary cryptograms CMand CTensures the use of all the bits of the auxiliary cryptogram procedure decrypt a block of data M, and the auxiliary n-bit string T, which can be applied to n-bit block of bogus messages. This provides an effective disguise the existence of the n-bit data block M of 2n-bit block of the cryptogram C when it is decrypted and a potential infringer using key elements Q and m 2as a decryption key, because the decryption is performed by the same formula when decrypting data block M and block bogus messages, T.

The correctness of the declared method for encrypting a data block M, represented as n-bit strings, is that for 2n-bit cryptogramC=C1C2can be restored n-bit data block M will connectK=k1k2according to the formula M=DK((k1C1+k2C2)mod m), where D is the operation block decryption are inverse operations of block cipher E, and the auxiliary n-bit string T connectQ=q1q2according to the formula T=DQ((q1C1+q2C2)mod m).

Indeed, when performing the decryption procedure will connectK=k1k2have

.

and when the procedure of decryption will connectQ=q1q2have

.

Next, the feasibility and correctness of the declared method for encrypting a data block M, represented as n-bit strings, illustrated by particular examples of its implementation.

Example 1. Encryption of a data block M, is presented in the form of a 65-bit string. Generate the secret key in the form of a plug K and Q, and the subkey K is formed in the form of a 130-bit string that represents the concatenation of two 65-bit strings k1and k2, i.e., K=(k1, k2), and the connection form Q in the form of a 130-bit string that represents the concatenation of two 65-bit strings, q1and q2, i.e., Q=(q1, q2). Form 66-bit stringrepresenting the sequence of coecients of irreducible binary polynomial of degree at 65, i.e., binary polynomial x65+x18+1 [see table irreducible binary polynomials on C. 209 in the book Bolotov A. A., gaskov B. C., Frolov A. B. Elementary introduction to elliptic cryptography: Protocols, cryptography on elliptic curves. - M.: Komkniga, 2006. - 280 S.]. Then form the auxiliary 65-ituloy string T and 65-bit auxiliary cryptogram C Mby performing the above block of data M the operation of block cipher E, depending on the sub-key K=(k1, k2the formula CM=EK(M), where the operation of block cipher is described by the following algorithm:

1. To set the value of the counter i←1 and the variable CM←M, where ← denotes the assignment operation.

2. Considering the 65-bit strings k1and M as a binary polynomials to form a 65-bit string CMrepresenting a sequence of binary coefficients of the polynomial computed by the formula CM←(k1CMmod m)<23<where (...)<23<denotes the cyclic shift operation of a bit line (...) on 23 bits to the left.

3. Considering the 65-bit string k2to convert the 65-bit string CMaccording to the formula CM←(k2CMmod m)<17<where (...)<17<denotes the cyclic shift operation of a bit line (...) on the 17th bit to the left.

4. Increment the counter value i: i←i+1. If i<10 then go to step 2, otherwise the current value of CMbe taken as the output value of the operation block encryption EKmade on a 65-bit data block M.

Then form a 65-bit auxiliary cryptogram CTby performing the above 65-bit string T of operation of block cipher E depending on the data Q=(q 1, q2the formula CT=EQ(T) in accordance with the following algorithm:

1. To set the value of the counter i←1 and the variable CT←T.

2. Considering the 65-bit strings k2and T as binary polynomials to form a 65-bit string CTrepresenting a sequence of binary coefficients of the polynomial computed by the formula CT←(q1CTmod m)<23<.

3. Convert 65-bit string CTaccording to the formula CT←(q2CTmod m)<17<.

4. Increment the counter value i: i←+1. If i<10 then go to step 2, otherwise the current value of CMbe taken as the output value of the operation block encryption EQ(T), performed on a 65-bit string T.

After forming the auxiliary cryptograms CMand CTin the form of binary polynomials presented in the form of a 65-bit strings, form 130-bit cryptogram C by solving the following system of two linear equations

.

The solution of this system are two binary polynomial C1and C2presented in the form of a 65-bit strings. Combining the 65-bit string C1and C2receive a 130-bit cryptogramC=C1C2 where the sign ║ denotes the concatenation operation (Union) bit strings.

