# Method of block cryptographic transformation of binary data

(57) Abstract:

The invention relates to the field of telecommunications and computing, and more particularly to the field of cryptographic methods and devices for data encryption. The basis of the invention is increasing the number of different variants of the operation, depending on the converted unit, thus achieving a technical result is an increase in resistance of the cipher. The method includes partitioning the binary code information on N 1 information blocks and sequential transformation of the information blocks, and optionally form a control code V, when the conversion information block above the block of information to perform at least one managed operation changes depending on the value of control code V, and the control code V shape with a secret key, also control code V shape on the current value of the converted information unit and the control code V shape on the secret key and the current value of an information block. In addition, the control code V shape by additional binary data. 4 C.p. f-crystals, 7 Il. The invention relates to the field of telecommunications and computing techniques the tx2">In the set of features proposed method uses the following terms:- the secret key consists of binary information, known only to the legitimate user;

- cryptographic transformation is the conversion of digital information, which provides the effect of one bit of the input data on many bits of output data, for example, to protect information from unauthorized read, generate digital signature generation detection code modifications; some of the important types of cryptographic transformations are one-way conversion, hashing and encryption;

- hashing information there is some way of forming a so-called hash value, the amount of which is fixed (typically 128 bits) for messages of any size; procedures hashing provides the dependence of the hash value from each bit of the message.encryption is the process of converting information that depends on a secret key, and converts the source text in the text (a cryptogram), representing a pseudo-random sequence of characters from which to obtain information without knowledge of the secret key practical neosmectine information on the cryptogram with knowledge of the secret key.

the cipher is a set of elementary steps of converting input data using the secret key; cipher can be implemented as a software or as a separate device;

- binary vector is a sequence of zero and a unit of bits, for example (101101011); the specific structure of the binary vector can be interpreted as a binary number, if we assume that the position of each bit corresponds to a binary digit, i.e., the binary vector can be mapped to a numerical value that is determined uniquely by the structure of the binary vector;

- cryptanalysis is a method of computing the secret key to gain unauthorized access to the encrypted information or the development of a method for providing access to encrypted data without calculating the secret key;

- one-way transformation is converting m-bit input data block into m-bit output data block, which makes it easy to calculate the output block input block, and the calculation of the input block, which would be transformed into a randomly selected output unit, is a nearly impossible task;

- unilateral is that this value function is computationally difficult task; one-way functions are implemented as a sequence of procedures one-way transformation of some input unit (argument), the output value which is the value of the function;

- cryptographic strength is a measure of the reliability of the protection of encrypted information and represents the complexity measured in the number of elementary operations that must be performed to recover information on the cryptogram, when knowledge of the conversion algorithm, but without knowledge of the secret key; in the case of unilateral reforms under the cryptographic understood the complexity of the calculation input values of the block at its output value;

- the operation of cyclic shift that depends on transform subblock or dependent binary vector is a cyclic shift operation on the number of bits specified by the value of sub-block or the value of the binary vector; the operation of cyclic shift to the left (right) designated by the symbol "<<<" (">>>"), for example, B

_{1}<<< B

_{2}denotes the operation of cyclic left shift of the subblock B

_{1}on a number of bits equal to the value of the binary vector B

_{2}; these operations are basic for the cipher RC5;

single OPE is after performing some given single operation depends only on the initial value; example of single operations are operations of cyclic shift;

- double operation is an operation performed on the two operands; the result of executing some of this double operation depends on the value of each operand; an example of a two-place operations are the operations of addition, subtraction, multiplication, etc.- the operation of concatenation is the operation of combining several binary vectors, which is a new binary vector that includes all the bits of each of the merged binary vectors, the mutual arrangement of bits corresponding to the original binary vectors does not change; for example, the concatenation of the binary vectors W

_{1}= (101101011) and W

_{2}= (011101010) is written as W

_{1}/W

_{2}= (101101011011101010); binary data vector can be combined by concatenation operation another way: W

