CN109787764B - Encryption method of secret key - Google Patents

Encryption method of secret key Download PDF

Info

Publication number
CN109787764B
CN109787764B CN201910227532.1A CN201910227532A CN109787764B CN 109787764 B CN109787764 B CN 109787764B CN 201910227532 A CN201910227532 A CN 201910227532A CN 109787764 B CN109787764 B CN 109787764B
Authority
CN
China
Prior art keywords
ciphertext
key
data
byte
bytes
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910227532.1A
Other languages
Chinese (zh)
Other versions
CN109787764A (en
Inventor
冯涛
刘元春
张炼
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sichuan Jiuzhou ATC Technology Co Ltd
Original Assignee
Sichuan Jiuzhou ATC Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sichuan Jiuzhou ATC Technology Co Ltd filed Critical Sichuan Jiuzhou ATC Technology Co Ltd
Priority to CN201910227532.1A priority Critical patent/CN109787764B/en
Publication of CN109787764A publication Critical patent/CN109787764A/en
Application granted granted Critical
Publication of CN109787764B publication Critical patent/CN109787764B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Mobile Radio Communication Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention relates to a method for encrypting a secret key, which specifically comprises the following steps: step 1: generating X sets of base keys K0, producing an integer A, dividing A by X and taking the remainderRemainder B, by which the base key K0 is selectedBEncrypting the transmission key K1 to generate a ciphertext Y1; step 2: selecting different encryption methods according to the parity of the first byte of the transmission key K1 to encrypt the operation key K2 to generate a ciphertext Y2; and step 3: carrying out XOR operation on the ciphertext Y1 and the ciphertext Y2 to obtain a ciphertext Y3; and 4, step 4: processing the integer A to obtain variable position data, selecting different assembly modes according to the parity of the position data, packaging the data, and finally obtaining a data packet to be transmitted to a key receiver; in the process of generating and encrypting the key, random disturbance data and a transmission key are added, and the positions of ciphertext data are discrete, so that the ciphertext decoding difficulty is increased.