The proof of the correctness of that particular variant of the claimed method of encryption of data block M, is presented in the form of a 65-bit line, is proved analogously to the previously described General proof of correctness of the claimed method taking into account the fact that the operation block decryption DK(CM), the reverse operation of block cipher EK(M), is implemented by the following conversion procedure:

1. To set the value of the counter i←1 and the variable M←CM.

2. Convert 65-bit string M, performing consistently calculations according to the formulas M←M>17>andMMk2-1modmwhere (...)>17>indicates the operation of cyclic shift of a bit line (...) on the 17th bit to the right.

3. Convert 65-bit string M, performing consistently calculations according to the formulas M←M>23>andMMk1-1modmwhere (...)>23>indicates the operation of cyclic shift of a bit line (...) by 2 bits to the right.

4. Increment the counter value i: i←i+1. If i<10 then go to step 2, otherwise the current value of M as the output value of the operation DKmade on a 65-bit data block CM.

Similarly, written procedure for the implementation of the operation block decryption DQ(CT), the reverse operation of block cipher EQ(T).

Considered a private implementation of the claimed method can be applied for joint encryption of two messages M and T, each of which, for example, has a size of 65 KB. The message M is divided into 65-bit data blocks M1, M2, ..., Mwwhere w=1000. Message T is divided into 65-bit data blocks T1, T2, ..., Tw. Alternately, for values of i=1, 2, ..., 1000 pairs of data blocks (Mi, Ti, jointly encrypted in accordance with the described example implementation of the claimed method, resulting in the text as a sequence 130-bit cryptograms(C1C2)ii=1, 2, ..., 1000.

Example 2. Encryption of a data block M, is presented in the form of a 52-bit string. Generate the secret key in the form of a plug K and Q, and the subkey K forms the shape in the form of a 104-bit line, represents the concatenation of two 52-bit strings k1and k2, i.e., K=(k1, k2), and the connection form Q as 104-bit string that represents the concatenation of two 52-bit strings, q1and q2, i.e., Q=(q1, q2). Form 53-bit string

representing the sequence of coecients of irreducible binary polynomial of degree 52, i.e., binary polynomial x53+x3+1 [see table irreducible binary polynomials on C. 209 in the book Bolotov A. A., gaskov B. C., Frolov A. B. Elementary introduction to elliptic cryptography: Protocols, cryptography on elliptic curves. - M.: Komkniga, 2006. - 280 S.]. Then form the auxiliary 52-bit string T and a 52-bit auxiliary cryptogram CMby performing the above block of data M the operation of block cipher E, depending on the sub-key K=(k1, k2the formula CM=EK(M), where the operation of block cipher is described by the following algorithm:

1. To set the value of the counter i←1 and the variable CM←M, where ← denotes the assignment operation.

2. Considering the 52-bit strings k1and M as a binary polynomial, to generate 52-bit string CMrepresenting a sequence of binary coefficients of the polynomial, wycillin the th by the formula C M←(k1CMmod m)<19<where (...)<19<indicates the operation of cyclic shift of a bit line (...) on the 19th bit to the left.

3. Considering the 52-bit string k2to convert the 65-bit string CMaccording to the formula CM←(k2CMmod m)<11<where (...)<11<denotes the cyclic shift operation of a bit line (...) on the 11th bit to the left.

4. Increment the counter value i: i←i+1. If i<10 then go to step 2, otherwise the current value of CMbe taken as the output value of the operation block encryption EKperformed on a 52-bit data block M.

Then form 52-bit auxiliary cryptogram CTby performing the above 52-bit string T of operation of block cipher E, depending on the data Q=(q1, q2the formula CT=EQ(T) in accordance with the following algorithm:

1. To set the value of the counter i←1 and the variable CT←T.

2. To generate 52-bit string CTrepresenting a sequence of binary coefficients of the polynomial computed by the formula CT←(q1CTmod m)<19<.

3. To convert a 52-bit string CTaccording to the formula CT←(q2CTmod m)<11<.

4. Increment the counter value i: i←i+1. If i<10 then go to step 2, otherwise they the AE current value of C Mbe taken as the output value of the operation block encryption EQ(T), performed on a 65-bit string T.

After forming the auxiliary cryptograms CMand CTin the form of binary polynomials presented in the form of a 52-bit strings, form 130-bit cryptogram C by solving the following system of two linear equations.

