The method of transmission and reception, ensuring the authenticity of the message

 

(57) Abstract:

The invention relates to communication and can be used in the transmission of telecode information in communication networks using RSA encryption with key General use. The technical result that can be derived from the implementation of the present invention is expressed in empowering ways for the protection of messages in communication networks using RSA encryption with key public spaces, reducing the number of redundant elements in the message necessary for the transmission of messages over the communication channel, and therefore, increase the rate of transmission of messages, reducing complexity and providing a guaranteed maximum value for the probability of protection from making undetectable errors in the message as a result of deliberate actions by the offender on the transmitted codogram for a given number of redundant symbols in codogram. 6 Il.

The invention relates to the field of communication and can be used in the transmission of telecode information in communication networks using RSA encryption with key General use [1].

Known way to protect the message when it paeonians error message P < 1/2mwhere m is the number of test binary symbol appended to the message, namely, that the message length K binary symbols, transferable from user i to user j, encode linear (n, K) code, detecting errors, n-K= m, with the formation of the m test characters that add to the elements of the message, the message is added checking symbols are divided into segments by m binary symbols in each segment, the last segment of N Supplement to the length equal to m binary characters, null characters, over each of the N segments to perform surgery pseudostochastic conversion, which are as follows: generate two pseudo-random sequence (SRP) for N blocks of length m binary symbols in each of the N blocks using as their initial values agreed at the reception and transmission of binary m-bit numbers, the first segment of the message is considered as an element of Galois field GF(2m), multiply modulo the irreducible over GF(2) polynomial of degree m on the value of the elements of the first block of the first SRP, considered as an element of Galois field GF(2m), and put the bitwise modulo two elements of the first block of the second SRP, similar is Nala communication subscriber j, at the reception on each received transformed cut do the reverse operation pseudostochastic conversion, after receiving and reverse pseudostochastic conversion of all N segments produce decoding messages in accordance with the (n, K)-code with checking for errors in a received message, and when the non-detection message is issued to the recipient, upon detection of the error message erase.

However, the known method does not protect against intentional effects of the attacker, for the linear conversion operation and coding attacker when a priori knowledge of the transmitted message by sending the converted message (converted several messages) clearly reveal the value of the units of the SRP and, consequently, to make any undetectable at the reception error in the transmitted message.

For users of the communication network using single-key encryption system, a method of transmitting and receiving to ensure the authenticity of the transmitted message [4] in the context of the intended impacts of the offender, which are as follows.

Each of the two interacting in rasmei pair of users of the communication network and comprising Z binary characters. Transmission of the message length K binary characters consisting of a header, containing information about the addresses of the sending and receiving users and the length of the message, and the information part of the message, complete null characters up to the length equal to K+ = Nm binary symbols, and divide the resulting sequence of elements of length K+ binary symbols into N segments of m binary symbols in each. Form two pseudostochastic sequence (SRP) (N blocks each, and with the block length equal to m binary symbols) with initial values generated in accordance with the selected memory for a given pair of interacting users network communication secret key. Each of the N segments of the message put operation pseudostochastic conversion, namely, that the value of the segment message with the number , considered as an element of Galois field GF(2m), multiply modulo the irreducible over GF(2) polynomial of degree m on the value of the elements of the block number of the first SRP blocks (SRP-1), considered as an element of Galois field GF(2m), and summarize the work character by character modulo two block elements with the number of the second SRP blocks (SRP-2). The converted TM bitwise addition modulo two same elements in all transformed lines with receiving items check sequence P of length m binary symbols.

Elements of a test sequence P is subjected to the operation of the nonlinear transformation using, for example, or irreversible function, or the function f (P, CL) selected from the family used functions F in accordance with the value of the secret key CL, in which, for example, permutation, table, replacement, and shift elements test sequence P is produced in the manner and according to the rules, which are determined by the values of the elements of the secret key CL. In the end you get a component of the resulting test sequence - authenticator A. Elements authenticator And add to the elements of the message (not converted) and the resulting codogram length K binary symbols are sent over the communication channel to the receiving user.

At the reception in the accepted codogram emit message elements and elements authenticator A and from memory, select the appropriate transmitting user secret key. Over the elements of the message perform all operations on the formation of the authenticator A, similar to those carried out on the transmission. Calculated members authenticator A compare on the identity with the adopted elements of the authenticator A and in full and receive with ensuring the authenticity of the messages has the following disadvantages: the need (using the method) for solving the problem, associated with the formation and distribution between users of the communication network of secret encryption keys CL third parties (except a pair of interacting users), which is necessary for their formation in the center of the formation and distribution of keys, creates additional opportunities for the abuse of secret keys, for example, opening information in the transmitted message; inadequate protection from entering the receiving user undetectable errors correctly received and stored (long) message (without changing elements authenticator) with the subsequent denial of the deed.

In communication networks, using two key system RSA encryption with key General use [1], there is a method of transmission and reception of ensuring authentication and confidentiality of messages [5], which consists in the following.

Each of the i-th user's network connection, i=1,2,3... as system user RSA encryption with a key length-n binary symbols periodically generate two keys: a secret (eini), which is placed in storage protected from unauthorized access memory, and outdoor (dini), which make the work keys) issued to all network users open directory ni- the absolute value of the key. On transfer from the i-th user j-th user message elements and information elements of the message is converted into elements authenticator length Z of binary symbols (Z>1).

Elements authenticator form as follows. For each of the transmitted messages generate a random number Chlength G of binary elements, which are used as the map key messages in accordance with a given function F to successive formation of two test sequences of length such as m binary symbols each. The first test sequence R(1) is formed in accordance with a random number CB1and used by the transformation function F by using the operation consisting, for example, that the elements of a message is divided into D segments of length m binary symbols each, last partial segment messages are complementary to a segment of zero symbols, the first segment of the transform using, for example, as a conversion operation of the encryption algorithm corresponding to the algorithm GOST 28147-89, and random number CB1as the encryption key. Obtained through the Tami second segment of the message and the result of summation again transform using the same encryption algorithm and the same (or converted by a specific rule) random numbers CB1as the encryption key, and so continue until the elements of the last segment in the result of the conversion gain of the first test sequence R(1) of length m binary symbols, m younger characters random number CB1summarize character modulo two elements of the first test sequence R(1) to obtain the elements of the sequence length G of the binary symbols, which is used as the encryption key in the formation of the second test sequence R(2) according to an algorithm similar to that used when forming the elements of the first test sequence R(1).

Connect the elements of the first test sequence R(1), the elements of the second test sequence R(2) and the elements of the random number CB1in one sequence, complementary elements of messages that are agreed on with the host user positions to obtain a sequence of length Z, Z<nbinary characters, which is a control sequence by the authenticator, choose from the open memory message header public key of the receiving user (djnj), from secretogogues encryption and, if ni< njthen the binary number corresponding to the elements of the authenticator, in accordance with RSA encryption algorithm first erected in the degree of eimodulo niand then the degree of djmodulo njand if ni> njthen the binary number corresponding to the elements of the authenticator, first erected in degree djmodulo njand then in the degree of eimodulo niobtaining items in the encrypted authenticator. The information elements of the message encrypted using the random number CB1as the encryption key and the encryption algorithm corresponding to, for example, GOST 28147-89. The resulting codogram consisting of the elements of the message header items in the encrypted part of the message and the elements of the encrypted authenticator is passed through the communication channel to the receiving user.

At the reception of the received codogram the message header allocate the elements of the encrypted authenticator, choose from open and closed memory public key of the sending user (dini) and a secret key of the receiving user (ejnj), select the key, which has more absolute knowledge is aqueous authenticator, first erected in the degree of ejmodulo njand then the degree of dimodulo niobtaining items authenticator And, if nj< nithen the binary number corresponding to the elements of the encrypted authenticator, first erected in degree dimodulo niand then in the degree of ejmodulo njobtaining items authenticator A. Highlight of the elements of the authenticator And the elements of the random number CB1, decrypt encrypted transmission of message elements in accordance with a random number CB1as a decryption key and decryption algorithm in accordance with the transmission of the encryption algorithm, for example according to GOST 28147-89, elements of messages, similarly as on the transfer form the first R(1) and the second R(2) the test sequence in accordance with a random number CB1as the encryption key, is formed similarly as on transmission elements authenticator And that compare to the identity elements of the received authenticator A. If they match the elements of a message is issued to the recipient as correct. In the event of mismatching items to match the rising authentication and privacy of messages has the following disadvantages: complexity due to the need for multiple operations of the encryption algorithm, corresponding to GOST 28147-89, the decrease in the transmission rate due to the introduction of additional large number of redundant symbols in the transmitted message as encrypted authenticator length n binary characters [required for used in two key encryption (the encryption key shared RSA key length n 512 binary characters and small message length ( 1024 binary characters) the percentage of redundant symbols is obtained substantial]; there is no possibility of varying the number of redundant symbols (and, as a consequence of the change speed transmission of the message) when the requirements change is likely to make undetected errors due to deliberate actions of the offender.

The technical result that can be derived from the implementation of the present invention is expressed in empowering ways for the protection of messages in communication networks using RSA encryption with key public use; reducing the number of redundant elements in the message that is required for transmission of messages over the communication channel, and therefore, increase the rate of message transmission; reducing clonos jwaamoj error message as a result of deliberate actions by the offender on the transmitted codogram for a given number of redundant symbols in codogram.

To ensure this technical result in the method for transmission and reception, ensuring the authenticity of the message, namely, that each of the i-th user of the communication network in accordance with the underlying system RSA encryption with a key common use is characterised by two key length n binary symbols of each: secret - (eini), which is placed in storage protected from unauthorized access memory of the i-th user, and outdoor (dini), which make known to all the users of the communication network (ni- the binary number corresponding to the absolute value of the encryption key of the i-th user) and placed in storage in a public memory of all the users of the communication network, when the transfer sequence message's length K binary symbols consisting of the sequence is not modified during transmission of the message header, which contains information about the addresses of the sending and receiving users, the length of the binary symbols, and the sequence information of the message, the length of the binary symbols from the i-th user j-th user from the private memory of the sending user chooses his secret key (eiini) and destination (djnjusers define the key with a smaller absolute value, and if ni< njfirst binary number corresponding to the sequence of the authenticator And, in accordance with RSA encryption algorithm built in the degree of eimodulo niand then the result erected in degree djmodulo njobtaining the sequence of the encrypted authenticator and if nj< nifirst binary number corresponding to the sequence of the authenticator And raise to the power of djmodulo njand then the result erected in degree eimodulo niobtaining the sequence of the encrypted authenticator form the sequence codogram T and transmit it over the communication channel to the receiving user j, and at the reception after the reception sequence codogram T distinguish it from the elements of the sequences of message header and encrypted and is of lovatelli, from the open and closed memory of the host user selects the public key of the sending user (dini) and a secret key of the receiving user (ejnj), two cryptographic module niand njthe selected keys define a module with a large absolute value, and if ni< njthe number corresponding to the adopted elements of the encrypted authenticator erected in degree ejmodulo njand then the result erected in degree di, modulo niobtaining sequence authenticator and if ni> njfirst binary number corresponding to the sequence of the encrypted authenticator erected in degree dimodulo niand then the result erected in degree ejmodulo njobtaining the sequence of the authenticator from the sequence of the received authenticator produce a test sequence and the sequence of random numbers is similar to the transmission according to the sequence of messages and the received sequence of random numbers C form a test sequence P, which compare n is egovernance message is issued to the recipient as true, if not adopted a sequence of messages erase the new operation, which consists in the fact that the transmission and reception elements of the test sequence P, the sequence authenticator and sequence codogram T form as follows: transfer in accordance with the sequence of generated random numbers of length m binary symbols form a pseudo-random sequence of N blocks Gi, i = 1,2,3,...,N, of length m binary symbols each, where the value of the first block of G1is determined by the value of the sequence of random numbers With a transmitted sequence of messages of length K binary symbols is divided into N segments Di, i=1,2,3...,N, with m binary symbols in each, the latter is not full cut complement of zero symbols, each of the N segments of the sequence of messages is subjected to the operation pseudostochastic conversion, which consists in the fact that each segment of the message Dinumber i, where i=1,2,3,...,N, considered as an element of Galois field GF(2m), multiply modulo the irreducible over the field GF(2) polynomial of degree m on the value of the block elements Gipseudo-random sequence, rasmar the length K+ binary symbols encode linear block (l,K+) code detecting errors, where 1=Nm+m, K+ = Nm, to obtain the elements of the test sequence P of length m binary symbols that connect the elements of the test sequence and the sequence of random numbers in one control sequence of length 2m binary symbols, in which case, if n < -2m, complement sequence of the q standing to the right of the information elements of the message S, where q = +2m-n, and if n > -2m, the entire sequence information of the message's length of binary symbols and a sequence of zero characters in length (n-2m) binary symbols to obtain a sequence authenticator length n binary symbols, and the sequence of codogram T form as follows: to the received sequence of encrypted authenticator add the sequence header of the message, and if the number of binary symbols n is less than the sum of the binary symbol sequence information of the message and the control sequence B, i.e., n < +2m, then the sequence header type not yet included in the sequence authenticator (-q = +2m-n) elements of the sequence information part soobshenij characters (for the case if n-2m < ), which is passed over the communication channel to the receiving user, and receiving from the received sequence codogram T allocate the message header, the encrypted authenticator, and if n < +2m, the elements of the sequence information of the message's length (+2m-n) of binary symbols that are not included in the transfer to the authenticator And, after obtaining the sequence of the authenticator and the discharge from her test sequence and the sequence of random numbers from a sequence authenticator allocate included in the transmission of q elements of the sequence information of the message, S, thus q = if n > +2m, or q= n-2m, if n < +2m, unite taken in sequence codogram T the elements of a sequence of message header length of binary symbols and the elements of the sequence information of the message S, which were not included in the sequence authenticator on the transmission (if n-2m > ), the length q of the binary symbols, with q the elements of the sequence information of the message S, selected from the received authenticator, in one sequence of messages

In Fig. 1-5 depict diagrams illustrating a method of pedinotti message is as follows.

Each of the i-th user's network connection, i=1,2,3... as system user RSA encryption with key General use periodically form two of the key, the secret (eini), which is placed in storage protected from unauthorized access memory, and outdoor (dini), which make known to all users of the communication network, for example put it in the periodically issued to all users of the communication network directory.

On the transmission of the message length K binary symbols (Fig. 1) from the i-th user j-th user in accordance with the items are not modified during transmission of the message header, which contains information about the addresses of the sending and receiving users, the length of the binary symbols and elements of the information part of the message length binary character shape authenticator as follows.

In accordance with the header of the message containing the addresses of the sending and receiving users from the private memory of the sending user chooses a secret key (eini) transmitting user, and from the open memory - the public key (djnj) receiving user. For each peradventure generated (the same for transmission and reception algorta) sequence of pseudo-random blocks of Gi, i = 1,2,3,...,N, of length m binary symbols each, which in turn is used to pseudostochastic conversion of the transmitted message length mN binary characters.

The sequence of the converted message is formed as follows. The message's length K binary symbols is divided into N segments Di, i=1,2,3,...,N, of length m binary symbols each (see Fig 1), and the last partial segment of the message DNcomplementary to a segment of zero characters. Each of the N segments of the message put operation pseudostochastic conversion, which consists in the fact that each segment of the message with the number of Diwhere i=1,2,3,...N, considered as an element of Galois field GF(2m), multiply modulo the irreducible over the field GF(2) polynomial of degree m on the value of the block elements Githe previously generated pseudo-random sequence of blocks, considered as an element of the field GF(2m). Received the converted sequence of messages encode a linear (n,K+)-code, n=Nm+m, K+ = Nm, to obtain the elements of the test sequence P of length m binary symbols (Fig. 2) connect the elements of the test sequence P and the elements of placentas is leva) the control sequence B sequence from q standing to the right of the information elements of the message, S, where q = (+2m)-n, while the number of binary symbols in the sequence information of the message is smaller than the value (n-2m), i.e. +2m < n, add zero symbols to obtain a sequence of authenticator And the length n binary symbols of the two absolute values of the modulus, niand njkey transmitting (eini) and destination (djnjusers define the key with the smallest absolute value of the module, and if ni< njfirst binary number corresponding to the sequence of the authenticator And raise to the power of eimodulo niand then the result erected in degree djmodulo njobtaining the sequence of the encrypted authenticator (Fig. 4a), if nj< nifirst binary number corresponding to the sequence of the authenticator And raise to the power of djmodulo njand then the result erected in degree eimodulo niobtaining the sequence of the encrypted authenticator (Fig. 4B), form codogram T consisting of elements of the sequence header of the message S, the sequence is not included (if n-2m < ) after the of edificatory length n binary symbols (Fig. 5 a,b). Codogram T is passed through the communication channel to the receiving user.

At the reception of the received codogram distinguish the elements of a sequence of message header length of the binary characters of the encrypted authenticator length n binary symbols and a sequence of elements of a message's length (q) of binary symbols that are not included in the sequence of the encrypted authenticator (if n-2m < ), the message header choose from open and closed memory of the receiving user, the public key of the sending user (dini) and a secret key of the receiving user (ejnj), select the key, at which the absolute value of the module, and if nj> nithen the binary number corresponding to the elements of the received encrypted authenticator length n binary symbols of the first erected in the degree of ejmodulo njand then the result erected in degree dimodulo niobtaining sequence authenticator length n binary symbols, and if ni> njthen the binary number corresponding to the elements of the received encrypted authenticator , erected in degree dimodulo n is lnasty

authenticator

Highlight of the elements of the sequence of authenticator m elements of the adopted test sequence m of elements of the received sequence of random numbers and q elements of the message included in the transmission sequence authenticator, if (n-2m) < , then q = n-2m, and if (n-2m) > , q = , unite taken in sequence codogram the elements of a sequence of message header length of binary symbols and the elements of the sequence information of the message S, which were not included in the sequence authenticator on the transfer (in the case if n-2m > ), the length q of the binary symbols, with q the elements of the sequence information of the message S, selected from the received sequence authenticator in a single sequence of messages of length K binary symbols, in accordance with the accepted sequence of random numbers and sequence of messages form as the transmission pseudo-random sequence of N blocks of length m binary symbols in each and a check sequence P, which is compared to the identity elements of the adopted test sequence and with their full concurrence of prenatal message features wash.

In Fig. 6 presents one possible structural diagram of a device implementing this method.

The device comprises a transmission unit 1 storing a secret key, block 2 storage of public keys, the storage unit 3 messages, block 4 generate a random number, unit 5 forming a pseudo-random sequence, block 6 pseudostochastic conversion messages, block 7 of the coding block 8 storing a test sequence, block 9 forming an authenticator, block 10 choice of secret-key block 11 select public key block 12 encrypt the authenticator, unit 13 storing the encrypted authenticator and the block 14 forming codogram, and the reception unit 15 receiving codogram, block 16 allocation header, encrypted authenticator and the untransformed part of the message, block 17 storing a secret key, the unit 18 storing public key block 19 select public key block 20 selecting a secret key, the block 21 storing the encrypted authenticator, block 22 decrypt the authenticator, block 23 allocation of random numbers, test sequence and part of the message, block 24 storing a random number, block 25 of the retention of title and naroop varochnoi sequence, block 29 storing the received test sequence, the block 30 of a pseudorandom sequence generator, the block 31 pseudostochastic conversion messages, block 32 comparison unit 33 of issuing the message.

The device operates as follows.

In the terms of use encryption with RSA key for General use, periodically, such as annually, on the transfer (block 1) and reception (block 17) is placed on the storage of secret keys corresponding users, and block 2 (on the transmission) and in block 18 (for example) is placed on the storage of public keys of all the users on the network.

To send the message, in block 3 of storing messages in unit 4 to generate random number generate random random number With length m binary digits, which comes in block 5 of the pseudo-random sequence generator, in which, using a random number With both the original form of N pseudo-random blocks of Gi, i=1,2,3,....N, of length m binary symbols each, in block 6 pseudostochastic conversion message message stored in the storage unit 3 messages, is divided into N blocks of Dilength m binary symbols each (the last incomplete the Galois field GF(2) polynomial of degree m in i-th block of Gipseudo-random sequence generated in block 5 of the pseudo-random sequence generator, with the formation of the converted sequence of messages in block 7 coding based on correcting coding used to code the received and converted sequence of messages generate a test sequence P, which is placed in storage in the storage unit 8 test sequence in block 9 of the formation of the authenticator based on the obtained unit 4 to generate random numbers, in block 8 encoding check sequence P and part of the message stored in the storage unit 3 messages, form authenticator, which transform in block 12 encrypt the authenticator using the public key of the receiving user and the secret key of the sending user, which is selected on the header of the message through the block 10 select the secret key and the block 11 select the public key of block 1 of storage of the secret key and unit 2 storing the public key in the block 14 forming codogram to encrypted authenticator add the message header and not included in the authenticator part of the message, and the received codogram T beredugo authenticator and the untransformed part of the message selects from the accepted codogram message header, encrypted authenticator by placing it in block 21 store encrypted authenticator and not included in the authenticator part of the message with its location in block 25 of the retention of title and the untransformed part of a message header of the message received from the block 17 storing a secret key and unit 18 storing a public key using the block 19 selecting a secret key and a block 20 of the choice of the public key chosen by the secret key of the receiving user and the public key of the sending user, in block 22 decrypt the authenticator adopted convert encrypted authenticator stored in the block 21 storing the encrypted authenticator, the authenticator, from which the block 23 allocation of random numbers, test sequence and part of the message allocate a random number, which is placed in storage unit 24 storing random numbers, test sequence, which is placed in the block 29 storing the received test sequence, and part of the message included in the authenticator, which comes in a block 26 of message generation, which produces the Assembly of sent messages from the message header and is not included in autentificare, and part of the message that are not included in the authenticator received from the block 23 allocation of random numbers, test sequence and part of the message, based on the random number stored in the block 24 store the random number in block 30 of a pseudorandom sequence generator is formed on the transfer, a pseudo-random sequence Giand N blocks, i = 1,2,3,...N, in block 31 pseudostochastic conversion messages, how to transfer, produce pseudocapacitance converting the received message is stored in block 26 of the message, and in block 27 encode, how to transfer the converted message receipt verification sequence P, which is placed in storage unit 28 to store the calculated test sequence P, block 32 to produce the comparison of accepted test sequence which is stored in the block 29 storing the received test sequence, calculated with the test sequence P, which is stored in the unit 28 to store the calculated test sequence, when the identity of the compared test sequences using block 33 of issue of the notification message storing the software, and hardware-software implementation of the prototype. The implementation of newly introduced operations can be performed similarly. The claimed method in comparison with the prototype in terms of the use of two key system RSA encryption with the same value of n (n is the length of the encryption key) allows you to:

1. When the number of added redundant symbols is equal to 2m binary symbols (m checking symbols and m characters random numbers), to provide (in terms of ignorance offender secret keys of the users and the values of the random numbers used for pseudostochastic convert messages) probability value of Pbutintentional making of intruder undetectable errors in the transmitted message S, defined by the inequality Pbut(1/2m). In terms of use of the prototype to ensure that the same values of Pbutthe number of redundant symbols (in the prototype) Z significantly exceeds the value of 2m, which reduces the transmission rate of the message.

2 Significantly reduced in comparison with the prototype implementation complexity and, as a consequence, the operations of converting the message by performing simple operations pseudostochastic cyclic code, that simplifies the process of practical implementation of the method of transmitting and receiving messages and, consequently, increases the rate of transmission of messages in communication networks.

Sources of information

1. Rivest R. L. , A. Shamir, Adelman L. A method for obtaining digital signatures and public-key cryptosystems // Communication of the ACM. 1978, v. 21,12, p. 120-126.

2. Ustinov, N. Pseudostochastic encoding N-split systems with decision feedback. Problems of information transmission. Volume XVIII, vol. 1, 1982, S. 43-50.

3. USSR author's certificate N 1287296, CL H 03 N 13/02, 1984.

4. Description of the invention to the patent of Russian Federation RU 2027310, C1, CL 6 H 04 K 1/00.

5. Description of the invention to the patent of Russian Federation RU 2040117, C1, CL 6 H 04 K 1/00.

The method of transmission and reception, ensuring the authenticity of the message, namely, that each of the i-th user of the communication system in accordance with the underlying system RSA encryption with a key common use is characterised by two key length n binary symbols of each closed - (eini), which is placed in storage protected from unauthorized access memory of the i-th user, and outdoor (dini), which make known to all ballsporthalle, and placed in storage in a public memory of all the users of the communication network, when the transfer sequence message's length To binary characters, consisting of a sequence of invariant during the transmission of the message header, which contains information about the addresses of the transmitter and receiver, the length of the binary symbols, and the sequence information of the message, the length of the binary symbols from the i-th user j-th user from the private memory of the sending user chooses his private key (eini), and from the open memory - the public key (djnjaccepts user j, form a sequence of random numbers of length m binary symbols, in accordance with the sequence of messages and the sequence of random numbers To generate a test sequence P of length m binary symbols of the two keys, namely, the private key (fini) the transferor and the public key (djnjaccepts user define key with a smaller absolute value of the module, and if ni< njthen the binary number Z < nicorresponding sequence authenticator And raise to the power of ecoherence converted authenticator and if nj< nithen the binary number Z < njcorresponding sequence authenticator And raise to the power of djmodulo njand the result was erected in the degree of eimodulo niobtaining sequences are converted authenticator form the sequence codogram T and transmit it over the communication channel to the receiving user j, and at the reception after the reception sequence codogram T distinguish it from the elements of the sequences of message header and converted authenticator in the sequence header of the message containing the addresses of the transmitter and receiver, from the open and closed memory of the receiver choose the public key of the sending (dini) and the private key of the host (einiusers, of two cryptographic module niand njdefine a module with a large absolute value, and if ni< njthe number corresponding to the accepted elements converted authenticator erected in degree eimodulo njobtaining sequence authenticator and if ni> njthen the binary number corresponding sequence preobrazovan ejmodulo njobtaining the sequence of the authenticator from the sequence of the received authenticator produce a test sequence and the sequence of random numbers is similar to the transmission according to the sequence of messages and the received sequence of random numbers To generate a test sequence P, which is compared to the identity with the accepted test sequence , and with their full concurrence of the elements of the received sequence of messages issued to the recipient as true, if not adopted a sequence of messages erase, characterized in that the transmitting and receiving elements of the test sequence P, the sequence authenticator and sequence codogram T form as follows: on the transfer in accordance with the sequence of generated random numbers of length m binary symbols form a pseudo-random sequence of N blocks Gi, i = 1,2,3,...,N, of length m binary symbols each, where the value of the first block of Giis determined by the value of the sequence of random numbers With a transmitted sequence of message length To doesn etc complement zero characters each of the N segments of the sequence of messages is subjected to the operation pseudostochastic conversion, which consists in the fact that each segment of the message Dinumber i, where i = 1,2,3,....,N, multiply modulo the irreducible over the field GF (2) polynomial of degree m on the value of the block elements Gipseudomucinous sequence, considered as an element of the field GF(2m), and Dithe sequence of the converted segments of the message length K+ binary symbols encode linear block (L,K+) code that detects errors, where L = Nm + m, K+ = Nm, to obtain the elements of the test sequence P of length m binary symbols that connect the elements of the test sequence and the sequence of random numbers in one control sequence of length 2m binary symbols, in which case, if n < +2m, complement sequence of the q standing to the right of the information elements of the message S, where q = n - 2m, and if n > +2m, then the entire sequence information of the message's length binary symbols and zero sequence of symbols of length n--2m binary symbols to obtain a sequence authenticator length n DVO is STI converted authenticator add a sequence of message header and if the number of binary characters in the encryption key n is less than the sum of the binary symbol sequence information of the message and the control sequence, i.e., n < +2m, then the sequence header type not yet included in the sequence authenticator-q = +2m-n elements of the sequence information of the message's education sequence codogram T, the length of the binary symbols, for the case where n > +2m, or binary characters, for the case where n < +2m, which is passed over the communication channel to the receiving user, and at the reception of the received sequence codogram T allocate the message header, converted authenticator and if n < +2m elements of the sequence information of the message's length +2m-n binary symbols that are not included in the transfer to the authenticator And, after obtaining the sequence of the authenticator and the discharge from her test sequence and the sequence of random numbers from a sequence authenticator allocate included in the transmission of q elements of the sequence information of the message S, with q = , if n < +2m, or q = n - 2m, if n < +2m, unite taken in p the ways of the sequence information of the message, S, not included in the sequence authenticator on the transmission if n > +2m, length-q of binary symbols, with q the elements of the sequence information of the message S, selected from the received authenticator, in one sequence of messages S.

 

Same patents:

The invention relates to telecommunications and computing, and more particularly to cryptographic methods and devices for data encryption

The invention relates to the field of telecommunications and computing, and specifically to the field of cryptographic methods and devices for data encryption

The invention relates to the field of telecommunications and computing, and more particularly to the field of cryptographic methods and devices for data encryption

The invention relates to the field of telecommunications and computing, and more particularly to the field of cryptographic methods and devices for data encryption

The invention relates to the field of telecommunications and computing, and more particularly to the field of cryptographic methods and devices for data encryption

The invention relates to telecommunications and computing, and more particularly to cryptographic methods and devices for data encryption

The invention relates to the field of telecommunications and computing, and more particularly to the field of cryptographic methods and devices for data encryption

The invention relates to the field of telecommunications and computing, and more particularly to the field of cryptographic methods and devices for encoding messages (or information)

The invention relates to telecommunications, and in particular to the technique of secret confidential communication

FIELD: cryptography.

SUBSTANCE: method includes generating random numbers with use of displacement register with check connection, elementary digit of which is a q-based symbol (q=2l, l - binary symbol length) at length of q-based digits register, in check connection networks nonlinear two-parameter operations on q-based symbols F (ub, ud) are used, on basis of random replacement tables, for generating next random number values z1=F(ui, uj), z2=F(ut, um), zg=F(z1, z2) are calculated, where ui, uj, ut, um - values of filling of respective register digits, value of result in check connection networks zg is recorded to g digit of displacement register and is a next result of random numbers generation, after which displacement of register contents for one q-based digit is performed.

EFFECT: higher speed and efficiency.

3 cl

FIELD: electrical communications and computer engineering; cryptographic data conversion.

SUBSTANCE: proposed method includes generation of protection key in the form of n-bit binary vector, its supply for initial filling of shift register producing maximal-length pseudorandom character sequence, conversion of data stream into encoded message, and its transfer over communication line; in the process total character of encoded text is shaped and its value is conveyed at moment when search sequence character assumed value equal to unity.

EFFECT: reduced redundancy in message transferred and enhanced message transfer speed.

1 cl, 2 dwg

FIELD: electric communications.

SUBSTANCE: method is performed using microcontrollers with two memory types: data and software. For transfer of each symbol individual main and reserve codes are used, on basis of number of repeats of symbol in transferred message. First transfer of symbol is performed by main code, second transfer of same symbol - by reserve code, and then codes synchronization displacement is activated for a step around circle relatively to symbols until finish of circle. After transfer of displaced reserve code, closing the circle, synchronous replacement of codes variants is performed, and then order of codes replacement is repeated in case of repeat of any symbol in transferred message. Number of required code variants is set by planned volume of information, sent via communication line.

EFFECT: higher efficiency.

1 dwg

FIELD: data carriers.

SUBSTANCE: data carrier is made in such a way, that for important data protection operations confidential data stored in chip memory or formed by it are separated on at least three portions, also provided is processor for calculation of random number and for dividing confidential data on such random number, while first portion of data is an integer result of such division, and third portion of data is the actual random number.

EFFECT: higher quality of data protection.

3 cl, 1 dwg

FIELD: computer science, communications.

SUBSTANCE: method includes generating a protection key in form of a binary vector n-bit long, sending it for primary filling of displacement register, generating pseudo-random series of maximal length, generating pseudo-random series of symbols, transforming data stream to encrypted message and transmitting the latter along communication line, while pseudo-random series is generated as pseudo-random series of symbols of finite field Fp with characteristic p=2k+1 in form of binary vectors k-nit long by getting information from k different bytes of displacement register with check connection, numbers of which are determined on basis of protection key, and number k is selected equal to one of members of geometric row, which has denominator and first member equal to two, and also a pseudo-random series of symbols is formed for finite field of odd values of symbols due to skipping clock pulses of displacement register with check connection for which pseudo-random series symbols take even values and serially transforming in finite field Fp symbols of source text by involution thereof, appropriate for pseudo-random series symbols.

EFFECT: higher resistance to attacks on basis of known and sorted out texts.

4 cl, 2 dwg

FIELD: radio engineering; secret intelligence protected radio communication systems.

SUBSTANCE: proposed radio communication system incorporating provision for suppressing enemy's radio communication means and radio control channels has information subsystem, noise jamming subsystem, noise memory subsystem, information subsystem elements, and subsystem elements interface unit; each element of information subsystem is made in the form of multichannel time-division radio station; each element of noise jamming subsystem is made in the form of time division multichannel radio station, and each of noise jamming subsystem elements is made in the form of barrage jamming transmitter built around noise signal generating driver; used as drivers are self-stochastic generator operating in different frequency bands.

EFFECT: enhanced intelligence protection of communication channels, simplified design, enhanced reliability.

2 cl, 13 dwg

FIELD: information protection.

SUBSTANCE: method for transferring messages while providing for confidentiality of identification signs of communication system objects with interaction of devices of communication system subscribers through central device for each communication session cryptographic conversion of subscriber device identifier is performed using encryption key of current subscriber device, while during said cryptographic conversion symmetrical cryptographic algorithm is used and two message transfer modes are taken in consideration, on initiative from subscriber device to central device and vice versa.

EFFECT: protection from unsanctioned access to identifiers of devices of system subscribers transferred via communication channels, in particular when providing for confidentiality of messages identification signs in communications systems with multiple subscriber devices.

6 dwg

FIELD: data processing.

SUBSTANCE: before beginning of decoding all possible non-repeating meanings of combinations of alphabet ui are recorded randomly into code spreadsheet with N lines by means of random numbers detector (RND). Number i of code line of code spreadsheet Tk is recorded in each line ui of address spreadsheet Ta. Meaning of combinations of alphabet ui is recorded in spreadsheet Tk, where N-size of alphabet coincident with number of lines of code and address spreadsheets Tk and Ta, ui is original combination being subject to coding. Moreover for filling any next i-line and line from code spreadsheet Tk (where i equals 1 to N) the next meaning of combination of alphabet from RND which is subsequently compared with each i-th meaning from recorded combinations of alphabet in code spreadsheet Tk. In case there is no coincidence with any recorded combinations of alphabet, the next meaning of combination of alphabet ui is recorded into i-th line of code spreadsheet Tk. When coding line ui of address spreadsheet Ta the address A(ui) of original combination is read out from code spreadsheet Tk. Value of coded combination vi of original combination ui at value of parameter of conversion of ξi equals to value of combination of alphabet being stored in line A(vi) of code spreadsheet Tk, which address is determined as A(vi)=A(ui)+ξi for module of N number. Value of coded combination vi is read out from line of code spreadsheet Tk with address A(vi). When decoding coded combination vi at value of conversion parameter of ξi the value of combination is defined, which combination is stored in address line A(ui) of spreadsheet Tk which address is determined as A(ui)=A(vi) - ξi for module N number. Value of ui combination is read out from line of code spreadsheet Tk having address A(ui).

EFFECT: increased speed of data processing.

FIELD: computer science.

SUBSTANCE: method is based on block-wise conversion of message, dependently on secret key, to Cyrillic text.

EFFECT: possible use of Russian texts as containers for steganographic conversion, decreased dependence of statistic characteristics of modified container from concealed message.

2 cl, 6 dwg

FIELD: cryptography.

SUBSTANCE: block for generation of sub-keys data uses two different processes for open generation of sub-keys. During encoding of T*n block of open text, where T - length of predetermined cycle, n - positive integer, sixteen sets of sub-key data is generated. In al other cases two sets of sub-key data are generated. Encryption block encrypts open text, using formed sixteen or two sets of sub-keys data.

EFFECT: higher efficiency.

6 cl, 15 dwg

Up!