CN109787764B - Encryption method of secret key - Google Patents
Encryption method of secret key Download PDFInfo
- Publication number
- CN109787764B CN109787764B CN201910227532.1A CN201910227532A CN109787764B CN 109787764 B CN109787764 B CN 109787764B CN 201910227532 A CN201910227532 A CN 201910227532A CN 109787764 B CN109787764 B CN 109787764B
- Authority
- CN
- China
- Prior art keywords
- ciphertext
- key
- data
- byte
- bytes
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention relates to a method for encrypting a secret key, which specifically comprises the following steps: step 1: generating X sets of base keys K0, producing an integer A, dividing A by X and taking the remainderRemainder B, by which the base key K0 is selectedBEncrypting the transmission key K1 to generate a ciphertext Y1; step 2: selecting different encryption methods according to the parity of the first byte of the transmission key K1 to encrypt the operation key K2 to generate a ciphertext Y2; and step 3: carrying out XOR operation on the ciphertext Y1 and the ciphertext Y2 to obtain a ciphertext Y3; and 4, step 4: processing the integer A to obtain variable position data, selecting different assembly modes according to the parity of the position data, packaging the data, and finally obtaining a data packet to be transmitted to a key receiver; in the process of generating and encrypting the key, random disturbance data and a transmission key are added, and the positions of ciphertext data are discrete, so that the ciphertext decoding difficulty is increased.
Description
Technical Field
The invention relates to the technical field of communication encryption, in particular to a method for encrypting a secret key.
Background
With the rapid development of the internet, more and more people like to perform information communication activities (such as network payment, voice chat, information browsing and the like) on the internet, so how to ensure the security of information transmission is particularly important, and a good encryption method is needed to ensure the security of the information. The encryption method introduces how to encrypt and decrypt data, ensures information safety by encrypting the data, and reduces the risk of an enemy cracking the encrypted data.
The existing encryption methods are mainly divided into symmetric encryption and asymmetric encryption methods, and the prior art has the following defects:
1. the ciphertext transmitted by the existing encryption technology is useful data and has no data deception.
2. In the existing symmetric encryption algorithm, the ciphertext generated by encrypting the same data is the same. After intercepting the ciphertext, the enemy carries out rule statistics and ciphertext data analysis on the ciphertext data according to the plurality of ciphertext data, and decryption of the ciphertext data are easily completed, so that the risk of decryption of the ciphertext data is increased.
3. In the existing encryption technology, the distribution position of ciphertext data is fixed during key transmission, for example, data A is always distributed at a fixed position from 2 bytes to 32 bytes, and data B is always distributed at a fixed position from 36 bytes to 47 bytes, so that the ciphertext cracking probability is improved.
Disclosure of Invention
The technical problem to be solved by the invention is as follows: in view of the above existing problems, a method for encrypting a key is provided.
The technical scheme adopted by the invention is as follows:
a method for encrypting a key specifically comprises the following steps:
step 1: generating X sets of base keys K0, base keys K0 respectively0To the basic key K0X-1(ii) a Generating an integer A, dividing A by X to obtain a remainder B, and selecting the basic key K0 by the remainder BBEncrypting a transmission key K1 to generate a ciphertext Y1, wherein the transmission key K1 is a useless key generated by a random algorithm; the X group basic key K0 is stored in a key transmitter system and a key receiver system;
step 2: selecting different encryption methods according to the parity of the first byte K1-byte0 of the transmission key K1 to encrypt the operation key K2 to generate a ciphertext Y2, wherein the operation key K2 is generated by a key generator, and the operation key K2 is key data required by a key receiver;
and step 3: firstly, carrying out exclusive OR operation on the B-th byte to the M-1 th byte of the ciphertext Y1 to obtain an operation result Temp, and carrying out exclusive OR operation on the operation result Temp, the ciphertext Y1 and the ciphertext Y2 to obtain a ciphertext Y3; (ii) a The basic key K0 and the transmission key K1 are M bytes of data, and M > B;
and 4, step 4: the integer A is subjected to bit operation to obtain position data, different assembly modes are selected according to the parity of the position data, and finally data encapsulation is carried out to obtain a data packet to be transmitted to a key receiver.
Further, the X group of basic keys are stored in a key transmitter system and a key receiver system;
the integer a is generated by a random algorithm and is 4 bytes in length.
Further, M is 52.
Further, dividing the integer A by M for complementation to obtain a complementation result C;
Y1-BYTE(n)=(K0B-BYTE(0)⊕K0B-BYTE(1)⊕…K0B-BYTE (C) & ltenberg & gt K1-byte (n); the above-mentioned
N is more than or equal to 0 and less than or equal to M-1, and n is an integer which is sequentially taken from zero to M-1.