Description

Encryption method of secret key
Technical Field
The invention relates to the technical field of communication encryption, in particular to a method for encrypting a secret key.
Background
With the rapid development of the internet, more and more people like to perform information communication activities (such as network payment, voice chat, information browsing and the like) on the internet, so how to ensure the security of information transmission is particularly important, and a good encryption method is needed to ensure the security of the information. The encryption method introduces how to encrypt and decrypt data, ensures information safety by encrypting the data, and reduces the risk of an enemy cracking the encrypted data.
The existing encryption methods are mainly divided into symmetric encryption and asymmetric encryption methods, and the prior art has the following defects:
1. the ciphertext transmitted by the existing encryption technology is useful data and has no data deception.
2. In the existing symmetric encryption algorithm, the ciphertext generated by encrypting the same data is the same. After intercepting the ciphertext, the enemy carries out rule statistics and ciphertext data analysis on the ciphertext data according to the plurality of ciphertext data, and decryption of the ciphertext data are easily completed, so that the risk of decryption of the ciphertext data is increased.
3. In the existing encryption technology, the distribution position of ciphertext data is fixed during key transmission, for example, data A is always distributed at a fixed position from 2 bytes to 32 bytes, and data B is always distributed at a fixed position from 36 bytes to 47 bytes, so that the ciphertext cracking probability is improved.
Disclosure of Invention
The technical problem to be solved by the invention is as follows: in view of the above existing problems, a method for encrypting a key is provided.
The technical scheme adopted by the invention is as follows:
a method for encrypting a key specifically comprises the following steps:
step 1: generating X sets of base keys K0, base keys K0 respectively0To the basic key K0X-1(ii) a Generating an integer A, dividing A by X to obtain a remainder B, and selecting the basic key K0 by the remainder BBEncrypting a transmission key K1 to generate a ciphertext Y1, wherein the transmission key K1 is a useless key generated by a random algorithm; the X group basic key K0 is stored in a key transmitter system and a key receiver system;
step 2: selecting different encryption methods according to the parity of the first byte K1-byte0 of the transmission key K1 to encrypt the operation key K2 to generate a ciphertext Y2, wherein the operation key K2 is generated by a key generator, and the operation key K2 is key data required by a key receiver;
and step 3: firstly, carrying out exclusive OR operation on the B-th byte to the M-1 th byte of the ciphertext Y1 to obtain an operation result Temp, and carrying out exclusive OR operation on the operation result Temp, the ciphertext Y1 and the ciphertext Y2 to obtain a ciphertext Y3; (ii) a The basic key K0 and the transmission key K1 are M bytes of data, and M > B;
and 4, step 4: the integer A is subjected to bit operation to obtain position data, different assembly modes are selected according to the parity of the position data, and finally data encapsulation is carried out to obtain a data packet to be transmitted to a key receiver.
Further, the X group of basic keys are stored in a key transmitter system and a key receiver system;
the integer a is generated by a random algorithm and is 4 bytes in length.
Further, M is 52.
Further, dividing the integer A by M for complementation to obtain a complementation result C;
Y1-BYTE(n)=(K0B-BYTE(0)⊕K0B-BYTE(1)⊕…K0B-BYTE (C) & ltenberg & gt K1-byte (n); the above-mentioned
N is more than or equal to 0 and less than or equal to M-1, and n is an integer which is sequentially taken from zero to M-1.
Further, the step 2 specifically includes:
step 21: a key generator of a key transmission party generates an operation key K2 according to the requirements of a system user, wherein the operation key K2 is data with M bytes, and the number of the bytes of a ciphertext Y2 is 2M;
step 22: if the first byte K1-byte0 of the transmission key K1 is an odd number, the ciphertext data of the operation key K2 sequentially correspond to the odd-number bytes of the ciphertext Y2 data, and the even-number bytes of the ciphertext Y2 are filled with random data;
if the first byte K1-byte0 of the transmission key K1 is an even number, the ciphertext data of the operation key K2 sequentially corresponds to the even-numbered bytes of the ciphertext Y2 data, and the odd-numbered bytes of the ciphertext Y2 are filled with random data.
Further, the specific method for generating the ciphertext Y2 by encrypting the transmission key K1 and the operation key K2 is as follows:
XOR operation is carried out on all odd-numbered bytes of transmission key K1 to obtain result PMagic cardThe result P is obtained by XOR operation of all even-numbered bytes of the transmission key K1Doll
When M is an even number:
Pmagic card=K1-byte 1⊕K1-byte 3⊕…….⊕K1-byte M-1;
PDoll=K1-byte 0⊕K1-byte 2⊕…….⊕K1-byte M-2;