The solution of this system are two binary polynomial C1and C2presented in the form of a 52-bit strings. Combining a 52-bit string C1and C2receive a 104-bit cryptogramC=C1C2where the sign ║ denotes the concatenation operation (Union) bit strings.

The proof of the correctness of that particular variant of the claimed method of encryption of data block M, is presented in the form of a 52-bit line, is proved analogously to the previously described General proof of correctness of the claimed method taking into account the fact that the operation block decryption DK(CM), the reverse operation of block cipher EK(M), is implemented by the following conversion procedure:

1. To set the value of the counter i←1 and the variable M←CM.

2. Convert 52-b the starting line M, performing consistently calculations according to the formulas M←M>11>andMMk2-1modmwhere (...)>11>denotes the cyclic shift operation of a bit line (...) on the 11th bit to the left.

3. To convert a 52-bit string M, performing consistently calculations according to the formulas M←M>19>andMMk1-1modmwhere (...)>19>denotes the cyclic shift operation of a bit line (...) on the 19th bit to the left.

4. Increment the counter value i: i←i+1. If i<10 then go to step 2, otherwise the current value of M as the output value of the operation DKmade on a 65-bit data block CM.

Similarly, written procedure for the implementation of the operation block decryption DQ(CT), the reverse operation of block cipher EQ(T).

Considered a private implementation of the claimed method can be applied for joint encryption of two messages M and T, each of which, for example, has size 520 KB. The message M is divided into 52-bit data blocks M1, M2, ..., Mw, is de w=10000. Message T is divided into 52-bit data blocks T1, T2, ..., Tw. Alternately, for values of i=1, 2, ..., 10000 pair of 52-bit data blocks (Mi, Tijointly encrypted in accordance with the described example implementation of the claimed method, resulting in the text as a sequence 130-bit cryptograms(C1C2)ii=1, 2, ..., 1000.

These examples show that the inventive method of encryption of data block M, represented as n-bit strings, functions correctly, technically realistic and allows you to solve the problem.

The inventive method of encryption of data block M, represented as n-bit strings that can be applied for the development of comprehensive protection of information from unauthorized access, providing additional security information by imposing a potential attacker a false message. This method can also be applied for secure broadcast messaging with managing access to messages from recipients when the identical procedure decrypt the same cryptogram. the which means of secure broadcast messaging solve the problem of neotlazhennosti traffic in the transmission of information via telecommunications channels.

Interpretation of terms used in the description of the invention

1. Binary digital electromagnetic signal sequence of bits as zeros and ones.

2. Binary options digital electromagnetic signals: capacity and order unit and zero bits.

3. Bit binary digital electromagnetic signal to the total number of unit and zero bits, for example, the number 10011 is a 5-bit.

4. Bit string (BS) - binary digital electromagnetic signal, represented as a finite sequence of digits "0" and "1".

5. The secret key is a binary digital electromagnetic signal used to generate the signature for a given electronic document. The secret key is represented, for example, in binary form as a series of digits "0" and "1".

6. Multi-digit binary number (MDC) - binary digital electromagnetic signal that is interpreted as a binary number and is represented as a sequence of digits "0" and "1".

7. A polynomial is an ordered sequence of coefficients, each of which is a single-bit or multi-bit binary number (MDC). On polynomials defined operations of addition of polynomials and multiplication of polynomials, which are reduced to performing operations on the coefficients of the polynomials whom the Xia operands. Polynomials and rules of action are discussed in detail in the books [Kostrikin A. I. Introduction to algebra. Basic algebra. M.: Fizmatlit. 1994. - 320 S.] and [Kurosh A., a Course of higher algebra. - M.: Nauka, 1971. - 431 S.]. In computing devices polynomials are represented as a bit string in which each bit or each substring of bits of fixed length is interpreted as one of the coefficients of the polynomial, over which the operations of addition and multiplication factors.

8. Binary polynomial is a polynomial, the coefficients of which are single-bit binary numbers "0" and "1". Binary polynomial is written as a bit string, senior level which is equal to a single bit. The degree of the polynomial is the value of S, is equal to the length of a bit string representing a binary polynomial minus one. In algebraic form of a binary polynomial is written as a sum of some degrees si<S formal variable x, for example in the form ofxS+xs1+xs2+xs3+1. In algebraic form, you specify only the terms with nonzero coefficients, since the position to which fficient correlated with the degree of formal variable, in which it is recorded.