Further, the step 2 specifically includes:
step 21: a key generator of a key transmission party generates an operation key K2 according to the requirements of a system user, wherein the operation key K2 is data with M bytes, and the number of the bytes of a ciphertext Y2 is 2M;
step 22: if the first byte K1-byte0 of the transmission key K1 is an odd number, the ciphertext data of the operation key K2 sequentially correspond to the odd-number bytes of the ciphertext Y2 data, and the even-number bytes of the ciphertext Y2 are filled with random data;
if the first byte K1-byte0 of the transmission key K1 is an even number, the ciphertext data of the operation key K2 sequentially corresponds to the even-numbered bytes of the ciphertext Y2 data, and the odd-numbered bytes of the ciphertext Y2 are filled with random data.
Further, the specific method for generating the ciphertext Y2 by encrypting the transmission key K1 and the operation key K2 is as follows:
XOR operation is carried out on all odd-numbered bytes of transmission key K1 to obtain result PMagic cardThe result P is obtained by XOR operation of all even-numbered bytes of the transmission key K1Doll:
When M is an even number:
Pmagic card=K1-byte 1⊕K1-byte 3⊕…….⊕K1-byte M-1;
PDoll=K1-byte 0⊕K1-byte 2⊕…….⊕K1-byte M-2;
When M is an odd number:
Pmagic card=K1-byte 1⊕K1-byte 3⊕…….⊕K1-byte M-2;
PDoll=K1-byte 0⊕K1-byte 2⊕…….⊕K1-byte M-1;
If the first byte K1-byte0 of the transmission key K1 is odd, each byte of the operation key K2 is associated with PMagic cardPerforming XOR operation to obtain encrypted ciphertext of each byte of the operation key K2, and sequentially storing M bytes of ciphertext data of the operation key K2 into corresponding odd-numbered bits of ciphertext Y2Byte, even number bits of ciphertext Y2 are filled with useless random data for data spoofing;
the ciphertext Y2 calculation process is as follows:
Y2-BYTE(2n+1)=K2-BYTE(n)⊕Pmagic card; 0≤n≤M-1
Y2-BYTE (2n) is an arbitrary random number; n is more than or equal to 0 and less than or equal to M-1
If the first byte K1-byte0 of the transport key K1 is even, each byte of the operation key K2 is associated with PDollPerforming exclusive-or operation to obtain an encrypted ciphertext of each byte of the operation key K2, sequentially storing M bytes of ciphertext data of the operation key K2 into corresponding even-numbered bytes of the ciphertext Y2, and filling useless random data into odd-numbered bits of the ciphertext Y2 for data deception;
the ciphertext Y2 calculation process is as follows:
Y2-BYTE(2n)=K2-BYTE(n)⊕Pdoll; 0≤n≤M-1
Y2-BYTE (2n +1) ═ arbitrary random numbers; n is more than or equal to 0 and less than or equal to M-1
The ciphertext Y2 is finally obtained.
Further, the specific method of step 3 is as follows:
the number of bytes of the ciphertext Y3 is 2 × M, and exclusive-OR operation is performed from the B-th byte of the ciphertext Y1 to the M-1-th byte of Y1 to obtain a result Temp, wherein B is the remainder B in the step 1;
Temp=Y1-BYTE(B)⊕Y1-BYTE(B+1)⊕…Y1-BYTE(M-1);
the specific calculation process of the encrypted ciphertext Y3 is as follows:
Y3-BYTE(n)=Temp⊕Y1-BYTE(n)⊕Y2-BYTE(n) 0≤n≤M-1;
Y3-BYTE(n)=Temp⊕Y1-BYTE(n-M)⊕Y2-BYTE(n) M≤n≤2*M-1。
further, the specific process of step 4 is as follows:
shifting the integer A to the right by 8 bits, and then combining the bits with the upper 0X000000FF to obtain variable position data, namely position ═ 8) &0X000000 FF; if the position is an odd number, the ciphertext data are sequentially an integer A, a ciphertext Y1 and a ciphertext Y3, and if the position is an even number, the ciphertext data are sequentially an integer A, a ciphertext Y3 and a ciphertext Y1;
checking all data in the assembled ciphertext, converting each byte 0X7E in the ciphertext into a 2-byte sequence, and converting the byte 0X7D in the ciphertext into a 2-byte sequence if the byte is 0X7D in the ciphertext to obtain ciphertext data Y3_ temp;
calculating the length of ciphertext Data Y3_ temp, wherein the length is length _ temp, finally packaging into a header 0X7E0X7E with 2 bytes, a Data total length _ all with 2 bytes, a Data ciphertext Y3_ temp and a tail 0X7E0X7E with 2 bytes, and finally obtaining a transport _ Data packet to be transmitted to a key receiver, wherein the total length _ all comprises a header with 2 bytes, a tail with 2 bytes, a length h _ temp and the length of the length _ all.