_{2}/W

_{1}= (011101010101101011).Known methods of block encryption of data, see, for example, cipher DES [B. Schneier, "Applied Cryptography", Second Eddition, John Wiley & Sons, Inc., New York, 1966, pp. 270-277]. In this way encryption of data blocks is performed by forming a secret key, split transformed data block into two sub-blocks L and R and alternate senectutem, which is formed as the output value of a function F from the values of the subblock R. then the sub-blocks are swapped places. The function F in the specified method is implemented by performing the operations of permutation and substitution performed on sub-blocks of R. This method has a high rate of conversions when implemented in the form of specialized electronic circuits. However, the known method is similar uses secret key of the small size (56-bit), making it vulnerable to cryptanalysis based on the selection key. The latter is associated with high computational power of modern computers.The closest in technical essence to the claimed method block cryptographic transformation of binary data is a method that is implemented in the RC5 cipher, described in the monograph [B. Schneier, "Applied Cryptography", Second Eddition, Jhn Wiley & Sons, Inc., New York, 1966, pp. 344-346] . Prototype method includes forming a secret key in the form of a set of plug, split binary code information on the m-bit information blocks and alternate converting m-bit blocks. Converting m-bit blocks is carried out by partitioning the m-bit data block into n-bit sub-blocks A and B, and poochera is eracy. As a two-place operations are the operations of addition modulo 2

^{n}where n = m/2 = 8, 16, 32, 64, and operation bitwise sum modulo 2. As a single operation, use the operation of cyclic left shift, and the number of bits that is shifted transform the sub-block depends on the value of another sub-block that determines the dependence of the cyclic shift operation on the current step of the transform sub-blocks from the original values of the input data block. Double operation is performed on sub-blocks and connection, as well as over the two sub-blocks. Characteristic of the prototype method is to use the cyclic shift operation depending on the values of the input block. The sub-block, for example, subsection (B) convert the following way. The operation is performed bitwise sum modulo 2 over the sub-blocks A and B and the value obtained after performing this operation is assigned to a sub-block B. This is written as a ratio of B: = B A, where the symbol ":=" denotes the assignment operation and the symbol "" denotes the operation bitwise sum modulo 2. Then over the subblock B perform the operation of cyclic shift to the left by the number of bits equal to the value of sub-block A: B: = B <<< A. Then for the bits: B: = (B + S) mod 2

^{n}. Then similarly converted subsection A. Is several steps in the conversion of both sub-blocks.This method provides high encryption speed when implemented in the form of computer programs. However, the prototype method has drawbacks, namely in the software implementation for computers with 32-bit microprocessor, it does not provide high resistance cryptographic transformation of data to differential and linear cryptanalysis [Kaliski B. S., Yin Y. L. On Differential and Linear Cryptanalysis of the RC5 Encryption Algorithm. Advances in Cryptology - CRYPTO '95 Proceedings, Springer-Verlag, 1995, pp. 171-184] . This disadvantage stems from the fact that the efficiency of operations, depending on the data to be converted, in order to complicate the known methods of cryptanalysis is reduced because the number of possible variants of the cyclic shift operation is equal to the number of binary digits of n sub-blocks and does not exceed 64.The basis of the invention is to develop a method of block cryptographic transformation of binary data in which the conversion of the input data would be carried out in such a manner that a rise in the number of different variants of the operation, dependent on the transform block, wealth is the ache is achieved by in method block cryptographic transformation of binary data, including splitting the binary code information on N 1 information blocks and sequential transformation of the information blocks, the new according to the invention is that additional form control code V and the conversion information block above the block of information carried out at least one managed operation changes depending on the value of control code V.Thanks to this solution makes it possible to increase the number of possible variants of the operation, dependent on the transform block, which increases the strength of cryptographic transform to differential and linear cryptanalysis.New is also that the control code V shape on the value of the secret key.This solution provides additional improved resistance to differential and linear cryptanalysis.New is also that the control code V shape on the current value of the transform block.Thanks to this solution, an additional increase in strength to attack, onevietnam key and the current value of the transform block.Thanks to this solution, enables higher reliability to a differential cryptanalysis based on problems with the device encryption.New is also that the control code V shape by additional binary data.This solution provides additional hardening hash.Below the essence of the invention is explained in more detail by examples, with reference to the accompanying drawings.In Fig. 1 shows a generalized diagram of the cryptographic transformation according to the claimed method.In Fig. 2 shows the possible types of procedures conversion information block.In Fig. 3 presents a block diagram of the elementary switch, which is the basic element of a managed operational block permutations.In Fig. 4 schematically shows the structure of a managed operational block permutations.In Fig. 5 schematically presents specific options for managed operations permutations, different way of forming control code V. Fig. 5D shows a special case of the managed operation PG. 6 shows a diagram transformations, explaining example 3.In Fig. 7 shows a diagram transformations, explaining example 4.The invention is illustrated a generalized diagram of the cryptographic transformation of data blocks on the basis of the proposed method, which is presented in Fig. 1, where: P

_{1}P

_{2},..., P

_{x}- managed operational blocks permutations; T - converted information unit; V

_{1}V

_{2},..., V

_{x}- the value of the control code V on the respective steps of the conversion information block, x is a natural number. Managed the operational block permutations performs the managed operation permutations, which refers to the implementation of the permutation of the bits of the input block depending on any variable parameter that is involved in the conversion. Such variables can be plug, the sub-blocks of an information block or specially produced values that change with the change of the initial value information block. As the variable parameter to control the operation of the permutation can be used also values generated from a random or pseudo-random data. In General, the value opravlyaushi the mother of the formation of the signals on the control input of the control operating unit of permutations. Managed operational block permutations will call conversion device having n-bit information input, n-bit output and g-bit control input. Managed the operational block permutations (P-unit) performs a permutation of the bits of the information block, the information supplied to the P input-block-specific values of the signals at g-bit control input. The sum of all signals at the control input is a control code V, the value of which specifies particular permutation of the bits of the converted information unit.A particular kind (or type) of the managed operation permutation P of length n is characterized by the ordered set where

_{V}- fixed permutation of length n, which in General are different, the V - value of a control code, g - bit control code. Can be designed, managed operating units of permutations with a value of g satisfying the following conditions: 1) g < n, 2) g = n, and (3) g > n. For the practical construction of devices cryptographic transformation of most interest are the P-blocks with a value of n = 32, 64, 128 and 256 and the value of g at two or more times EIT can be formed by:

1) repetition of an information block: V =

2) for converting the control code generated in accordance with paragraph 1

3) combine multiple connections: V = where is a natural number,

4) additional conversion control code generated in accordance with paragraph 3

5) combination of plug-and-information block: V = and after the merger control code may be subjected to additional conversion, for example, above it can be implemented operation fixed permutation in accordance with the formula: V: = (V).6) conversion of a secret key or one or more subkeys

7) additional conversion information block or one or more of the information sub-blocks.Managed permutation acts on the information block T as follows. The value of control code V is selected modification

_{V}in accordance with a fixed permutation

_{V}is a permutation of the bits of the information block T, which is formed by a value of P

_{V}(T).Fig. 1 shows a General scheme of transformations using upravlyauschaya encryption and to implement unilateral changes. As a control code V can be used (1) plug encryption generated by a secret key, (2) sub-blocks of an information block, (3) additional control information generated in the course of cryptographic transformation depending on additional binary information. As an additional control information may be a message for which you want to generate the hash code. In the case of unilateral reforms, the secret key may not be used as a control code V can be used the current value of an information block, or control code V can be formed on the current information block by additional conversion information block. A special case of formation control code V is the use of sub block converted information unit as a control code V to perform a controlled operation of the permutation of the bits of the converted information unit. As a control code V can be used information unit as a whole. On the control input block P the signals of the control code V. Because of this, performed on information Beskova conversion in Fig. 1 over the information block are two types of conversion procedures: (1) the procedures shown operating blocks E

_{1}E

_{2},..., E

_{x}and (2) the procedures shown operating blocks P

_{1}P

_{2}, ..., P

_{x}. Procedure type P represent the managed operation permutations, that is, the operation unit P performs a permutation of all bits of the information block or some part of them, depending on the value of the control code V. Procedures for type E there are some known set of transform operations: bitwise addition modulo two () addition modulo 2