9. Irreducible binary polynomial is a binary polynomial, which is not divisible by any other binary polynomial, i.e., irreducible binary polynomial cannot be represented as the product of two binary polynomials.

10. Comparable modulo some polynomial m are polynomials, the difference is divided by the polynomial m without residue or, equivalently, polynomials, when divided by the polynomial m work remains equal.

11. The multiplication of two polynomials modulo (mod) of the polynomial m is as usual algebraic multiplication of polynomials, followed by taking the remainder from dividing the polynomial m.

12. The operation of addition of two polynomials is performed as a summation of all coefficients of the same degree of formal variable, as elements of the field that owns the coefficients of the polynomials (this field is called a field, which is set to polynomials).

13. An algebraic structure is a set of mathematical elements, some nature. As mathematical elements can be, for example, polynomials, MDC, couples MDC, a pair of polynomials, three MDC, three polynomials, matrices MDC, matrices, polynomials, and so on, are defined over mathematical actions (operations). Matematiche the key algebraic structure is defined by specifying a particular set of mathematical elements and one or more operations, performed on the elements.

14. An element of an algebraic structure is one of a bit line or a set of multiple bit lines, on which is defined an algebraic operation. When defining a particular type of algebraic structure defined operations on elements of algebraic structures, which indicate clearly the rules of interpretation and conversion of bit strings that represent these elements. Implemented in the computing device converting bit strings correspond to the operations performed on the elements of a given algebraic structure.

15. A group is an algebraic structure (i.e. the set of elements of different nature), on the elements which defines one operation, and which if the specified operation has a set of properties: the operation is associative, the result of the operation on the two elements is also an element of the same structure, there is a neutral element such that when performing operations on it and some other element of theandgroup the result is theand. Detailed description of the groups is given in the books [A. G. Kurosh. Group theory. - M., Izd-vo "Nauka", 1967. - 648 S.] and [M And. Kargapolov, Y. I. Merzlyakov. Fundamentals of theory of groups. - M., publishing house "Science. Fizmatlit", 1996. - 287 S.]. The operation is defined on the elements of a group, called ropeway operation.

16. A ring is an algebraic structure (i.e. a set of mathematical elements of nature), the elements of which are defined two operations, one of which is called addition, and the second multiplication. When specified operations this algebraic structure has a specified set of properties: operations of addition and multiplication associative and commutative, multiplication is distributive with regard to the operation of addition, and the result of execution of each of these operations on the two elements is also an element of that structure. Also to add there is a neutral element such that when performing operations on it and some other element of theandgroup the result is theand. The neutral element with respect to addition is called the zero element (or null). A detailed description of the rings is given in the books [Kostrikin A. I. Introduction to algebra. Basic algebra. M.: Fizmatlit. 1994. - 320 S.] and [Kurosh A., a Course of higher algebra. - M.: Nauka, 1971. - 431 S.].

17. A field is an algebraic structure (i.e. a set of mathematical elements of different nature), on the elements which are defined two operations, one of which is called addition, and the second multiplication. When specified operations this algebraic structure has a specified set of properties: operations SL is the supply and multiplication is associative and commutative, the multiplication operation is the distribution relative to the operations of addition, and the result of execution of each of these operations on the two elements is also an element of that structure. Moreover, for each of these two operations, there is a neutral element such that when performing operations on it and some other element of theandgroup the result is theand. The neutral element with respect to addition is called the zero element (or null), and the neutral element with respect to multiplication is called a single element (or unit). In addition, each non-zero elementandcan be mapped in compliance with only theand-1called inverse element with respect to this element, such that the producta-1a(and henceaa-1) is equal to unity. A detailed description of the fields is given in the books [A. I. Kostrikin. Introduction to algebra. Basic algebra. M.: Fizmatlit. 1994. - 320 S.] and [Kurosh A., a Course of higher algebra. - M.: Nauka, 1971. - 431 S.].

18. The operation of dividing a binary polynomial of A binary polynomial B modulo binary polynomial m is performed as the operation of multiplication modulo m binary polynomial of A binary polynomial B-1that is reverse to the binary polynomial B modulo binary polynomial m.