Compared with the prior art, the beneficial effects of adopting the technical scheme are as follows:
(1) in the process of key generation and encryption, random disturbance data and a transmission key are added, so that the ciphertext generated by encrypting the same data at each time is different, the ciphertext generated by encryption has data deception, and the difficulty in ciphertext deciphering is increased.
(2) The invention disperses the distribution position of the ciphertext data after data encryption, and the position of the ciphertext data packet is not fixed when the data is assembled, so the ciphertext data distribution has the advantages of dispersion, unfixed position distribution and the like, and the difficulty of decoding the password by an enemy is increased.
Drawings
FIG. 1 is a flow diagram of the overall encryption method of the present invention;
FIG. 2 is a flowchart of the encryption process of step 1 in the embodiment of the present invention;
FIG. 3 is a flowchart of the encryption process of step 2 according to the embodiment of the present invention;
FIG. 4 is a flowchart of the encryption of step 3 in the embodiment of the present invention;
FIG. 5 is a flowchart of data assembling in step 4 according to the embodiment of the present invention.
Detailed Description
All of the features disclosed in this specification, or all of the steps in any method or process so disclosed, may be combined in any combination, except combinations of features and/or steps that are mutually exclusive.
Any feature disclosed in this specification may be replaced by alternative features serving equivalent or similar purposes, unless expressly stated otherwise. That is, unless expressly stated otherwise, each feature is only an example of a generic series of equivalent or similar features.
The invention is further described below with reference to the accompanying drawings.
As shown in fig. 1, an encryption method of a key specifically includes the following steps:
step 1: generating X sets of base keys K0, base keys K0 respectively0To the basic key K0X-1(ii) a Generating an integer A, dividing A by X to obtain a remainder B, and selecting the basic key K0 by the remainder BBEncrypting a transmission key K1 to generate a ciphertext Y1, wherein the transmission key K1 is a useless key generated by a random algorithm; the X group basic key K0 is stored in a key transmitter system and a key receiver system;
step 2: selecting different encryption methods according to the parity of the first byte K1-byte0 of the transmission key K1 to encrypt the operation key K2 to generate a ciphertext Y2, wherein the operation key K2 is generated by a key generator, and the operation key K2 is key data required by a key receiver;
and step 3: firstly, carrying out exclusive OR operation on the B-th byte to the M-1 th byte of the ciphertext Y1 to obtain an operation result Temp, and carrying out exclusive OR operation on the operation result Temp, the ciphertext Y1 and the ciphertext Y2 to obtain a ciphertext Y3; the basic key K0 and the transmission key K1 are M bytes of data, and M > B;
and 4, step 4: the integer A is subjected to bit operation to obtain position data, different assembly modes are selected according to the parity of the position data, and finally data encapsulation is carried out to obtain a data packet to be transmitted to a key receiver.
In a preferred embodiment, the X groups of basic keys are stored in a key transmitter and a key receiver system;
the integer a is generated by a random algorithm and is 4 bytes in length.
In a preferred embodiment, key generator 1 generates a base key K0, key generator 2 generates a transport key K1, key generator 3 generates an operation key K3, K1 is a garbage key, and K1 is a key used to obfuscate adversaries; k2 is the key that the recipient really needs. The K2 is different for different users, such as different lengths of K2, different meaning of data, and the like.
In a preferred embodiment, M is 52.
In a preferred embodiment, the integer A is divided by M for complementation to obtain a complementation result C;
Y1-BYTE(n)=(K0B-BYTE(0)⊕K0B-BYTE(1)⊕…K0B-BYTE (C) & ltenberg & gt K1-byte (n); the above-mentioned
N is more than or equal to 0 and less than or equal to M-1, and n is an integer which is sequentially taken from zero to M-1.
In a preferred embodiment, the step 2 specifically includes:
step 21: a key generator of a key transmission party generates an operation key K2 according to the requirements of a system user, wherein the operation key K2 is data with M bytes, and the number of the bytes of a ciphertext Y2 is 2M;
step 22: if the first byte K1-byte0 of the transmission key K1 is an odd number, the ciphertext data of the operation key K2 sequentially correspond to the odd-number bytes of the ciphertext Y2 data, and the even-number bytes of the ciphertext Y2 are filled with random data;
if the first byte K1-byte0 of the transmission key K1 is an even number, the ciphertext data of the operation key K2 sequentially corresponds to the even-numbered bytes of the ciphertext Y2 data, and the odd-numbered bytes of the ciphertext Y2 are filled with random data.
In a preferred embodiment, the specific method for generating the ciphertext Y2 by encrypting the transmission key K1 and the operation key K2 is as follows:
XOR operation is carried out on all odd-numbered bytes of transmission key K1 to obtain result PMagic cardThe result P is obtained by XOR operation of all even-numbered bytes of the transmission key K1Doll:
When M is an even number:
Pmagic card=K1-byte 1⊕K1-byte 3⊕……⊕K1-byte M-1;
PDoll=K1-byte 0⊕K1-byte 2⊕……⊕K1-byte M-2;
When M is an odd number:
Pmagic card=K1-byte 1⊕K1-byte 3⊕……⊕K1-byte M-2;
PDoll=K1-byte 0⊕K1-byte 2⊕……⊕K1-byte M-1;
If the first byte K1-byte0 of the transmission key K1 is odd, each byte of the operation key K2 is associated with PMagic cardPerforming exclusive-or operation to obtain an encrypted ciphertext of each byte of the operation key K2, sequentially storing M bytes of ciphertext data of the operation key K2 into corresponding odd-number bytes of the ciphertext Y2, and filling useless random data into even-number bits of the ciphertext Y2 for data deception;
the ciphertext Y2 calculation process is as follows:
Y2-BYTE(2n+1)=K2-BYTE(n)⊕Pmagic card; 0≤n≤M-1
Y2-BYTE (2n) is an arbitrary random number; n is more than or equal to 0 and less than or equal to M-1
If the first byte K1-byte0 of the transport key K1 is even, each byte of the operation key K2 is associated with PDollPerforming exclusive-or operation to obtain an encrypted ciphertext of each byte of the operation key K2, sequentially storing M bytes of ciphertext data of the operation key K2 into corresponding even-numbered bytes of the ciphertext Y2, and filling useless random data into odd-numbered bits of the ciphertext Y2 for data deception;
the ciphertext Y2 calculation process is as follows:
Y2-BYTE(2n)=K2-BYTE(n)⊕Pdoll; 0≤n≤M-1
Y2-BYTE (2n +1) ═ arbitrary random numbers; n is more than or equal to 0 and less than or equal to M-1
The ciphertext Y2 is finally obtained.
In a preferred embodiment, the specific method of step 3 is:
the number of bytes of the ciphertext Y3 is 2 × M, and exclusive-OR operation is performed from the B-th byte of the ciphertext Y1 to the M-1-th byte of Y1 to obtain a result Temp, wherein B is the remainder B in the step 1;
Temp=Y1-BYTE(B)⊕Y1-BYTE(B+1)⊕…Y1-BYTE(M-1);
the specific calculation process of the encrypted ciphertext Y3 is as follows:
Y3-BYTE(n)=Temp⊕Y1-BYTE(n)⊕Y2-BYTE(n) 0≤n≤M-1;
Y3-BYTE(n)=Temp⊕Y1-BYTE(n-M)⊕Y2-BYTE(n) M≤n≤2*M-1。
in a preferred embodiment, the specific process of step 4 is:
shifting the integer A to the right by 8 bits, and then combining the bits with the upper 0X000000FF to obtain variable position data, namely position ═ 8) &0X000000 FF; if the position is an odd number, the ciphertext data are sequentially an integer A, a ciphertext Y1 and a ciphertext Y3, and if the position is an even number, the ciphertext data are sequentially an integer A, a ciphertext Y3 and a ciphertext Y1;
checking all data in the assembled ciphertext, converting each byte 0X7E in the ciphertext into a 2-byte sequence, and converting the byte 0X7D in the ciphertext into a 2-byte sequence if the byte is 0X7D in the ciphertext to obtain ciphertext data Y3_ temp;
calculating the length of ciphertext Data Y3_ temp, wherein the length is length _ temp, finally packaging into a header 0X7E0X7E with 2 bytes, a Data total length _ all with 2 bytes, a Data ciphertext Y3_ temp and a tail 0X7E0X7E with 2 bytes, and finally obtaining a transport _ Data packet to be transmitted to a key receiver, wherein the total length _ all comprises a header with 2 bytes, a tail with 2 bytes and the length h _ temp. The total length _ all includes a 2-byte header, a 2-byte trailer, a length _ temp, and a length of length _ all itself
In a preferred embodiment, as shown in fig. 2, the specific process of step 1 is:
step 11: 10 sets of base keys K0, base key K0 respectively, are generated0To the basic key K09The 10 sets of basic keys are stored in the key transmitter and key receiver systems. The transmission key K1 is a useless key generated by an algorithm, and K1 is a key used to confuse an adversary. The system specifies that both the base key K0 and the transport key K1 are 52 bytes of data. Of course, the basic key K0 and the transmission key K1 can also be usedIs data of other arbitrary bytes, so the data length of K0 and K1 has expandability;
step 12: generating an integer A with the length of 4 bytes by using a random algorithm, wherein the data format of the integer A is shown in Table 1, dividing A by 10 to obtain the remainder B (B is an integer which is more than or equal to 0 and less than or equal to 9), and determining by B to adopt K0BThe encryption of the transport key K1 by the stripe base key produces ciphertext Y1, where Y1 is 52 bytes of ciphertext data. The length of Y1 is determined by the length of K0 and K1 designs and the encryption algorithm used by K0 to encrypt K1;
TABLE 1A data Format
byte0-A | byte 1-A | byte 2-A | byte 3-A |
Step 13: completion K0BThe base key encrypts the transport key K1 (spoof key). K1 is 52 bytes of random data generated by a key generator, K0BK1 and Y1 are all 52 bytes, and the data formats are shown in table 2, table 3 and table 4. And calculating an integral division 52 of the A to obtain a result C, wherein the C is an integer which is greater than or equal to 0 and less than or equal to 51. K0 is used for carrying out encryption calculation on K1 to obtain ciphertext data Y1 of 52 bytes, and the specific calculation method is as follows:
Y1-BYTE(n)=(K0B-BYTE(0)⊕K0B-BYTE(1)⊕…K0B-BYTE(C))⊕K1-byte(n)
(Note: 0. ltoreq. n. ltoreq.51)
Table 2 transmission key K1 data format
K1-byte0 | K1-byte 1 | K1- |
… | K1-byte 51 |
Table 3 basic key K0BData format
K0B-BYTE0 | K0B-BYTE1 | K0B-BYTE2 | … | K0B-BYTE51 |
Table 4 ciphertext Y1 data format
Y1-BYTE0 | Y1-BYTE1 | Y1-BYTE2 | … | Y1-BYTE51 |
As shown in fig. 3, the specific process of step 2 is:
step 21: the operation key K2 is key data required by the key receiver, and all encryption in the system is performed so that the operation key K2 is not broken. The system specifies an operation key K2 of 52 bytes, and an operation key K2 is generated by the key generator software. The operation key K2 is the key generated by the key sender according to the requirements of the system user, and the data format of the transmission key K2 is shown in Table 5.
Table 5 operation key K2 data format
K2-BYTE0 | K2-BYTE1 | K2-BYTE2 | … | K2-BYTE51 |
Step 22: according to the transmission key K1 in step 13, the operation key K2 is encrypted by the transmission key K1 to generate ciphertext Y2, where the transmission key K1 and the operation key K2 are 52 bytes, and Y2 is 104 bytes of ciphertext data, and the specific encryption process is as follows. If the first byte K1-byte0 of the transmission key K1 is an odd number, the ciphertext data encrypted by the operation key K2 sequentially correspond to odd-number bytes of the ciphertext Y2 data, and the even-number bytes of the ciphertext data are filled with random data; if the first byte, K1-byte0, of the transmission key K1 is an even number, the ciphertext data encrypted by the operation key K2 corresponds to the even-numbered bytes of the ciphertext Y2 data, and the odd-numbered bytes of the ciphertext are filled with random data. The cipher text filling mode enables the key data and the useless data to be mixed in a crossed mode, the generated cipher text Y2 is deceptive, and the difficulty of cracking the key is very high even after the cipher text is intercepted. The specific encryption method is as follows:
(a) XOR all odd bytes of transmission key K1 to obtain result PMagic cardThe result P is obtained by XOR operation of all even-numbered bytes of the transmission key K1Doll,
PMagic card=K1-byte 1⊕K1-byte 3⊕……⊕K1-byte 51;
PDoll=K1-byte 0⊕K1-byte 2⊕……⊕K1-byte 50;
(b) If the first byte, K1-byte0, of the transport key, K1, is odd;
by operating each byte of key K2 separately with PMagic cardAnd performing exclusive-or operation to obtain an encrypted ciphertext of each byte of the operation key K2, and sequentially storing the 52-byte ciphertext data of the operation key K2 into odd-numbered bits corresponding to the ciphertext Y2. The even bits of the ciphertext Y2 are filled with useless random numbers for data spoofing. Ciphertext Y2 the ciphertext computation process is as follows:
Y2-BYTE(2n+1)=K2-BYTE(n)⊕Pmagic card(ii) a (Note: 0. ltoreq. n. ltoreq.51)
Y2-BYTE (2m) is an arbitrary random number; (Note: 0. ltoreq. m. ltoreq.51)
(c) If the first byte, K1-byte0, of the transport key, K1, is an even number;
by operating each byte of key K2 separately with PDollBy performing an exclusive-or operation to obtain an operation key K2 for each byteAnd (4) encrypting the ciphertext, and sequentially storing the 52-byte ciphertext data of the operation key K2 into even-numbered bits corresponding to the ciphertext Y2. The odd bits of the ciphertext Y2 are filled with useless random numbers for data spoofing. The Y2 ciphertext computation process is as follows:
Y2-BYTE(2n)=K2-BYTE(n)⊕Pdoll(ii) a (Note: 0. ltoreq. n. ltoreq.51)
Y2-BYTE (2m +1) ═ arbitrary random number; (Note: 0. ltoreq. m. ltoreq.51)
(d) The Y2 ciphertext data are finally obtained through the calculation
Table 6 ciphertext Y2 data format
Y2-BYTE0 | Y2-BYTE1 | Y2-BYTE3 | … | Y2-BYTE103 |
As shown in fig. 4, the specific process of step 3 is:
through steps 1 and 2, we obtain data a (the remainder B of a division by 10 is K0 for the current key receiver and key senderBA stripe-based key pair K1 is encrypted), ciphertext data Y1 and ciphertext data Y2, and a transport key K1 and an operation key K2. The process of completing the cryptograph Y1 to encrypt the cryptograph Y2 to generate the final cryptograph Y3, the data format of the cryptograph Y3 is shown in Table 7, the cryptograph Y3 is 104 bytes of cryptograph data, and the process of encrypting the cryptograph Y2 by the cryptograph Y1 to generate the cryptograph Y3 is as follows:
table 7 ciphertext Y3 data format
Y3-BYTE0 | Y3-BYTE1 | Y3-BYTE3 | … | Y3-BYTE103 |
(a) Obtaining a remainder B according to the step 12;
(b) performing exclusive-or operation from the B-th BYTE of the ciphertext Y1 to the 51-th BYTE of the ciphertext Y1 to obtain a result Temp, wherein the result Temp is Y1-BYTE (B), (B) is Y1-BYTE (B +1) and is … Y1-BYTE (51);
(c) through encryption calculation, a ciphertext Y3 is obtained, and the calculation process of the ciphertext Y3 is as follows:
y3-byte ≧ Temp ≦ Y1-byte (n) ≦ Y2-byte (n); (Note: 0. ltoreq. n. ltoreq.51)
Y3-BYTE (m) ═ Temp ≦ Y1-BYTE (m-52) ≦ Y2-BYTE (m); (Note: 52. ltoreq. m.ltoreq.103)
As shown in fig. 5, the specific process of step 4 is:
step 41: through the steps 1, 2 and 3, the integer a, the ciphertext data Y1, the ciphertext data Y2 and the ciphertext data Y3 are obtained.
Step 42: and right shifting the data A by 8 bits, and bitwise combining the data A with the upper 0X000000FF to obtain variable position data, wherein the position is (A > >8) &0X000000FF, and when the position is an odd number, the message data assembly result is an integer A, a ciphertext Y1 and a ciphertext Y3 in sequence, which is shown in Table 8. When the position is even, the message data assembly result is an integer a, a ciphertext Y3, and a ciphertext Y1 in sequence, as shown in table 9.
Table 8 format of assembled message when position is odd number
Table 9 format of assembled message when position is even number
Step 43: data encapsulation, examining all data in the messages of fig. 2 or fig. 3, converting each byte 0X7E appearing in the messages into a 2-byte sequence (0X7D,0X 5E); if a byte of 0X7D appears in the message data, it is converted into a 2-byte sequence (0X7D,0X 5D). The message data Y3_ temp is obtained.
Step 44: the length of the message data Y3_ temp is calculated to be length _ temp, and the message data Y3_ temp is finally packaged into a head 0X7E0X7E of two bytes, a total length of data length _ all of two bytes, data Y3_ temp and a tail 0X7E0X7E of two bytes. Finally, a transport _ Data packet to be transmitted to the key receiver is obtained. The total length _ all includes a 2-byte header, a 2-byte trailer, a length _ temp, and a length of length _ all itself
The invention is not limited to the foregoing embodiments. The invention extends to any novel feature or any novel combination of features disclosed in this specification and any novel method or process steps or any novel combination of features disclosed. Those skilled in the art to which the invention pertains will appreciate that insubstantial changes or modifications can be made without departing from the spirit of the invention as defined by the appended claims.
