# Device for the controlled conversion of binary data

The invention relates to telecommunications, and in particular to the field of cryptographic devices to protect information transmitted over telecommunication networks. The technical result is the provision of direct and inverse transform n-bit binary vector. The device consists of blocks managed conversion blocks fixed conversion and p blocks of the choice of conversion types. 4 C.p. f-crystals, 11 ill.

The invention relates to the field of telecommunications and computing technology, namely hardware cryptographic transformation of binary data, in particular, to protect information transmitted over telecommunication networks.

The known device for converting binary data. In the work of John C. Kam, George I. Davida "Structured design of Substitution-Permutation encryption networks" IEEE Transactions on computers, vol. c-28, Nr.10, October 1979, p.747-751, Fig.2 describes a device for the controlled conversion of binary data. The device consists of three blocks managed conversion (epmo) and two blocks of a fixed transform (FFT). Each BUP consists of three managed elements (RES) having 3-bit information inputs and outputs and the bit opravlyaushi is which in turn is connected to a 9-bit inputs BUP. The information input of the first BUP and the output of the third BUP are 9-bit information input and output device. The combination of the control inputs UE in each BUP is the Manager of the entrance. In turn, the control inputs of all BUP are 9-bit managing input devices.

However, the known device has the disadvantages of:

1. The relatively low encryption strength that is because after you enter the key transformation undertaken by each BUP, becomes fixed for many of the converted data blocks.

2. Low-tech manufacturing, due to the necessity of using BUP with different bit width information log when building devices with information input, the size of which corresponds to the typical size of the data blocks, namely equal to the natural powers of 2, i.e., equal to 2^{h}where h= 3, 4, 5,... .

It is also known a device for converting binary data Pat. Of the Russian Federation No. 2140715, IPC H 04 L 9/28, publ. 27.10.99. The known device consists of w2n-bit series-connected adders and at least one node permutations, which is made in the form of a managed node permutations. Information input in the where 1pw.

A disadvantage of the known device is relatively low conversion rate, due to the need to perform multiple rounds of transformation, because in each round will be converted only half of the data block.

The closest to the technical nature of the claimed is a device for the controlled conversion of binary data, described in the book: Moldovyan A. A., Moldovyan N. A., Guts N.D., Izotov B. C. Cryptography: speed ciphers. - SPb.: BHV-Petersburg, 2002, S. 174-176, Fig. 3.5.

The device prototype consists of S2 blocks managed conversion (BUP), S-1 blocks of the fixed transform (FFT) and is equipped with an n-bit, where n4, the information input and output and w-bit, where m4, the controlling input. Information n-bit output of the i-th, where i= 1,2,... , S-1, BUP is connected to the i-bit input of the i-th FFT, n-bit output of which is connected to the n-bit information input (i+1)-th BUP. Each i-th BUP equipped with m_{i}-bit managing input and n-bit information of the first input and the output of the S-th BUP are n-bit information line is encrypt or decrypt blocks of binary data.

However, the device prototype has the following disadvantage is the relatively high cost of the device that performs encryption and decryption, due to the fact that to perform mutually inverse cryptographic transformations require the use of two different devices, one of which performs a direct conversion, and the other corresponding inverse transform.

The aim of the invention is to develop a device for the controlled conversion of binary data having a lower cost due to advances in it the possibility of performing both direct and inverse transformation, i.e., combining in a single diagram the two device functions without significant complications, which, in turn, simplifies the construction of encryption devices.

This objective is achieved in that in the known device for the controlled conversion of binary data that contains S2 BUP, S-1 FFT and is equipped with an n-bit, where n4, the information input and output, and m-bits, where m4, the controlling input, n-bit information output of the i-th, where i= 1,2,... , S-1, BUP is connected to the n-bit input of the i-th FFT, n-sub>i-bit managing input and n-bit information of the first input and the output of the S-th BUP are n-bit information, respectively, input and output devices, inputs of p blocks of selecting the type of conversion (BWTP), where R=S/2 if S is even and R=(S-1)/2 if S is odd. Each j, where j= 1, 2,... ,p, BWTP provided with first and second m_{j}-bit control inputs, the first and second m_{j}-bit control outputs and a control input conversion type. The first and second m_{j}-bit control outputs of the j-th BWTP connected to m_{j}-bit control inputs, respectively, of the j-th and [(S+1)-j]-th BUP. If S is an even set of m_{j}bit of governors first and second inputs R BWTP are m-bit managing input devices, i.e.. For odd S this set includes optional m_{R+1}-bit control input (R+1)-th BUP, i.e.

The control inputs type conversion of all BWTP United and are the control input conversion type device. BUP with numbers i and (S+1-i), as well as FFT with numbers i and (S-i), made mutually reversible. Moreover, if S is even, S/2-th FFT and when S is odd, the cops (UE). Each UE is equipped with t-bit, 1=2, 3, the information input and output and w-bit, where w=1, 2, managing entrance. Aggregate information inputs, outputs and control inputs of all Z UE are respectively n-bit information input, output and m_{j}-bit managing input boop.

BWTP consists of m_{j}managed switches (UE). Each pack is supplied with first and second inputs, first and second outputs and control inputs are switching. The combination of the first and second inputs and first and second outputs of all managed switches is respectively the first and the second m_{j}-bit control inputs and first and second m_{j}-bit control outputs BWTP. The control inputs of the switching m_{j}managed switches are combined and the control input conversion type BWTP.

Each pack consists of first, second, third and fourth elements And the first and second elements OR. The first inputs of the first and second elements And the joint and are first input of the UE, and the first inputs of the third and fourth elements OR combined, and are the second entrance pack. The outputs of the first, second, third and fourth elements And connected storie inputs of the first, second, third and fourth elements And are combined and the control input of the switching pack. The outputs of the first and second elements is OR are, respectively, the first and second outputs of the pack. The first inputs of the second and third UE performed inverse.

Thanks to the new essential features and by introducing BWTP in the claimed device implements the direct and inverse transformation using the same device, thereby using a single device can be implemented both direct and inverse cryptographic transformation that reduces the cost and complexity of implementation devices cryptographic transformation of data.

The analysis of the prior art showed the lack of analogues characterized by the set of essential features that are identical to all features of the claimed technical solution, which indicates compliance of the device to the condition of patentability “novelty.”

Search results known solutions in this and related areas of technology showed the absence of aggregate distinctive features of the prototype characteristics of the claimed device, providing the same to the compliance of the device to the condition of patentability “inventive step”.

The claimed device is illustrated by drawings on which is shown:

- Fig.1 is a General block diagram of the device;

- Fig.2 - the option of constructing schemes BUP;

- Fig.3 - typical variants UE;

- Fig.4 is an electrical schematic UE S_{2/1};

-Fig.5 is an electrical schematic UE S_{2/2};

- Fig.6 is an electrical schematic UE S_{3/1};

- Fig.7 is a drawing explaining vzaimoobratima BUP (FFT);

- Fig.8 is a drawing explaining internally samoobrony BUP (FFT);

- Fig.9 is a diagram illustrating vzaimoobratima switching in two FFT;

- Fig.10 is a variant of the structural schema BWTP;

- Fig.11 is a variant of the structural scheme of the UE;

Device for the controlled conversion of the binary data shown in Fig.1, consists of S 1 BUP_{1}-1_{s}S-1 FFT 2_{1}-2_{s-1}and p BVTP 3_{1}-3_{p}where R=S/2 for even S and p=(S-1)/2 for odd S.

The number S BUP 1 and, respectively, 2 FFT is chosen based on a compromise accounting requirements device requirements of cryptographic conversion speed and complexity of implementation. However, the selected value of S must satisfy the condition S2. Each BUP 1 is supplied with n-bit information input X and output Y, where the value of n opredelaetsa managing input, where the value of m_{j}is determined by the bit width of the control vector. In turn, the choice of m_{j}and n must comply with the condition m_{j}_{}4 and n4. Each FFT 2 is also provided with n-bit input and output. Information n-bit output of the i-th BUP 1_{i}where i= 1,2,... , S-1, is connected to the n-bit input of the i-th FFT 2_{i}n-bit output of which is connected to the n-bit information input (i+1)-th BUP 1_{i+1}. Information n-bit input of the first BUP 1_{1}and the S-th 1 BUP_{s}are respectively n-bit information input and output device.

Each j, where j=1, 2,... , p, BVTP 3_{j}supplied with the first and second m_{j}-bit control inputs and first and second m_{j}-bit control outputs.

In addition, BVTP 3_{j}equipped with a single-bit control input conversion type. Moreover, the control inputs type conversion of all BVTP 3_{1}-3_{p}United are the control input conversion type device.

The bitness of m_{j}first and second control inputs, the first and second control outputs of the j-th BVTP 3_{j}equal. The first and second m_{j}-bit outputs of the j-way, the bitness of m_{j}the first and second control outputs of the j-th BVTP 3 equal razryadnom (m_{j}) the control inputs BUP 1 to which they are connected. For example, the bitness of m_{1}the first and second control outputs of the first the bucc 3_{1}equal to razryadnom (m_{1}and m_{s}respectively first 1_{1}and S-th 1_{s}BUP. The set of m_{j}-bit first and second control inputs R BVTP 3_{1}-3_{p}even when S is a m-bit managing input devices, i.e.

For odd S the set additionally includes m_{R+1}-bit control input (R+1)-th BUP 1_{p+1}, i.e.

In Fig.1 index x_{1}x_{2}, x_{3,}..._{}, x_{n}and I_{1},_{2},_{3},... , y_{n}the indicated bits of the n-bit information input X and output of the device. The digits in parentheses indicate the change of the type of conversion when the input is a block of binary data Y, and accordingly, the output - X.

It is shown in Fig.2 BUP 1 is designed to perform managed operating a lookup on incoming information input n-bit block of binary data in sboi of BUP 1, for example, the first 1_{1}includes Z_{1}_{}2 UE 1.1_{1}-1.1_{Z}. Each of the UE is equipped with t-bit (t=2, 3) of the information input and output and w-bit (w=1, 2) control input.

Aggregate information inputs, outputs and control inputs of all Z_{1}UE 1.1_{1}-1.1_{z1}are respectively n-bit information input, output and m_{1}-bit managing input BUP 1, i.e..

Each UE 1.1 is designed to perform elementary operations controlled operational substitution over low bit depth (t=2, 3) within a block of binary data using a low bit depth (w=1, 2) of the control vector.

In Fig.3 shows typical ways to build UE, denoted as S_{t/w}, (Fig.3A), where t is the bit of information input and output, w is the width of the control input.

Typical options are S UE_{3/1}(Fig.3b), S_{2/1}(Fig.3b) and S_{2/2}(Fig.3G), which perform elementary-managed lookup type 33 (S_{3/1}and 22 (S_{2/1}and S_{2/2}). All variants of the UE can be implemented in the form of simple combinational electronic circuits, some src="https://img.russianpatents.com/chr/8853.gif">denoted, respectively, logic gates and, OR, AND the operation of summing modulo 2.

So, in Fig.4 shows variations of electronic circuits that implement the lookup type 22, performed on a case of double-bit binary vector (x_{1}, x_{2}), depending on the current value of one of the control bits (w=1). Each bit of the output binary vector (u_{1},_{2}) is a Boolean function of three variables, i.e., y_{1}=f_{1}(x_{1}x_{2}, w) and y_{2}= f_{2}(x_{2}x_{2}w). In Fig.4 shows the Boolean functions describing the lookup using the schemes UE S_{2/1}(Fig.4A and Fig.4B).

In Fig.5 shows variations of electronic circuits that implement the lookup type 22, performed on a case of double-bit binary vector (x_{1}, x_{2}), depending on the four possible values in the case of double-bit control vector (w=2). For example, the version corresponding to the value of the control vector w=(1,1) is defined as the inversion of the two input bits (x_{1}, x_{2}- operation of inversion is indicated by the symbol. In this embodiment, UE each bit of the output binary vector (u_{1},_{2}) is Boolean is/sub>(x_{1}x_{2}, w_{1}, w_{2}).

In Fig.6 shows variations of electronic circuits that implement the lookup type 33, performed on trabeculum binary vector (x_{1}, x_{2}, x_{3}), depending on the current value of one of the control bits (w=1). Each bit of the output binary vector (u_{1},_{2},_{3}) is a Boolean function of four variables in_{1}=f_{1}(x_{1}, x_{2}, x_{3}, w), y_{2}=f_{2}(x_{1}, x_{2}, x_{3}, w), y_{3}=f_{3}(x_{1}, x_{2}, x_{3}, w).

Depending on the specific variant of circuit implementation of controlled operational substitutions of the three types of UE 1.1 can be chosen the most suitable one that will optimize the use of circuit resources for a given level of strength and speed conversion. In particular, in Fig.2 shows BUP 1, consisting of four UE 1.1_{1}-1.1_{4}, two of which are of type S_{2/2}and two S_{3/1}. Such BUP 1 implements a managed operating substitution over a 10-bit binary input vector (n=10) based on the 6-bit control vector (m_{j}=6).

FFT 2_{1}-2_{s}designed for vol is the mutation of the inputs and outputs of the i-th FFT 2 is carried out arbitrarily. In particular, in Fig.7 FFT 2_{i}the bits of the 8-bit input (n=8) x_{1}, x_{2}, x_{3},... , x_{8}rotated at the output in the following sequence x_{1}, x_{3}, x_{2}, x_{5}, x_{4}, x_{7}, x_{6}, x_{8}.

When choosing patterns and schemes for RES in BUP 1, and also when selecting the variations in FFT 2 must meet the requirements:

- BUP 1 i and (S+1-i), and FFT with 2 rooms and i (S-i) must be made mutually reversible;

- if S is even, S/2-th FFT 1 and when S is odd [(S+1)/2]-th BUP 2 must be completed internally samobytnymi.

Under mutually reversible understand a couple of BUP 1 or pair 2 FFT, which perform the inverse transformation: one of the blocks - the direct conversion of Y=F_{1}(X), the second block is the inverse transformation X=F^{-1}_{2}(Y). For example, if the input of the first block filed n-bit sequence of the digital data X (x_{1}x_{2},... , x_{n}and the result of the conversion at the output of the received n-bit sequence Y (y_{1},_{2}, ..., y_{n}), then fed to the input of the second block, vzaimoobratima in relation to the first, n-bit sequence Y (y_{1},_{2},... ,y_{n}on his exit after preob).

Internally Samoobrona BUP is 1 or 2 FFT, which implements the transformation, which is an involution: X=F(Y), if Y=F(X), i.e. F(F(X))=x (cm. Fig.8).

Internally Samoobrona BUP 1 if each UE 1.1 also provides a Converter, which is an involution. Schema UE 1.1 implementing such a transformation is known. In particular, in Fig.6 shows the UE 1.1 type S_{3}/_{3}translation, which is an involution.

Embodiment of vzaimoobratima FFT 2 shown in Fig.9 2_{i}and 2_{i+1}. Each of these FFT is also internally Samoobrona.

BWTP shown in Fig.9, is intended to select the conversion type, direct or reverse. When direct conversion of the input device n-bit binary vector X(x_{1}x_{2},... ,x_{n}the output is converted into an output n-bit binary vector Y(y_{1}, y_{2}, ..., y_{n}). During the reverse transformation to the input device serves n-bit binary input vector Y(y_{1}, y_{2},... ,y_{n}), which output is converted into an n-bit binary vector X(x_{1}, x_{2},... , x_{n}).

All BVTP 3 are identical, and each consists of m_{i}Pack 3.1_{1}-3.1_{j}and equipped with m_{j}bit the m control type conversion.

Each pack 3.1 is equipped with first and second inputs and first and second outputs, and control inputs are switching. Together the first and second inputs and first and second outputs of all UE 3.1_{1}-3.1_{j}are respectively m_{j}-bit first and second inputs and first and second outputs in BVTP 3. The control inputs switching all pack 3.1_{1}-3.1_{j}United are the control input conversion type BVTP 3. In each individual BWTP the bitness of the first and second control inputs and first and second control outputs are the same and equal to m_{j}. In the General case, the bitness of the control inputs and outputs in the j - and (j+1)-m BWTP may differ, i.e. Pets condition m_{j}_{}m_{j+1}.

Pack 3.1, shown in Fig.11, is designed to change its first and second inputs depending on the value of the bit received at its control input switching. All pack 3.1 is made the same and consist of the first 3.1.1_{1}second 3.1.1_{2}third 3.1.1_{3}and fourth 3.1.1_{4}elements And first and 3.1.2_{1}and second 3.1.2_{2}items OR. The second inputs of all four elements And 3.1.1_{1}-3.1.1_{4}United and are what made inverted. The first inputs of the first 3.1._{1}and second 3.1.1_{2}elements And combined and are the first entrance pack 3.1. The first inputs of the third 3.1.1_{3}and fourth 3.1.1_{4}elements And are combined and a second input UE 3.1. The outputs of the first 3.1.1_{1}second 3.1.1_{2}third 3.1.1_{3}and fourth 3.1.1_{4}elements And connected respectively to the first, the second inputs of the first element OR 3.1.2_{1}and the first, second inputs of the second element OR 3.1.2_{2}. The outputs of the first 3.1.2_{1}and second 3.1.2_{2}elements is OR are, respectively, the first and second outputs UE 3.1.

The claimed device operates as follows. When applying to the input n-bit binary vector X (direct conversion) sequentially in each of the epmo 1 and then connected to 2 FFT over him perform respectively controlled operational substitution and fixed permutation. The value of the respective bits of the n-bit vector at the output of a specific (e.g., first) BUP 11 is defined as a structure BUP (Z_{1}and types of UE 1.1), as well as the values of the corresponding bits of m_{1}-bit control vector. On the n-bit output of the FFT_{1}the provisions of rasra the moves and outputs FFT 2_{1}(see Fig.9). The number (i.e. the number of S) such cycles of transformation is chosen with respect to presented to the device requirements for strength and speed conversion. On the output values of the digits (_{1},_{2}, ..., y_{n}n-bit converted binary vector Y will be determined collectively held over him by the operations controlled operational substitutions (BUP 1_{1}-1_{s}and fixed permutations (FFT 2_{1}-2_{s-1}depending on the values of the m-bit control vector and at a certain bit value (for example, e=1) on the control input conversion type.

Performing the inverse transformation, i.e., obtaining at the output n-bit binary vector X, is achieved by the fact that the control input conversion type invert the bit value (the value e=1) is changed to f=0). The result of using managed switches 3.1 (Fig.11) in each block select conversion type 3 (Fig.10) is provided with the switching of the i-th_{i}-bit control vector for the input (S+1-i)-th BUP 1_{S+1-i}and (S+1-i)-th m_{S+1-i}th control vector at the input of the i-th BUP 1_{i}.

Effect of mutual reversibility of the i-th and (S+1-i)-th BUP in the i-1 BUP_{i}realizaron (S+1-i) implements the inverse operation is controlled substitution towards BUP with the i-th number.

If S is odd, the control vector applied to BUP number [(S+1)/2], remains unchanged and in force internal soobramoney this epmo process forward and reverse conversion happens automatically.

In FFT 2 the direct and the inverse transform is provided vzaimoobratima the switching circuits of inputs and outputs in FFT with numbers i and (S-i) (see Fig.9), and using S/2-th FFT when S is even with the inner soobramoney (see Fig.9).

Thus, the proposed device allows both direct (when e=1) and inverse (when e=0) transformation, making use of the same device for the controlled conversion can be performed as the data encryption and decryption, thereby simplifying the construction of the device cryptographic transformation. The proposed device for the controlled conversion can be used in high-speed encoders with high resistance and low complexity circuit implementation.

APPLICATION

INTERPRETATION of TERMS USED IN the DESCRIPTION of the APPLICATION

- cryptographic transformation is the conversion of digital information, which consists in changing the values of the many bits of output data is Finance: unilateral, halirous and encryption. The latter species, in turn, includes procedures for encryption and decryption;

encoding is the process of transforming information, which depends on the secret key, and converts the source text in the text (a cryptogram);

the decryption is the reverse process of the encoding procedure for the restoration of information on the cryptogram with knowledge of the secret key.

- one-way transformation is the conversion of n-bit input data block into an n-bit output data block, allowing to calculate the output unit data input block and makes impracticable the inverse problem;

- binary vector is a sequence of zero and single bits;

- the operand is a binary vector that is double or single operation;

single operation is an operation performed on one operand (data block or a binary vector); the value of the subblock after performing some given single operation only depends on its initial value; an example of single operations are operations of cyclic shift;

- managed operating substitution is a special case of single operaction, and consisting in the substitution depending on the control vector instead of the bits of the operand of some values (see Eremeev, M. A., Moldovyan N. A. Synthesis of hardware-oriented lookup on large vectors of length // Problems of information security. 2001, No. 4, S. 46-52);

- fixed permutation transformation, which consists in changing the order of elements (bits) in the original binary vector;

- vzaimoobratima cryptographic transformation - two cryptographic transformation, for which the condition: if the first (forward) transformation Y=F_{1}(X), then the second (reverse) transformation X=F^{-1}_{2}(Y), where X and Y are the original n-bit sequence of digital data respectively to the first and second conversions;

- involution - conversion operation which is inverse to itself, i.e., Samoobrona for which the condition X=F(Y), if Y=F(X). For the involution is the ratio F(F(X))=X;

- internally Samoobrona operation is an operation which is an involution.

Claims

1. Device for the controlled conversion of binary data that contains S2 blocks managed conversion, S-1 BL is input and output and the m-bit where m4, the controlling input, n-bit information output of the i-th, where i=1, 2,..., S-1, the unit managed conversion connected to the n-bit input of the i-th block of the fixed conversion of the n-bit output of which is connected to the n-bit information input (i+1)-th block of the managed transformation, each i-th block of the managed transformation is equipped with m_{i}-bit managing input and n-bit information of the first input and the output of the S-th blocks managed conversion are n-bit information input and output device, respectively, wherein the inputs of p blocks of selecting the type of conversion, where R=S/2 if S is even and R=(S-1)/2 if S is odd, for every j, where j=1, 2,..., p, block, select the type of conversion to be supplied with the first and second m_{j}-bit control inputs, the first and second m_{j}-bit control outputs and a control input conversion type, the first and second m_{j}-bit control outputs of the j-th block select the type of conversion to be connected to m_{j}-bit control inputs, respectively, of the j-th and [(S+1)-j]-th blocks managed conversion, and even if S population m_{j}-RA is representative of the input device, and when S is odd this collection includes advanced m_{p+1}-bit control input (p+1)-th block managed conversion, the control inputs type convert all units to select the type of conversion are combined and the control input conversion type device, the i-th and (S+1-i)-th blocks managed conversion and also the i-th and (S-1)-th blocks of the fixed conversion performed mutually reversible, with S even S/2-th block of the fixed conversion and when S is odd [(S+1)/2]St block managed conversions are performed internally samobytnymi.

2. The device under item 1, characterized in that each block is managed conversion consists of Z2 managed elements, each of which is provided with a t-bit information input and output and w-bit managing input and aggregate information inputs, outputs and control inputs of all Z managed elements are respectively n-bit information input, output and m_{j}-bit managing unit managed the conversion.

3. The device according to p. 2, characterized in that the width t of information input, output, and the width w of the control input boards the education consists of m_{j}managed switches, each of which is provided with first and second inputs, first and second outputs and control inputs are switching, and the first and second inputs and first and second outputs of the m_{j}managed switches are respectively the first and the second m_{j}-bit control inputs and first and second m_{j}-bit control output unit selecting the type of conversion, and the control inputs of the switching m_{j}managed switches are combined and the control input type unit conversion type conversion.

5. The device according to p. 4, characterized in that each managed switch consists of a first, second, third and fourth elements And the first and second elements OR, the first inputs of the first and second elements And are combined and the first input of the control switch, the first inputs of the third and fourth elements And are combined and the second input of the control switch, the outputs of the first and second elements And the outputs of the third and fourth elements And connected respectively to first and second inputs of the first element OR the first and second inputs of the second element OR the second inputs of the first, weeklysales, moreover, the outputs of the first and second elements is OR are, respectively, the first and second outputs of the controlled switch, and the first inputs of the second and third elements And inverse.

**Same patents:**