19. The set of all binary polynomials of degree which does not exceed the value of S, together with the operation of addition and multiplication modulo an irreducible polynomial of degree S+1 forms a field GF(2Swith number of elements equal to 2S. In this field, as well as in other fields, the system comprising two linearly independent equations with two unknowns are the only solution.

1. Encryption of a data block represented as a bit string, which consists in forming a secret key in the form of a plug K and Q, which represent the bit line, forming an auxiliary n-bit string T, the formation of the n-bit auxiliary cryptogram CMby performing the above block of data M the operation of block cipher E depending on K by the formula CM=EK(M), the formation of the n-bit auxiliary cryptogram CTby performing the above n-bit string T of operation of block cipher E depending on Q by the formula CT=EQ(T), the formation of 2n-bit cryptogram C depending on plug K and Q and auxiliary cryptograms CMand CT, characterized in that the connection K is formed in the form of a 2n-bit string that represents the concatenation of two n-bit strings k1and k2the connection form Q in the form of a 2n-bit string representing concatena the s two n-bit strings, q 1and q2form (n+1)-bit string m and form a 2n-bit cryptogram C in the form of a concatenation of two binary polynomials of degree n-1, which is a solution of the system of two linear equations k1C1+k2C2=CMmod m and q1C1+q2C2=CTmod m with two unknowns binary polynomial C1and C2in which m is additionally formed a polynomial of degree n and n-bit strings k1, k2, q1, q2CMCTtreated as binary polynomials of degree n-1 and (n+1)-bit string m is considered as a binary polynomial of degree n.

2. The method according to p. 1, characterized in that the form (n+1)-bit string m in the form of an irreducible binary polynomial of degree n.



 

Same patents:

FIELD: information technologies.

SUBSTANCE: method to code a message represented as a multidigit binary number, which consists in the fact that a secret key is generated (p, q) in the form of two simple multidigit binary numbers p and q, an open key is generated in the form of a multi-digit binary number n=pq, a cryptogram C is generated depending on the message M and open key n, and the message M is recovered from the cryptogram C according to the secret key (p, q), differing by the fact that additionally they generate an auxiliary multidigit binary number R<n, the cryptogram C is formed as a pair (A, B) of multidigit binary numbers A and B depending on the message M, the open key n and the multidigit binary number R, and the message M is recovered by solving the equation x2-Ax+B=0 mod n relative to the unknown x and calculation of the message M from one of the solutions of the specified equation.

EFFECT: increased level of protection of coded information.

4 cl

FIELD: radio engineering, communication.

SUBSTANCE: method of encrypting a binary data (M) unit comprises generating a secret key which includes subkeys Q and R, generating an auxiliary n-bit unit of binary data T, generating an in-bit auxiliary cryptogram CM by performing, over M, a block encryption E operation depending on Q using the formula CM=EQ(M), generating an n-bit auxiliary cryptogram CT by performing, over T, a block encryption E operation depending on R using the formula CT=ER(T), generating a cryptogram C depending on the secret key and the auxiliary cryptograms CM and CT, characterised by that subkey Q is generated in the form of a 2n-bit line which is a concatenation of two n-bit binary numbers q1 and q2, the subkey R is generated in the form of a 2n-bit line which is a concatenation of two n-bit binary numbers r1 and r2, generating a (n+1)-bit binary number p and generating a cryptogram C in the form of a concatenation of two multi-bit binary numbers C1 and C2, which are the solution of a system of two linear equations q1C1+q2C2=CM mod p and r1C1+r2C2=CT mod p with two unknowns C1 and C2.

EFFECT: higher level of security of encrypted information.

3 cl

FIELD: radio engineering, communication.

SUBSTANCE: invention relates to communication systems. Disclosed versions provide methods and systems for generating arbitrary channel switching patterns, frequent update of patterns, generating different patterns for different cells/sectors and generating patterns of adjacent frequency subcarriers for block channel switching.

EFFECT: efficient design of arbitrary channel switching patterns in a communication system.

34 cl, 7 dwg

FIELD: physics, computer engineering.

