The method of conveying data encryption

 

The invention relates to the field of telecommunications and computing, and more particularly to the field of cryptographic transformations. The method includes forming the encryption key as a binary vector, submission binary vector for the initial filling of the shift register with feedback that generates a pseudo-random sequence (SRP) of binary symbols, converting the data stream into an encrypted message and send it through the communication line, characterized in that the SRP binary symbols form as SRP characters of a finite field Fp with characteristic p=257 in the form of binary vectors of length 8 bits by removing information from eight different bits of the shift register, the number of which is determined by the value of the input encryption key, pass the cycles of operation of the shift register, in which at least one of the generated SRP characters of a finite field Fp is the character "0". The data flow transformation in the encrypted message is carried out by splitting the stream of source data into blocks in the form of binary vectors of length 8 bits and in turn transform the blocks into a binary vector by using the SRP characters of a finite field Fp according to the selected linear or nonlinear misaligned in the finite field Fp. Technical result achieved in the implementation of the invention is to increase the resistance of the cipher to attacks based on known and selected source. 3 C.p. f-crystals, 1 tab., 2 Il.

The invention relates to the field of telecommunications and computing, and more particularly to methods and devices for the cryptographic transformation of data.

In the combination of features of the proposed method, the following terms are used:

secret key (or password) is a combination of bits known only to the legitimate user.

the encryption key - decryption (shiploc) is a combination of bits used for encryption of information signals; shiploc is a replaceable part of the cipher and is used to convert the message or the set of messages; shiploc is known only to the legitimate user or can be generated by deterministic procedures by password;

the cipher is a set of elementary steps of converting input data using sherloch; cipher can be implemented as a software or as a separate device.

encryption is the process predstavlyayou a pseudo-random sequence of characters, from which to obtain information without knowledge of the key, impracticable;

decryption is the reverse process of the encryption process; decryption provides data recovery for the cryptogram with the knowledge sherloch;

the binary vector is a signal in the form of a sequence of zero and unit symbols corresponding to the representation of a number in binary.

Known methods of stream data encryption (see, for example, the Russian encryption standard the standard of the USSR GROWTH 28147-89 [1], the British algorithm B-Grypt, US Standard DES, Japanese encryption algorithm FEAL [2] pages 48-52, as well as the Russian Federation patent for the invention №2106752, CL H 04 L 9/00).

In the known methods the data encryption is performed by generating the encryption key, generating a pseudo-random sequence of binary symbols and unit conversion data flow, including the addition of characters modulo two operations substitutions and permutations of the symbols in the data blocks.

However, known methods analogous to stream data encryption have a small performance as to ensure the statistical uniformity of the characters of cipher text is used to 32 revealed way flow of data encryption is the way, represented in the US standard (DES[1] pages 126-127 and in [3] pages 50-51).

Prototype method includes forming the encryption key as a binary vector of length n bits, submitting it to the initial filling of the shift register with feedback having n bits and generating a pseudorandom sequence of maximal length, containing 2n-1 binary symbols, generating a pseudorandom sequence of symbols, a data flow transformation by adding modulo two characters of the source text with symbols of pseudo-random sequence and transmitting the encrypted message over the connection to another network user.

However, the prototype method has a drawback. Despite the fact that the cipher is based on the addition of a stream of pseudo-random bits with bits of the original text in module 2 is, in General, theoretically unrecognizable (see [2], page 128), the cryptosystem is not persistent and may be disclosed. If the structure of the shift register having n bits, known, to find the initial state of the shift register, it is necessary to know n symbols known plaintext, which are summed modulo 2 with the corresponding n characters of text. The n FIC. Simulating the operation of the shift register in the reverse direction, it is possible to determine its original state, and therefore the keys used by the network users with the encryption-decryption information.

If the structure of the shift register having n-bits is unknown, it is enough 2n symbols known plaintext and corresponding 2n characters of cipher text, to relatively quickly (within a few seconds the computer) to determine the state of the shift register and used to compute the keys (see, for example, [4] p. 93). And this leads not only to reduce the resistance of the cipher to attacks based on known and selected original texts, but also to considerable complication of the procedure of forming the encryption key-decryption in the computer network, as simulaci can be used only once and at the next session should be defined in a new way.

The invention aims to increase the resistance of the cipher to attacks based on known and selected source.

This is achieved by the known method of encryption of the data stream, which consists in forming the encryption key as a binary vector, dline is that pseudo-random sequence of maximal length, contains 2n-1 character, the formation of a pseudo-random sequence of symbols, converting the data stream using a pseudo-random sequence of characters in the encrypted message and sending it on the wire, according to the invention optionally form one or more pseudo-random sequences, all pseudo-random sequence is formed as a pseudo-random sequence of characters of a finite fieldpwith characteristic p=257 in the form of binary vectors of length 8 bits by removing information from eight different bits of the register, shift and replace symbols "0" characters "256", break the data stream into blocks in the form of binary vectors of length 8 bits and in turn transform blocks by using pseudo-random sequences, finite fields and linear or nonlinear cryptographic transformations, including the operations of addition, multiplication or exponentiation of symbols in a finite field Fp.

Listed set of essential features eliminates the possibility of determining the encryption key-decryption by using the method of cryptanalysis with known plaintext and increases evolucin sequence of characters in the form of binary vectors of length 8 bits are pseudorandom sequence of symbols {0, 1, 2, ..., 255} of a finite field F257have the same period N=2n-1, as a pseudo-random sequence of binary numbers and provide statistical uniformity of the used symbols. When replacing the symbols of "0" characters "256" produces pseudo-random sequences of characters of the multiplicative group of a finite field F257{1, 2, ..., 255}. This allows field F257various functions to encrypt the characters of the source textincluding the addition of characters modulo p, the multiplication symbol modulo p, the construction of characters in the degree modulo p and their various combinations in contrast to field F2in which to encrypt a single binary symbol in the source text is the addition modulo two is the only way to build reversible encryption.

Since one of the shift register may appear several pseudo-random sequences of characters of a finite field {x, ..., y}, each of which will be cyclically shifted relative to the other pseudorandom sequences can be implemented both linear and nonlinear cryptographic transformation using the R symbolsfinite field Fp

x+y(mod p),x+y(mod p),xy=(mod p), ...,.

As symbols of pseudo-random sequences x and y are elements of the multiplicative group of a finite fieldpyou can be computed reciprocal

x-1xp-2(mod p), y-1yp-2(mod p), ...

and paired elements

x*=p-x, y*=p-y, ...

to implement cryptographic transformation to decrypt characters of text

(+y*)x-1(mod p), (+y*)x-1(mod p),

(y-1x-1(mod p), ...

Choice as the characteristic of a finite field p=257 due to the fact that for playback of multimedia data modern evolucin sequence of characters of a finite field Fpremoved from eight bits of the shift register, it does not play one character of a finite field Fpbecause the maximum number represented by 8 binary bits is 255, so remove the pseudo-random sequences are pseudo-random sequences of maximum length in a finite field Fpand represent nonlinear pseudorandom sequence. The total number of possible pseudo-random sequences of characters of a finite field will be determined by the number of possible combinations of the eight bits of the shift register, which can act information, and the number of permutations within the same combinations, each of which determines the order of reading of the information and to the shift register consisting of n=256 bits, the number of different pseudo-random sequences of characters of a finite field F257will be Q=8!while for the field F2from whatever point of the shift register did not remove the information, a pseudo-random sequence of binary numbers will only be cyclically shifted relative to the other pseudo-random sequences of binary numbers, taken from other bits of registrandote characters of a finite field F257then, in the presence of arbitrarily original characters and the characters of cipher text, may identify symbols of pseudo-random sequences, so as to determine the number of equations will always be two times less than the number of unknowns. This provides the cipher strength to attacks based on known and selected source, as the opening state of the shift register in this case can only be achieved through a total enumeration of the entire set of possible States of the shift register. Because the U.S. standard data encryption DES involves the use of a shift register with 128bit encryption (key length 128 bits), the cardinality of the set of possible States of the shift register will be 1038. If the opening state of the shift register will be implemented using a computer having a clock frequency of 10 GHz, the number of operations performed by the computer during the year will be 3 to 1019and time of opening is 1018years.

In accordance with the Russian standard GOST-89 for the shift register, has 256 bits (256-bit key length), the time of opening state of the shift register will be 1057years.

Vossozdavaya sherloch can be done by entering password from the keyboard or from the magnetic media in a pseudo-random number generator, receiving the output shiploc the required size (see, for example, [5] pages 87-89).

The formation of pseudo-random sequences of maximum length, containing 2n-1 character, can be done by using a linear shift register having n bits, the feedback of which is determined by referring to the selected primitive polynomial of degree n. Finding primitive polynomials of degree n is given in [4] on pages 74-75.

The formation of pseudo-random sequences of characters of a finite field F257in the form of binary vectors of length 8 bits can be done by removing information from eight different bits of the shift register, the rooms, which are determined by the value entered sherloch K. for Example, by defining the parent element

L0=K(mod q), if 10<2, 10=2,

and the numbers of discharge of the shift register according to the formula

11=10, lil0li-1(mod q), i=

The value of q is selected from the primes and to the shift register, has 256 bits, q=257, for a shift register having 128 bits, q=127. In this case, due to the exponentiation of the parent number 10we will move from addelementwill be different. In pseudo-random sequences x and y are binary vectors are replacing characters "0" to "256".

The formation of pseudo-random sequences of characters of a finite field Fpyou can also type "compression generator" by removing information from eight bits of the shift register and skip those stages of the shift register, for which at least one of the pseudo-random sequence is present the symbol "0".

Converting the data stream into an encrypted message can be done by splitting the original data into blocks as symbolsbinary vectors of length 8 bits, computations in a finite fieldp(p=257) values ofencrypted text in accordance with the selected encryption function, for examplex+y=(mod p), the conversion resultin a binary vector and send it through the communication line.

Can be used three variants of the formation of pseudo-random sequences of characters of a finite field as binary vectors.

1. The elements of one of the selected and generated pseudoelement ynfor additional pseudo-random sequence z, the elements of which at each stage of the shift register are defined as child elements of the field Fp: zzyn(mod p)

If the calculation process at some the first stage of the shift register will be that z=1, then in this case you will have a generating element of ynfield Fp. At the same time as a new generating element of ynaccepted element formed at this stage of the shift register selected pseudo-random sequence y characters of a finite field Fp, yn=y, if y<2, yn=2. Generated additional pseudo-random sequence of a finite field z is used with a cryptographic transformation when converting the data stream into an encrypted message, for example:

x+y+z=(mod p) orx+z=(mod p)

As an additional pseudo-random sequence of a finite field elements are formed by exponentiation of a generating element of ynwith the order k, the Kolka-generating elements of yncan be of different order in the finite field Fpchanges generating elements will be implemented by a pseudo-random law. This provides the statistical uniformity of the characters of the ciphertext on the interval equal to p-1 cycles of operation of the shift register, which excludes the application of statistical methods in cryptanalysis to determine the state of the shift register.

2. Change the number of bits of the shift register from which information is collected for one of the pseudo-random sequences of characters of a finite field in accordance with the change of the generating element additional pseudo-random sequence

l0=yn, li=ynli-1(mod q)

3. Change the order of reading data for one of the generated pseudo-random sequences of characters of a finite field in accordance with a change in the destructive element, an additional pseudo-random sequence of characters, for example, using ratios

li=lk,

ki+yn(mod 8),

The formation of pseudo-random sequences of characters of a finite field under item 1, 2 and 3 increases by a small length.

The proposed method can be implemented by computer or device. In Fig.1 shows a block diagram of the device, where

unit 1 - forming device encryption key;

unit 2 - the shift register;

block 3 - encrypting device;

unit 4 - transmitting device.

For ease of description of the operation of the device will use small numbers. We assume that the shift register is 6 bits (the key length is 6 bits), and the entire alphabet of the source text contains 16 characters, then to send a single character can be used a binary vector of length 4 bits, and, as the characteristic of a finite field Fpcan be selected number p=17.

To define the structure of the shift register, choose a primitive polynomial of the sixth degree, for example6+5+1.

For the selected primitive polynomial structural diagram of the shift register with feedback will be of the form shown in Fig.2, where the blocks 5-10 - bits 1-6 of the shift register and the block 11 is modulo two.

Formed in the block 1 of Fig.1 using a random number generator, an encryption key length of 6 bits

<6,5,I=0,2=0,3=0,4=1,5=1,6=1;

enters the shift register and is used for initial filling of bits of the shift register. Binary characters 5 and 6 of the discharge of the shift register receives at each stage to the input of the adder 11 modulo two, and from the output of the modulo two charactersproceed to input the first digit of the shift register (block 5, Fig.2). When this status bits for each measure in the process of the shift register are determined by the expression

I=i-1for1=

and presented in the table.

If characters will be removed from the sixth discharge6the shift register (block 10, Fig.2), the binary pseudo-random sequence, the maximum period will be of the form {1110000010000110001010011110100011100100101101110110011010101111}.

Note that the period of this sequence is any non-zero set of six digits 0 and 1 occurs only once.

If the binary number will reduce the<1,2,3,4> will associate a binary vector (number) x=1+22+223+234the sequence of binary numbers in the process of the register can be viewed as a sequence of x numbers of characters) {0, 1, 2, ..., 15}

x={8, 0, 0, 1, 2, 4, 8, 0, 1, 3, 6, 12, 8, 1, 2, 5, 10, 4, 9, 3, 7, 15, 14, 13, 10, 4, 8, 1, 3, 7, 14, 12, 9, 2, 4, 9, 2, 5, 11, 6, 13, 11, 7, 14, 13, 11, 6, 12, 9, 3, 6, 13, 10, 5, 10, 5, 11, 7, 15, 15, 15, 14, 12, ...}.

If the binary number will be removed simultaneously with 1, 2, 5, 6 class, the shift register (blocks 5, 6, 9, 10, Fig.2) and at each stage of the shift register with a set of <6,5,2,1> will match the number in the form y=6+25+222+231the sequence of binary numbers in the process of the shift register can be viewed as a sequence of characters

y{0, 1, 2, ..., 15} Analysis of the generated sequences x and y shows that the interval corresponding to a period equal to 63 cycles of operation of the shift register, each of the symbols {1, 2, ..., 15} occurs exactly four times. The symbol for zero in both sequences, occurs exactly three times, and the sequence x and y can be derived from each other, the cyclic shift. In the sequences x and y there are no hidden periodicity and provides statistical uniformity of the characters used. As one of the symbols of pseudo-random sequences of a finite field F17does not play, the symbol "0" in both sequences is replaced by the symbol "16".

In addition to the pseudo-random sequences x, y of a finite field Fptable 1 presents the formation of an additional pseudo-random sequence z by using as generating elements of character pseudo-random sequence y, and the formation of pseudo-random sequences of characters of a finite field v by changing the order of reading information for a pseudo-random sequence of characters of a finite field x in soutetsu pseudo-random sequence of characters of a finite field x and y as binary vectors received in the encryption device 3 (Fig.1), where converts the incoming data stream in an encrypted message by using pseudo-random sequences x and y of a finite field F17in accordance with the selected cryptographic transform in a finite field F17for example

Sources of information

1. Russian encryption standard the standard of the USSR GOST 28147-89 System of information processing. The cryptographic protection. The cryptographic transformation.

2. C. Mattek. Protection mechanisms in computer networks, M., 1993,

3. C. I. Nechaev. Elements of cryptography. Fundamentals of theory of information security. - M.: Higher school, 1999

4. B. N. Voronkov, V. I., Tupot. Methodological guide for the development of the protection of information in computer networks. Voronezh: Voronezh state University, 2000.

5. E. F. Bickell, E. M. Odlyzko. Cryptanalysis: a Survey of the latest results // TIIER, 1988, so-16, No. 5.

Claims

1. The way of the stream data encryption, which consists in forming the encryption key as a binary vector, submission binary vectorette binary symbols, converting the data stream into an encrypted message and send it through the communication line, wherein the pseudo-random sequence of binary symbols is formed as a pseudo-random sequence of characters of a finite field Fp with characteristic p=257 in the form of binary vectors of length 8 bits by removing information from eight different bits of the shift register, the number of which is determined by the value of the input encryption key, and the total number of possible pseudo-random sequences, finite fields define the number of possible combinations of the eight bits of the shift register, from which are removed the information, and the number of permutations within the same combination, skip the cycles of operation of the shift register, in which at least one of the generated pseudo-random sequences of characters of a finite field Fp is the symbol 0, the data flow transformation in the encrypted message is carried out by splitting the stream of source data into blocks in the form of binary vectors of length 8 bits and in turn transform the blocks into a binary vector by using pseudo-random sequences of characters of a finite field Fp in accordance with the selected linear or nonlinear cryptographics field Fp.

2. The method according to p. 1, characterized in that the characters of one of the generated pseudo-random sequences of a finite field is used as a generating elements for forming an additional pseudo-random sequence of characters that, at each stage of the shift is defined as generated by the elements of the finite field Fp.

3. The method according to p. 2, characterized in that the change of the number of bits of the shift register from which information is collected for one of the generated pseudo-random sequences of characters of a finite field Fp in accordance with the change of the generating element additional pseudo-random sequence.

4. The method according to p. 2, characterized in that changing the order of reading data for one of the generated pseudo-random sequence of characters in accordance with the change of the generating element additional pseudo-random sequence.

 

Same patents:
The invention relates to computing and can be used in automated systems for the provision of Internet services

The invention relates to a device for mutual authentication of two blocks of data

The invention relates to radio communications, in particular to the transmission of data in the system of the IMT 2000

The encoding device // 2231229
The invention relates to radio engineering

The invention relates to the field of radio communications and computer engineering and can be used to transfer information to the computer network radio

The invention relates to the field of telecommunications and computing, and more particularly to the field of cryptographic transformation of data

The invention relates to the field of telecommunications and computing, and more particularly to the field of cryptographic transformation of data

The invention relates to the field of telecommunications and computing, and more particularly to the field of cryptographic methods to protect information transmitted over telecommunication networks

The invention relates to the field of telecommunications and computing, and more particularly to the field of cryptographic methods to protect information transmitted over telecommunication networks

The invention relates to the field of telecommunications and computing, and more particularly to the field of cryptographic methods and devices for protecting information transmitted over telecommunication networks

The invention relates to the field of telecommunications and computing, and more particularly to the field of cryptographic devices for data encryption

The invention relates to telecommunications and computing, and more particularly to cryptographic methods for data encryption

The invention relates to telecommunications and computing, and more particularly to cryptographic methods for data encryption

The invention relates to the field of telecommunications and computing, and more particularly to the field of cryptographic methods for data encryption

The invention relates to communication technology, to a method of encoding speech signals.2 object of the invention is to reduce the probability of decoding speech signals outside observer, simplifying the hardware implementation of the device while increasing its function to carry out the proposed method of encoding speech signals

FIELD: radio engineering.

SUBSTANCE: signal is divided on time intervals, and transfer of time intervals is performed along several data channels, while each time interval is transferred along separate channel, selected randomly.

EFFECT: higher efficiency.

7 dwg

FIELD: communications engineering.

SUBSTANCE: proposed method includes signal division into time intervals, utterance of subscriber whose voice signal is to be encoded being recorded in advance; transmission of these intervals over different communication channels chosen from preset law; filling of spaces between them in each channel with background produced from recorded utterance by dividing it into time intervals of same length and interchanging obeying random law.

EFFECT: enhanced degree of transferred signal protection against unwanted persons.

1 cl, 8 dwg

Up!