^{n}where n 8 (+), multiplication, division, operation cyclic shift of a fixed permutation (), operation table lookup, the operation of concatenation and others in the procedure of E type over the current value of an information block size may be constant, may increase or may decrease. The size of the information block we mean the number of bits contained in the information block. Under the current value of the converted information unit we mean the set of bits received (after performing some procedure converted the General case is changed after each operation of the conversion.In Fig. 2 schematically shows the main options procedure type E. Fig. 2A shows a variant of the conversion information block without changing its size. This option is described, for example, by the formula T

_{o}= T

_{I}K, where the subkey K has the same size with the current value of the converted information unit, designated as T

_{I}. The value of an information block after transformation, denoted by T

_{o}. Fig. 2B shows a variant of the conversion information block with the increase of the size of the information block. The variant of Fig. 2B is described, for example, by the formula T

_{o}= where the sign denotes the concatenation of the values of T

_{I}and K. Fig. 2B shows a variant of the conversion information block with decreasing size of the information block. The variant of Fig. 2B is described by the formula T

_{o}= T

_{I}" T

_{I}"where the input block is divided into two sub-blocks of equal size, that is represented as the concatenation of the sub-blocks of T

_{I}" and T

_{I}': T

_{I}= Over sub-blocks of T

_{I}" and T

_{I}" the operation is performed bitwise sum modulo two, resulting in the size of the output block is reduced by half compared with the size of vhodnye control code V. On the input information block T

_{I}and the connection operation is performed bitwise sum modulo two, the resulting value is merged with the original value of the input block, resulting in an extended information block, is Then equal a fixed permutation of the bits of the extended information block in the result that is produced by the information unit with a value of R = (Under a fixed permutation is a permutation that does not depend on any parameters involved in the transformation. Such permutation is easily implemented in electronic circuits, for example, as a simple weave conductors. ) The obtained value of R can be represented as the concatenation of the binary vectors lesser length: R = as the output unit can be taken as a binary vector R' (i.e. in this case we have T

_{o}= R'), as the control code is a binary vector V=R". Possible transmission to the input of the next operating unit (of type E or of type P) extended information blocks, for example, in accordance with the following variants:

(1) T

_{o}= R and V = R,

(2) T

_{o}= R and V = R.Other variants are possible forms which include block and connection, (2) by repetition of the information block: T

_{o}= (3) combining the current value of the information block with the data: T

_{o}=

Managed operational blocks of permutations can be easily implemented as a simple high-speed combinational electronic circuits, using as the base node of the elementary switch. In Fig. 3 shows a block diagram of the elementary switch, where u is the control signal, a and b input data signals, c and d output data signals. When u = 1, the line a is switched from line c and line b from line d. When u = 0 line to a switched line d and line b - c line c. Thus, when the control value bit u = 0 is a permutation of the two input bits, and when u = 1 the input bits are not rearranged.In Fig. 4 schematically shows the structure of the managed operating unit of permutations with n-bit input. Managed the operational block permutations consists of several stages. Each cascade consists of a range of elementary switches S, which perform the switching of two adjacent bits of the information block, and the operational unit fixed permutation representing a simple periples depending on specific conditions for inclusion in a managed block permutations in the device encryption. It is obvious that the number of single-bit control inputs u such a managed block of permutations is equal to g = zn/2, where z is the number of stages. The number of possible permutations of n bits is in an approximate Stirling's formula for n = 64 are 64! 2

^{320}i.e. for all possible permutations will need to use a code length of at least 320 bits. However, in practice it is sufficient to use a relatively small fraction of this number of permutations, for example, 2

^{256}permutations, which corresponds to 8-cascading managed to block permutation 64-bit input. Managed operational blocks of permutations with such a structure for values of n = 32,64,128 can easily be produced using modern microelectronic technology.In Fig. 5 shows possible options managed operations of permutations performed on the block of information. In Fig. 5a shows a managed operation of permutation of bits of the information block T performed depending on the value of T. In this case, the generated control code V is equal to tIn Fig.5B shows a managed permutation operation performed on the m - bit information block T depending on the values of l bits of infocasino managed the operation of the permutation, performed on the information block T depending on the value of the control code V, which is formed on the current information block by performing the above information block cyclic left shift by 7 bits.In Fig. 5g shows a managed permutation operation performed on the information block T depending on the value of the subkey K, i.e., as a control code V is the value of the round subkey KManaged the operation of the permutation we understand as a managed operation permutations, which performs a permutation of the bits of a certain sub-block information block or performs a permutation of a few bits of the information block, leaving the other bits unchanged. This case is shown in Fig. 4D, where the information block T is represented as a concatenation of two blocks of t

_{1}and t

_{2}: E = and managed the operation of the permutation is performed on the block t

_{1}depending on the value of the control code V, which is the sub-block t

_{2}.In Fig. 5e shows a managed permutation operation performed on the information block T depending on the value upney current value information block and connection: V =

Consider specific examples of implementation of the proposed method cryptographic transformation of binary data blocks.Example 1.This example relates to the use of the proposed method for data encryption. Binary code information is broken on 64-bit information blocks represented as the concatenation of sixteen 4-bit sub-blocks: T = the Secret key is represented as a set of eight plug K

_{1}, K

_{2},..., K

_{8}. Encryption is carried out in the form of successive transformation of information blocks. Converting each information block is described by the following sequence of procedures:

1. Set the count of the number of rounds transformation r = 1.2. To convert the information block T in accordance with the expression:

T: =

where": = " symbol assignment operation and the designation of the managed operation permutations, where the lower index value is specified binary vector that depends on the specific type of permutation performed in the current step.3. To convert the information block T in accordance with the expression:

< / BR>

where S(t

_{i})" - symbol substitution operation, issue ovci consists in the following. Computes j = i mod 4. Instead of sub-blocks with a value of t

_{i}substituted a binary vector with a value of standing at the intersection of the j-th row and t

_{i}-th column.4. If r < 8, then increment the counter (r: = r+1 and go to step 2, otherwise Stop.In example 1, step 3 describes the conversion process indicated by operational block E in Fig. 1. Options other options encryption procedure as the procedure E described in the following examples.Example 2.This example relates to the use of the proposed method for data encryption. Binary code information is broken on 64-bit information blocks represented as the concatenation of two 32-bit sub-blocks: T = the Secret key is represented as sixteen 32-bit subkeys K

_{1}, K

_{2}, . .., K

_{16}. Encryption is carried out in the form of successive transformation of information blocks. Converting each information block is described by the following sequence of steps of the transformation:

1. Set the count of the number of rounds transformation r = 1.2. To convert the information block T in accordance with the expressions:

t<>/BR>< / BR>

where a set of bits of the information block corresponding to the subblock t

_{2}remains unchanged, and the value of t

_{2}is taken as the control binary vector, and the controlled operation of permutations over the information block is performed by moving bits of the subblock t

_{1}depending on the sub-block t

_{2}.4. To convert the information block T in accordance with the expressions:

t

_{1}: = t

_{1}t

_{2},

T: =

5. To convert the information block T in accordance with the expressions:

t

_{2}:= t

_{2}K

_{2r},

T: =

6. To convert the information block T in accordance with the expression:

< / BR>

T:=

where a set of bits of the information block corresponding to the subblock t

_{1}remains unchanged, and the value of t

_{1}is taken as the control binary vector, and the controlled operation of permutations over the information block is performed by moving bits of the subblock t

_{2}depending on the sub-block t

_{1}.7. To convert the information block T in accordance with the expression:

t

_{2}: = t

_{2}t

_{1},

T:=

8. If r < 8, then increment the counter (r:= r+1 and go to step 2, PRMIA over the information block and which is the private-choice procedures, designated as operational blocks E in Fig. 1.Example 3.This example relates to the use of the proposed method to compute the hash of the binary information M, which is divided into N blocks of information T

_{j}where j = 1, 2,..., N. the Calculation of the hash function is carried out by sequential execution of unilateral conversion over a 128-bit T

_{j}. 128-bit information blocks T

_{j}are represented as the concatenation of the 64-bit sub-blocks: T

^{j}= Schema transformations is illustrated in Fig. 6. The procedure for computing the hash function is described by the following sequence of steps of the transformation:

1. Set the counter number to be converted information blocks j = 1 and the initial value of the hash function H

_{0}= 0.2. To form the control code V: V: = where v" = t

_{j}"and v' = t

_{j}'.3. To convert the information block T

_{j}in accordance with the expression:

< / BR>

4. To convert the information block T

_{j}in accordance with the expression:

< / BR>

5. To assign a hash value H

_{j}: = T

_{j}H

_{j-1}.6. If j < N, then increment the counter (j:= j +1 and go to step 2, otherwise Stop.Lanatoside to use the proposed method for building data encryption algorithm. Binary code information is broken on 64-bit information blocks represented as the concatenation of two 32-bit sub-blocks: T = the Secret key is represented as eight 32-bit subkeys K

_{1}, K

_{2},..., K

_{8}. Encryption is carried out in the form of eight-fold repetition of a set of procedures resulting from one round of conversion and schematically shown in Fig.7. The round transformation in this example is a sequential execution of the expanding procedure E

_{1}managed operations of permutation P

_{1}and narrowing procedure E

_{2}.At the entrance procedure E

_{1}served 64-bit information block, represented as two 32-bit sub-blocks of data, t

_{1}and t

_{2}that are converted to extended output block data presented in the form of three sub-blocks t

_{2}B

_{2}and t

_{1}. Subsection B

_{2}produced in accordance with the following sequence of operations:

1. To merge the current round subkey K

_{r}and the subblock t

_{2}in a 64-bit binary vector B

_{0}:=

2. On a 64-bit binary vector B

_{0}to carry out (fixed) operation permutations : B

_{1}:= (B

_{0}).3. The calc is.The information input of the operational block permutations P

_{1}served subblocks t

_{2}B

_{2}and t

_{1}and the control input of the P

_{1}served round subkey K

_{r}. Managed the operational block permutations P

_{1}transmits information sub-blocks t

_{2}and t

_{1}without setting these two bits of the subblock and the permutation bits of information of the subblock B

_{2}applied to the input of the control operating unit P, which is part of the operational unit of P

_{1}.The information input of the control operating unit of permutations P is fed information subsection B

_{2}and on the control input block P - control code V, representing the Association information of the subblock t

_{2}and round subkey K

_{r}: V = Managed permutation operation is carried out as a permutation of the bits of the subblock B

_{2}depending on the sub-block data t

_{2}and the current round subkey K

_{r}: B

_{3}= P

_{V}(B

_{2}), where the control code V depends on the information of the subblock t

_{2}and from connection K

_{r}: V = output managed operational block permutations are displayed subblocks t

_{2}B

_{3}and t

_{1}that is TVset narrowing conversion and produces at the output of two 32-bit sub-block data t and t', and t' = t

_{2}and the subblock t" is formed using the following steps:

1. To submit 64-bit subblock B

_{3}as a concatenation of two 32-bit sub-blocks b and b': B

_{3}=

2. Folded modulo 2

^{32}the sub-blocks b and b': b':= (b '+b')mod 2

^{32}.3. To develop the subblock t" := t

_{1}b"'.Just run 8 of these rounds of transformation. The values t and t', developed at the r-th round, where r 7, taken as the input information data block (represented as two sub-blocks t

_{2}and t

_{1}for subsequent (r + 1)-th round. The concatenation of the values t and t', developed at the eighth round is taken as zashifrovannaja data block C =

Example 5.This example relates to the use of the proposed method for constructing the algorithm computing the hash of the message m as an additional binary information is derived binary vector H

_{0}with a length of 128 bits. The message M is represented as the concatenation of 128-bit blocks M

_{i}where i = 1, 2,..., N: M = Block cryptographic transformation of the values of H

_{0}is in the form of N-rounder conversion in accordance with the following algorithm :

1. To set the count stuudy a message block m3. To calculate the information block H

_{j}in accordance with the expression:

H

_{j}:= P

_{V}(H

_{j-1}) M

_{j}< / BR>

4. If j < N, then increment the counter (j:= j + 1 and go to step 2, otherwise the value of H

_{N}to take as the value of the hash of message m5. STOP.These examples show that the proposed method of cryptographic transformation of binary data blocks technical feasibility and allows to solve the problem.Due to the simple structure of the modern silicon planar technology makes it easy to produce a cryptographic microprocessor containing manageable blocks of permutations of size 32, 64 and 128 bits. The inventive method can be implemented, for example, in specialized cryptographic processors, providing the encryption speed of 500 Mbps, sufficient for encryption in real-time data transmitted over high-speed fiber-optic communication channels. 1. Method of block cryptographic transformation of binary data, including splitting the binary code information on N 1 information blocks and alternate conversion information block above the block of information to perform at least one managed operation permutations, depending on the value of control code V.2. The method according to p. 1, characterized in that the control code V shape with a secret key.3. The method according to p. 1, characterized in that the control code V shape on the current value of the converted information unit.4. The method according to p. 1, characterized in that the control code V shape on the secret key and the current value of the converted information unit.5. The method according to p. 1, characterized in that the control code V shape by additional binary data.

**Same patents:**

FIELD: cryptography.

SUBSTANCE: method includes generating random numbers with use of displacement register with check connection, elementary digit of which is a q-based symbol (q=2^{l}, l - binary symbol length) at length of q-based digits register, in check connection networks nonlinear two-parameter operations on q-based symbols F (u_{b}, u_{d}) are used, on basis of random replacement tables, for generating next random number values z_{1}=F(u_{i}, u_{j}), z_{2}=F(u_{t}, u_{m}), z_{g}=F(z_{1}, z_{2}) are calculated, where u_{i}, u_{j}, u_{t}, u_{m} - values of filling of respective register digits, value of result in check connection networks z_{g} is recorded to g digit of displacement register and is a next result of random numbers generation, after which displacement of register contents for one q-based digit is performed.

EFFECT: higher speed and efficiency.

3 cl

**FIELD: electrical communications and computer engineering; cryptographic data conversion.**

**SUBSTANCE: proposed method includes generation of protection key in the form of n-bit binary vector, its supply for initial filling of shift register producing maximal-length pseudorandom character sequence, conversion of data stream into encoded message, and its transfer over communication line; in the process total character of encoded text is shaped and its value is conveyed at moment when search sequence character assumed value equal to unity.**

**EFFECT: reduced redundancy in message transferred and enhanced message transfer speed.**

**1 cl, 2 dwg**

FIELD: electric communications.

SUBSTANCE: method is performed using microcontrollers with two memory types: data and software. For transfer of each symbol individual main and reserve codes are used, on basis of number of repeats of symbol in transferred message. First transfer of symbol is performed by main code, second transfer of same symbol - by reserve code, and then codes synchronization displacement is activated for a step around circle relatively to symbols until finish of circle. After transfer of displaced reserve code, closing the circle, synchronous replacement of codes variants is performed, and then order of codes replacement is repeated in case of repeat of any symbol in transferred message. Number of required code variants is set by planned volume of information, sent via communication line.

EFFECT: higher efficiency.

1 dwg

FIELD: data carriers.

SUBSTANCE: data carrier is made in such a way, that for important data protection operations confidential data stored in chip memory or formed by it are separated on at least three portions, also provided is processor for calculation of random number and for dividing confidential data on such random number, while first portion of data is an integer result of such division, and third portion of data is the actual random number.

EFFECT: higher quality of data protection.

3 cl, 1 dwg

FIELD: computer science, communications.

SUBSTANCE: method includes generating a protection key in form of a binary vector n-bit long, sending it for primary filling of displacement register, generating pseudo-random series of maximal length, generating pseudo-random series of symbols, transforming data stream to encrypted message and transmitting the latter along communication line, while pseudo-random series is generated as pseudo-random series of symbols of finite field F_{p} with characteristic p=2^{k}+1 in form of binary vectors k-nit long by getting information from k different bytes of displacement register with check connection, numbers of which are determined on basis of protection key, and number k is selected equal to one of members of geometric row, which has denominator and first member equal to two, and also a pseudo-random series of symbols is formed for finite field of odd values of symbols due to skipping clock pulses of displacement register with check connection for which pseudo-random series symbols take even values and serially transforming in finite field F_{p} symbols of source text by involution thereof, appropriate for pseudo-random series symbols.

EFFECT: higher resistance to attacks on basis of known and sorted out texts.

4 cl, 2 dwg

FIELD: radio engineering; secret intelligence protected radio communication systems.

SUBSTANCE: proposed radio communication system incorporating provision for suppressing enemy's radio communication means and radio control channels has information subsystem, noise jamming subsystem, noise memory subsystem, information subsystem elements, and subsystem elements interface unit; each element of information subsystem is made in the form of multichannel time-division radio station; each element of noise jamming subsystem is made in the form of time division multichannel radio station, and each of noise jamming subsystem elements is made in the form of barrage jamming transmitter built around noise signal generating driver; used as drivers are self-stochastic generator operating in different frequency bands.

EFFECT: enhanced intelligence protection of communication channels, simplified design, enhanced reliability.

2 cl, 13 dwg

FIELD: information protection.

SUBSTANCE: method for transferring messages while providing for confidentiality of identification signs of communication system objects with interaction of devices of communication system subscribers through central device for each communication session cryptographic conversion of subscriber device identifier is performed using encryption key of current subscriber device, while during said cryptographic conversion symmetrical cryptographic algorithm is used and two message transfer modes are taken in consideration, on initiative from subscriber device to central device and vice versa.

EFFECT: protection from unsanctioned access to identifiers of devices of system subscribers transferred via communication channels, in particular when providing for confidentiality of messages identification signs in communications systems with multiple subscriber devices.

6 dwg

FIELD: data processing.

SUBSTANCE: before beginning of decoding all possible non-repeating meanings of combinations of alphabet u_{i} are recorded randomly into code spreadsheet with N lines by means of random numbers detector (RND). Number i of code line of code spreadsheet Tk is recorded in each line u_{i} of address spreadsheet Ta. Meaning of combinations of alphabet u_{i} is recorded in spreadsheet Tk, where N-size of alphabet coincident with number of lines of code and address spreadsheets Tk and Ta, u_{i} is original combination being subject to coding. Moreover for filling any next i-line and line from code spreadsheet Tk (where i equals 1 to N) the next meaning of combination of alphabet from RND which is subsequently compared with each i-th meaning from recorded combinations of alphabet in code spreadsheet Tk. In case there is no coincidence with any recorded combinations of alphabet, the next meaning of combination of alphabet u_{i} is recorded into i-th line of code spreadsheet Tk. When coding line u_{i} of address spreadsheet Ta the address A(u_{i}) of original combination is read out from code spreadsheet Tk. Value of coded combination v_{i} of original combination u_{i} at value of parameter of conversion of ξ_{i} equals to value of combination of alphabet being stored in line A(v_{i}) of code spreadsheet Tk, which address is determined as A(v_{i})=A(u_{i})+ξ_{i} for module of N number. Value of coded combination v_{i} is read out from line of code spreadsheet Tk with address A(v_{i}). When decoding coded combination v_{i} at value of conversion parameter of ξ_{i} the value of combination is defined, which combination is stored in address line A(u_{i}) of spreadsheet Tk which address is determined as A(u_{i})=A(v_{i}) - ξ_{i} for module N number. Value of u_{i} combination is read out from line of code spreadsheet Tk having address A(u_{i}).

EFFECT: increased speed of data processing.

FIELD: computer science.

SUBSTANCE: method is based on block-wise conversion of message, dependently on secret key, to Cyrillic text.

EFFECT: possible use of Russian texts as containers for steganographic conversion, decreased dependence of statistic characteristics of modified container from concealed message.

2 cl, 6 dwg

FIELD: cryptography.

SUBSTANCE: block for generation of sub-keys data uses two different processes for open generation of sub-keys. During encoding of T*n block of open text, where T - length of predetermined cycle, n - positive integer, sixteen sets of sub-key data is generated. In al other cases two sets of sub-key data are generated. Encryption block encrypts open text, using formed sixteen or two sets of sub-keys data.

EFFECT: higher efficiency.

6 cl, 15 dwg