RussianPatents.com

System and method for three-phase information encryption
System and method for three-phase information encryption
IPC classes for russian patent System and method for three-phase information encryption (RU 2376712):

H04L9/30 - Public key, i.e. encryption algorithm being computationally infeasible to invert and users' encryption keys not requiring secrecy
Another patents in same IPC classes:
Method for generation and authentication of electronic digital signature that verifies electronic document Method for generation and authentication of electronic digital signature that verifies electronic document / 2356172
Invention is related to the field of telecommunications, namely to the field of cryptographic devices and methods for verification of electronic digital signature (EDS). Method for generation and verification of EDS includes the following sequence of actions: elliptical curve is generated in the form of combination of points, every of which is set by two multidigit binary numbers (MBN), n>2 private keys are generated in the form of MBN k1, k2, …, kn, private keys are used to generate n open keys in the form of points P1, P2, …, Pn of elliptic curve, electronic document is received, being represented MBN H, depending on received electronic document and on value of private key EDS Q is generated in the form of two or more MBN, collective private key is generated in the form of P point in elliptic curve generated depending on points , where α1, α2, …, αm are natural numbers, 2≤m≤n, αj≤n and j=1, 2, …, m, the first A and second B verification MBN are generated, at that at least one of verification MBN is generated depending on collective open key P, MBN A and B are compared. If their parametres coincide, conclusion is made on authenticity of electronic digital signature.
Method for generation of encryption key Method for generation of encryption key / 2286022
At information receiver side, open encryption key is generated in form of two multi-bit binary numbers p and α. First multi-bit binary number is selected so that Eiler function φ(p) contains at least one simple multiplier γ in form of ξ-bit binary number. Second multi-bit binary number α is calculated from formula α=βφ(p)/γmod p. Then open encryption key is transferred to information sender, where image of encryption key is formed R=[αWmodp]tmodp, where t≥2 - coefficient, previously given by information sender and information receiver, and W - randomly generated multi-bit binary number. After that image of encryption key is transferred to information receiver, where encryption key is calculated from formula K=RZmodp, where Z=tγ-2modγ. Also proven is that when using the invention, amount of encryption key computation is reduced 4-16 times.
Method for checking authenticity of electronic digital signature, verifying an electronic document Method for checking authenticity of electronic digital signature, verifying an electronic document / 2280896
Method for checking electronic digital signature contains actions in following order: receipt of electronic document in form of multi-bit binary number H, open key in form of first g-bit and second f-bit binary number n and α and electronic digital signature in form of multi-bit binary number S; generation of checking multi-bit binary number B by involution of electronic digital signature to power H by module n; comparison of binary numbers B and α. In case of match, deduction about authenticity of electronic digital signature is done.
Method and device for storage and reproduction of cryptographic secret key Method and device for storage and reproduction of cryptographic secret key / 2279766
Device for reproduction of secret key of cryptographic system contains: processor, volume of energy-independent memory, operatively connected to aforementioned processor, and a set of parameters for secret key, stored in aforementioned volume of energy independent memory with utilization of lesser memory volume, than for full set of parameters, using Chinese theorem about remainder {p,q,dp,dq,v}, and providing greater efficiency of computations, then minimal set of parameters {p,q}, while secret key may be reproduced from aforementioned stored set of parameters of secret key.
Portable data carrier with protection from unsanctioned access, provided due to separation of key on several portions Portable data carrier with protection from unsanctioned access, provided due to separation of key on several portions / 2251218
Data carrier is made in such a way, that for important data protection operations confidential data stored in chip memory or formed by it are separated on at least three portions, also provided is processor for calculation of random number and for dividing confidential data on such random number, while first portion of data is an integer result of such division, and third portion of data is the actual random number.
Portable data carrier with protection from unsanctioned access, provided due to separation of key on several portions Portable data carrier with protection from unsanctioned access, provided due to separation of key on several portions / 2251218
Data carrier is made in such a way, that for important data protection operations confidential data stored in chip memory or formed by it are separated on at least three portions, also provided is processor for calculation of random number and for dividing confidential data on such random number, while first portion of data is an integer result of such division, and third portion of data is the actual random number.
Method and device for storage and reproduction of cryptographic secret key Method and device for storage and reproduction of cryptographic secret key / 2279766
Device for reproduction of secret key of cryptographic system contains: processor, volume of energy-independent memory, operatively connected to aforementioned processor, and a set of parameters for secret key, stored in aforementioned volume of energy independent memory with utilization of lesser memory volume, than for full set of parameters, using Chinese theorem about remainder {p,q,dp,dq,v}, and providing greater efficiency of computations, then minimal set of parameters {p,q}, while secret key may be reproduced from aforementioned stored set of parameters of secret key.
Method for checking authenticity of electronic digital signature, verifying an electronic document Method for checking authenticity of electronic digital signature, verifying an electronic document / 2280896
Method for checking electronic digital signature contains actions in following order: receipt of electronic document in form of multi-bit binary number H, open key in form of first g-bit and second f-bit binary number n and α and electronic digital signature in form of multi-bit binary number S; generation of checking multi-bit binary number B by involution of electronic digital signature to power H by module n; comparison of binary numbers B and α. In case of match, deduction about authenticity of electronic digital signature is done.