When M is an odd number:
Pmagic card=K1-byte 1⊕K1-byte 3⊕…….⊕K1-byte M-2;
PDoll=K1-byte 0⊕K1-byte 2⊕…….⊕K1-byte M-1;
If the first byte K1-byte0 of the transmission key K1 is odd, each byte of the operation key K2 is associated with PMagic cardPerforming XOR operation to obtain encrypted ciphertext of each byte of the operation key K2, and sequentially storing M bytes of ciphertext data of the operation key K2 into corresponding odd-numbered bits of ciphertext Y2Byte, even number bits of ciphertext Y2 are filled with useless random data for data spoofing;
the ciphertext Y2 calculation process is as follows:
Y2-BYTE(2n+1)=K2-BYTE(n)⊕Pmagic card; 0≤n≤M-1
Y2-BYTE (2n) is an arbitrary random number; n is more than or equal to 0 and less than or equal to M-1
If the first byte K1-byte0 of the transport key K1 is even, each byte of the operation key K2 is associated with PDollPerforming exclusive-or operation to obtain an encrypted ciphertext of each byte of the operation key K2, sequentially storing M bytes of ciphertext data of the operation key K2 into corresponding even-numbered bytes of the ciphertext Y2, and filling useless random data into odd-numbered bits of the ciphertext Y2 for data deception;
the ciphertext Y2 calculation process is as follows:
Y2-BYTE(2n)=K2-BYTE(n)⊕Pdoll; 0≤n≤M-1
Y2-BYTE (2n +1) ═ arbitrary random numbers; n is more than or equal to 0 and less than or equal to M-1
The ciphertext Y2 is finally obtained.
Further, the specific method of step 3 is as follows:
the number of bytes of the ciphertext Y3 is 2 × M, and exclusive-OR operation is performed from the B-th byte of the ciphertext Y1 to the M-1-th byte of Y1 to obtain a result Temp, wherein B is the remainder B in the step 1;
Temp=Y1-BYTE(B)⊕Y1-BYTE(B+1)⊕…Y1-BYTE(M-1);
the specific calculation process of the encrypted ciphertext Y3 is as follows:
Y3-BYTE(n)=Temp⊕Y1-BYTE(n)⊕Y2-BYTE(n) 0≤n≤M-1;
Y3-BYTE(n)=Temp⊕Y1-BYTE(n-M)⊕Y2-BYTE(n) M≤n≤2*M-1。
further, the specific process of step 4 is as follows:
shifting the integer A to the right by 8 bits, and then combining the bits with the upper 0X000000FF to obtain variable position data, namely position ═ 8) &0X000000 FF; if the position is an odd number, the ciphertext data are sequentially an integer A, a ciphertext Y1 and a ciphertext Y3, and if the position is an even number, the ciphertext data are sequentially an integer A, a ciphertext Y3 and a ciphertext Y1;
checking all data in the assembled ciphertext, converting each byte 0X7E in the ciphertext into a 2-byte sequence, and converting the byte 0X7D in the ciphertext into a 2-byte sequence if the byte is 0X7D in the ciphertext to obtain ciphertext data Y3_ temp;
calculating the length of ciphertext Data Y3_ temp, wherein the length is length _ temp, finally packaging into a header 0X7E0X7E with 2 bytes, a Data total length _ all with 2 bytes, a Data ciphertext Y3_ temp and a tail 0X7E0X7E with 2 bytes, and finally obtaining a transport _ Data packet to be transmitted to a key receiver, wherein the total length _ all comprises a header with 2 bytes, a tail with 2 bytes, a length h _ temp and the length of the length _ all.
Compared with the prior art, the beneficial effects of adopting the technical scheme are as follows:
(1) in the process of key generation and encryption, random disturbance data and a transmission key are added, so that the ciphertext generated by encrypting the same data at each time is different, the ciphertext generated by encryption has data deception, and the difficulty in ciphertext deciphering is increased.
(2) The invention disperses the distribution position of the ciphertext data after data encryption, and the position of the ciphertext data packet is not fixed when the data is assembled, so the ciphertext data distribution has the advantages of dispersion, unfixed position distribution and the like, and the difficulty of decoding the password by an enemy is increased.
Drawings
FIG. 1 is a flow diagram of the overall encryption method of the present invention;
FIG. 2 is a flowchart of the encryption process of step 1 in the embodiment of the present invention;
FIG. 3 is a flowchart of the encryption process of step 2 according to the embodiment of the present invention;
FIG. 4 is a flowchart of the encryption of step 3 in the embodiment of the present invention;
FIG. 5 is a flowchart of data assembling in step 4 according to the embodiment of the present invention.
Detailed Description
All of the features disclosed in this specification, or all of the steps in any method or process so disclosed, may be combined in any combination, except combinations of features and/or steps that are mutually exclusive.
Any feature disclosed in this specification may be replaced by alternative features serving equivalent or similar purposes, unless expressly stated otherwise. That is, unless expressly stated otherwise, each feature is only an example of a generic series of equivalent or similar features.
The invention is further described below with reference to the accompanying drawings.
As shown in fig. 1, an encryption method of a key specifically includes the following steps:
step 1: generating X sets of base keys K0, base keys K0 respectively0To the basic key K0X-1(ii) a Generating an integer A, dividing A by X to obtain a remainder B, and selecting the basic key K0 by the remainder BBEncrypting a transmission key K1 to generate a ciphertext Y1, wherein the transmission key K1 is a useless key generated by a random algorithm; the X group basic key K0 is stored in a key transmitter system and a key receiver system;
step 2: selecting different encryption methods according to the parity of the first byte K1-byte0 of the transmission key K1 to encrypt the operation key K2 to generate a ciphertext Y2, wherein the operation key K2 is generated by a key generator, and the operation key K2 is key data required by a key receiver;
and step 3: firstly, carrying out exclusive OR operation on the B-th byte to the M-1 th byte of the ciphertext Y1 to obtain an operation result Temp, and carrying out exclusive OR operation on the operation result Temp, the ciphertext Y1 and the ciphertext Y2 to obtain a ciphertext Y3; the basic key K0 and the transmission key K1 are M bytes of data, and M > B;
and 4, step 4: the integer A is subjected to bit operation to obtain position data, different assembly modes are selected according to the parity of the position data, and finally data encapsulation is carried out to obtain a data packet to be transmitted to a key receiver.
In a preferred embodiment, the X groups of basic keys are stored in a key transmitter and a key receiver system;
the integer a is generated by a random algorithm and is 4 bytes in length.
In a preferred embodiment, key generator 1 generates a base key K0, key generator 2 generates a transport key K1, key generator 3 generates an operation key K3, K1 is a garbage key, and K1 is a key used to obfuscate adversaries; k2 is the key that the recipient really needs. The K2 is different for different users, such as different lengths of K2, different meaning of data, and the like.
In a preferred embodiment, M is 52.
In a preferred embodiment, the integer A is divided by M for complementation to obtain a complementation result C;
Y1-BYTE(n)=(K0B-BYTE(0)⊕K0B-BYTE(1)⊕…K0B-BYTE (C) & ltenberg & gt K1-byte (n); the above-mentioned
N is more than or equal to 0 and less than or equal to M-1, and n is an integer which is sequentially taken from zero to M-1.
In a preferred embodiment, the step 2 specifically includes:
step 21: a key generator of a key transmission party generates an operation key K2 according to the requirements of a system user, wherein the operation key K2 is data with M bytes, and the number of the bytes of a ciphertext Y2 is 2M;
step 22: if the first byte K1-byte0 of the transmission key K1 is an odd number, the ciphertext data of the operation key K2 sequentially correspond to the odd-number bytes of the ciphertext Y2 data, and the even-number bytes of the ciphertext Y2 are filled with random data;
if the first byte K1-byte0 of the transmission key K1 is an even number, the ciphertext data of the operation key K2 sequentially corresponds to the even-numbered bytes of the ciphertext Y2 data, and the odd-numbered bytes of the ciphertext Y2 are filled with random data.
In a preferred embodiment, the specific method for generating the ciphertext Y2 by encrypting the transmission key K1 and the operation key K2 is as follows:
XOR operation is carried out on all odd-numbered bytes of transmission key K1 to obtain result PMagic cardThe result P is obtained by XOR operation of all even-numbered bytes of the transmission key K1Doll
When M is an even number:
Pmagic card=K1-byte 1⊕K1-byte 3⊕……⊕K1-byte M-1;
PDoll=K1-byte 0⊕K1-byte 2⊕……⊕K1-byte M-2;
When M is an odd number:
Pmagic card=K1-byte 1⊕K1-byte 3⊕……⊕K1-byte M-2;
PDoll=K1-byte 0⊕K1-byte 2⊕……⊕K1-byte M-1;
If the first byte K1-byte0 of the transmission key K1 is odd, each byte of the operation key K2 is associated with PMagic cardPerforming exclusive-or operation to obtain an encrypted ciphertext of each byte of the operation key K2, sequentially storing M bytes of ciphertext data of the operation key K2 into corresponding odd-number bytes of the ciphertext Y2, and filling useless random data into even-number bits of the ciphertext Y2 for data deception;
the ciphertext Y2 calculation process is as follows:
Y2-BYTE(2n+1)=K2-BYTE(n)⊕Pmagic card; 0≤n≤M-1
Y2-BYTE (2n) is an arbitrary random number; n is more than or equal to 0 and less than or equal to M-1
If the first byte K1-byte0 of the transport key K1 is even, each byte of the operation key K2 is associated with PDollPerforming exclusive-or operation to obtain an encrypted ciphertext of each byte of the operation key K2, sequentially storing M bytes of ciphertext data of the operation key K2 into corresponding even-numbered bytes of the ciphertext Y2, and filling useless random data into odd-numbered bits of the ciphertext Y2 for data deception;
the ciphertext Y2 calculation process is as follows:
Y2-BYTE(2n)=K2-BYTE(n)⊕Pdoll; 0≤n≤M-1
Y2-BYTE (2n +1) ═ arbitrary random numbers; n is more than or equal to 0 and less than or equal to M-1
The ciphertext Y2 is finally obtained.
In a preferred embodiment, the specific method of step 3 is:
the number of bytes of the ciphertext Y3 is 2 × M, and exclusive-OR operation is performed from the B-th byte of the ciphertext Y1 to the M-1-th byte of Y1 to obtain a result Temp, wherein B is the remainder B in the step 1;
Temp=Y1-BYTE(B)⊕Y1-BYTE(B+1)⊕…Y1-BYTE(M-1);
the specific calculation process of the encrypted ciphertext Y3 is as follows:
Y3-BYTE(n)=Temp⊕Y1-BYTE(n)⊕Y2-BYTE(n) 0≤n≤M-1;
Y3-BYTE(n)=Temp⊕Y1-BYTE(n-M)⊕Y2-BYTE(n) M≤n≤2*M-1。
in a preferred embodiment, the specific process of step 4 is:
shifting the integer A to the right by 8 bits, and then combining the bits with the upper 0X000000FF to obtain variable position data, namely position ═ 8) &0X000000 FF; if the position is an odd number, the ciphertext data are sequentially an integer A, a ciphertext Y1 and a ciphertext Y3, and if the position is an even number, the ciphertext data are sequentially an integer A, a ciphertext Y3 and a ciphertext Y1;
checking all data in the assembled ciphertext, converting each byte 0X7E in the ciphertext into a 2-byte sequence, and converting the byte 0X7D in the ciphertext into a 2-byte sequence if the byte is 0X7D in the ciphertext to obtain ciphertext data Y3_ temp;
calculating the length of ciphertext Data Y3_ temp, wherein the length is length _ temp, finally packaging into a header 0X7E0X7E with 2 bytes, a Data total length _ all with 2 bytes, a Data ciphertext Y3_ temp and a tail 0X7E0X7E with 2 bytes, and finally obtaining a transport _ Data packet to be transmitted to a key receiver, wherein the total length _ all comprises a header with 2 bytes, a tail with 2 bytes and the length h _ temp. The total length _ all includes a 2-byte header, a 2-byte trailer, a length _ temp, and a length of length _ all itself
In a preferred embodiment, as shown in fig. 2, the specific process of step 1 is:
step 11: 10 sets of base keys K0, base key K0 respectively, are generated0To the basic key K09The 10 sets of basic keys are stored in the key transmitter and key receiver systems. The transmission key K1 is a useless key generated by an algorithm, and K1 is a key used to confuse an adversary. The system specifies that both the base key K0 and the transport key K1 are 52 bytes of data. Of course, the basic key K0 and the transmission key K1 can also be usedIs data of other arbitrary bytes, so the data length of K0 and K1 has expandability;
step 12: generating an integer A with the length of 4 bytes by using a random algorithm, wherein the data format of the integer A is shown in Table 1, dividing A by 10 to obtain the remainder B (B is an integer which is more than or equal to 0 and less than or equal to 9), and determining by B to adopt K0BThe encryption of the transport key K1 by the stripe base key produces ciphertext Y1, where Y1 is 52 bytes of ciphertext data. The length of Y1 is determined by the length of K0 and K1 designs and the encryption algorithm used by K0 to encrypt K1;
TABLE 1A data Format
byte0-A byte 1-A byte 2-A byte 3-A
Step 13: completion K0BThe base key encrypts the transport key K1 (spoof key). K1 is 52 bytes of random data generated by a key generator, K0BK1 and Y1 are all 52 bytes, and the data formats are shown in table 2, table 3 and table 4. And calculating an integral division 52 of the A to obtain a result C, wherein the C is an integer which is greater than or equal to 0 and less than or equal to 51. K0 is used for carrying out encryption calculation on K1 to obtain ciphertext data Y1 of 52 bytes, and the specific calculation method is as follows:
Y1-BYTE(n)=(K0B-BYTE(0)⊕K0B-BYTE(1)⊕…K0B-BYTE(C))⊕K1-byte(n)
(Note: 0. ltoreq. n. ltoreq.51)
Table 2 transmission key K1 data format
K1-byte0 K1-byte 1 K1-byte 2 K1-byte 51
Table 3 basic key K0BData format
K0B-BYTE0 K0B-BYTE1 K0B-BYTE2 K0B-BYTE51
Table 4 ciphertext Y1 data format
Y1-BYTE0 Y1-BYTE1 Y1-BYTE2 Y1-BYTE51
As shown in fig. 3, the specific process of step 2 is:
step 21: the operation key K2 is key data required by the key receiver, and all encryption in the system is performed so that the operation key K2 is not broken. The system specifies an operation key K2 of 52 bytes, and an operation key K2 is generated by the key generator software. The operation key K2 is the key generated by the key sender according to the requirements of the system user, and the data format of the transmission key K2 is shown in Table 5.
Table 5 operation key K2 data format
K2-BYTE0 K2-BYTE1 K2-BYTE2 K2-BYTE51
Step 22: according to the transmission key K1 in step 13, the operation key K2 is encrypted by the transmission key K1 to generate ciphertext Y2, where the transmission key K1 and the operation key K2 are 52 bytes, and Y2 is 104 bytes of ciphertext data, and the specific encryption process is as follows. If the first byte K1-byte0 of the transmission key K1 is an odd number, the ciphertext data encrypted by the operation key K2 sequentially correspond to odd-number bytes of the ciphertext Y2 data, and the even-number bytes of the ciphertext data are filled with random data; if the first byte, K1-byte0, of the transmission key K1 is an even number, the ciphertext data encrypted by the operation key K2 corresponds to the even-numbered bytes of the ciphertext Y2 data, and the odd-numbered bytes of the ciphertext are filled with random data. The cipher text filling mode enables the key data and the useless data to be mixed in a crossed mode, the generated cipher text Y2 is deceptive, and the difficulty of cracking the key is very high even after the cipher text is intercepted. The specific encryption method is as follows:
(a) XOR all odd bytes of transmission key K1 to obtain result PMagic cardThe result P is obtained by XOR operation of all even-numbered bytes of the transmission key K1Doll
PMagic card=K1-byte 1⊕K1-byte 3⊕……⊕K1-byte 51;
PDoll=K1-byte 0⊕K1-byte 2⊕……⊕K1-byte 50;
(b) If the first byte, K1-byte0, of the transport key, K1, is odd;
by operating each byte of key K2 separately with PMagic cardAnd performing exclusive-or operation to obtain an encrypted ciphertext of each byte of the operation key K2, and sequentially storing the 52-byte ciphertext data of the operation key K2 into odd-numbered bits corresponding to the ciphertext Y2. The even bits of the ciphertext Y2 are filled with useless random numbers for data spoofing. Ciphertext Y2 the ciphertext computation process is as follows:
Y2-BYTE(2n+1)=K2-BYTE(n)⊕Pmagic card(ii) a (Note: 0. ltoreq. n. ltoreq.51)
Y2-BYTE (2m) is an arbitrary random number; (Note: 0. ltoreq. m. ltoreq.51)
(c) If the first byte, K1-byte0, of the transport key, K1, is an even number;
by operating each byte of key K2 separately with PDollBy performing an exclusive-or operation to obtain an operation key K2 for each byteAnd (4) encrypting the ciphertext, and sequentially storing the 52-byte ciphertext data of the operation key K2 into even-numbered bits corresponding to the ciphertext Y2. The odd bits of the ciphertext Y2 are filled with useless random numbers for data spoofing. The Y2 ciphertext computation process is as follows:
Y2-BYTE(2n)=K2-BYTE(n)⊕Pdoll(ii) a (Note: 0. ltoreq. n. ltoreq.51)
Y2-BYTE (2m +1) ═ arbitrary random number; (Note: 0. ltoreq. m. ltoreq.51)
(d) The Y2 ciphertext data are finally obtained through the calculation
Table 6 ciphertext Y2 data format
Y2-BYTE0 Y2-BYTE1 Y2-BYTE3 Y2-BYTE103
As shown in fig. 4, the specific process of step 3 is:
through steps 1 and 2, we obtain data a (the remainder B of a division by 10 is K0 for the current key receiver and key senderBA stripe-based key pair K1 is encrypted), ciphertext data Y1 and ciphertext data Y2, and a transport key K1 and an operation key K2. The process of completing the cryptograph Y1 to encrypt the cryptograph Y2 to generate the final cryptograph Y3, the data format of the cryptograph Y3 is shown in Table 7, the cryptograph Y3 is 104 bytes of cryptograph data, and the process of encrypting the cryptograph Y2 by the cryptograph Y1 to generate the cryptograph Y3 is as follows:
table 7 ciphertext Y3 data format
Y3-BYTE0 Y3-BYTE1 Y3-BYTE3 Y3-BYTE103
(a) Obtaining a remainder B according to the step 12;
(b) performing exclusive-or operation from the B-th BYTE of the ciphertext Y1 to the 51-th BYTE of the ciphertext Y1 to obtain a result Temp, wherein the result Temp is Y1-BYTE (B), (B) is Y1-BYTE (B +1) and is … Y1-BYTE (51);
(c) through encryption calculation, a ciphertext Y3 is obtained, and the calculation process of the ciphertext Y3 is as follows:
y3-byte ≧ Temp ≦ Y1-byte (n) ≦ Y2-byte (n); (Note: 0. ltoreq. n. ltoreq.51)
Y3-BYTE (m) ═ Temp ≦ Y1-BYTE (m-52) ≦ Y2-BYTE (m); (Note: 52. ltoreq. m.ltoreq.103)
As shown in fig. 5, the specific process of step 4 is:
step 41: through the steps 1, 2 and 3, the integer a, the ciphertext data Y1, the ciphertext data Y2 and the ciphertext data Y3 are obtained.
Step 42: and right shifting the data A by 8 bits, and bitwise combining the data A with the upper 0X000000FF to obtain variable position data, wherein the position is (A > >8) &0X000000FF, and when the position is an odd number, the message data assembly result is an integer A, a ciphertext Y1 and a ciphertext Y3 in sequence, which is shown in Table 8. When the position is even, the message data assembly result is an integer a, a ciphertext Y3, and a ciphertext Y1 in sequence, as shown in table 9.
Table 8 format of assembled message when position is odd number
Figure GDA0003017275270000091
Table 9 format of assembled message when position is even number
Figure GDA0003017275270000092
Step 43: data encapsulation, examining all data in the messages of fig. 2 or fig. 3, converting each byte 0X7E appearing in the messages into a 2-byte sequence (0X7D,0X 5E); if a byte of 0X7D appears in the message data, it is converted into a 2-byte sequence (0X7D,0X 5D). The message data Y3_ temp is obtained.
Step 44: the length of the message data Y3_ temp is calculated to be length _ temp, and the message data Y3_ temp is finally packaged into a head 0X7E0X7E of two bytes, a total length of data length _ all of two bytes, data Y3_ temp and a tail 0X7E0X7E of two bytes. Finally, a transport _ Data packet to be transmitted to the key receiver is obtained. The total length _ all includes a 2-byte header, a 2-byte trailer, a length _ temp, and a length of length _ all itself
The invention is not limited to the foregoing embodiments. The invention extends to any novel feature or any novel combination of features disclosed in this specification and any novel method or process steps or any novel combination of features disclosed. Those skilled in the art to which the invention pertains will appreciate that insubstantial changes or modifications can be made without departing from the spirit of the invention as defined by the appended claims.

