Encrypting the block

 

(57) Abstract:

The invention relates to the field of telecommunications and computing, and specifically to the field of cryptographic methods and devices for data encryption. The cryptography block contains at least one node permutations and W 2 n-bit, where n is an even natural number series-connected adders, and the first input of the first adder is an information input of the encryption unit, the output of the W-th adder is the output of the encryption unit, wherein the node permutations performed in the form of a managed node permutations, information which input is a control input of the encryption unit, the output node of the managed permutations is the second input of the P-th adder, where I P W, and control input node managed permutations connected to the first input of the G-th adder, where I G W, which provides increased strength to differential cryptanalysis. 2 C.p. f-crystals, 7 Il.

The invention relates to the field of telecommunications and computing, and more particularly to the field of cryptographic methods and devices for encoding messages (or information). In the combination of features of the proposed method using the th user;

- the encryption key is a combination of bits used in the encryption information signal data; the encryption key is a replaceable part of the cipher and is used to convert the message or the set of messages; the encryption key is generated by the deterministic procedures for secret key; in some ciphers as the encryption key is a secret key;

the cipher is a set of elementary steps of converting input data using sherloch; cipher can be implemented as a software or as a separate electronic devices;

connection represents the portion of the encryption key used on the individual elementary steps encryption;

encryption is a process that implements some way of transforming the data using sherloch that translates data in the cryptogram represents a pseudo-random sequence of characters from which to obtain information without knowledge of the encryption key is impracticable;

- decryption is the reverse process of the encryption process; decryption provides data recovery on Ki and represents the complexity, measured in the number of elementary operations that must be performed to recover information on the cryptogram, when knowledge of the conversion algorithm, but without knowledge of the encryption key.

The known device encryption, made in the form of mechanical machines and Electromechanical devices [Century of Zelnikov. Cryptography from papyrus to your computer. -M, ABF, 1996, 336 S.]. In addition, the known electronic device encryption, implementing encryption method described in the Russian standard for cryptographic protection of data [the Standard of the USSR GOST 28147-89. The information processing system. The cryptographic protection. The cryptographic transformation]. A device that implements the Russian standard encryption involves encrypting a block consisting of multiple operating units: adder modulo 232, bitwise modulo 2, the operational node that performs a cyclic shift to the left by 11 bits, and the operational node performing the lookup operation.

The closest in technical essence to the claimed encrypts the encryption block is the unit used in the encryption appliance that implements encryption method in accordance with America is the method includes forming a secret key, splitting the input information in the form of binary code into sections with a length of 64 bits, the creation on their basis of 64-bit blocks of data and transform blocks under the control of a secret key. Before converting each block of data is broken into two 32-bit sub-blocks L and R, which in turn is converted by performing the 16 identical rounds of transformation. One round transformation consists in performing operations extensions, substitutions, permutations, and summation modulo 2 implementing round the encryption function over the sub-block R, which is written as a formula: R: = F(R), where the symbol ": =" means assignment, F - round encryption. Each round ends with a permutation of the sub-blocks R and L: T: = R, R: = L; L: = T.

Device encryption (VIII) implementing encryption standard DES, presented in the form of a flowchart in Fig. 1 and contains the 64-bit information input 1, consisting of two 32-bit information inputs 1.and 1.b, which serves two 32-bit sub-blocks L and R, 64-bit output 2, consisting of two 32-bit outputs 2.and 2.b, from which are removed the converted 32-bit sub-blocks L and R, control input 9, the encrypting unit 3 (SHB), the generating block p which include entrance 6, 32-bit output 4 and 80-bit control input 5, consisting of a 32-bit control input 5.1 and 48-bit control input 5.2. The information input of the encryption unit 6 is connected to the information input 1.b and output 2. and device encryption. The output of the encryption unit 4 is connected to the output 2.b device encryption. Control input 5.1 encryption unit is connected to the input 1.and device encryption. Control input 5.2 encryption unit is connected to the output 7 of the unit generating the round key. The input unit generating round key 8 is connected with the control input of the encryption 9.

Device encryption (Fig. 1) works as follows. Input device encryption is served 56-bit key, which is converted into a sequence of 48-bit round distance plug Kr, r = 1,2,...,16. For the current r-th round, the output unit generating the round key is set to a binary code corresponding to the value of the subkey Kr. To encrypt a 64-bit block of data B is input to the device encryption. Over 32 bits block B, denoted as a sub-block L, is fed to the input 1.A. The lower 32 bits block B, denoted as a sub-block R, is fed to the input 1.B. We denote the initial values of subblocks which forms the value of the subblock Rr-1the value of Rr= F(Rr-1, Kr), which depends on the type of the function F and the values of the round subkey Kr. The output value of the subblock L in the current round is set equal to the input value of the subblock R. Thus, the encryption appliance performs the following transformation, which can be written using the following iterative formula

Lr= Rr-1, (1)

Rr= F(Rr-1, Lr-1, Kr), (2)

where the calculation of the function F from the values of Rr-1is encrypting unit depending on the values of Lr-1applied to the input 5.1, and values of Krapplied to the input 5.2. The control unit synchronizes the operation of the unit generating the round key and the encrypting unit and controls the number of performed rounds of transformation. If the current round is not equal to 16, the control unit the current values of the sub-blocks of Lrand Rroutput device encryption takes the input device encryption for the next round. Values of L16and R16make the output block of text.

Encrypting the block shown in Fig. 2 and contains operational nodes 3.1, 3.2, 3.3, 3.4 and 3.5. The information input of the operational osanago node 3.2. The output of the operational node 3.2 is connected to the information input of the operational node 3.3 and so on, the Output of the operational node 3.5 is the output of the encryption block. Operational nodes 3.2 and 3.5 have control inputs connected to the control inputs 5.1 and 5.2, respectively. Operational node 3.1 performs a procedure to expand the 32-bit sub-block data Rr-1in the 48-bit sub-block R'. Operational node 3.2 performs a bitwise sum modulo 2 is R' subkey Krand outputs the input value R = R Krwhere the sign denotes the operator bitwise sum modulo 2. Operational 3.3 node performs a lookup operation on a 48-bit value R" and replace it with a 32-bit value R' in accordance with the substitution tables given in the standard DES encryption. Operational node 3.4 carries out the permutation of bits the binary value of R"'and outputs the converted output value R*. Operational node 3.5 performs a bitwise sum modulo two over the value of R*supplied to its data input, and the value of Lr-1supplied to its control input. The value at the output of the operational node 3.5 Rr= R*Lr-1is the value of the function is clausee encryption standard DES, has a high rate of conversions when implemented in the form of specialized electronic circuits.

However, this device has drawbacks, namely it does not provide a high strength to differential cryptanalysis [Biham, E., Shamir A. Differential Cryptanalysis of DES-like Cryptosystems// Journal of Cryptology. 1991. V. 4. N. 1. pp. 3-72]. This disadvantage stems from the fact that all operating nodes perform fixed conversion operations to convert all data blocks.

The basis of the invention is to develop an encoding unit performing the conversion, depending on transformed data block, which increases the cryptographic strength to differentsialnom cryptanalysis.

This goal is achieved by the fact that encrypts the block containing n-bit, where n is an even natural number, information input, n-bit output m-bit control input and W 2 operational nodes, one-bit information inputs of the first operational site are single-bit information input of the encryption unit, a single-bit outputs of the V-th, where 1 V < W, operational node connected to a single-bit inputs (V + 1)-th operational node, single-bit outputs of the W-th operationnal RIT single-bit control inputs, United with one-bit control inputs of the encryption unit, new according to the invention is that the encrypting unit further comprises at least one operational node, in the form of managed node permutations, one-bit information input of which is connected to a single-bit control inputs of the encryption unit, the bit outputs of the managed node permutations connected with single-bit control inputs P -, where P W, operational site, a single-bit control inputs of the managed node permutations connected with single-bit inputs G -, where G W, operational node.

This solution encrypts the unit carries over sub-blocks of data over the connection operation of permutations, which depend on the input data block, providing increased encryption to differential cryptanalysis.

New is also that the managed node permutations made in the form of a matrix of elementary switches, each of which contains a diagram of the switching of the first and second one-bit information inputs, first and second single-bit outputs and a single-bit control input, and Matricaria inputs which are connected with the control bit inputs of the managed node permutations, the first one-bit information input connected to the first bit information input of the first elementary switch in the first row of the matrix, the remaining n - 1 bit of information inputs of the managed node permutations connected bit-by-bit with the second bit of information inputs of elementary switches of the first row, the first one-bit information input of the first elementary switch j, where j 1, lines connected with the second single-bit output of the first elementary switch (j - 1)-th row, j-th (where j n-1 row of the matrix the first one-bit information input of the i-th, where 1 < i n - j, elementary switch connected to the first bit output (i - 1)-th elementary switch this line in the j-th (where j 1 row of the matrix of the second one-bit information input of the i-th elementary switch is connected with the second single-bit output (i+1)-th elementary switch (j - 1)-th row, the first one-bit output (n - j)-th elementary switch is connected to the j-th bit output of the managed node permutations, the second one-bit output switch (n - 1)-th row is connected with the last bit of the output node upat any of the n! permutations possible when the corresponding code of the control signal.

New is also that in each j-th (where J = 1,2,..., n/2, the row of the node managed permutations introduced decoder, odnalezienie the outputs of which are connected with a single-bit control inputs of the elementary switches in the corresponding rows, single-bit inputs of the decoders are connected to bit-by-bit to single-bit control inputs of the managed node permutations.

This solution reduces the number of single-bit control inputs of the managed node permutations.

Below the essence of the invention is explained in more detail by examples, with reference to the accompanying drawings.

In Fig. 1 shows the block diagram of the device encryption, implementing encryption standard (DES).

In Fig. 2 schematically shows the structure of an encoding unit that performs encryption round conversion encryption standard (DES).

In Fig. 3 shows a block diagram of the managed node permutations.

In Fig. 4 is a schematic representation of the elementary switch block diagram of the managed node permutations (a), table switching, (b) and table signs external findings ().

LASS="ptx2">

In Fig. 6 shows a functional diagram of an encrypting unit that includes the managed node permutations, converts a round distance of the plug depending on the input data block.

In Fig. 7 shows a functional diagram of an encrypting unit that includes two nodes managed permutations, one of which performs depend on the input data block transform sub-blocks of the data L and the other is the transformation of the round subkey.

The managed node permutations, presents a functional diagram of Fig. 3, includes a matrix of elementary switches, which provides switching of a given input and a given output discharge. Functional diagram of the elementary switch (Fig. 4 (a)) is given in the book [A. Kalyaev Century Microprocessor system with programmable architecture. M.: Radio and communication, 1984, S. 219, Fig. 6.51]. The truth table and the Pinout of the elementary switch are shown in tables (b) and (C) in Fig. 4. Managed permutations are performed depending on the values of the control inputs of the elementary switches. Each elementary switch provides a bitwise or cross switching two input informationnote (table (b) in Fig. 4). At the zero value of the control bit input (U=0) is the bitwise switching information input and output channels: X1 - Y1 and X2 - Y2; if a single value of the control input (U = 1) is cross-switching information input and output channels X1 - Y2 and X2 - Y1.

Elementary switches in the matrix are connected so that one-bit information inputs i.l, where l = 1,2,..., n, node managed permutations are interconnected with a single-bit outputs o.l, where l = 1,2,..., n, the managed node permutations, the switching is determined by the values of the totality of single-bit control inputs u.k managed node permutations, which are control bit inputs U elementary switches S. the Number of single-bit control inputs of the managed node permutations is equal to the number of elementary switches in the matrix is n(n - 1)/2. Since the number of single-bit control inputs of the managed node permutations bit more control input of the block cipher, one discharge control input of the block cipher is connected many of the bits of the control input node managed permutations. Specific soy is the leniency from the sub-block data-L and data K. Thus, each row L. j, where j = 1,,2,..., n - 1, matrix forms the value of the corresponding bit of the output node managed permutations. The last (n - 1)-th row generates values for single-bit outputs o.(n - 1) and o.n. Each row corresponds to a group of one-bit control inputs u.k managed node permutations. The number of elementary switches in the line L. j is equal to n - i, which specifies the number of single-bit control inputs u.k corresponding to the given string.

With the aim of reducing the number of single-bit control inputs of the managed node permutations can be entered in binary n-ranks decoders D. h, where h = 1,2, . .., (n - 2)/2, single-bit inputs which are the control bit inputs of the managed node permutations, and single-bit outputs which are connected with a group of one-bit control inputs of the respective two lines (h-th and (n - h)-th row) of the elementary switches (see Fig. 5). Single-bit inputs line number h is connected with bitwise n - h outputs of the decoder D. h. The remaining h single-bit output of the decoder are connected to bit-by-bit to single-bit control inputs (n - h)-th row, the number of which is equal to h. In line with the number n/2 is introduced DVICE-(moves the corresponding elementary switches of the row with index n/2. Depending on the combination of the values of their single-bit inputs is set to a single value only on one of its single-bit outputs, and the other outputs are set to zero. Due to the fact that the number of single-bit inputs of the decoder is significantly less than the number of single-bit outputs significantly reduced the number of single-bit control inputs of the managed node permutations. For example, for n = 32 can be used 15 binary-tridtsatidvuhletny of decoders with a five digit inputs and one binary-hexadecimal decoder (with four-digit input), the inputs of which are 79-bit control input node managed permutations, which is significantly less than the capacity of this node without the use of decoders (in the latter case, the number of control bit inputs is n (n- 1)/2 = 491).

Consider specific examples of implementation of the block cipher using a managed node permutations.

Example 1. This example appears in Fig. 6, which shows the functional diagram of the encryption block with one node managed permutations P. Encrypting unit includes operational nodes 3.1, 3.2 and 3.3. Operational node of the sub-block data Rr-1producing at the output of the subblock data of n-bit binary vector where Pr-1(Kr) denotes the permutation operation performed on the value of Krdepending on the value of Rr-1. Operational node 3.2 performs the operation of summation modulo 2nabove the n-bit sub-block data Rr-1and n-bit binary vector K' representing the converted value round subkey Krproducing at the output of n-bit sub-block of data.

R' = (Rr-1+ K') mod 2n.

Operational node 3.3 performs a bitwise sum modulo 2 over n-bit sub-block data R' and n-bit sub-block data Lr-1producing at the output of n-bit value

Rr= R Lr-1.

Sequential execution of the operations specified nodes 3.1, 3.2 and 3.3, determines round the encryption function Rr= F(Rr-1, Lr-1, Kr). This encryption can be used, for example, device encryption, shown in Fig. 1, for the implementation of the 16 rounds of conversion in accordance with an iterative expressions (1) and (2).

Example 2. An example implementation of the encryption unit and two units managed Berestnev is based on the value of the subblock Rr-1operational node 3.2 represents the bitwise modulo 2, the operational node 3.3 is a site operated permutations performing a permutation of the bits of the subblock Lr-1forming the output value L' = PR'(Lr-1), surgical site 3.4 represents the modulo 2n. Round the encryption function Rr= F(Rr-1, Lr-1, Kr) set the encryption unit shown in Fig. 7, is described by the following sequence of transformations:

< / BR>
2. R = Rr-1K,

3. L' = PR'(Lr-1)

4. Rr= (R' + L') mod 232.

Encrypting the block discussed in example 1 can be used, for example, in the structure of the device encryption, shown in Fig. 1.

These examples show that the proposed encryption unit technical feasibility and allows to solve the problem.

Declare encrypting unit can be implemented, for example, in specialized cryptographic processors, providing encryption speed up to 1 Gbit/s, sufficient for encryption in real-time data transmitted over high-speed fiber-optic communication channels.

1. Shi is, series-connected adders, and the first input of the first adder is an information input of the encryption unit, the output of the W-th adder is the output of the encryption unit, wherein the node permutations performed in the form of a managed node permutations, information which input is a control input of the encryption unit, the output node of the managed permutations is the second input of the R-th adder, where 1PW, and a control input node of the managed permutations connected to the first input of the G-th adder, where 1GW.

2. Encrypting a block of paragraphs.1 and 2, characterized in that the managed node permutations made in the form of a matrix of elementary switches containing n-1 row, j-I, where j = 1,2,3,..., n-1, the line contains n-j elementary switches that control one-bit inputs which are the control bit inputs of the managed node permutations, the first one-bit information input which is the first one-bit information input of the first elementary switch of the first row, the remaining n-1 bit of information inputs of the managed node permutations are the second one-bit information inputs elementary swap the e j 1, line is the second one-bit output of the first elementary switch (j-1)-th row, the first one-bit information input of the i-th, where 1<i n-1, rows is the first single-bit output (i-1)-th elementary switch this line, the second bit information input of the i-th elementary switch j, where j 1, line is the second one-bit output (i+1)-th elementary switch (j-1)-th row, the first one-bit output (n-j)th elementary switch j-th row is the j-th bit output of the managed node permutations, the second one-bit output switch (n-1)-th row is the n-th bit output of the managed node permutations.

3. Encrypting the block under item 1, characterized in that each j-th (where j = 1,2, ..., n/2, the row of the node managed permutations introduced the decoder, the bit outputs of which are single-bit control inputs of the elementary switches in the corresponding rows, single-bit inputs of the decoders are single-bit control inputs of the managed node permutations.

 

Same patents:

The invention relates to the field of telecommunications and computing, and more particularly to methods and devices for cryptographic transformation of data

FIELD: engineering of methods for cryptographic transformation of data, possible use in communication, computer and informational systems for cryptographic encryption of information and computation of numbers close to random.

SUBSTANCE: device contains two memory blocks, current time moment timer, two concatenation blocks, two hash-function computation blocks, operation block, computing block.

EFFECT: increased complexity of encryption analysis and decreased probability of reliable prediction of next values of pseudo-random series bits while increasing operation speed of generator.

1 dwg

FIELD: automatics and computer science, in particular, identification means for controlling access to autonomous resources.

SUBSTANCE: method includes changing identification information during each new query of autonomous resource, which information is used for identification of carrier during following queries to autonomous resources, by including it in algorithmically converted form on information carrier and in database of central device and checking of its correspondence in a row of previous queries to autonomous resources. Each autonomous resource has memory block for storing conversion algorithms and signs of these algorithms and block for reading/recording carrier information. Central device contains at appropriate data bank addresses the virtual memory blocks for storing information for identification of carriers and memory block for storing a set of algorithms for converting code from one type to another and signs of these algorithms, and for each carrier - information storage address which was used during previous accesses. Carrier contains energy-independent additional memory block for recording, storing and reading additional information code after identification of carrier, available both during manufacture of carrier and its submission to autonomous resource.

EFFECT: increased level of protection from unsanctioned access.

3 cl, 1 dwg

FIELD: engineering of systems for protecting communication channels, which realize claimed method for user authentication on basis of biometric data by means of provision and extraction of cryptographic key and user authentication.

SUBSTANCE: in accordance to the invention, neither biometric template nor cryptographic user key are explicitly represented in information storage device, without provision of biometric sample and information storage device with a pack stored on it, any cryptographic operations with data are impossible.

EFFECT: creation of biometric access system and method for provision/extraction of cryptographic key and user authentication on basis of biometry, increased key secrecy level, increased reliability, expanded functional capabilities and simplified system creation process.

2 cl, 2 dwg

FIELD: physics, communications.

SUBSTANCE: invention relates to a method and a device for encryption in a mobile broadcast system. The technical result is achieved due to that in a mobile broadcast system, BCAST service subscription management (BSM) manages terminal subscriber information and sends a first delivery message for BCAST service distribution/adaptation (BSD/A), where the said message contains registration key material (RKM) for registering the broadcast service for the terminal, and also at least one service or content identifier. BSD/A sends a first message to BSM for confirming delivery, where the said message contains information indicating success/failure of receiving the first delivery message, and sends the RKM to the terminal.

EFFECT: increased efficiency of encrypting transmitted content.

21 cl, 18 dwg, 7 tbl

FIELD: information technology.

SUBSTANCE: binary sequence of a secret identification key and a binary sequence of a secret embedding key, a cryptographic function and several Fourier coefficients of the electronic image are pre-generated for the sender and the receiver. An electronic image certified by a digital watermark is created for the sender, for which the electronic image is divided into M units with pixel size n×n. An identifier for the m-th unit of the electronic image is created. The binary sequence of the digital watermark of the m-th unit of the electronic image is determined. The digital watermark is embedded into the m-th unit of the electronic image and operations for certifying units of the electronic image for the sender with the digital watermark are repeated until completion. The receiver is sent the electronic image certified with the digital watermark. Authenticity of the electronic image received by the receiver is checked.

EFFECT: invention increases security of an electronic image certified by a digital watermark from deliberate altering of the content of the image.

3 cl, 9 dwg

FIELD: physics, communications.

SUBSTANCE: invention relates to data transmission. The system includes a first and a second communication device. One of the communication devices encrypts transmitted data in order to generate encrypted data and transmits said data to the other communication device which decrypts the received encrypted data. Before encryption, each of the communication devices divides transmitted data into portions with given number of bits. Each of the communication devices changes the number of bits of the transmitted divided data and mixes with the transmitted divided data, except portions with the highest number of bits, and includes fictitious data, the size of which ensures coincidence of the number of bits of the transmitted divided data with the highest number of bits.

EFFECT: low probability of cracking of data by a third party.

19 cl, 6 dwg, 1 ex

FIELD: information technology.

SUBSTANCE: block cipher with common key processing configuration is implemented with improved immunity against such attacks as saturation attacks and algebraic attacks ("РЯС" attack). In the encryption processing device which executes processing of block cipher with common key, S-blocks used as modules of nonlinear transformation processing in round function and installed in round functions execution modules are made capable to use S-blocks of at least two different types. With such configuration, immunity against saturation attacks can be improved. Additionally, types of S-blocks represent mixture of various types.

EFFECT: increased difficulty of cryptanalysis and implementation of highly protected algorithm of block cipher with common key.

14 cl, 19 dwg

FIELD: radio engineering, communication.

SUBSTANCE: method for secure transmission of information includes generating an information signal with encoded information, adaptive summation of said signal with a chaotic masking signal, transmitting the resultant signal over a communication channel to a receiving device, detecting information; during detection, the information signal is identified based on a neural network technique.

EFFECT: high information security.

2 cl, 4 dwg

FIELD: radio engineering, communication.

SUBSTANCE: method of concealing data encryption in a communication network involves the following operations: generating a set of characters using a set of encryption keys as input into a pseudorandom function, wherein each character corresponds to an indicator value; subdividing the encrypted data into a plurality of parts; partitioning each part into a plurality of groups; encoding each part by mapping each group with a character in the set of characters in accordance with its indicator value; and transmitting the mapped characters over a communication network.

EFFECT: high probability of identifying encrypted data in a communication network.

20 cl, 4 dwg

FIELD: information technology.

SUBSTANCE: invention realises a common key block encryption processing with improved immunity against attacks, such as attack by saturation and algebraic attacks (RYAS attacks). In the encryption device which performs common key encryption processing, S blocks which are used as nonlinear conversion processing modules in round functions established in round function execution modules are configured to use S blocks of at least two different types. Such a configuration can improve immunity against attacks by saturation. Furthermore, the types of S blocks are a mixture of different types. Use of such a configuration can improve immunity against algebraic attacks, thereby realising a highly secure encryption device.

EFFECT: harder cryptanalysis and realisation of a highly secure common key block encryption algorithm.

52 cl, 19 dwg

Up!