Method for generation of encryption key Method for generation of encryption key / 2286022
At information receiver side, open encryption key is generated in form of two multi-bit binary numbers p and α. First multi-bit binary number is selected so that Eiler function φ(p) contains at least one simple multiplier γ in form of ξ-bit binary number. Second multi-bit binary number α is calculated from formula α=βφ(p)/γmod p. Then open encryption key is transferred to information sender, where image of encryption key is formed R=[αWmodp]tmodp, where t≥2 - coefficient, previously given by information sender and information receiver, and W - randomly generated multi-bit binary number. After that image of encryption key is transferred to information receiver, where encryption key is calculated from formula K=RZmodp, where Z=tγ-2modγ. Also proven is that when using the invention, amount of encryption key computation is reduced 4-16 times.
Method for generation and authentication of electronic digital signature that verifies electronic document Method for generation and authentication of electronic digital signature that verifies electronic document / 2356172
Invention is related to the field of telecommunications, namely to the field of cryptographic devices and methods for verification of electronic digital signature (EDS). Method for generation and verification of EDS includes the following sequence of actions: elliptical curve is generated in the form of combination of points, every of which is set by two multidigit binary numbers (MBN), n>2 private keys are generated in the form of MBN k1, k2, …, kn, private keys are used to generate n open keys in the form of points P1, P2, …, Pn of elliptic curve, electronic document is received, being represented MBN H, depending on received electronic document and on value of private key EDS Q is generated in the form of two or more MBN, collective private key is generated in the form of P point in elliptic curve generated depending on points , where α1, α2, …, αm are natural numbers, 2≤m≤n, αj≤n and j=1, 2, …, m, the first A and second B verification MBN are generated, at that at least one of verification MBN is generated depending on collective open key P, MBN A and B are compared. If their parametres coincide, conclusion is made on authenticity of electronic digital signature.
System and method for three-phase information encryption System and method for three-phase information encryption / 2376712
Invention relates to communication engineering and is meant for ensuring confidentiality of messages sent over transmission lines. The method of encrypting and decrypting a message involves converting a message from a first form M to a second form M', its separation for further encryption in accordance with a separating code, scrambling the message for further encryption in accordance with a scrambling code, transmitting the message from the encryption device to a reception device, computation of the scrambling code and syntax analysis of the encrypted message for reverse conversion of the scrambling code and combining the messages, as well as converting the message from the second form M' to the first form M. The system for encrypting and decrypting a message comprises corresponding apparatus for three-phase message encryption, descrambling apparatus for computation of the scrambling code and syntax analysis of the encrypted massage for reverse conversion of the scrambling pattern, combination apparatus for computation of the separation code and syntax analysis of the encrypted message for combining the messages, as well as second apparatus for converting messages from the second form M' to the first form M.
Method and device to generate compressed rsa module Method and device to generate compressed rsa module / 2471300
In a method to generate multipliers of an RSA module N with a predetermined part Nh and a pre-undetermined part N1 the RSA module contains at least two multipliers, at the same time the method includes stages, at which the following is carried out: the first prime number p is generated in the range so that gcd(p-1,e)=1, where e is an open index and (n - n0) is a bit length of p; the value Nh is produced, which forms a part of N; the second prime number q is generated in the range so that gcd(q-1,e)=1; and N=Nh || N1, where N1=(pq)mod 2n-k; and representation of N at least compressed without losses is produced, which makes it possible to definitely restore N; at the same time q is randomly generated in a predetermined range depending on p and Nh so that pq is an RSA module, a part of which is Nh, which contains k bits and heads the RSA module, which is an n-bit module.
Identification-based data entity encryption for safe access thereof Identification-based data entity encryption for safe access thereof / 2505855
Method involves encrypting (103), using a symmetric encryption key (102), a data entity (100) to obtain an encrypted data entity (104), and encrypting (105), according to an identification information based encryption scheme with a data entity (100) identifier (101) and a master public key, said symmetric encryption key (102) to obtain an encrypted encryption key (106), granting a requesting party a decryption key (201) for decrypting the encryption key (106), where the decryption key is granted in response to a permit request, which includes a decryption key (201) to be issued to the requesting party, recording the granted decryption key (201) in a log book, and performing regular verification.
Methods and apparatus for authentication and identification using public key infrastructure in ip telephony environment Methods and apparatus for authentication and identification using public key infrastructure in ip telephony environment / 2506703
Invention relates to authentication methods and specifically to methods and an apparatus for authentication of subscribers in IP telephony networks. The technical result is achieved due to that the disclosed method for authentication through a user device when attempting to access an IP telephony network comprises steps of: obtaining one or more private keys of said user from secure memory associated with said user device; generating an integrity key and a ciphering key; encrypting said integrity key and said ciphering key using a session key; encrypting said session key with a public key of said IP telephony network; and providing said encrypted session key, encrypted integrity key and encrypted ciphering key to said IP telephony network for authentication using a public key infrastructure (PKI) coupled with an authentication and key agreement (AKA) mechanism.

FIELD: physics; communication.

SUBSTANCE: invention relates to communication engineering and is meant for ensuring confidentiality of messages sent over transmission lines. The method of encrypting and decrypting a message involves converting a message from a first form M to a second form M', its separation for further encryption in accordance with a separating code, scrambling the message for further encryption in accordance with a scrambling code, transmitting the message from the encryption device to a reception device, computation of the scrambling code and syntax analysis of the encrypted message for reverse conversion of the scrambling code and combining the messages, as well as converting the message from the second form M' to the first form M. The system for encrypting and decrypting a message comprises corresponding apparatus for three-phase message encryption, descrambling apparatus for computation of the scrambling code and syntax analysis of the encrypted massage for reverse conversion of the scrambling pattern, combination apparatus for computation of the separation code and syntax analysis of the encrypted message for combining the messages, as well as second apparatus for converting messages from the second form M' to the first form M.

EFFECT: protection of incoming messages and preventing interception and decryption by unauthorised parties.

40 cl, 9 dwg

 

Background of invention

[0001] With the proliferation of communication networks, and in particular communication networks which are fully or partially through the wireless environment, information security is becoming more and more urgent. Wireless communication technologies are relatively new compared with network technologies implemented on the wire. Essentially, modern security methods for wireless networks have been developed based on the methods created for and used in wired networks. For example, one way of securing your network, whether wired or wireless, is the encryption of messages. This slows the understanding of the message unauthorized party attempting to put the network at risk. Modern methods of encryption satisfactory for direct wired network lines that do not include any intermediate wireless parts. To jeopardize encrypted transmission, the attacker usually has to listen to multiple input messages in order to open the encryption algorithm. For example, to obtain external party access to the input message via direct cable connection, the outside party can access the wire or to a server that is connected with him, and closely monitor flows and information until you can determine when one input message was received or sent by the server. Alternatively, a third party may try to gain access to information contained on the server, such as any secure (insured) a database stored on it. Once access is obtained, and sufficient information is collected, the opposing party can decrypt the information. Known methods of protecting information stored on the server, and the relative inaccessibility wired environments makes access and interrupt wired messages significantly hampered. However, when transmitting wireless communications wireless signals carrying messages are often transmitted in all directions, making them available for anyone who wants to listen to within range. Accordingly, the methods designed to protect the transmission on the server or through the transmission of messages from attack, are insufficient to protect the input messages coming at least partially over a wireless network, where the information may not be protected by the server and the wireless signal cannot be reliably isolated. When the input message is at least partially over a wireless network, anyone can try to interrupt the flow of information. This increases the likelihood that the al is orithm encryption is compromised the attacker.

[0002] In any of the input message using the wireless network, one of the main problems is the ability of outside parties to interrupt the message and decrypt it if it is encrypted to protect, to obtain personal and/or sensitive information, such as credit card numbers, Bank account numbers and non public safety. It is therefore desirable to protect the wireless input message, to prevent any side to interrupt and decrypt them.

BRIEF DESCRIPTION of drawings

[0003] Figure 1 is a diagram of a sequence of techniques of three-phase encryption and decryption in accordance with one variant of the invention;

[0004] Figure 2 is a sequence diagram of operations of a variant of phase conversion equipment three-phase encryption;

[0005] Figure 3A is a sequence diagram of operations of a variant of stage separation equipment three-phase encryption;

[0006] Figure 3b is a sequence diagram of the operations phase scrambling option techniques of three-phase encryption figure 3A;

[0007] Figure 4A is a sequence diagram of operations of another embodiment of a phase separation technique of three-phase encryption;

[0008] Figure 4b is a sequence diagram of the operations phase scrambling option techniques of three-phase encryption figure 4A;

[0009] Figure 5 - scheme is posledovatelnosti operations equipment three-phase decryption option techniques of three-phase encryption figures 3A and 3b;

[0010] Figure 6 is a sequence diagram of operations equipment three-phase decryption option techniques of three-phase encryption figures 4A and 4b;

[0011] Figure 7 is a block diagram of one variant of a cryptographic module and one option module decryption;

[0012] Figure 8A is a block diagram of an example of option techniques of three-phase encryption;

[0013] Figure 8b is a block diagram of an example technique of three-phase decryption options figure 8A; and

[0014] Figure 9 is a block diagram of an example of option techniques of three-phase encryption with an additional fourth phase.

DETAILED DESCRIPTION of DRAWINGS

[0015] Figure 1 is a precedence diagram 100 depicting one technique three-phase encryption and one version of the three-phase decryption. To be accepted, that any single device may perform the techniques of three-phase encryption technique three-phase decryption or a combination of both.

[0016] Generally, the disclosed technique of the three-phase encryption and decryption can be used to protect messages, taking place, at least partly via a wireless network. However, the expert will understand that the disclosed methods three-phase encryption and decryption can be used to transmit messages through a medium with a constant structure or any other type of communication environment.

[0017] the Technique of three-phase is about encryption is typically used by the transmitting device to encrypt the message before as it will be transmitted by the transmitting device to the receiving device. The sending device encrypts the message to prevent light interrupted external side of the message transmitted through the communication medium to the receiving device, and obtaining access to personal and/or sensitive information, such as credit card numbers, Bank account numbers and non public safety.

[0018] the three-phase decryption technique is commonly used receiver to decrypt the message after the receiving device receives from the transmitting device. The receiving device decrypts the message to obtain access to personal and/or sensitive information, such as credit card numbers, Bank account numbers and numbers of public security, which protects the technique of three-phase encryption.

[0019] In one embodiment, the sending/transmitting device that can encrypt, encrypt the message using the disclosed here, the three-phase encryption technique 102, and sends a message to the receiving device 110. It should be borne in mind that such messages can be bilateral, and that various devices may be capable of both sending and receiving. Accordingly, the designation of the sending device or the receiving device used here, especially the camping contextual, and sending the device for some messages may be receiving device to the other, and so the Sending device can include a personal computer; personal digital assistant; a server; workstation; an electronic device, such as a device with a built-in logic, such as washing machine/dryer, refrigerator, water treatment system or a gas stove that need to send or receive information over the network; or any other type of network device known in the art, or combinations thereof, including brick and mortar modified devices or, in other words, the device is designed for operation in the network. The receiving unit 111 receives the message and decrypts the encrypted message using the disclosed here three phase technique decryption 112. Like device encryption, the receiving device may include a personal computer; personal digital assistant; a server; workstation; an electronic device, for example a device with a built-in logic, such as washing machine/dryer, refrigerator, water treatment system or a gas stove that need to send or receive information over the network; or any other type of network device known in the art; or combinations thereof, including brick and mortar modified devices or, in other words, give the tion, designed for operation in the network.

[0020] the Wireless Protocol used to send encrypted messages 110 from the device encryption to the receiving device may include a wireless radio (Wi-Fi)compatible with the IEEE 802.11 standard, such as 802.11 (a), 802.11 (b) or 802.11 (g); radio transmission packet communication (GPRS), Bluetooth, satellite or cellular transmission; ultrawideband; WiMax; or any other type of wireless Protocol that uses radio-frequency, optical, or another medium, and may in addition include a combination of different wireless technologies in different parts of the network.

[0021] In action three-phase encryption technology 102 on the message that must be transmitted over the network, the content is converted from the first form M to the second form M' 104, typically using Prime factorization, in order to hide the original content of the message during transmission.

[0022] the Content of the message then divides 106, typically on a number of separate packages or many groups, as described in detail below, to ensure the heterogeneity of intervals in which the message content is transmitted, thus making it difficult to a third party listen to the transmission and decryption of the message content.

[0023] In one embodiment, to separate the content of the message is of, it is split so that part of the message content is distributed over many individual packages are separated by a given period of time during transmission. In another embodiment, to divide the contents of the message, unnecessary characters, such as spaces, insert the content, to distribute the contents of the message in multiple groups.

[0024] Finally, many individual packages or many groups, including the message content, scrambler according to a user-defined code 108, examples of this are described in detail below.

[0025] To decrypt messages that were encrypted using the above-described three-phase encryption technology 102, the three-phase encryption technique 102 will be transformed in the reverse direction 112. Usually to increase the security of the receiving device to recognize the necessary algorithms and variables in order to decrypt a message that was encrypted using the disclosed here, the three-phase encryption technique 102. However, in other embodiments, the necessary algorithms and variables for decrypting the message can be transmitted to the receiving device, but at the expense of compromising the security.

[0026] Initially, the contents of the message within many individual pulses or multiple groups decrypted 114 by obratno the conversion of user-defined code. Then many packages that include the contents of the message is converted back into a single message, or redundant symbols between the many factions 116 are removed, depending on the method that was used to split the original message. Typically, the method used to split the original message, indicated at the head of the message in the form of one - or two-digit number. Finally, the content of the message is converted from the second form M' in the first form M 118.

[0027] Figure 2 is a precedence diagram depicting one phase conversion of 200 three-phase encryption technology. As a rule, before the contents of the message is encrypted, an alphabetical syntax of the message content is converted into a numerical representation 202. For example, the letter "a" can be converted in order to quantify 01, b - 02, and so on. Alphabetical transformations may conform to the American Standard for Information interchange ("ASCII") or the Advanced standards for BCD coding, or can represent an arbitrary transformation. The transformation function alphabetical syntax in the numerical representation is widely known, and most programming languages includes a standard feature for this t the PA operation.

[0028] in order to convert the message content from the first form M to the second form M', the node encryption and node decryption transmitting device and/or receiver program using the first secret Prime number P, the second secret Prime number Q, a known encryption key E and private key encryption D. Additionally, the product of the first and second secret Prime number is defined as N.

[0029] To increase the security of the known encryption key should be relatively simple 206 in relation to the first and second secret simple numbers P, Q, so that:

GCD(E,(P-1)·(Q-1))=1

where GCD is the greatest common divisor or factor. As is known, two or more integers are relatively Prime if they share no common positive factors (divisors), except for number 1.

[0030] the Secret key D of the decryption is usually not explicitly known. The secret key D is used to decrypt decrypt any messages received receiver. After selecting the first secret Prime number P, the second secret Prime number Q and the known encryption key E, the secret key D encryption can be calculated by using the formula:

D∙E=1∙mod((P-1)∙(Q-1)).

[0031] using the product of the N first secret is simple the number P and the second secret Prime number Q and the known encryption key E, the content of the message is converted 208 from the first form M to the second form M' according to the formula:

M'=MEmod N.

You should note that to convert 208 from the first form M to the second form M' for the correct operation of the numerical value of N must be greater than the numerical value of the message content in the first form M

[0032] Figa and 4A are diagrams of sequences of phase separation of the three-phase encryption technology. Usually the content of a message is divided after the phase transformation, but in other embodiments, the message contents may be divided before the phase transformation.

[0033] In one embodiment, shown in figa, to separate message content the message content is broken 300 to distribute it to many individual packets 304. Usually to determine code division for multiple packets are selected third secret Prime number R and the second known the key To the encryption. The value of publicly-known key For encryption can be any ratio, such as 10, the size of the secret key encryption D or any other recommended value.

[0034] In one embodiment, the code separation can be a number of characters that the device encryption waits between different packages. However, in other embodiments, the user may retire to code division consistent with other values in relation to interest the shaft between different packages. Code division 302 is calculated according to the formula:

F(R)=R∙mod (K).

In some embodiments, code division may alternate between "R mod K" and "K-R mod K" or any other formula selected by the user.

[0035] In another embodiment, shown in figa to divide the contents of the message 400, it is divided by injecting the contents of the message 404 redundant symbols to distribute the contents of the message to multiple groups. Redundant symbols can be intervals or any other type of characters at the user's discretion. Code separation for a number of redundant symbols can be defined according to the same process as described above to determine the code separation in option figa. Usually choose the third secret Prime number R and the second known encryption key K. the Value of the second known encryption key K can be any ratio, such as 10, the size of the secret key encryption D or any other recommended value. Code separation can be calculated 402 according to the formula:

F(R)=R·mod(K).

In some embodiments, code division may alternate between "R mod K" and "K-R mod K" or any other formula selected by the user.

[0036] typically, after phase separation, 300, 400 remaining section of the message content scrambler 306, 406. However, in other embodiments, the order required the phase encryption techniques can be modified the contents of the message scrambler 306, 406 before phase separation 300, 400 or phase conversion of 200.

[0037] Fig.3b is a sequence diagram of operations for phase scrambling 306 three-phase method of data encryption option figa. As a rule, choose the fourth Prime number S and secret index J. the secret Value of the index J can be any integer, such as 10, one of the secret encryption keys or next secret integers. The fourth Prime number S and secret index J is used to calculate 308 scrambling code according to the formula:

G(S)=S∙mod(J).

[0038] In one embodiment, the scrambling code can imagine how many individual packages will be scrambled according to a predetermined method. For example, if the scrambling code is equal to the number 2, it can represent the operation of the scrambling that takes place on each other separate package. The scrambling operation may include the reversion of two numerical characters, adding constants to the numerical value of the message or any other function at the request of the user 310.

[0039] Fig.4b is a sequence diagram of operations for phase scrambling 406 of options figa. As described above for option figa and 3b, choose the fourth Prime number S and secret the index J. Prime number S and secret index J is used to calculate 408 scrambling code according to the formula:

G(S)=S∙mod(J).

[0040] Figure 5 is a block diagram of the decryption 500 encrypted messages generated under option figa and 3b. After the device encryption process the message through the three-phase techniques of encryption, the encrypted message can be sent to receiving device 502. After receiving the receiving device performs the inverse transform of the three-phase encryption technology to decrypt encrypted messages.

[0041] generally, the content of the messages within multiple separate packages descrambler 504 by a simple inverse transformation process described in fig.3b above. Typically, the receiving device will recognize the secret index J and the fourth Prime number S in order to calculate the scrambling code and analyze the encrypted message contents to carry out the inverse transformation scrambling 504.

[0042] After the phase diskriminirovaniya 504 a number of separate packages that include the message is converted back into a single message 506. Typically, the receiving device will recognize the third secret Prime number R and the second known encryption key K to compute the code separation and proanalizirovat message for the reverse process, described on figa 506 above.

[0043] After a number of separate packages into a single message 506, the contents of the message transform from the second form M' in the first form M 510. Typically, the receiving device will recognize publicly-known encryption key E and the first and second secret Prime numbers P, q. Using E, P and Q, the receiving device calculates 508 the secret decryption key D using the formula:

D·E=1·mod((P-1)·(Q-1)).

The receiving device then converts 510 contents message from the second form M' in the first form M according to the formula:

M=(M')D·mod(P·Q).

[0044] 6 is a block diagram of the decryption 600 encrypted messages received from the device encryption 602 in accordance with the option figa and 4b. As a rule, the content of messages distributed redundant symbols, descrambler 604 by a simple inverse transformation process described in fig.4b above. Typically, the receiving device will recognize the secret index J and the fourth Prime number S in order to ensure that the calculation of the scrambling code and analyze the message for the reverse scrambling process.

[0045] After the phase diskriminirovaniya 604 a number of separate packages that include the message, transform 606 ago in a single message. the AK rule, the receiving device will recognize the Prime number R and the second known encryption key K to be able to calculate the code split and parse the message for the inverse transform of the separation process described in figa above.

[0046] Once implemented reverse the formation of many individual packets 606 in a single message, the message contents transform 610 of the second form M' in the first form of M. typically, the receiver will recognize a known encryption key E, the first secret Prime number P and the second secret Prime number q. Using E, P and Q, the receiving device calculates 608 secret encryption key of D, using the formula:

D·E=1·mod((P-1)·(Q-I)).

The receiving device then converts 610 contents message from the second form M' in the first form M according to the formula:

M=(M')D·mod(P·Q).

As was the case with the order of the phases in the encryption process, the order of the phases in the process of decryption can be changed in the opposite direction in other embodiments.

[0047] Fig.7 is a block diagram showing one variant of the cryptography block 702 to encrypt a message using a three-phase techniques of encryption and one option unit decryption 704 for decrypting the message using a three-phase decryption techniques. Blocks of encryption and decryption 702, 704 mo the ut can be any type of hardware or software, capable of implementing methods of three-phase encryption and decryption. One device may include both the block cipher and the block decryption 702, 704 to provide two-way messages, or a single device may include either a block cipher or a block decryption 702, 704 to communicate in one direction.

[0048] the cryptography Block 702 generally includes an encryption processor 706, a storage device encryption 708 associated with the encryption processor 706, and a network interface encryption associated with the encryption processor 706, a storage device encryption 708 and communication network 712. Here, the phrase "associated with" means directly connected or indirectly connected through one or more intermediate nodes. Such intermediate nodes may include nodes, based on both hardware and software.

[0049] the encryption Processor 706 may be a standard Pentium processor, Intel processor, a custom processor; or any other type of hardware implemented processor or capable of current programming to perform the functions described above to convert the message content from the first form M to the second form M', separating the content of the message according to the code division and scrambling the contents of a message according to the code scrambler the cation. Typically, these functions will be implemented as logic programs stored in the storage device encryption 708 and implemented by the encryption processor 706.

[0050] the Storage device encryption 708 may be any type of storage devices such as a permanent storage device or a flash device, or may be any type of permanent or removed disk or drive. Network interface encryption 710 may be any type of network interfaces capable of transmitting messages over a wireless network, a hardware-based system, or any other type of communication environment.

[0051] similarly, the block decryption 704, as a rule, includes the decryption processor 714, a storage device decryption 71, b associated with the decryption processor 714, and a network interface decryption 718 associated with the decryption processor 714, a memory device decryption 716 and communication network 712.

[0052] the decryption Processor 714 may be a standard Pentium processor, Intel processor, a custom processor; or any other type of hardware implemented processor or capable of current programming to perform the functions described above decrypt the message content according to the scrambling code encryption, merge split with the actual content of the message according to the code, split, and convert the message content from the second form M' in the first form M Typically, these functions will be implemented as logic programs stored in the storage device decryption 716 and implemented by the decryption processor 714. Storage device decryption 716 may be any type of storage device, such as a persistent storage or a flash device, or may be any type of permanent or removed disk or drive.

[0053] the Storage device decryption 716 may be any type of storage device such as ROM or flash device, or may be any type of permanent or removed disk or drive. Network interface decryption 718 can be any type of network interface, capable of transmitting messages over a wireless network, hardware, network connection, or any other type of communication environment.

[0054] Figa and 8b is a flowchart showing an example of an encrypted message (figa) and then decrypted (fig.8b) using a variant of the technique of three-phase encryption information. As seen on figa, it is assumed that the message in the first form M has a value 23802. Further, it is accepted that the first secret Prime number has a value of 5, the second secret Prime number is 7, and the known encryption key E - 29. As explained above, the values of the first and second secret Prime numbers is a Prime number and f the th encryption key E - a relatively Prime number with respect to the first and second secret is simple numbers. In addition, the calculated product of the first and second Prime numbers, which is equal to 35, in response to the requirement that the product of the first and second Prime numbers greater than the magnitude of the message in the first form M

[0055] the Message is converted 804 from the first form M to the second form M', as described above, according to the formula:

M'=ME·mod(P·Q)

M'=(23)29·mod(35).

When performing phase transformation 804 value of the message in the first form M, equal to 23, is calculated as 18 in the second form M'.

[0056] After the phase transformation 804 executes the phase separation 806. In the example, the third secret is simple defined as 31, and the second known encryption key as 10. Code splitting is calculated 806, as described above, according to the formula:

F(R)=R·mod(K)

F(31)=31·mod(10),

obtaining a result equal to 1. In the example, the value 1 is defined as a single space, "00".

[0057] In a variant, where the message is split into packets 808, the value of 1 results in the message, separated from "18"to the value "1_ _8" with a single space between the individual packages.

Alternatively, in a variant, where excess space is placed between the many groups to spread the message 810, the message is divided from "18" to the value "1008" two redundant symbols defined as the space between multiple groups.

[0058] After phase separation 806 is calculated scrambling code 812. In the example, the fourth Prime number is defined as 17, and the secret index is defined as 15. Code scrambling is calculated according to the formula:

G(S)=S·mod(J)

G(17)=17·mod(15).

The result of the calculations is set to 2. In the example the value is set to 2, which means that every other package or group scribblenauts.

[0059] In the example, the scrambling group or package has been installed, it means that the constant 10 is added to the numerical value and two numerical symbol subjected to the inverse transformation. In the variant where the message is divided into different packages 808, the message "1_ _8" first changed to "1_ _18" and then on "1_ _81". Therefore, the value of message 23 is encrypted value "1_ _81".

[0060] In a variant, where excess space is placed between groups to spread the message 810, the message "1008" first changed to "10018" and then on "10081". Therefore, the value of message 23 is encrypted value 10081.

[0061] the Device encryption may then send the encrypted value 10081 on the receiving device 814. With reference to fig.8b, the receiving device receives this encrypted message 818 and may first decrypt the contents of the message 820. The receiving device must recognize that each group or packet, which is passed encrypted should have two numerical symbol, back transformed and added to the original message size 10. Additionally, the receiving device must recognize that the fourth Prime number is defined as 17, and the secret index is defined as 15 so as to be able to correctly calculate that the value of the scrambling code - 2, as described above.

[0062] In a variant, where the message is divided into separate packages 822, the message "1_ _81" first changed to "1_ _18" and then on "1_ _8" 820. In a variant, where excess space is placed between the many groups to spread the message 824, the message "10081" first changed to "10018" and then on "1008" 820.

[0063] After the decryption phase 820 receiving device puts the message back in the merged message 826. The receiving device must recognize that the third secret Prime number is defined as 31, and publicly-known index is defined as 10, so as to be able to correctly calculate code division 1 and to recognize that one period, or "00", was introduced between the groups or packages of content of the message.

[0064] In a variant, where the message is divided into separate packages 822, the message "1_ _8" is changed to "18". Further, in the variation where excess space is placed between the many groups to spread the message 824, the message "1008" is changed to "18".

[0065] Finally, the receiving device performs a phase transformation 830 to convert the message content from the second form M' back into the first form M Receiving device must recognize that the first secret Prime number is defined as 5, the second secret Prime number is defined as 7, and the well-known E the encryption key is defined as 29. Using these values, the receiving device calculates 828 secret decryption key D, as described above, according to the formula:

D·E=1·mod((P-1)·(Q-1))

D·29=1·mod(4·6),

resulting in obtaining the value of 5. Using secret D the decryption key, the receiving device 830 converts the message in the second form M' in the first form M according to the formula:

M=(M')D·mod(P·Q)

M=(18)s·mod(7·5).

In the formula above, 830 receives a value message in the first form M, equal to 23, the same as the size of the message in the first form, before the implementation process of the three-phase encryption.

[0066] the Device performing the three-phase encryption technique or three-phase decryption technique can also integrate additional phase in three-phase encryption technique or three-phase decryption technique. For example, as shown in Fig.9, in one embodiment, the device performing three-phase technique decryption figa could run fourth phase 916 scrambling about visiting the Batwa packages or multiple groups. Thus, any additional phase may be added to the three-phase encryption technique or three-phase decryption technique until you distort information to such an extent that this new phase will not be able to be accurately converted in the opposite direction.

[0067] Therefore, meant that the foregoing detailed description be regarded as illustrative rather than limiting and it is understood that the following claims, including all equivalents, are intended to define the nature and scope of this invention.

1. Encryption of the message, including converting the message content from the first form M to the second form M' as a function of the known code encryption E, the first secret Prime number P and the second secret Prime number Q, after converting the message content in the second form M' division of the converted message content to further encrypt the message content according to code division, which is a function of at least the third Prime number R and after converting the message content in the second form M' scrambling converted message content to further encrypt the message content according to the scrambling code, which is a function of at least the fourth secret is simple the Isla S.

2. The method according to claim 1, which comprises converting the message content of the literal syntax to a numeric representation.

3. The method according to claim 2, in which the contents of the message converted from literal syntax in numeric representation using a hash function.

4. The method according to claim 1, in which a known encryption key is relatively simple in relation to the first simple secret and the second secret Prime.

5. The method according to claim 4, in which the content of the message is converted from the first form M to the second form M' according to the formula: M'=MEmod(P·Q).

6. The method according to claim 1, in which the code separation to separate message content is a function of the third secret Prime numbers R and module K, according to the formula: F(R)=R*mod(K).

7. The method according to claim 6, in which phase separation of the content of the message according to the code division includes pulse converting the message content in a number of separate packages.

8. The method according to claim 6, in which phase separation of the content of the message according to the code division includes the introduction of redundant characters in the message content for content distribution of messages to multiple groups.

9. The method according to claim 8, in which the excess characters are spaces.

10. The method according to claim 1, in which the scrambling code is a function the secret of the index J and the above-mentioned fourth secret Prime numbers S according to the formula: G(S)=S·mod(J).

11. The method according to claim 1, which includes after converting the content of the message, parsing the message content, the scrambled content of the message and sending the encrypted message to the receiving device.

12. The method according to claim 11, which includes receiving an encrypted message to the receiving device, diskriminirovaniya message content, the structure is divided message content in a unified message and convert the message content from the second form M' back into the first form M

13. The method according to item 12, in which the phase diskriminirovaniya message content includes the calculation of the scrambling code for the message content using the fourth secret Prime numbers and classified index, parse the encrypted message and the inverse transform scrambling code.

14. The method according to item 12, in which the placement phase of the divided message content in the combined message includes the code of the division for the message content using the third secret Prime number R and the second known encryption key To parse and split messages for the inverse transform code separation.

15. The method according to item 12, in which the phase transformation of message content from the second form M' back into the first form M includes calculated the e secret decryption key D as a function of the known encryption key E, the first secret Prime number P and the second secret Prime number Q according to the formula:
D·E=1·mod((P-1)·(Q-1))
and calculated using the secret decryption key D to convert the message content in the second form M' back into the first form M according to the formula: M=(M')D·mod(P·Q).

16. The method of encryption and decryption of the message, including converting the message content from the first form M to the second form M' as a function of the known encryption key E, the first secret Prime number P and the second secret Prime number Q, after converting the message content in the second form M' division of the converted message content to further encrypt the message according to the code division, which is a function of the third secret Prime number R and the second known encryption key K, after converting the message content in the second form M' scrambling converted message content according to the scrambling code, scrambling code is a function of the fourth secret Prime numbers S and secret index J, the transmission of encrypted messages from the device encryption on the receiving device, the scrambling code and parse the encrypted message, for the inverse transform code scrambling, you shall Islena code split and parse the encrypted message content message in the combined message and convert the message content from the second form M' in the first form of M as a function the decryption key D, a first secret Prime number P and the second secret Prime number q.

17. The method according to clause 16, in which the work is first secret Prime number P and the second secret Prime number Q is greater than the numerical value of the message content in the first form M

18. The method according to 17, in which a known encryption key E is relatively Prime number with respect to the first secret Prime P and the second secret Prime q.

19. The method according to p, in which the contents of the message transform from the first form M to the second form M' according to the formula: M'=ME·mod(P·Q).

20. The method according to clause 16, in which code division calculated according to the formula:
F(R')=R·mod(K).

21. The method according to clause 16, in which the scrambling code is calculated according to the formula: G(S)=S·mod(J).

22. The method according to clause 16, in which the decryption key is calculated according to the formula: D·E=I·mod((P-1)·(Q-1)).

23. The method according to item 22, in which the contents of the message transform from the second form M' in the first form M according to the formula:
M=(M')D·mod(P·Q).

24. Encryption of the message, including the cryptography block that includes the first processor, the first storage device, coupled to the first processor and a first network interface associated with the communication network, the first processor and the first memory device, the logic conversion, save the ing in the first storage device and implemented by the first processor to convert the message content from the first form M to the second form M' as a function of the known encryption key E, the first secret Prime number P and a secret primes Q dividing logic stored in the first storage device and implemented by the first processor, which divides the contents of the message according to the code division for further encryption of the message content, after the content of the message is converted to the second form M', scrambling logic stored in the first storage device and implemented by the first processor, which scramblase the contents of the message according to the code scrambling for further encryption of the message content, after the content of the message is converted to the second form M' and communication logic stored in the first storage device and implemented by the first processor, which sends an encrypted message via the network connection.

25. The system of paragraph 24, in which the content of the message is converted from the first form M to the second form M' according to the formula: M'=MEmod(P·Q).

26. The system of paragraph 24, in which the code separation to separate message content is a function of the third secret Prime number R and the index according to the formula: F(R)=R·mod(K).

27. System p in which phase separation of the content of the message according to the code division includes pulse converting the message content in the plural is on the individual packages.

28. System p in which phase separation of the content of the message according to the code division includes the introduction of redundant characters in the message content for content distribution of messages to multiple groups.

29. The system of paragraph 24, in which the scrambling code is a secret function of the index J and the fourth secret Prime numbers S according to the formula: G(S)=S·mod(J).

30. The system of paragraph 24, which includes a block decryption, comprising a second processor, the second storage device, coupled to the second processor and a second network interface associated with the communication network by the second processor and the second storage device, the second communication logic stored in the second storage device and implemented by the second processor to receive encrypted messages over the communications network, the logic of diskriminirovaniya stored in the second storage device and implemented by the second processor to diskriminirovaniya message content, combining logic, stored in the second storage device and implemented by the second processor to separate message content in a unified message and the second transformation logic stored in the second storage device and implemented by the second processor to convert the message content from the second form M ago in the first form M

31. The system according to item 30, in which the second conversion logic computes the secret decryption key D, as a function of the known encryption key E, the first secret Prime number P and the second secret Prime number Q according to the formula:
D·E=1·mod((P-1)·(Q-1))
and calculated using secret decryption key D, converts the contents of the message in the second form M' back into the first form M according to the formula: M=(M')D·mod(P·Q).

32. Encryption and decryption of the message, including conversion tool to convert the message content from the first form M to the second form M' as a function of the known encryption key E, the first secret Prime number P and the second secret Prime number Q, means separation for separating the content of the message according to the code division for further encryption of the message content, the code separation is a function of the third secret Prime number R and the second known encryption key K, means scrambling for scrambling the contents of a message according to the code scrambling for further encryption of the message content, while scrambling code is a function of the fourth secret Prime numbers S and secret index J, tools diskriminirovaniya to calculate the scrambling code and syntax anal is for an encrypted message for the reverse combination of scrambling, the cost of the Association for computing code division and parse the encrypted message content messages in a unified message and the second conversion means for converting the message content from the second form M' in the first form of M as a function of the decryption key D, a first secret Prime number P and the second secret Prime number q.

33. Way to decrypt the message, including the encrypted messages, diskriminirovaniya content of a message that was encrypted on the basis of the code scrambling using a scrambling code, placement of a divided content of the message, which was encrypted on the basis of code separation in the merged message using the code separation and after scrambling the message content and content messages in a unified message, converting the message content from the second form M' back into the first form M on the basis of the encryption key E, the first secret Prime number P and the second secret Prime number q.

34. The method according to p in which diskriminirovaniya message content includes the calculation of the scrambling code for the message content using the fourth Prime number and a secret index and syntactic EN is Liz encrypted message and the inverse transform scrambling code, in which scrambling code is calculated by the formula: G(S)=S·mod(J).

35. The method according to p, in which allocation of the divided message content in the combined message includes the code of the division for the message content using the third Prime number R and the second known encryption key To parse and split the message content for the inverse transform code division where the code separation is calculated according to the formula: F(R)=R·mod(K).

36. The method according to p, in which the conversion of the message content from the second form M' back into the first form M enables calculation of the secret decryption key D as a function of the known encryption key E, the first secret Prime number P and the second secret Prime number Q and calculated using the secret decryption key D to convert the message content in the second form M' back into the first form M according to the formula: M=(M')D·mod(P·Q), in which the secret decryption key D is computed according to the formula: D·E=1·mod((P-1)·(Q-1)).

37. System decryption of the message, including the block decryption, comprising a processor, a storage device, coupled to the processor, and a network interface associated with the communication network, the processor and storage device, the logic of communication stored in the storage device is iste and sold by the processor to receive an encrypted message through the communication network, logic diskriminirovaniya stored in the storage device and implemented by the processor to diskriminirovaniya content of a message that was encrypted on the basis of the code scrambling code scrambling, unifying logic, stored in a storage device and implemented by the processor to separate the content of a message that was encrypted on the basis of a code division, United message using the code separation and transformation logic, stored in a storage device and implemented by the processor to convert the message content from the second form M' back into the first form M on the basis of the known encryption key E, the first secret Prime number P and a secret Prime numbers Q after the content of the message diskriminirovaniya and the content of the message is placed in the merged message.

38. The system of clause 37, in which the logic of diskriminirovaniya calculates the scrambling code for the message content using the fourth secret Prime numbers and classified index, performs the parsing of the encrypted message and the inverse transform code scrambling, in which the logic of diskriminirovaniya calculates the scrambling code according to the formula: G(S)=S·mod(J).

39. ICI the EMA on clause 37, in which the unifying logic of the code computes the division for the message content using the third secret Prime number R and the second known encryption key and performs the parsing of the divided message for reverse conversion code division, which combines the logic of the code computes the separation according to the formula: F(R)=R·mod(K).

40. The system of clause 37, in which the transformation logic computes the secret decryption key D as a function of the known encryption key E, the first secret Prime number P and the second secret Prime number Q, and uses the secret computed decryption key D to convert the message content in the second form M' back into the first form M according to the formula:
M=(M')D·mod(P·Q),
in which conversion logic computes the secret decryption key D according to the formula:
D*E=1·mod((P-1)·(Q-1)).

 
© 2013-2014 Russian business network RussianPatents.com - Special Russian commercial information project for world wide. Foreign filing in English.