Claims (8)

1. A method for encrypting a key, comprising: the encryption method specifically comprises the following steps:
step 1: generating X sets of base keys K0, base keys K0 respectively0To the basic key K0X-1(ii) a Generating an integer A, dividing A by X to obtain a remainder B, and selecting the basic key K0 by the remainder BBEncrypting a transmission key K1 to generate a ciphertext Y1, the transmission key K1 being obtained byA useless secret key generated by a random algorithm; the X group basic key K0 is stored in a key transmitter system and a key receiver system;
step 2: selecting different encryption methods according to the parity of the first byte K1-byte0 of the transmission key K1 to encrypt the operation key K2 to generate a ciphertext Y2, wherein the operation key K2 is generated by a key generator, and the operation key K2 is key data required by a key receiver;
and step 3: firstly, carrying out exclusive OR operation on the B-th byte to the M-1 th byte of the ciphertext Y1 to obtain an operation result Temp, and carrying out exclusive OR operation on the operation result Temp, the ciphertext Y1 and the ciphertext Y2 to obtain a ciphertext Y3; the basic key K0 and the transmission key K1 are M bytes of data, and M > B;
and 4, step 4: the integer A is subjected to bit operation to obtain position data, different assembly modes are selected according to the parity of the position data, and finally data encapsulation is carried out to obtain a data packet to be transmitted to a key receiver.
2. A method of encrypting a key according to claim 1, wherein:
the integer A is generated by a random algorithm and has the length of 4 bytes;
the base key K0 and the transmission key K1 are both M bytes of data, M > B.
3. A method of encrypting a key as claimed in claim 2, characterized by: the M is 52.
4. A method of encrypting a key as claimed in claim 2, characterized by: the method for generating the ciphertext Y1 comprises the following steps:
dividing the integer A into M for complementation to obtain a complementation result C;
Figure FDA0003017275260000011
the above-mentioned
N is more than or equal to 0 and less than or equal to M-1, and n is an integer which is sequentially taken from zero to M-1.
5. A method of encrypting a key according to claim 1, wherein:
the step 2 specifically comprises:
step 21: a key generator of a key transmission party generates an operation key K2 according to the requirements of a system user, wherein the operation key K2 is data with M bytes, and the number of the bytes of a ciphertext Y2 is 2M;
step 22: if the first byte K1-byte0 of the transmission key K1 is an odd number, the ciphertext data of the operation key K2 sequentially correspond to the odd-number bytes of the ciphertext Y2 data, and the even-number bytes of the ciphertext Y2 are filled with random data;
if the first byte K1-byte0 of the transmission key K1 is an even number, the ciphertext data of the operation key K2 sequentially corresponds to the even-numbered bytes of the ciphertext Y2 data, and the odd-numbered bytes of the ciphertext Y2 are filled with random data.
6. A method of encrypting a key according to claim 5, wherein: the specific method for generating the ciphertext Y2 by encrypting the operation key K2 by using the transmission key K1 is as follows:
XOR operation is carried out on all odd-numbered bytes of transmission key K1 to obtain result PMagic cardThe result P is obtained by XOR operation of all even-numbered bytes of the transmission key K1Doll
When M is an even number:
Figure FDA0003017275260000021
Figure FDA0003017275260000022
when M is an odd number:
Figure FDA0003017275260000023
Figure FDA0003017275260000024
if the first byte K1-byte0 of the transmission key K1 is odd, each byte of the operation key K2 is associated with PMagic cardPerforming exclusive-or operation to obtain an encrypted ciphertext of each byte of the operation key K2, sequentially storing M bytes of ciphertext data of the operation key K2 into corresponding odd-number bytes of the ciphertext Y2, and filling useless random data into even-number bits of the ciphertext Y2 for data deception;
the ciphertext Y2 calculation process is as follows:
Figure FDA0003017275260000025
Y2-BYTE (2n) is an arbitrary random number; n is more than or equal to 0 and less than or equal to M-1
If the first byte K1-byte0 of the transport key K1 is even, each byte of the operation key K2 is associated with PDollPerforming exclusive-or operation to obtain an encrypted ciphertext of each byte of the operation key K2, sequentially storing M bytes of ciphertext data of the operation key K2 into corresponding even-numbered bytes of the ciphertext Y2, and filling useless random data into odd-numbered bits of the ciphertext Y2 for data deception;
the ciphertext Y2 calculation process is as follows:
Figure FDA0003017275260000026
Y2-BYTE (2n +1) ═ arbitrary random numbers; n is more than or equal to 0 and less than or equal to M-1
The ciphertext Y2 is finally obtained.
7. A method of encrypting a key according to claim 1, wherein: the specific method of the step 3 comprises the following steps:
the number of bytes of the ciphertext Y3 is 2 × M, and exclusive-OR operation is performed from the B-th byte of the ciphertext Y1 to the M-1-th byte of Y1 to obtain a result Temp, wherein B is the remainder B in the step 1;
Figure FDA0003017275260000027
the specific calculation process of the encrypted ciphertext Y3 is as follows:
Figure FDA0003017275260000028
Figure FDA0003017275260000029
8. a method of encrypting a key according to claim 1, wherein: the specific process of the step 4 is as follows:
shifting the integer A to the right by 8 bits, and then combining the bits with the upper 0X000000FF to obtain variable position data, namely position ═ 8) &0X000000 FF; if the position is an odd number, the ciphertext data are sequentially an integer A, a ciphertext Y1 and a ciphertext Y3, and if the position is an even number, the ciphertext data are sequentially an integer A, a ciphertext Y3 and a ciphertext Y1;
checking all data in the assembled ciphertext, converting each byte 0X7E in the ciphertext into a 2-byte sequence, and converting the byte 0X7D in the ciphertext into a 2-byte sequence if the byte is 0X7D in the ciphertext to obtain ciphertext data Y3_ temp;
calculating the length of ciphertext Data Y3_ temp, wherein the length is length _ temp, finally packaging the ciphertext Data into a header 0X7E0X7E of 2 bytes, a Data total length of 2 bytes, a Data ciphertext Y3_ temp and a tail 0X7E0X7E of 2 bytes, and finally obtaining a transport _ Data packet to be transmitted to a key receiver, wherein the total length of length _ all comprises a header of 2 bytes, a tail of 2 bytes, a length of length _ temp and the length of length _ all.
CN201910227532.1A 2019-03-25 2019-03-25 Encryption method of secret key Active CN109787764B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910227532.1A CN109787764B (en) 2019-03-25 2019-03-25 Encryption method of secret key

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910227532.1A CN109787764B (en) 2019-03-25 2019-03-25 Encryption method of secret key

Publications (2)

Publication Number Publication Date
CN109787764A CN109787764A (en) 2019-05-21
CN109787764B true CN109787764B (en) 2021-07-06

Family

ID=66491227

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910227532.1A Active CN109787764B (en) 2019-03-25 2019-03-25 Encryption method of secret key

Country Status (1)

Country Link
CN (1) CN109787764B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111310211A (en) * 2020-02-19 2020-06-19 成都三零凯天通信实业有限公司 Method for encrypting database by using SM4 algorithm
CN113765650A (en) * 2020-10-15 2021-12-07 北京沃东天骏信息技术有限公司 Data encryption and decryption method and device, electronic equipment and storage medium
CN112260840A (en) * 2020-10-21 2021-01-22 上海创能国瑞数据***有限公司 Disturbance encryption method based on sm4 encryption algorithm

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH04192736A (en) * 1990-11-26 1992-07-10 Matsushita Electric Ind Co Ltd Ciphering device
US6011847A (en) * 1995-06-01 2000-01-04 Follendore, Iii; Roy D. Cryptographic access and labeling system
CN111756523B (en) * 2016-11-04 2022-08-12 北京紫光展锐通信技术有限公司 Data transmission method and device

Also Published As

Publication number Publication date
CN109787764A (en) 2019-05-21

Similar Documents

Publication Publication Date Title
US10536269B2 (en) Method and system for authentication and preserving the integrity of communication, secured by secret sharing
CN106656475B (en) Novel symmetric key encryption method for high-speed encryption
CN101188496B (en) A SMS encryption transport method
CN109787764B (en) Encryption method of secret key
CN101262341A (en) A mixed encryption method in session system
CN109861809B (en) Practical grouping random encryption and decryption method
CN106850522A (en) The implementation method of Group file encrypted transmission in a kind of instant messaging
CN107395371B (en) Data encryption in wireless sensor networks
US20020159588A1 (en) Cryptography with unconditional security for the internet, commercial intranets, and data storage
CN113297633B (en) Quantum digital signature method
CN101374251B (en) Method for encrypting short message and used terminal equipment thereof
Stallings NIST block cipher modes of operation for authentication and combined confidentiality and authentication
Joshy et al. Text to image encryption technique using RGB substitution and AES
US7133525B1 (en) Communication security apparatus and method of using same
CN114499857A (en) Method for realizing data correctness and consistency in big data quantum encryption and decryption
Hwang et al. Robust stream‐cipher mode of authenticated encryption for secure communication in wireless sensor network
CN111835766B (en) Re-random public key encryption and decryption method
CN101262340A (en) MMS encryption method and mobile terminal for transmitting and receiving encrypted MMS
CN116405194A (en) Data encryption transmission method based on Beidou short message
KR100551992B1 (en) encryption/decryption method of application data
Ooi et al. Cryptanalysis of s-des
CN116132016A (en) Method for realizing additive expansion of cipher algorithm
EP1456997B1 (en) System and method for symmetrical cryptography
CN108768923A (en) A kind of real-time encrypted method of chat of the Encryption Algorithm based on Quantum Reversible Logic circuit
CN113596054A (en) Information intersystem transmission soft frequency hopping encryption method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant