# The method is iterative encryption of data blocks

(57) Abstract:

The invention relates to the field of telecommunications and computing, and more particularly to the field of cryptographic methods and devices for data encryption. The basis of the invention is to reduce the number of rounds of encryption, which increases the speed of encryption, which is the technical result achieved in its implementation. The method includes forming a secret key, dividing the data block into two sub-blocks and the execution of R 2 rounds of encryption, which consists in forming on the first sub-block of the binary vector, the transformation of the binary vector and the imposition by the operation of summing the converted binary vector in the second subsection. What's new is that optional form control code and the second sub-block transform with two managed operations permutations, depending on the value of the control code, and one of them perform before applying binary vector to the second sub block and the second performed after applying a binary vector in the second subsection. New is also that the control code form on a secret key. Also new is the fact that managing nositsa to the field of telecommunication and computer engineering, and more particularly to the field of cryptographic methods and devices for encoding messages (or information).In the set of features proposed method uses the following terms:- the secret key is a binary information, known only to the legitimate user;

- cryptographic transformation is the conversion of digital information, which provides the effect of one bit of the input data on many bits of output data, for example, to protect information from unauthorized read, generate digital signature generation detection code modifications; important types of cryptographic transformations are one-way transformation, hashing and encryption;

- hashing information there is some way of forming a so-called hash value, the amount of which is fixed (typically 128 bits) for messages of any size; procedures hashing provides the dependence of the hash value from each bit of the message;

encryption is the process of converting information that depends on a secret key, and converts the source text in the text (a cryptogram), a random follower in the decryption process reverse procedure of encryption; decryption provides data recovery for the cryptogram with knowledge of the secret key.

the cipher is a set of elementary steps of converting input data using the secret key; cipher can be implemented as a software or as a separate device;

- binary vector is a sequence of zero and a unit of bits, for example (101101011); the specific structure of the binary vector can be interpreted as a binary number, if we assume that the position of each bit corresponds to a binary digit, i.e., the binary vector can be mapped to a numerical value that is determined uniquely by the structure of the binary vector;

- cryptanalysis is a method of computing the secret key to gain unauthorized access to the encrypted information or the development of a method for providing access to encrypted data without calculating the secret key;

- one-way transformation is a transformation of g-bit input data block in g-bit output data block, which makes it easy to calculate the output block input block, and the calculation of the input cottage;

- cryptographic strength is a measure of the reliability of the protection of encrypted information and represents the complexity measured in the number of elementary operations that must be performed to recover information on the cryptogram, when knowledge of the conversion algorithm, but without knowledge of the secret key; in the case of unilateral reforms under the cryptographic understood the complexity of the calculation input values of the block at its output value;

- the operation of cyclic shift that depends on transform subblock or dependent binary vector is a cyclic shift operation on the number of bits specified by the value of sub-block or the value of the binary vector; the operation of cyclic shift to the left (right) designated by the symbol "<<<" (">>>"), for example, the entry B <<< A denotes the operation of cyclic left shift of the sub-block B on the number of bits equal to the binary value of the vector A; such operations are basic for the cipher RC5;< / BR>

single operation is an operation performed on one operand (data block or a binary vector); the value of the subblock after performing some given single operation only depends on its initial value; an example of a single OMA operands; the result of the execution of some of this double operation depends on the value of each operand; an example of a two-place operations are the operations of addition, subtraction, multiplication, and others;

- the operation of concatenation is the operation of combining several binary vectors, which is a new binary vector that includes all the bits of each of the merged binary vectors, the mutual arrangement of bits corresponding to the original binary vectors does not change; for example the concatenation of the binary vectors W

_{1}= (101101011) and W

_{2}= (011101010) is written as W

_{1}|W

_{2}= (101101011011101010) ; binary data vectors can be combined by concatenation operation another way: W

_{2}|W

_{1}= (011101010101101011).

Known methods of block encryption of data, see, for example, cipher DES [B. Schneier, "Applied Cryptography", Second Eddition, John Wiley & Sons, Inc., New York, 1966, pp. 270-277]. In this way encryption of data blocks is performed by forming a secret key, split transformed data block into two sub-blocks L and To the successive changes of the latter by operation bitwise sum modulo two above sub-block L and a binary vector, which is formed as the output values of the NR method is implemented by performing the operations of permutation and substitution, performed on sub-blocks of R. This method has a high rate of conversions when implemented in the form of specialized electronic circuits. However, the known method is similar uses secret key of the small size (56-bit), making it vulnerable to cryptanalysis based on the selection key. The latter is associated with high computational power of modern computers. Another known method of block data encryption is a method that is implemented in the RC5 cipher [B. Schneier, "Applied Cryptography", Second Eddition, John Wiley & Sons, Inc., New York, 1966, pp. 344-346]. Prototype method includes forming a secret key in the form of a set of plug, split binary code information on the g-bit information blocks and sequential conversion of g-bit blocks. Convert g-bit blocks is carried out by partitioning g-bit data block into n-bit sub-blocks A and B and alternate conversion sub-blocks. The sub-blocks is converted by running over them single and double operations. As a two-place operations are the operations of addition modulo 2

^{n}where n = g/2 = 8, 16, 32, 64, and operation bitwise sum modulo 2. As a single operation, use the operation of cyclic shift VL determines the dependence of the cyclic shift operation on the current step of the transform sub-blocks from the original values of the input data block. Double operation is performed on sub-blocks and connection, as well as over the two sub-blocks. Characteristic for the method RC5 is the operation of cyclic shift that depends on the values of the input block. The sub-block, for example, subsection B, transform by imposing poblocka A sub block B using the operation portretnogo summation modulo 2, i.e., the operation is performed bitwise sum modulo 2 (denoted by "" ) above the sub-blocks A and B and the value obtained after performing this operation, is assigned to the sub-block B. This is written as a ratio of B:= B A, where the symbol ":=" denotes the assignment operation. Then over the subblock B perform the operation of cyclic shift to the left by the number of bits equal to the value of sub-block A: B: = B <<< A. Then on the sub-block B and one of the plug's perform an operation of summation modulo 2

^{n}where n is the length of the subblock in bits: B: = (B + S) mod 2

^{n}. Then similarly converted subsection A. Is several steps in the conversion of both sub-blocks. Lack of RC5 cipher is insufficient resistance to differential cryptanalysis.The closest in technical essence to the claimed method of iteration the data [the Standard of the USSR GOST 28147-89. The information processing system. The cryptographic protection. The cryptographic transformation] . Prototype method includes forming the encryption key in a sequence of 8 plug with a length of 32 bits, splitting the input information in the form of binary code into sections with a length of 64 bits, the creation on their basis of 64-bit blocks of data and transform blocks under the management of the encryption key. Before converting each block of data is split into two 32-bit sub-blocks L and R, which in turn is converted by performing 32 rounds conversion (iterations). One round of conversion is as follows. The sub-block R and one of the plug calculates a 32-bit value roundboy of the function F and the obtained F value placed on the subblock L using the bitwise sum modulo two) in accordance with the formula L:= L F. Calculation roundboy functions are carried out in accordance with the following conversion steps. Initial value of F by imposing on the R subblock of the current connection Q

_{i}, which is fixed for a given round, using the operation of addition modulo 2

^{32}(+) in accordance with the formula F:= (R+Q

_{iHowever, the prototype method has disadvantages, namely, when implemented in the form of encryption devices during the time period when the transformation is a binary vector F, above subsection A do not change, so you need to perform a large number of rounds of transformation, which reduces the speed of encryption.The basis of the invention is to develop an iterative encryption of data blocks, in which the conversion of the input data would be carried out in such a manner that a conversion of one of the sub-blocks simultaneously with the transformation of the binary vector, which will reduce the number of rounds of encryption while maintaining the high Cree is m, that way the iterative encryption of data blocks, including the formation of a secret key, dividing the data block into two sub-blocks and the execution of R 2 rounds of encryption, which consists in forming on the first sub-block of the binary vector, the transformation of the binary vector and the imposition by the operation of summing the converted binary vector to the second sub-block, new according to the invention is that additional form control code and the second sub-block transform with two managed operations permutations, depending on the value of the control code, and one of them perform before applying a binary vector in the second subsection, and the second performed after applying a binary vector in the second subsection.This solution ensures the conversion of the second sub-block during the conversion of the binary vector, which provides the possibility of reducing the number of rounds of encryption while providing high strength, which increases the speed of encryption.New is also that the control code form the secret key.This solution is further improved resistance ketemu key and the current value of the converted information unit.This solution is further increased strength to attacks based on problems with the device encryption.Below the essence of the invention is explained in more detail by examples, with reference to the accompanying drawings.Generalised iterative encryption of data blocks on the basis of the proposed method are presented in Fig. 1, where P and P-1- managed operational blocks of permutations that perform mutually inverse permutations with the same values of the control codes V1and V2supplied to the control input of the respective blocks of permutations A and B - subblock transformed data block; an operating unit E denotes the procedure of converting the binary vector F, formed in accordance with the formula F: = A.Managed the operational block permutations performs the managed operation permutations, which refers to the implementation of the permutation of the bits of the input block depending on any variable parameter that is involved in the conversion. Such variables can be plug, the sub-blocks of an information block or specially generated values, ISM is the future operation of the permutation, can also be used values generated from a random or pseudo-random data. In the General case, the value to control the operation of the permutation will be called by the governing code V. the formation of a control code V will understand the formation of the signals on the control input of the control operating unit of permutations. Managed operational block permutations will call conversion device having n-bit information input, n-bit output and the m-bit control input. Managed the operational block permutations (P-unit) performs a permutation of the bits of the information block, the information supplied to the P input-block-specific values of signals on the m-bit control input. The sum of all signals at the control input is a control code V, the value of which specifies particular permutation of the bits of the converted information unit.A particular kind (or type) of the managed operation permutation P of length n is characterized by the ordered set whereV- fixed permutation of length n, which in General are different, the V - value of a control code, m - bit width of the control to the following conditions: 1) m < n, 2) m = n and (3) m > n. For the practical construction of devices cryptographic transformation of most interest are the P-blocks with a value of n = 32, 64, 128 and 256 and the value of m, in two or more times the value of n. In these cases, the generated control code having an appropriate length. For example, the control code can be generated by1) repetition of the subblock data: V = A|A|...A,2) combine multiple plug: V = K1|K2|...|Kwwhere w is a natural number,3) combination of plug-and-sub-blocks of data: V = K1|A|K2|...|A.After the merger control code may be subjected to additional conversion, for example above it can be implemented operation fixed permutation in accordance with the formula V:= (V). Thus, as the control code V can be used (1) plug encryption generated by a secret key and (2) the sub-blocks of an information block.Managed permutation acts on the information block T as follows. The value of control code V is selected modificationVin accordance with a fixed permutationVis a permutation of the bits of information blacknova can be easily implemented as a simple high-speed combinational electronic circuits, use as the base node of the elementary switch. In Fig. 2A shows a block diagram of the elementary switch P2/1where u is the control signal, and b input data, c, and d are the output signals of the data. When u = 1, the line a is switched from line c and line b from line d. When u = 0 line to a switched line d and line b - line c. Thus, when the control value bit u = 0 is a permutation of the two input bits, and when u = 1 the input bits are not rearranged.In Fig. 2 presents the P-blocks of the following types: P4/4(b) P16/32(b) and P32/80(g) where used record Pn/mto denote a P-block with n-bit information input and m-bit managing entrance. For a block of P4/4in Fig. 2B is provided the use of 4-bit control code. It implements the 16 unique permutations of the 24 existing permutations of four bits. From the diagram of this block is easy to install that it implements the permutation uniform displacement, i.e., for random values of the control code each input bit is equally likely to move in any discharge output of the binary vector. The operational unit of P16/32(Fig. 2B) based on eight BLV>4/4}the first stage. The output of the first stage connected to the input of a second so that all output bits of each of the four blocks P

_{4/4}the first stage is fed to the input of the different blocks of P

_{4/4}second stage. As for random values of any control code input bits at the output of the first stage with equal probability can be input any 4-bit block of the second stage, the output of the second stage this bit may be with equal probability in any of the 16 binary digits. It is easy to show that the power P

_{32/80}(Fig. 2G) also generates permutations are equally probable bias. It consists of two steps. The first stage includes two blocks of P

_{16/32}second - 16 elementary switches, the input of which serves bits from the output of two different blocks of P

_{16/32}. The above P-type blocks P

_{4/4}P

_{16/32}P

_{32/80}implement unique permutations for each value of the control code. The same method can be built for 64 - and 128-bit managed the P-blocks.Managed operating units with the above structure are implemented using combinational electronic circuits with high performance. P-blocks can ispol low speed, which reduces the conversion time of the binary vector and additionally improves the speed of encryption. Modern microelectronic technology enables to produce low-cost electronic devices based on managed permutations and providing the encryption speed up to 1 Gbit/sConsider specific examples of implementation of the proposed method is an iterative encryption of data blocks.Example 1: encryption 64-bit data block T. the Example 1 is illustrated in Fig. 3A, where P and P

^{-1}- managed operational units with 32-bit information input and 64-bit managing entrance. To generate the secret key is represented as the following cumulative n-bit round distance plug: K

_{1}, K

_{2}, ..., K

_{16}and Q

_{1}, Q

_{2}, ..., Q

_{16}. To divide the data block into two sub-blocks: A = T div 2

^{32}and B = T mod 2

^{32}. Encryption of a data block to perform in accordance with the following algorithm.1. Set the count of the number of rounds of encryption r := 1.2. To form mounts the K

_{r}control code V: V:= K

_{r}|K

_{r}where | is the concatenation operation.3. Depending on the values of V to transform the sub-blocks In the way to vypolaskivat binary vector F: F := A.5. Using round subkey K

_{r}to convert a binary vector F in accordance with the procedures of converting the binary vector performed in the method-prototype: F := E(F,K

_{r}).6. Using the operation bitwise summation modulo 2, to put the converted binary vector F on the sub-block B: B:= B F.

7. To form mounts Q

_{r}control code V : V:= Q

_{r}|Q

_{r}.

8. To transform the sub-blocks In, running over it managed operation permutation implemented by operational block P

^{-1}depending on the value of the control code: B:= P

^{-}

_{V}

^{1}(B).

9. If r < 16, then increment r := r+1, to rearrange the sub-blocks A and B (i.e., to take a binary vector as A binary vector B, and a binary vector B as a binary vector A) and go to step 2.10. STOP.Conversion corresponding to steps 3 and 5, are executed in parallel. The unit cryptogram C is formed by combining the converted binary vectors A and B: C = A|B. Decryption unit cryptogram by using the same algorithm, except that in steps 2 and 5 can be used as the connection K

_{17-r}instead of the subkey K

_{r}and when performing aasnaes in Fig. 3b, where P, P', P" and P

^{-1}- managed operational units with 32-bit information input and 64-bit managing entrance. To generate the secret key is represented as the following cumulative n-bit round distance plug: K

_{1}, K

_{2}, ..., K

_{10}and Q

_{1}, Q

_{2}, .., Q

_{10}. To break a block of data of the two sub-blocks: A = T div 2

^{32}and B = T mod 2

^{32}. Encryption of a data block to perform in accordance with the following algorithm.1. Set the count of the number of rounds of encryption r := 1.2. To form mounts the K

_{r}and the subblock A control code V

_{1}: V

_{1}:= K

_{r}|A.

3. Depending on the values of V

_{1}to transform the sub-block B by performing a controlled operation permutations: .4. To generate the binary vector F: F := A.5. To form a binary vector F engine code V

_{2}: V

_{2}:= F|f

6. To form mounts Q

_{r}control code V

_{3}: V

_{3}:= Q

_{r}|Q

_{r}.

7. To convert the subkey K

_{r}by doing the above it managed operation permutation implemented by operational block P', depending on the value of the control code V

_{2}:

8. To convert a binary vector F by running over him wego code V

_{3}:

9. To convert a binary vector F, put it on using the summation modulo 2

^{32}the converted data K

_{r}: F:= F+K

_{r}mod 2

^{32}.10. Using the operation bitwise summation modulo 2, to put the converted binary vector F on the sub-block B: B:= B F.

11. To form mounts Q

_{r}and the sub-block data is A control code V

_{4}: V

_{4}:= Q

_{r}|A.

12. To transform the sub-block B by running over it managed operation permutation implemented by operational block P

^{-1}depending on the value of the control code V

_{4}:

13. If r < 10 then increment r:=r+1, to rearrange the sub-blocks A and B and go to step 2.14. STOP.Steps 3, 7 and 8 are executed in parallel. The unit cryptogram C is a concatenation of the transformed sub-blocks A and B: C = A|B. Decryption unit cryptogram by using the same algorithm, except that in steps 2, 7 and 9 is used, the connection K

_{11-r}instead of the subkey K

_{r}and in steps 6 and 11 connection Q

_{11-r}instead of Q

_{r}.These examples show that the proposed method of cryptographic transformations blocks dtructure modern microelectronic technology allows you to easily manufacture a cryptographic microprocessor, contains manageable blocks of permutations of size 32, 64 and 128 bits. The inventive method can be implemented, for example, in specialized cryptographic processors, providing encryption speed up to 1 Gbit/s, sufficient for encryption in real-time data transmitted over high-speed fiber-optic communication channels. 1. The method is iterative encryption of data blocks, including the formation of a secret key, dividing the data block into two sub-blocks and the execution of R 2 rounds of encryption, which consists in forming on the first sub-block of the binary vector, the transformation of the binary vector and the imposition by the operation of summing the converted binary vector in the second subsection, characterized in that it further form control code and the second sub-block transform with two managed operations permutations, depending on the value of the control code, and one of them perform before applying binary vector to the second sub block and the second performed after applying a binary vector in the second subsection.2. The method according to p. 1, characterized in that the control code to generate a secret key.3. The method according to p. 1, ex

**Same patents:**

FIELD: cryptography.

SUBSTANCE: method includes generating random numbers with use of displacement register with check connection, elementary digit of which is a q-based symbol (q=2^{l}, l - binary symbol length) at length of q-based digits register, in check connection networks nonlinear two-parameter operations on q-based symbols F (u_{b}, u_{d}) are used, on basis of random replacement tables, for generating next random number values z_{1}=F(u_{i}, u_{j}), z_{2}=F(u_{t}, u_{m}), z_{g}=F(z_{1}, z_{2}) are calculated, where u_{i}, u_{j}, u_{t}, u_{m} - values of filling of respective register digits, value of result in check connection networks z_{g} is recorded to g digit of displacement register and is a next result of random numbers generation, after which displacement of register contents for one q-based digit is performed.

EFFECT: higher speed and efficiency.

3 cl

FIELD: computer science.

SUBSTANCE: previously for sender and receiver a binary series of digital watermark k-bit long is formed as well as binary series of secret key, message is certified at sender side using binary series of digital watermark and secret key, certified message is sent to receiver, where authenticity of received message is checked using binary series of digital watermark and secret key.

EFFECT: higher reliability, higher efficiency.

4 cl, 5 dwg

FIELD: radio engineering, in particular, cryptographic equipment.

SUBSTANCE: at receiving and transmitting stations of meteor communication system additional random characteristic is measured for current meteor radio image - time of spreading of signal from transmitter to receiver.

EFFECT: method for remote generation of key, in which key is not transmitted from one client to another, but is formed at sending and receiving sides of meteor radio channel concurrently by measuring one and the same random process, which is not accessible to cryptography analyst (or another client).

1 dwg

FIELD: means of communication.

SUBSTANCE: invention refers to electrical communication equipment and can be used for protecting the data against unauthorised access in communication systems. The essence of the invention is that the set of random numbers, which is taken as the basis of forming symmetric encryption keys, is formed at the receiving and transmitting communications points with opposite measurements of random transmission time of sounding signals from the transmitter to the receiver. Keys are formed by means of irreversible conversions of a large number of transmission time measurements of sounding signals from the transmitter to the receiver, which has been accumulated within the specified operating time interval of information protection equipment. At that, the stored number of measurements is continuously added with successive measurement results.

EFFECT: preventing pick-up of key information near the receiving antenna.

1 dwg

FIELD: physics; communications.

SUBSTANCE: invention relates to identification of multimedia information. The system and method of using desynchronised identification information can be used for audio applications and for video applications and includes embedding functions and detection and extraction functions. Unique keys are associated with each buyer of a copy of digital data. The embedding function includes application of pseudorandom conversion of selected embedding zones. The pseudorandom conversion key is specific for the user. Zones are selected using a secret hash function of the multimedia information. The detection and extraction functions include rough search in a set of user keys. If one of the keys is sufficiently probable, then that user is involved in making illegal copies.

EFFECT: increased number of individuals who should be identified, as well as increased cryptographic protection.

28 cl, 9 dwg

FIELD: physics; communication.

SUBSTANCE: invention relates to electrical communication, and more specifically to transmission of encrypted formalised messages. The technical outcome is achieved due to that, in the device for encrypting and decrypting formalised messages with a hashing function, which includes transmission and reception units a digest is obtained in the transmission unit via iterative cryptogram hashing using the Winternitz method, where the digest corresponds to the cryptogram. The digest is linked to the cryptogram in the memory module of the cryptogram. The combination of the digest and the cryptogram is then transmitted over a direct communication channel. Further, in the reception unit the received digest is recorded into a digest selection unit. The digest which corresponds to the received cryptogram is then calculated through iterative hashing of units of the received cryptogram identical to the analogous process in the transmission unit. The obtained digest is then compared with the received digest. If the digests coincide, the received message is sent to the output of the device, otherwise a "query" signal is generated and sent to the transmitting unit over a return channel for repetition of the cryptogram in which an error or modification was detected.

EFFECT: increased reliability of transmitting formalised messages over transmission channels with noise and protection against falsified data entry protection.

3 dwg

FIELD: radio engineering, communication.

SUBSTANCE: invention relates to communication equipment and can be used in data transmission systems with higher requirements to the protection from intelligence and from an intended and unintended interference. The method involves the distribution of symbols onto independent frequency elements; each of those is transmitted at its own frequency according to the preset pseudorandom sequence.

EFFECT: increase of the data transmission rate as compared to conventional pseudorandom operating frequency readjustment systems, as well as an improved covertness and interference protection.

4 dwg

FIELD: radio engineering, communication.

SUBSTANCE: apparatus for protection against imitation of controlled objects with high structural security of carrier signals, which consists of a sensor, an information processing unit, an information receiving unit, a signal selection unit, a transmitter unit, which includes: a transmitter-modulator, a random signal storage, a communication line, a receiver unit, which includes a random signal instance storage, a signal selection unit, a transmitter unit, which includes: a transmitter-modulator, a random signal storage, which are part of the information transmission unit, the communication line, the receiver unit, which includes a random signal instance storage, which are part of a translator.

EFFECT: reduced probability of interception and substitution of pseudo-random sequences by using random signal storages.

1 dwg

FIELD: wireless communication.

SUBSTANCE: method relates to cryptography, telecommunication and radio communication and specifically to generating an encryption key and code used for encrypting transmitted information. Method of coding information represented by a binary code, comprising that generation of binary vectors is carried out on a random law, characterised by that crypto software and hardware or software and hardware using a code, which is a solution of differential equations with deflecting argument integration at steps encryption key of which is parameters of a differential equation, which selects and operator changes if necessary.

EFFECT: technical result is generation of binary vectors on a random law based on differential equation with deflecting argument, which increases fly transmitted information.

1 cl

FIELD: radio engineering and communications.

SUBSTANCE: invention can be used in data transmission systems with higher requirements to reconnaissance-protection and protection against organised and unintentional interference. For this purpose, signal power is distributed in band associated both with carrier frequency adjustment and using random signals. At that, chaotic signals are not repeated from character to character. Besides, there is separation of symbols into independent frequency elements, each of which is transmitted to its frequency in accordance with given pseudorandom sequence, wherein each frequency element is fragment of one of specified set of chaotic signal.

EFFECT: high information transmission speed in comparison with classical system with pseudorandom operating frequency, as well as high reconnaissance protection.

1 cl, 5 dwg