SUBSTANCE: Invention relates to data transmission in digital TCP/IP data networks via HTTP. The method of transmitting data in digital TCP/IP data networks via HTTP is realised by a system which includes network modules integrated into a client computer and a server computer and which facilitate a connection between the client computer and the server computer; receiving and transmitting network packets in the connection between the client and the server; encrypting the network packets for the established connection; tunneling the network packets; wherein between the client and the server there are at least two proxy servers connected to the client and the server; the method comprises establishing, by the network modules, a connection between the client and the server, wherein the connection is established through at least two proxy servers; creating a tunnel message in the client network module; transmitting the tunnel message to the server; selecting a delay T value based on maximum transmission speed of the tunnel message between the client and the server by carrying out the following procedures: establishing a time T variation interval and a time increment; measuring the transmission speed of the tunnel message for each value of T in the interval; selecting a value of T corresponding to the maximum transmission speed; determining the volume of a packet with false data Q; sending from the client a packet with false data with volume Q, T seconds after last transmission of false data via an HTTP tunnel; receiving the tunnel message at the server; disconnecting the Nagle algorithm for a TCP connection in network modules of the client and the server; disconnecting the TCP delayed acknowledgment algorithm in network modules of the client and the server.

EFFECT: high speed of transmitting data between a client and a server.

FIELD: information technology.

SUBSTANCE: method for incorporation of information into an image compressed by a fractal method based on a formed library of domains, which involves formation stages of a vector of image compression parameters, input of hidden information, extraction of domains and rank areas, correlation of rank areas and domains, formation of a terminal archive; besides, at the image compression stage, bits of hidden information are coded with coordinates of domains.

EFFECT: providing a possibility of hidden transmission of confidential data.

7 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to computer engineering. The information protection method is based on two-way transmission and subsequent detection of probing radio signals carrying their emission timestamps, associated with predetermined time scales, and originating from communication devices located at both ends of a radio link, performing irreversible mathematical transformations over number sequences, encryption and decryption of messages using a key, while performing mutual recognition of communication participants and synchronising the time scale of the communication devices of the participants. The method also includes setting the operating time interval of information protection means and accumulating two matching sets of binary equivalents.

EFFECT: high reliability of protecting information during communication.

1 dwg

FIELD: radio engineering, communication.

SUBSTANCE: existing single-channel method of receiving navigation safety information through narrow-band direct printing in the short-wave range with an allowable error threshold thereof of 4% can be replaced with extended verbal instructions of message symbols by a digital selective call, wherein a shipborne receiver may collect symbol-by-symbol even a message that is received distorted on all transmission channels thereof.

EFFECT: high reliability of receiving navigation safety information, shorter time for multichannel transmission of messages owing to compression of text, compatibility of the disclosed method with the existing level of usage of shipborne digital selective call receivers/controllers.

9 dwg

FIELD: radio engineering, communication.

SUBSTANCE: invention relates to a method of protecting security data transmitted by a transmitter to a receiver, the method comprising periodic transmission to a receiver, alternately with said security data, of neutral data intended to prevent security data filtering.

EFFECT: improved data protection.

16 cl

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to computer engineering and telecommunication and is intended to solve the problem of protecting computer information. The method of performing three rounds of transformation is carried out along x, y, z axes. The first round involves performing N two-dimensional replacement transformations of layers Lx0, Lx1, …, Lx(N-1); the second round involves N two-dimensional replacement transformations of layers Ly0, Ly1, …, Ly(N-1); the third round involves N two-dimensional replacement transformations of layers Lz0, Lz1, …, Lz(N-1).

EFFECT: high speed of operation by increasing degree parallelism.

5 dwg, 1 tbl

FIELD: radio engineering, communication.

SUBSTANCE: method of encrypting an n-bit data unit M includes generating a secret key by generating subkeys Q and R and auxiliary subkeys in form of mutually simple multi-bit binary numbers m1 and m2, generating an auxiliary n-bit data unit T, generating an n-bit auxiliary cryptogram CM by performing a block encryption operation E over the M depending on Q using the formula CM=EQ(M), generating n-bit auxiliary cryptograms CT by performing a block encryption operation E over T depending on R using the formula CT=ER(T), generating a cryptogram C in form of a solution of a system of two identities C≡CMmodm1 and C≡CTmodm2 with unknown C. In a particular version of the method, m1 and m2 are prime numbers.

EFFECT: high level of security of information encrypted using said method.

2 cl

FIELD: information technologies.

SUBSTANCE: method to code a message represented as a multidigit binary number, which consists in the fact that a secret key is generated (p, q) in the form of two simple multidigit binary numbers p and q, an open key is generated in the form of a multi-digit binary number n=pq, a cryptogram C is generated depending on the message M and open key n, and the message M is recovered from the cryptogram C according to the secret key (p, q), differing by the fact that additionally they generate an auxiliary multidigit binary number R<n, the cryptogram C is formed as a pair (A, B) of multidigit binary numbers A and B depending on the message M, the open key n and the multidigit binary number R, and the message M is recovered by solving the equation x2-Ax+B=0 mod n relative to the unknown x and calculation of the message M from one of the solutions of the specified equation.

EFFECT: increased level of protection of coded information.

4 cl

FIELD: radio engineering, communication.

SUBSTANCE: method of encrypting a binary data (M) unit comprises generating a secret key which includes subkeys Q and R, generating an auxiliary n-bit unit of binary data T, generating an in-bit auxiliary cryptogram CM by performing, over M, a block encryption E operation depending on Q using the formula CM=EQ(M), generating an n-bit auxiliary cryptogram CT by performing, over T, a block encryption E operation depending on R using the formula CT=ER(T), generating a cryptogram C depending on the secret key and the auxiliary cryptograms CM and CT, characterised by that subkey Q is generated in the form of a 2n-bit line which is a concatenation of two n-bit binary numbers q1 and q2, the subkey R is generated in the form of a 2n-bit line which is a concatenation of two n-bit binary numbers r1 and r2, generating a (n+1)-bit binary number p and generating a cryptogram C in the form of a concatenation of two multi-bit binary numbers C1 and C2, which are the solution of a system of two linear equations q1C1+q2C2=CM mod p and r1C1+r2C2=CT mod p with two unknowns C1 and C2.

EFFECT: higher level of security of encrypted information.

3 cl

FIELD: radio engineering, communication.

SUBSTANCE: Weber function-based quantum attack-secure encryption method employs Weber function cycles for elliptical curves on a number comparable with 1 modulo 8, and the cycles are determined by low-order Elkies isogenies. The next value of the Weber function is found as a root of an integer-valued symmetrical multinomial. The secret key is a list of integers (N1, …, Nk), where Ni is the number of steps performed per cycle of Weber functions for an Elkies isogeny of the order li, and the public key is a value of the Weber function of the last isogeny. A positive direction on the cycle is given during the first calculation of the Weber function for the isogeny of the order l. To this end, the isogeny core is selected as divider of the power of the (l-1)/2 l-th division polynomial which determines the minimum expansion ratio in which points of the core lie, and the three most-significant coefficients of the polynomial, which defines the core, are used to calculate coefficients of the isogenic image of the elliptical curve. Steps on the cycle are performed according to the sign of the number Ni.

EFFECT: protection from quantum attacks.

3 cl, 2 dwg

FIELD: radio engineering, communication.

SUBSTANCE: method of encrypting an n-bit data unit M includes generating a secret key by generating subkeys Q and R and auxiliary subkeys in form of mutually simple multi-bit binary numbers m1 and m2, generating an auxiliary n-bit data unit T, generating an n-bit auxiliary cryptogram CM by performing a block encryption operation E over the M depending on Q using the formula CM=EQ(M), generating n-bit auxiliary cryptograms CT by performing a block encryption operation E over T depending on R using the formula CT=ER(T), generating a cryptogram C in form of a solution of a system of two identities C≡CMmodm1 and C≡CTmodm2 with unknown C. In a particular version of the method, m1 and m2 are prime numbers.

EFFECT: high level of security of information encrypted using said method.

2 cl

FIELD: information technology.

SUBSTANCE: method comprises steps of: encoding a digital program to link said digital program with an authentication agent by packing the digital program and authentication agent into single digital content. Said authentication agent includes a program code executed by a device, wherein the device can reproduce said digital program and execute the program code. The program code is configured to authenticate the device when executed in the device; and provide said device with digital content which includes said digital program and said authentication agent. Said digital program is encrypted via a first encryption algorithm, and the decryption key of the fist encryption algorithm is encrypted via a second encryption algorithm and is stored in the authentication agent.

EFFECT: performing device authentication and authorisation independent from an authentication server.

14 cl, 7 dwg

FIELD: information technology.

SUBSTANCE: invention realises a common key block encryption processing with improved immunity against attacks, such as attack by saturation and algebraic attacks (RYAS attacks). In the encryption device which performs common key encryption processing, S blocks which are used as nonlinear conversion processing modules in round functions established in round function execution modules are configured to use S blocks of at least two different types. Such a configuration can improve immunity against attacks by saturation. Furthermore, the types of S blocks are a mixture of different types. Use of such a configuration can improve immunity against algebraic attacks, thereby realising a highly secure encryption device.

EFFECT: harder cryptanalysis and realisation of a highly secure common key block encryption algorithm.

52 cl, 19 dwg

FIELD: medicine.

SUBSTANCE: round device realising a sequence of actions for each data encryption device, comprises a summation unit CM1, a substitution box K, a shift unit R, an extra register PREG. In view of using the extra register, a maximum clock frequency in the data flow chart is determined by a maximum delay in the unit CM1, and in the boxes S and R.

EFFECT: higher clock frequency of the encryption device.

3 dwg

FIELD: radio engineering, communication.

SUBSTANCE: disclosed is a method of protecting information based on identification data, which involves encrypting a source message and subsequent decryption using a secret key generator and by applying a computational technique, characterised by that the following procedures are performed: at the initial initialisation step, calculating a secret master key and a system public key; at the second step, sending the secret master key to the input of an algorithm which executes the secret key computation step and generates, at the request of the decryption algorithm, a secret key for the new system user; at the encryption step, encrypting the source message using the identifier of the new user and the system public key obtained at the initial initialisation step; at the decryption step, transmitting to the input of the decryption algorithm the secret key for the new user and decrypting the message obtained at the encryption step.

EFFECT: high security.

5 cl, 5 dwg

FIELD: information technology.

SUBSTANCE: device for encrypting data includes a GOST 28147-89 conversion circuit, an AES conversion circuit, an AES key conversion unit, a first multiplexer, a second multiplexer, a data storage and a key storage; the output of the data storage is connected to the first input of the GOST 28147-89 conversion circuit and to the first input of the AES conversion circuit; the output of the key storage is connected to the second input of the GOST 28147-89 conversion circuit, the second input of the AES conversion circuit, the input of the AES key conversion unit and the second input of the second multiplexer; outputs of the GOST 28147-89 conversion circuit and the AES conversion circuit are connected to the first and second inputs of the first multiplexer, respectively; the output of the first multiplexer is connected to the input of the data storage; the output of the AES key conversion unit is connected to the first input of the second multiplexer; the output of the second multiplexer is connected to the input of the key storage; encryption algorithm selection signals are transmitted to the control inputs of the first and second multiplexers.

EFFECT: reducing the amount of memory required to encrypt data.

3 dwg

FIELD: information technology.

SUBSTANCE: in the method for block encryption of a message M, which is presented in form of a multibit binary number, a private key and a cryptogram, which depends on the message M and the private key, are generated, wherein the private key is generated in form of a set of subkeys K1, K2,…, Kh, where h≥1, and auxiliary multibit binary numbers p1, p2,…, pu, pu+1, where u≥1; auxiliary multibit binary numbers R1, R2,…, Ru, D are generated and a cryptogram is generated in form of a multibit binary number C, which satisfies the comparison system C≡R1 mod p1, C≡R2 mod p2,…, C≡Ru mod pu, C=D mod pu+1, where at least one of the numbers R1, R2,…,Ru depends on the message M and one of the subkeys K1, K2,…, Kh.

EFFECT: higher stability of the cryptogram.

3 cl, 2 ex, 1 app

FIELD: computer science, namely, engineering of computing devices for processing data.

SUBSTANCE: device has first input for sending first encrypted operand, second input for second encrypted operand, third input for encryption parameter and output for encrypted result of operation. Also provided is adder with selective transfer for encrypted data, cryptographic processor, providing high level of protection from attacks, method for performing operations with operands, method and device for forming computing device for performing operations with operands.

EFFECT: increased level of protection of data processing.

6 cl, 26 dwg

Up!