Way cryptographic transformation blocks of digital data
(57) Abstract:The invention relates to telecommunications and computing, and more particularly to cryptographic methods and devices for data encryption. The basis of the invention is increasing the number of different variants of the operation, dependent on the transform block, which increases the resistance of cryptographic transformation, which is the technical result achieved by the invention. The method consists in forming the data block N 2 binary vectors, alternate converting binary vectors and the formation of the cryptogram block on the converted binary vectors. What's new is that optional form control code V when converting the at least one binary vector over a binary vector perform at least one controlled double operation depending on the value of control code V. New is that the control code is formed by the value of one of the binary vectors. New is also that the advanced form of the secret key, and the control code V shape with a secret key. Also new is that the advanced forms 3 C.p. f-crystals, 5 Il., 3 table. The invention relates to the field of telecommunications and computing, and more particularly to the field of cryptographic methods and devices for encoding messages (or information).In the set of features proposed method uses the following terms:
- the secret key consists of binary information, known only to the legitimate user;
connection - part of the secret key;
- cryptographic transformation is the conversion of digital information, which provides the effect of one bit of the input data on many bits of output data, for example, to protect information from unauthorized read, generate digital signature generation detection code modifications, types of cryptographic transformations are one-way transformation, hashing and encryption;
- the cryptogram block - block transformed data resulting from execution of the procedure unilateral changes or encryption;
- one-way transformation is converting m-bit input data block into m-bit output data block (block cryptogram), which makes it easy to calculate bli unit cryptogram, is a nearly impossible task;
- hashing information there is some way of forming a so-called hash value, the amount of which is fixed (typically 128 bits) for messages of any size; procedures hashing provides the dependence of the hash value from each bit of the message.encryption is the process of converting information that depends on a secret key, and converts the source text (data) in the text (a cryptogram), representing a pseudo-random sequence of characters from which information without knowledge of the secret key impracticable;
- decryption is the reverse process of the encryption process; decryption provides data recovery for the cryptogram with knowledge of the secret key.
the cipher is a set of elementary steps of converting input data using the secret key; cipher can be implemented as a software or as a separate device;
- binary vector is a sequence of zero and a unit of bits, for example (101101011); the specific structure of the binary vector can be interpreted as the binary disaposable numerical value, which is uniquely determined by the structure of the binary vector;
- cryptanalysis is a method of computing the secret key to gain unauthorized access to the encrypted information or the development of a method for providing access to encrypted data without calculating the secret key;
- cryptographic strength is a measure of the reliability of the protection of encrypted information and represents the complexity measured in the number of elementary operations that must be performed to recover information on the cryptogram, when knowledge of the conversion algorithm, but without knowledge of the secret key; in the case of unilateral reforms under the cryptographic understood the complexity of the calculation input values of the block at its output value;
- the operation of cyclic shift that depends on the data to be converted or dependent binary vector is a cyclic shift operation on the number of bits specified by the value of the binary vector; the operation of cyclic shift to the left (right) designated by the symbol "<<<" (>>>"), for example, B1<<< B2denotes the operation of cyclic left shift of the binary vector B1on a number of bits equal to the value of the binary vector is applied on one operand (data block or a binary vector); the binary value after performing some given single operation only depends on its initial value; an example of single operations are operations of cyclic shift;
- double operation is an operation performed on the two operands; the result of executing some of this double operation depends on the value of each operand; an example of a two-place operations are the operations of addition, subtraction, multiplication, etc.- the operation of concatenation is the operation of combining several binary vectors, which is a new binary vector that includes all the bits of each of the merged binary vectors, the mutual arrangement of bits corresponding to the original binary vectors does not change; for example, the concatenation of the binary vectors W1= (101101011) and W2= (011101010) is written as W1|W2= (101101011011101010); binary data vector can be combined by concatenation operation another way: W2W1= (01110101010101101011).Known methods of block encryption of data, see for example the DES cipher [B. Schneier, "Applid Cryptography", Second Eddition, John Wiley & Sons, Inc., New York, 1966, pp. 336 - 339]. In this way encrypt 64-bit blocks of data is s (as L are the upper 32 bits of the data block, and as the R - lower 32 bits of the data block and perform 16 rounds of encryption. One round of encryption is to create additional binary vector F by converting the binary vector R and the transformation of the binary vector L in accordance with the expression L: = L F, where operation is the bitwise sum modulo two,": = " is the assignment operation. Before performing the second and subsequent rounds binary vector L is assigned the value R, and the binary vector R is assigned the value L obtained immediately after execution of the previous round. This method has a high rate of conversions when implemented in the form of specialized electronic circuits. However, the known method is similar uses secret key of the small size (56-bit), making it vulnerable to cryptanalysis based on the selection key. The latter is associated with high computational power of modern computers for mass application.The closest in technical essence to the claimed method of cryptographic transformation of blocks of digital data is a method that is implemented in software cipher RC5 and described in the monograph [B. Schneier, "Applied Cryptography", Second Eddition, John Wiley & Sons, Inc., New York, 1966, pp. 344-346]. FPIC is the qu of these two n-bit binary vectors (A and B) and alternate transformation binary vectors. Converting n-bit, where n = 8, 16, 32, binary vectors A and B is carried out by execution over them single and double operations. As a two-place operations are addition operations for module 2nand operation bitwise sum modulo 2. As a single operation, use the operation of cyclic left shift, and the number of bits that is shifted convert binary vector depends on the value of another binary vector that determines the dependence of the cyclic shift operation on the current step of converting the binary vector from the original values of the input data block. Double operation is performed on a binary vector and connection, as well as on two binary vectors. Characteristic for the method of the prototype is the operation of cyclic shift that depends on the values of the input block. A binary vector, such as B, transform in the following way. The operation is performed bitwise sum modulo 2 over A and B and the value obtained after performing this operation is assigned a binary vector Century, It is written as a ratio of B: = B A, where the symbol ":=" denotes the assignment operation and the symbol "" denotes the operation portraing the value A: B: = B <<< A. Then over a binary vector and one of the plug's perform an operation of summation modulo 2nwhere n is the length of the binary vector in bits: B: = B + S mod 2n. Then similarly converted binary vector A. Performs several steps of transformation both binary vectors. The final step is the formation of a block of the cryptogram C values converted binary vectors by combining them: C:= A|B, where " | " is the concatenation operation.This method provides high encryption speed when implemented in the form of computer programs. However, the way the prototype has drawbacks, namely, it does not provide high resistance cryptographic transformation of data to differential and linear cryptanalysis [Kaliski B. S., Yin Y. L. On Differential and Linear Cryptanalysis of the RC5 Encryption Algorithm. Advances in Cryptology - CRYPTO '95 proceedings, Springer-Verlag, 1995, pp. 171-184] . This disadvantage stems from the fact that the efficiency of operations, depending on the data to be converted, which is the variable parameters of the encryption, in order to complicate the known methods of cryptanalysis is reduced because the number of possible variants of the cyclic shift operation is equal to the number of binary bits of the binary vector n and not n the Finance blocks of digital data, in which conversion of the input data would be carried out in such a manner that a rise in the number of different variants of the operation, dependent variables cryptographic transformation - input unit and/or the secret key, so increases the resistance to differential and linear cryptanalysis.This object is achieved in that way cryptographic transformation blocks of digital data, which consists in forming the data block N 2 binary vectors, alternate converting binary vectors and the formation of the cryptogram block on the converted binary vectors, new according to the invention is that additional form control code V when converting the at least one binary vector over a binary vector perform at least one controlled double operation depending on the value of control code V.Thanks to this solution makes it possible to increase the number of possible variants of the operation, dependent on the transform block, which increases the strength of cryptographic transform to differential and linear cryptanalysis.But the th solution provided further improving resistance to differential and linear cryptanalysis.New is also that the advanced form of the secret key, and the control code V shape with a secret key. This solution provides increased strength to attacks based on problems with the device encryption.New is also that the advanced form of the secret key, and the control code V shape with a secret key and a binary vector.Thanks to this solution, an additional increase in strength to attacks based on problems with the device encryption.The formation of a control code in a binary vector (secret key), we mean establishing some set of unit and zero signals on the control input of the control operating unit that implements a managed two-place operation, depending on the value of the binary vector (secret key). In particular, can be formed as the control code which is equal to, for example, mounts, or one of the binary vectors.Below the essence of the invention is explained in more detail primerisima double operation (a - managed summation; b controlled multiplication), where W1and W2- input binary vectors of length |W1| and |W2| over which is controlled double operation, R - output binary vector of length |R|, representing the result of the operation, the V - engine code length |V|, which determines the controlled double operation. In the General case, the number of binary bits in the input binary vectors, the control code and the output binary vector can be arbitrary, i.e., can be used different ratio between the numbers |W1|, |W2|, |V| and |R|. A particular case of the relationship of these numbers refers to a specific type of managed double operations are implemented using a special operating units. Managed summation operation performed on the operands of W1and W2we will denote as follows: (W1, W2)[V]i.e. the result of this operation receive binary vector R: R = (W1, W2)[V]. Managed operation of multiplication will be denoted as (W1W2)[V]i.e. the result of performing this operation receive binary vector R: R = (W1W2)[V].P is a binary code, known as the Manager code, and implemented using a specially designed operating unit, which cannot be represented in the form of compounds known operational blocks used in the device cryptographic transformation on the input which serves a binary vector W1, W2and V. Thus, under controlled double operation we understand a new kind of surgery, which can not be replaced by some set of transformation operations used in the known methods of cryptographic transformation. Consider the examples build managed double operations.Example 1: managed the operation of summation. This operation is performed on two n-bit binary vectors A and B under control of the (n - 1)-bit control code V. we denote the binary vector and the control code in the form of a bit sequence: A = (an, an-1,..., a2, a1), B (bnbn-1,..., b2b1) and V = (n-1,n-2,...2,1). Managed the summation in this example is performed by the usual rules of summation of the binary vectors modulo 2nexcept that the transfer of the i-th bit is set to zero when the cation, different combinations of binary bits, the transfer of which is ignored (set to zero). Let A = (11011101) and B = (10010101), then if V = (1101011), we have R = (A,B)[V]= (01001010) (transfer, which would otherwise occur from the third to the fourth discharge under normal summation modulo 2nin the case of this variant managed summing to zero, as in the third discharge control code is 0).Prepare for A = (10111011) and B = (01010101) table of values of R = (A, B)[V]obtained depending on the choice of unit managed summation, which is determined by the value V.The first line shows the value of R corresponding to the value V = (1111111), which implements the usual summation of the binary vectors A and B modulo 2n. The last line shows the value of R corresponding to the value V = (0000000), for which it is implemented bitwise summation of the binary vectors A and B modulo 2n, denoted by " ". Operation " corresponds to one of the 2n-1modifications managed summation. The results in the intermediate rows correspond to a number of other modifications determined by the combinations of bits, the transfer of which is set to zero (see table. 1)
annoy in example 1. This operating unit is managed adder1- consists of a half-adder and (n-1) addersiwhere i = 2,..., n. On the half-adder serves bits of the first class a1and b1on the i-th adder - bits of the i-th digit of aiand bi. Right output of half-adder and all adders generates a value corresponding bits of the binary vector R On the left output of these nodes is generated carry bit supplied to one of inputs of the logic element, And (in the diagram marked with &). To the second input of logic gate And whose output is connected to the right input of the first adder is served (i-1)-th bit of the control codei-1. Due to the fact that the carry bit passes through the element, And it is reset at zero value of the corresponding control bits. The carry bit of the n-th digit f is ignored, i.e. not used in the formation of value R. the Output of the binary vector R is formed as a sequence of bits (rn, rn-1, ...,r1, r1on the right the output of the adders, i.e., we have R = (rn, rn-1,..., r1, r1).Example 2: managed the operation of summation. This operation is performed on two n-bit binary vectors A = (an, an-1,..., a2,n-1,...2,1) In Fig. 2B shows the structure of the operational unit that implements the operation of the managed summation for example 2. This operating unit is managed adder2- consists of n addersiwhere i = 1,2, ..., n. the structure of this operating unit similar to the unit shown in Fig. 2A, except that instead of the half-adder adder is used1on the right-hand entrance which is managing a bit1and on top entry item &iserved bitsi+1instead of bitsi.Managed the summation in this example is performed by the usual rules of summation of the binary vectors modulo 2nexcept that the transfer of the i-th bit is set to zero if the conditioni+1= 0 with a carry Bit from the n-th digit f is ignored. Bits1can be considered as the carry bit of the control code. Since there are two values of a bit1in this embodiment, the operation managed summation, there are twice as various modifications compared with example 1. Their number is 2ni.e. each value of n-bit control code V corresponds to a unique modification operations management the blitz values R = (A,B)[V]obtained by setting various modifications managed summation (see tab. 2).Example 3: managed the operation of summation. This operation is performed on two n-bit binary vectors A = (an, an-1,..., a2, a1) and B = (bnbn-1, . . . b2b1) running n-bit control code V = (n,n-1,...2,1) In Fig. 2B shows the structure of the operational unit that implements the operation of the managed summation to example 3. This operating unit is marked with the letter3On the left input of the first adder is fed bits ai; on the average input bit biand to the right of the entrance - biti. The left output of the first adder and the right output (i+1)-th adder inputs are single-bit modulo two (indicated by the node ), and the output of this one-bit adder is (i + 1) th output controlled operating unit. The left output of the n-th adder and the right output of the first adder inputs are single-bit modulo two, the output of which is the first output controlled adder3< / BR>Example 4: managed the operation of summation. This operation is performed on two n-bit operating unit, implements operation managed summation to example 4. This operating unit is marked with the letter4and consists of n Polyommatus On the left input of the i-th half-adder is fed bits aion the right-hand entrance - bit bi. The left output of the i-th half-adder and a control bitiserved on two input item &i. Exit to the right (i + 1)-th half-adder and the output element &iare the inputs of the single-bit modulo two, and the output of this one-bit adder is (i + 1) the first output controlled operating unit. The output element &nand right output of the first adder inputs are single-bit modulo two, the output of which is the first output controlled adder4/< / BR>Example 5: managed the multiplication operation. This operation is performed on two binary vectors A = (an, an-1,..., a2, a1) and B = (bgbn-1,... , b2b1under control of the h-bit, where h = n + g - 1, engine code V = (h,h-1,...2, 1) Implementation of the managed operation of multiplication in this example includes the following steps:
1. The value of A table is formed. 3, containing the g string and g + n - 1 columns (see knosti bits an, an-1,..., a1, a1. Each following line is obtained from the previous by reducing the number of zeros to the left by one and add one zero to the right. Thus, each row contains a plot of the bits an, an-1,...,a1, a1that moves from the extreme right position in the top row to the left on the bottom line.2. From the constructed matrix selects all rows, for which i is the ratio of bi= 1. Each such string is treated as h-bit binary vector. Let have a j such binary vectors: A'1, A'2,... ,A'j.3. Set the counter s: = 1 and the initial value of the binary vector R: = 1.4. To perform an operation managed summation of example 2:
R: = (R, A'1)[V].5. If s < j,then increment j: = j + 1 and go to step 4.6. STOP.The value of R at the output of step 6 is taken as the result of the execution of the managed operation of multiplication. Since the result of step 4 depends on the value of the control code V, and the result of the multiplication depends on the value of V. we denote the managed operation of multiplication as (A B)[V]. Other types Healy managed summation, for example, examples 1, 3 and 4.Example 6: managed the operation of summation. This operation is performed on two n-bit binary vectors A and B under control of the n-bit control code V. we denote the binary vector and the control code in the form of a bit sequence: A = (an, an-1,...,a2, a1), B = (bnbn-1,...,b2b1) and V = (n, n-1,...2,1)
Managed the summation in this example is performed using the surgical site (managed adder5), is shown in Fig. 3a and consisting of a half-adder and addersiwhere i = 2,..., n, (the number of adders is equal to n-1). On the half-adder serves bits of the first class a1and b1not left and middle inputs of the i-th adder iwhere i = 2,3,...,n - bits of the i-th digit of the binary vectors, i.e., the bits aiand bi. The output of half-adder and all adders is the input of the corresponding managed elementary switch Si, i = 1,2,3,...,n, to the control input of which a corresponding biticontrol code. (Switch Siworks as follows. When a single control signal (u1= 1) is switching I left the fast switching of the left input to the right output and the right input to the left output. Elementary switch is implemented using a simple combinational circuits with high performance.). The left output switch Siwhere i = 1,2,3, . . . ,n-1, connected to the right input of the adderi+1The signal f on the left output switch Snis ignored, i.e. not used in the formation of values of the summation R. Right outputs of all of the switches Siare the corresponding outputs of the controlled adder 5(Output binary vector R is formed as a sequence of bits (rn, rn-1,..., r2, r1on the right the output of the switches Sii.e. we have R = (rn, rn-1,...,r2r1).)
These examples show the feasibility of controlled double operations with a large number of possible modifications. Can be made and other types of managed two-place operations that can easily be implemented in the form of controllable operating units on the basis of standard assemblies electronic circuits.Consider the options proposed method of cryptographic transformation of blocks of digital data.Example 7: one-way converting a 64-bit data block T. This example posna the vector A contains the upper 32 bits of the data block, and the binary vector B is the lower 32 bits of the data block. Next, the conversion is performed in accordance with the following algorithm.1. Set the count of the number of rounds transformation r: = 1.2. To form a binary vector B control code V by performing permutation1over B: V =1(B) where the permutation 1is implemented using an operational block1in Fig. 3. (Circuit this operating unit is implemented as a simple weave conductors.)
3. Depending on the values of V to convert a binary vector by performing A managed summation of example 2 over A and B: A: = (A,B)[V].4. To convert a binary vector A by running the operations of permutation2: A:=2(A)
5. To convert a binary vector A in accordance with the following formula: A: = A B.6. To form binary vectors A control code V by performing permutation1on A: V =1(A)
7. Depending on the values of V to convert a binary vector B by performing a managed summation of example 3 over A and B: A B: = (B,A)[V].8. Converter binary vector B by running the operations re is 10. If r < 16, then increment r: = r + 1 and go to step 2.11. STOP.The unit cryptogram C is formed by combining the converted binary vectors A and B: C = A|B.
Example 8: encryption 64-bit data block T. the example illustrated in Fig. 4. To generate the secret key is represented as the following cumulative n-bit round distance plug: K1, K2,...,K32. To form the data block two binary vectors A = T div 232and B = T mod 232. Encryption of a data block to perform in accordance with the following algorithm.1. Set the count of the number of rounds of encryption r: = 1.2. To form binary vectors A and connect Kr+16control code V by combining A and Kr+16in accordance with the expression: V = A|Kr+16.
3. Depending on the values of V to form a binary vector P by performing the operation managed multiplication of example 5 over A and Kr: P: = (A Kr)[V].4. The value of P to form two binary data vector H = P div 232and L = P mod 232.5. To convert a binary vector H by performing the above L and H of the operation of summation modulo 232: H: = (L + H) mod 232.6. the vector A as A binary vector B, and the binary vector B as a binary vector A and go to step 2.8. STOP
Explain step 7. Before performing the (i + 1)-th, where i = 1,2,...,15, round binary vector A(B) is assigned the value of B (A) obtained after execution of the i-th round. The unit cryptogram C is formed by combining the converted binary vectors A and B: C:= A|B. the procedure for the decryption of the cryptogram block by using the same algorithm, except that in step 2, use the subkey K33-rinstead of the subkey K16+rand in step 3 - connect the K17-rinstead of Kr.Example 9: encryption 64-bit data block T. the Example 8 is illustrated in Fig. 5. To generate the secret key is represented as the following cumulative n-bit round distance plug: K1, K2,..., K16and Q1, Q1,..., Q16. To form the data block two binary vectors A = T div 232and B = T mod 232. Encryption of a data block to perform in accordance with the following algorithm.1. Set the count of the number of rounds of encryption r: = 1.2. To form mounts Qrcontrol code V: V: = Qr.3. Depending on the values of V storeroom and a subkey Kr: F: = (A,Kr)[V].4. To represent a binary vector F in the form of concatenation of the 4-bit binary vectors fi: F:= f16|f15|...|f1where i = 1,2,..., 16.5. To convert a binary vector F in accordance with the expression:
where S(fi)" - symbol substitution operation performed on 4-bit binary vector fiwhere i = 1,2,..., 16, according to the following table:
< / BR>The operation of substitution is as follows. Computes j = i mod 4. Instead of a binary vector with a value of fisubstituted a binary vector with a value of standing at the intersection of the j-th row and fj-th column.6. To convert a binary vector F by running the operations of cyclic left shift by 11 bits: F: = F <<< 11.7. To convert a binary vector B according to the formula: B: = B f8. If r < 16, then increment r: = r + 1, take the binary vector A as A binary vector B, and a binary vector B as a binary vector A and go to step 2.9. STOP.The unit cryptogram C is formed by combining the converted binary vectors A and B: C = A|B. decryption of the cryptogram block key Q17-rinstead of connection Qrand in step 3 - connect the K17-rinstead of Kr.These examples show that the proposed method cryptographic transformations on blocks of digital data technical feasibility and allows to solve the problem. Managed two-place operations with a large number of possible modifications can be easily implemented in the device cryptographic transformation using high-speed controllable operating units on the basis of standard assemblies of electronic circuits. 1. Way cryptographic transformation blocks of digital data, which consists in forming the data block N2 binary vectors, alternate converting binary vectors and the formation of the cryptogram block on the converted binary vectors, characterized in that it further form control code V when converting the at least one binary vector over a binary vector perform at least one controlled double operation depending on the value of control code V.2. The method according to p. 1, characterized in that the control code V shape on the value of one of the binary vectors.3. Spotname key.4. The method according to p. 1, characterized in that it further form of the secret key, and the control code V shape with a secret key and a binary vector.
FIELD: engineering of methods for cryptographic transformation of data, possible use in communication, computer and informational systems for cryptographic encryption of information and computation of numbers close to random.
SUBSTANCE: device contains two memory blocks, current time moment timer, two concatenation blocks, two hash-function computation blocks, operation block, computing block.
EFFECT: increased complexity of encryption analysis and decreased probability of reliable prediction of next values of pseudo-random series bits while increasing operation speed of generator.
FIELD: automatics and computer science, in particular, identification means for controlling access to autonomous resources.
SUBSTANCE: method includes changing identification information during each new query of autonomous resource, which information is used for identification of carrier during following queries to autonomous resources, by including it in algorithmically converted form on information carrier and in database of central device and checking of its correspondence in a row of previous queries to autonomous resources. Each autonomous resource has memory block for storing conversion algorithms and signs of these algorithms and block for reading/recording carrier information. Central device contains at appropriate data bank addresses the virtual memory blocks for storing information for identification of carriers and memory block for storing a set of algorithms for converting code from one type to another and signs of these algorithms, and for each carrier - information storage address which was used during previous accesses. Carrier contains energy-independent additional memory block for recording, storing and reading additional information code after identification of carrier, available both during manufacture of carrier and its submission to autonomous resource.
EFFECT: increased level of protection from unsanctioned access.
3 cl, 1 dwg
FIELD: engineering of systems for protecting communication channels, which realize claimed method for user authentication on basis of biometric data by means of provision and extraction of cryptographic key and user authentication.
SUBSTANCE: in accordance to the invention, neither biometric template nor cryptographic user key are explicitly represented in information storage device, without provision of biometric sample and information storage device with a pack stored on it, any cryptographic operations with data are impossible.
EFFECT: creation of biometric access system and method for provision/extraction of cryptographic key and user authentication on basis of biometry, increased key secrecy level, increased reliability, expanded functional capabilities and simplified system creation process.
2 cl, 2 dwg
FIELD: physics, communications.
SUBSTANCE: invention relates to a method and a device for encryption in a mobile broadcast system. The technical result is achieved due to that in a mobile broadcast system, BCAST service subscription management (BSM) manages terminal subscriber information and sends a first delivery message for BCAST service distribution/adaptation (BSD/A), where the said message contains registration key material (RKM) for registering the broadcast service for the terminal, and also at least one service or content identifier. BSD/A sends a first message to BSM for confirming delivery, where the said message contains information indicating success/failure of receiving the first delivery message, and sends the RKM to the terminal.
EFFECT: increased efficiency of encrypting transmitted content.
21 cl, 18 dwg, 7 tbl
FIELD: information technology.
SUBSTANCE: binary sequence of a secret identification key and a binary sequence of a secret embedding key, a cryptographic function and several Fourier coefficients of the electronic image are pre-generated for the sender and the receiver. An electronic image certified by a digital watermark is created for the sender, for which the electronic image is divided into M units with pixel size n×n. An identifier for the m-th unit of the electronic image is created. The binary sequence of the digital watermark of the m-th unit of the electronic image is determined. The digital watermark is embedded into the m-th unit of the electronic image and operations for certifying units of the electronic image for the sender with the digital watermark are repeated until completion. The receiver is sent the electronic image certified with the digital watermark. Authenticity of the electronic image received by the receiver is checked.
EFFECT: invention increases security of an electronic image certified by a digital watermark from deliberate altering of the content of the image.
3 cl, 9 dwg
FIELD: physics, communications.
SUBSTANCE: invention relates to data transmission. The system includes a first and a second communication device. One of the communication devices encrypts transmitted data in order to generate encrypted data and transmits said data to the other communication device which decrypts the received encrypted data. Before encryption, each of the communication devices divides transmitted data into portions with given number of bits. Each of the communication devices changes the number of bits of the transmitted divided data and mixes with the transmitted divided data, except portions with the highest number of bits, and includes fictitious data, the size of which ensures coincidence of the number of bits of the transmitted divided data with the highest number of bits.
EFFECT: low probability of cracking of data by a third party.
19 cl, 6 dwg, 1 ex
FIELD: information technology.
SUBSTANCE: block cipher with common key processing configuration is implemented with improved immunity against such attacks as saturation attacks and algebraic attacks ("РЯС" attack). In the encryption processing device which executes processing of block cipher with common key, S-blocks used as modules of nonlinear transformation processing in round function and installed in round functions execution modules are made capable to use S-blocks of at least two different types. With such configuration, immunity against saturation attacks can be improved. Additionally, types of S-blocks represent mixture of various types.
EFFECT: increased difficulty of cryptanalysis and implementation of highly protected algorithm of block cipher with common key.
14 cl, 19 dwg
FIELD: radio engineering, communication.
SUBSTANCE: method for secure transmission of information includes generating an information signal with encoded information, adaptive summation of said signal with a chaotic masking signal, transmitting the resultant signal over a communication channel to a receiving device, detecting information; during detection, the information signal is identified based on a neural network technique.
EFFECT: high information security.
2 cl, 4 dwg
FIELD: radio engineering, communication.
SUBSTANCE: method of concealing data encryption in a communication network involves the following operations: generating a set of characters using a set of encryption keys as input into a pseudorandom function, wherein each character corresponds to an indicator value; subdividing the encrypted data into a plurality of parts; partitioning each part into a plurality of groups; encoding each part by mapping each group with a character in the set of characters in accordance with its indicator value; and transmitting the mapped characters over a communication network.
EFFECT: high probability of identifying encrypted data in a communication network.
20 cl, 4 dwg
FIELD: information technology.
SUBSTANCE: invention realises a common key block encryption processing with improved immunity against attacks, such as attack by saturation and algebraic attacks (RYAS attacks). In the encryption device which performs common key encryption processing, S blocks which are used as nonlinear conversion processing modules in round functions established in round function execution modules are configured to use S blocks of at least two different types. Such a configuration can improve immunity against attacks by saturation. Furthermore, the types of S blocks are a mixture of different types. Use of such a configuration can improve immunity against algebraic attacks, thereby realising a highly secure encryption device.
EFFECT: harder cryptanalysis and realisation of a highly secure common key block encryption algorithm.
52 cl, 19 dwg