Claims (8)
1. A method for encrypting a key, comprising: the encryption method specifically comprises the following steps:
step 1: generating X sets of base keys K0, base keys K0 respectively0To the basic key K0X-1(ii) a Generating an integer A, dividing A by X to obtain a remainder B, and selecting the basic key K0 by the remainder BBEncrypting a transmission key K1 to generate a ciphertext Y1, the transmission key K1 being obtained byA useless secret key generated by a random algorithm; the X group basic key K0 is stored in a key transmitter system and a key receiver system;
step 2: selecting different encryption methods according to the parity of the first byte K1-byte0 of the transmission key K1 to encrypt the operation key K2 to generate a ciphertext Y2, wherein the operation key K2 is generated by a key generator, and the operation key K2 is key data required by a key receiver;
and step 3: firstly, carrying out exclusive OR operation on the B-th byte to the M-1 th byte of the ciphertext Y1 to obtain an operation result Temp, and carrying out exclusive OR operation on the operation result Temp, the ciphertext Y1 and the ciphertext Y2 to obtain a ciphertext Y3; the basic key K0 and the transmission key K1 are M bytes of data, and M > B;
and 4, step 4: the integer A is subjected to bit operation to obtain position data, different assembly modes are selected according to the parity of the position data, and finally data encapsulation is carried out to obtain a data packet to be transmitted to a key receiver.
2. A method of encrypting a key according to claim 1, wherein:
the integer A is generated by a random algorithm and has the length of 4 bytes;
the base key K0 and the transmission key K1 are both M bytes of data, M > B.
3. A method of encrypting a key as claimed in claim 2, characterized by: the M is 52.
4. A method of encrypting a key as claimed in claim 2, characterized by: the method for generating the ciphertext Y1 comprises the following steps:
dividing the integer A into M for complementation to obtain a complementation result C;
N is more than or equal to 0 and less than or equal to M-1, and n is an integer which is sequentially taken from zero to M-1.
5. A method of encrypting a key according to claim 1, wherein:
the step 2 specifically comprises:
step 21: a key generator of a key transmission party generates an operation key K2 according to the requirements of a system user, wherein the operation key K2 is data with M bytes, and the number of the bytes of a ciphertext Y2 is 2M;
step 22: if the first byte K1-byte0 of the transmission key K1 is an odd number, the ciphertext data of the operation key K2 sequentially correspond to the odd-number bytes of the ciphertext Y2 data, and the even-number bytes of the ciphertext Y2 are filled with random data;
if the first byte K1-byte0 of the transmission key K1 is an even number, the ciphertext data of the operation key K2 sequentially corresponds to the even-numbered bytes of the ciphertext Y2 data, and the odd-numbered bytes of the ciphertext Y2 are filled with random data.
6. A method of encrypting a key according to claim 5, wherein: the specific method for generating the ciphertext Y2 by encrypting the operation key K2 by using the transmission key K1 is as follows:
XOR operation is carried out on all odd-numbered bytes of transmission key K1 to obtain result PMagic cardThe result P is obtained by XOR operation of all even-numbered bytes of the transmission key K1Doll:
When M is an even number:
when M is an odd number:
if the first byte K1-byte0 of the transmission key K1 is odd, each byte of the operation key K2 is associated with PMagic cardPerforming exclusive-or operation to obtain an encrypted ciphertext of each byte of the operation key K2, sequentially storing M bytes of ciphertext data of the operation key K2 into corresponding odd-number bytes of the ciphertext Y2, and filling useless random data into even-number bits of the ciphertext Y2 for data deception;
the ciphertext Y2 calculation process is as follows:
Y2-BYTE (2n) is an arbitrary random number; n is more than or equal to 0 and less than or equal to M-1
If the first byte K1-byte0 of the transport key K1 is even, each byte of the operation key K2 is associated with PDollPerforming exclusive-or operation to obtain an encrypted ciphertext of each byte of the operation key K2, sequentially storing M bytes of ciphertext data of the operation key K2 into corresponding even-numbered bytes of the ciphertext Y2, and filling useless random data into odd-numbered bits of the ciphertext Y2 for data deception;
the ciphertext Y2 calculation process is as follows:
Y2-BYTE (2n +1) ═ arbitrary random numbers; n is more than or equal to 0 and less than or equal to M-1
The ciphertext Y2 is finally obtained.
7. A method of encrypting a key according to claim 1, wherein: the specific method of the step 3 comprises the following steps:
the number of bytes of the ciphertext Y3 is 2 × M, and exclusive-OR operation is performed from the B-th byte of the ciphertext Y1 to the M-1-th byte of Y1 to obtain a result Temp, wherein B is the remainder B in the step 1;
the specific calculation process of the encrypted ciphertext Y3 is as follows:
8. a method of encrypting a key according to claim 1, wherein: the specific process of the step 4 is as follows:
shifting the integer A to the right by 8 bits, and then combining the bits with the upper 0X000000FF to obtain variable position data, namely position ═ 8) &0X000000 FF; if the position is an odd number, the ciphertext data are sequentially an integer A, a ciphertext Y1 and a ciphertext Y3, and if the position is an even number, the ciphertext data are sequentially an integer A, a ciphertext Y3 and a ciphertext Y1;
checking all data in the assembled ciphertext, converting each byte 0X7E in the ciphertext into a 2-byte sequence, and converting the byte 0X7D in the ciphertext into a 2-byte sequence if the byte is 0X7D in the ciphertext to obtain ciphertext data Y3_ temp;
calculating the length of ciphertext Data Y3_ temp, wherein the length is length _ temp, finally packaging the ciphertext Data into a header 0X7E0X7E of 2 bytes, a Data total length of 2 bytes, a Data ciphertext Y3_ temp and a tail 0X7E0X7E of 2 bytes, and finally obtaining a transport _ Data packet to be transmitted to a key receiver, wherein the total length of length _ all comprises a header of 2 bytes, a tail of 2 bytes, a length of length _ temp and the length of length _ all.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910227532.1A CN109787764B (en) | 2019-03-25 | 2019-03-25 | Encryption method of secret key |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910227532.1A CN109787764B (en) | 2019-03-25 | 2019-03-25 | Encryption method of secret key |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109787764A CN109787764A (en) | 2019-05-21 |
CN109787764B true CN109787764B (en) | 2021-07-06 |
Family
ID=66491227
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910227532.1A Active CN109787764B (en) | 2019-03-25 | 2019-03-25 | Encryption method of secret key |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109787764B (en) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111310211A (en) * | 2020-02-19 | 2020-06-19 | 成都三零凯天通信实业有限公司 | Method for encrypting database by using SM4 algorithm |
CN113765650A (en) * | 2020-10-15 | 2021-12-07 | 北京沃东天骏信息技术有限公司 | Data encryption and decryption method and device, electronic equipment and storage medium |
CN112260840A (en) * | 2020-10-21 | 2021-01-22 | 上海创能国瑞数据***有限公司 | Disturbance encryption method based on sm4 encryption algorithm |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH04192736A (en) * | 1990-11-26 | 1992-07-10 | Matsushita Electric Ind Co Ltd | Ciphering device |
US6011847A (en) * | 1995-06-01 | 2000-01-04 | Follendore, Iii; Roy D. | Cryptographic access and labeling system |
CN111756523B (en) * | 2016-11-04 | 2022-08-12 | 北京紫光展锐通信技术有限公司 | Data transmission method and device |
-
2019
- 2019-03-25 CN CN201910227532.1A patent/CN109787764B/en active Active
Also Published As
Publication number | Publication date |
---|---|
CN109787764A (en) | 2019-05-21 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10536269B2 (en) | Method and system for authentication and preserving the integrity of communication, secured by secret sharing | |
CN106656475B (en) | Novel symmetric key encryption method for high-speed encryption | |
CN101188496B (en) | A SMS encryption transport method | |
CN109787764B (en) | Encryption method of secret key | |
CN101262341A (en) | A mixed encryption method in session system | |
CN109861809B (en) | Practical grouping random encryption and decryption method | |
CN106850522A (en) | The implementation method of Group file encrypted transmission in a kind of instant messaging | |
CN107395371B (en) | Data encryption in wireless sensor networks | |
US20020159588A1 (en) | Cryptography with unconditional security for the internet, commercial intranets, and data storage | |
CN113297633B (en) | Quantum digital signature method | |
CN101374251B (en) | Method for encrypting short message and used terminal equipment thereof | |
Stallings | NIST block cipher modes of operation for authentication and combined confidentiality and authentication | |
Joshy et al. | Text to image encryption technique using RGB substitution and AES | |
US7133525B1 (en) | Communication security apparatus and method of using same | |
CN114499857A (en) | Method for realizing data correctness and consistency in big data quantum encryption and decryption | |
Hwang et al. | Robust stream‐cipher mode of authenticated encryption for secure communication in wireless sensor network | |
CN111835766B (en) | Re-random public key encryption and decryption method | |
CN101262340A (en) | MMS encryption method and mobile terminal for transmitting and receiving encrypted MMS | |
CN116405194A (en) | Data encryption transmission method based on Beidou short message | |
KR100551992B1 (en) | encryption/decryption method of application data | |
Ooi et al. | Cryptanalysis of s-des | |
CN116132016A (en) | Method for realizing additive expansion of cipher algorithm | |
EP1456997B1 (en) | System and method for symmetrical cryptography | |
CN108768923A (en) | A kind of real-time encrypted method of chat of the Encryption Algorithm based on Quantum Reversible Logic circuit | |
CN113596054A (en) | Information intersystem transmission soft frequency hopping encryption method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |