[go: up one dir, main page]

CN116015607A - Method, device and storage medium for operating block cipher algorithm with combined feedback - Google Patents

Method, device and storage medium for operating block cipher algorithm with combined feedback Download PDF

Info

Publication number
CN116015607A
CN116015607A CN202211463577.7A CN202211463577A CN116015607A CN 116015607 A CN116015607 A CN 116015607A CN 202211463577 A CN202211463577 A CN 202211463577A CN 116015607 A CN116015607 A CN 116015607A
Authority
CN
China
Prior art keywords
feedback
encryption
plaintext
variable
ciphertext
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211463577.7A
Other languages
Chinese (zh)
Inventor
董新锋
吴忧
胡建勇
韩羽
张福众
周宇
苗旭东
穆道光
谭豪
陈婷
王金花
刘妍妍
刘刚
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
CETC 30 Research Institute
Original Assignee
CETC 30 Research Institute
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by CETC 30 Research Institute filed Critical CETC 30 Research Institute
Priority to CN202211463577.7A priority Critical patent/CN116015607A/en
Publication of CN116015607A publication Critical patent/CN116015607A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Storage Device Security (AREA)

Abstract

本发明提供了带组合反馈的分组密码算法工作方法,加密时,将前一明文加密结果与前一加密过程产生的反馈变量输入组合反馈函数,得到当前加密过程所需的反馈变量,将得到的反馈变量与当前明文异或运算后进行加密处理,得到当前明文加密后的密文;解密时,将前一密文与前一解密过程产生的反馈变量输入组合反馈函数,得到当前解密过程所需的反馈变量,对当前密文进行解密处理,将解密处理得到的结果与反馈变量进行异或运算,得到当前密文解密后的明文;其中,首次加密或解密时所需要的反馈变量根据需求设定即可。本发明具有基于不重复Nonce的CPA安全性和BW‑CPA安全性,能以在线方式实现,应用于在线消息处理应用场景。

Figure 202211463577

The invention provides a block cipher algorithm working method with combined feedback. When encrypting, the previous plaintext encryption result and the feedback variable generated by the previous encryption process are input into the combined feedback function to obtain the feedback variable required by the current encryption process, and the obtained After the feedback variable is XORed with the current plaintext, encryption is performed to obtain the encrypted ciphertext of the current plaintext; when decrypting, the previous ciphertext and the feedback variable generated by the previous decryption process are input into the combined feedback function to obtain the current decryption process. The feedback variable of the current ciphertext is decrypted, and the result of the decryption process is XORed with the feedback variable to obtain the plaintext after decryption of the current ciphertext; among them, the feedback variable required for the first encryption or decryption is set according to the demand Just set it. The present invention has CPA security and BW‑CPA security based on non-repetitive Nonce, can be implemented in an online manner, and is applied to an online message processing application scenario.

Figure 202211463577

Description

带组合反馈的分组密码算法工作方法、设备及存储介质Working method, device and storage medium of block cipher algorithm with combined feedback

技术领域technical field

本发明涉及通信加密技术领域,特别涉及一种带组合反馈的分组密码算法工作方法、设备及存储介质。The invention relates to the technical field of communication encryption, in particular to a block cipher algorithm working method, equipment and storage medium with combined feedback.

背景技术Background technique

分组密码算法(Block Cipher)作为对称密码中的核心算法之一,具有加解密速度快且易于软硬件实现等特点,通常由加密算法、解密算法和密钥生成算法组成。在实际应用中,一般需要加密的明文并非固定长度或单个数据分块,需要使用分组密码算法工作模式(Block Cipher Mode of Operation)来加密实际应用中的数据。分组密码算法工作模式是一种典型的对称加密方案,包括加解密模式、认证模式、认证加密模式、杂凑模式、随机数发生器模式、磁盘扇区加密模式、密钥封装模式、保留数据格式模式等,利用分组密码的这些算法工作模式可以调用分组密码算法处理任意长度的消息,实现机密性、认证性、完整性、随机数(或随机数序列)派生等密码功能,如实现机密性的加密模式、实现完整性的认证模式、以及同时实现机密性和完整性的认证加密模式等。As one of the core algorithms in symmetric ciphers, block cipher algorithm (Block Cipher) has the characteristics of fast encryption and decryption and easy software and hardware implementation. It usually consists of encryption algorithm, decryption algorithm and key generation algorithm. In practical applications, the plaintext that needs to be encrypted is generally not a fixed length or a single data block, and it is necessary to use the block cipher algorithm (Block Cipher Mode of Operation) to encrypt the data in practical applications. The block cipher algorithm working mode is a typical symmetric encryption scheme, including encryption and decryption mode, authentication mode, authentication encryption mode, hash mode, random number generator mode, disk sector encryption mode, key encapsulation mode, and data retention mode etc. By using these algorithm working modes of block ciphers, the block cipher algorithm can be called to process messages of any length, and realize confidentiality, authentication, integrity, random number (or random number sequence) derivation and other cryptographic functions, such as encryption to realize confidentiality mode, the authentication mode to achieve integrity, and the authenticated encryption mode to achieve both confidentiality and integrity, etc.

分组密码算法工作模式在满足应用性的同时,必须保证安全性。对分组密码算法的加密工作模式,主要考虑常规攻击模型和逐分组攻击模型两种情形。在常规的选择明文攻击模型(Chosen-Plaintext Attack,以下简称CPA)下,密码方案所处理的消息都是作为一个整体一次性提交的,但在一些实际在线应用中,消息的提交和处理是逐分组进行的。比如在实时应用中,由于实时事件的随机性和系统工作状态的不确定性,处理消息无法整体一次性提交;或者一些资源受限的密码设备(如智能卡),在处理长消息时,因设备自身的存储空间有限,需将长消息分段处理。需要注意的是,这类在线处理消息的应用场景导致了一类新的攻击方式——逐分组攻击。与常规攻击模型相比,逐分组攻击模型下的敌手可以在一次询问过程中控制消息以逐分组方式输入并获得应答。以逐分组适应的选择明文攻击(BlockWise adaptive Chosen-Plaintext Attack,以下简称BW-CPA)为例,敌手在进行加密询问时可以逐分组提交消息,这一能力是常规攻击模型下敌手没有的。逐分组攻击模型和密码方案的在线实现方式密切关联,从具体实现的角度分析,若密码方案无法抵抗逐分组攻击,则其不能被应用于实时系统、资源受限设备等消息在线处理的应用场景。The working mode of the block cipher algorithm must ensure security while satisfying applicability. For the encryption working mode of the block cipher algorithm, two cases, the conventional attack model and the block-by-block attack model, are mainly considered. Under the conventional chosen-plaintext attack model (Chosen-Plaintext Attack, hereinafter referred to as CPA), the messages processed by the cryptographic scheme are submitted as a whole at one time, but in some actual online applications, the submission and processing of messages are performed one by one. carried out in groups. For example, in real-time applications, due to the randomness of real-time events and the uncertainty of system working status, processing messages cannot be submitted as a whole at one time; or some resource-limited cryptographic devices (such as smart cards), when processing long Its own storage space is limited, and long messages need to be processed in segments. It should be noted that this kind of application scenario of online processing of messages has led to a new type of attack method - packet-by-packet attack. Compared with the conventional attack model, the adversary under the packet-by-packet attack model can control messages to be input in a packet-by-packet manner and get a response in a query process. Taking BlockWise adaptive Chosen-Plaintext Attack (hereinafter referred to as BW-CPA) as an example, the adversary can submit messages group by group when conducting encrypted queries, which is a capability that the adversary does not have under the conventional attack model. The packet-by-packet attack model is closely related to the online implementation of the cryptographic scheme. From the perspective of specific implementation, if the cryptographic scheme cannot resist the packet-by-packet attack, it cannot be applied to the application scenarios of online processing of messages such as real-time systems and resource-constrained devices. .

从具体应用角度来看,现有的BC模式的实用性和安全性受限,例如其IV值不能作为Nonce使用,尽管BC模式的链式结构具有在线特性,但其以在线方式实现是不安全的,不能应用于在线消息处理应用场景等。针对加密工作模式依赖于IV值的随机性这一点,Rogaway采用的思路是使用了两个密钥,其中一个密钥先用于加密Nonce值,所得密文作为反馈变量(The Feedback)的初始值使用,另一个密钥则用作明文消息处理时加密密钥。这样的改造使得模式的运行效率与原模式接近,但该方法所需的密钥量大,且不能抵抗BW-CPA。针对不能抵抗BW-CPA的问题,Fouque等人提出了一个通用方法——将密文输出延迟一个分组,并证明了能够抵抗BW-CPA。但该方法得到的新模式安全性仍然依赖于IV值的随机性,且可能降低了应用系统的响应效率。From the perspective of specific applications, the practicability and security of the existing BC mode are limited. For example, its IV value cannot be used as a Nonce. Although the chain structure of the BC mode has online characteristics, its online implementation is not safe. , and cannot be applied to online message processing application scenarios, etc. Aiming at the fact that the encryption working mode depends on the randomness of the IV value, Rogaway adopts the idea of using two keys, one of which is used to encrypt the Nonce value first, and the obtained ciphertext is used as the initial value of the feedback variable (The Feedback) The other key is used as the encryption key for plaintext message processing. Such transformation makes the operating efficiency of the mode close to the original mode, but the method requires a large amount of keys and cannot resist BW-CPA. Aiming at the problem of being unable to resist BW-CPA, Fouque et al. proposed a general method - delaying the ciphertext output by one packet, and proved that it can resist BW-CPA. However, the security of the new mode obtained by this method still depends on the randomness of the IV value, and may reduce the response efficiency of the application system.

发明内容Contents of the invention

针对现有技术中存在的问题,提供了一种带组合反馈的分组密码算法工作方法、设备及存储介质,对BC加密模式进行了改进,基于加密Nonce的安全性增强设计、XE结构和组合反馈函数等策略及设计方法,对现有CbF组合反馈函数不降低安全性的同时进行了轻量化设计。Aiming at the problems existing in the prior art, a block cipher algorithm working method, equipment and storage medium with combined feedback are provided, the BC encryption mode is improved, and the security enhancement design based on encryption Nonce, XE structure and combined feedback Function and other strategies and design methods, lightweight design is carried out for the existing CbF combined feedback function without reducing safety.

本发明采用的技术方案如下:带组合反馈的分组密码算法工作方法,The technical scheme that the present invention adopts is as follows: the block cipher algorithm working method of band combination feedback,

加密时,将前一明文加密结果与前一加密过程产生的反馈变量输入组合反馈函数,得到当前加密过程所需的反馈变量,将得到的反馈变量与当前明文异或运算后进行加密处理,得到当前明文加密后的密文;When encrypting, the previous plaintext encryption result and the feedback variable generated by the previous encryption process are input into the combined feedback function to obtain the feedback variable required by the current encryption process, and the obtained feedback variable is XORed with the current plaintext and then encrypted to obtain The ciphertext after encrypting the current plaintext;

解密时,将前一密文与前一解密过程产生的反馈变量输入组合反馈函数,得到当前解密过程所需的反馈变量,对当前密文进行解密处理,将解密处理得到的结果与反馈变量进行异或运算,得到当前密文解密后的明文;When decrypting, the previous ciphertext and the feedback variable generated by the previous decryption process are input into the combined feedback function to obtain the feedback variable required by the current decryption process, and the current ciphertext is decrypted, and the result obtained by the decryption process is compared with the feedback variable. XOR operation to obtain the plaintext after decryption of the current ciphertext;

首次加密或解密时所需要的反馈变量根据需求设定即可。The feedback variables required for the first encryption or decryption can be set according to requirements.

进一步的,所述组合反馈函数为ρ(F,C)=(I1,I2),其中F为输入的反馈变量,C为输入的密文,I1为用于与明文异或运算的反馈变量,I2为用于下一加密或解密过程输入组合反馈函数的反馈变量;Further, the combined feedback function is ρ(F, C)=(I 1 , I 2 ), where F is the input feedback variable, C is the input ciphertext, and I 1 is the XOR operation with the plaintext Feedback variable, I 2 is used for the feedback variable of next encryption or decryption process input combination feedback function;

对于I1∈{0,1}n,I2∈{0,1}n,组合反馈函数ρ(F,C)=(I1,I2)的具体运算为:For I 1 ∈ {0, 1} n , I 2 ∈ {0, 1} n , the specific operation of the combined feedback function ρ(F, C)=(I 1 , I 2 ) is:

Figure BDA0003956436430000021
Figure BDA0003956436430000021

Figure BDA0003956436430000022
Figure BDA0003956436430000022

其中,函数S(W)满足W→S(W)和

Figure BDA0003956436430000023
均为双射,特殊的运算实例为:令W=(w0||w1||…||…wn-1)∈{0,1}n,则Among them, the function S(W) satisfies W→S(W) and
Figure BDA0003956436430000023
Both are bijective, and the special operation example is: let W=(w 0 ||w 1 ||…||…w n-1 )∈{0, 1} n , then

Figure BDA0003956436430000024
Figure BDA0003956436430000024

进一步的,加密过程具体为:Further, the encryption process is specifically:

步骤1、设定初始反馈变量FB1与F1,对明文Pi进行加密,i=1...m;i初始取值为1;Step 1. Set the initial feedback variables FB 1 and F 1 to encrypt the plaintext P i , i=1...m; the initial value of i is 1;

步骤2、对反馈变量FBi与明文Pi进行异或处理,再进行加密得到加密结果CiStep 2. Execute XOR processing on the feedback variable FB i and the plaintext P i , and then encrypt to obtain the encrypted result C i ;

步骤3、若i<m,则将加密结果Ci与反馈变量Fi+1输入至组合反馈函数中,得到下一加密过程反馈变量FBi+1、Fi+1,i值加1;否则直接输出加密结果;重复步骤2-步骤3,得到所有明文加密结果。Step 3. If i<m, input the encryption result C i and the feedback variable F i+1 into the combined feedback function to obtain the next encryption process feedback variables FB i+1 and F i+1 , and add 1 to the value of i; Otherwise, output the encryption result directly; repeat steps 2-3 to get all plaintext encryption results.

进一步的,解密过程具体为:Further, the decryption process is specifically:

步骤1、设定初始反馈变量FB1与F1,对明文Ci进行解密,i=1…m;i初始取值为1;Step 1. Set the initial feedback variables FB 1 and F 1 to decrypt the plaintext Ci, i=1...m; the initial value of i is 1;

步骤2、对密文Ci解密,并将解密结果与反馈变量FBi进行异或得到明文;Step 2. Decrypt the ciphertext C i , and XOR the decryption result with the feedback variable FB i to obtain the plaintext;

步骤3、若i<m,则密文Ci与反馈变量Fi输入至组合反馈函数中,得到下一解密过程反馈变量FBi+1、Fi+1,i值加1;否则直接输出加密结果;重复步骤2-步骤3,得到所有明文。Step 3. If i<m, input the ciphertext C i and the feedback variable F i into the combined feedback function to obtain the feedback variables FB i+1 and F i+1 in the next decryption process, and add 1 to the value of i; otherwise, directly output Encrypted results; repeat steps 2-3 to get all plaintext.

进一步的,加密和解密过程组合反馈函数具体为:Further, the combined feedback function of the encryption and decryption process is specifically:

Figure BDA0003956436430000031
Figure BDA0003956436430000031

其中,ρ为组合反馈函数,Fi为输入的反馈变量,Ci为输入的加密结果;

Figure BDA0003956436430000032
为输出的反馈变量FBi+1
Figure BDA0003956436430000033
为输出的反馈变量Fi+1。Among them, ρ is a combined feedback function, F i is an input feedback variable, and C i is an input encryption result;
Figure BDA0003956436430000032
is the output feedback variable FB i+1 ,
Figure BDA0003956436430000033
is the output feedback variable F i+1 .

本发明还提出了一种电子设备,包括存储器和处理器,所述存储器上存储有能够被处理器加载并执行如上述的带组合反馈的分组密码算法工作方法对应的计算机程序。The present invention also proposes an electronic device, including a memory and a processor, and the memory stores a computer program that can be loaded by the processor and execute the working method of the block cipher algorithm with combined feedback as described above.

本发明还提出了一种计算机可读存储介质,其上存储有计算机程序指令,其中,所述程序指令被处理器执行时用于实现上述的带组合反馈的分组密码算法工作方法对应的过程。The present invention also proposes a computer-readable storage medium on which computer program instructions are stored, wherein, when the program instructions are executed by a processor, they are used to implement the process corresponding to the above-mentioned block cipher algorithm working method with combined feedback.

与现有技术相比,采用上述技术方案的有益效果为:本发明具有基于不重复Nonce的CPA安全性和BW-CPA安全性,不易被误用,且具有在并发的逐分组适应的选择明文攻击下的机密性,能以在线方式实现,应用于在线消息处理应用场景。此外,基于组合反馈函数设计新的算法工作模式反馈链接形式,对现有算法工作模式的进行安全性增强设计,也为算法工作模式的安全应用提供了新的设计思路。Compared with the prior art, the beneficial effect of adopting the above technical solution is: the present invention has CPA security and BW-CPA security based on non-repetitive Nonce, is not easy to be misused, and has the option of selecting plaintext in concurrent group-by-group adaptation Confidentiality under attack can be realized online and applied to online message processing application scenarios. In addition, based on the combined feedback function, the feedback link form of the new algorithm working mode is designed, and the security enhancement design of the existing algorithm working mode is carried out, which also provides a new design idea for the safe application of the algorithm working mode.

附图说明Description of drawings

图1为本发明提出的带组合反馈的分组密码算法工作方法示意图。Fig. 1 is a schematic diagram of the working method of the block cipher algorithm with combined feedback proposed by the present invention.

具体实施方式Detailed ways

下面详细描述本申请的实施例,所述实施例的示例在附图中示出,其中自始至终相同或类似的标号表示相同或类似的模块或具有相同或类似功能的模块。下面通过参考附图描述的实施例是示例性的,仅用于解释本申请,而不能理解为对本申请的限制。相反,本申请的实施例包括落入所附加权利要求书的精神和内涵范围内的所有变化、修改和等同物。Embodiments of the present application are described in detail below, examples of which are shown in the drawings, wherein the same or similar reference numerals denote the same or similar modules or modules having the same or similar functions throughout. The embodiments described below by referring to the figures are exemplary, are only for explaining the present application, and should not be construed as limiting the present application. On the contrary, the embodiments of the present application include all changes, modifications and equivalents falling within the spirit and scope of the appended claims.

实施例1Example 1

从具体应用角度来看,BC模式的实用性和安全性受限,其以在线方式实现是不安全的,不能应用于在线消息处理应用场景等。同时,通过分析目前已有的潜在改进方法及其技术路线,发现直接套用已有的改进方法无法同时解决基于Nonce的安全性和抵抗BW-CPA这两点关键问题。From the perspective of specific applications, the practicability and security of the BC mode are limited, and its online implementation is unsafe and cannot be applied to online message processing application scenarios. At the same time, by analyzing the existing potential improvement methods and their technical routes, it is found that directly applying the existing improvement methods cannot simultaneously solve the two key problems of Nonce-based security and resistance to BW-CPA.

针对这些问题,本实施例对BC加密模式进行了改进,基于加密Nonce的安全性增强设计、XE结构和组合反馈函数等策略及设计方法,对现有CbF组合反馈函数不降低安全性的同时进行了轻量化设计,提出一类新的CbF组合反馈函数设计方法,易于软硬件实现且具有较低的软硬件运算开销,同时为了保证算法的高效性,组合反馈函数CbF不应设计得过于复杂,应尽量使用一些简单的运算逻辑,比如异或、移位等,此外CbF的计算不应增加额外的存储,使得实现代价尽可能地小。以此为基础本实施例提出了带组合反馈的分组密码算法工作方法,如图1所示,具体如下:In response to these problems, this embodiment improves the BC encryption mode, based on strategies and design methods such as security enhancement design of encryption Nonce, XE structure and combination feedback function, and implements the existing CbF combination feedback function without reducing security. In order to improve the lightweight design, a new type of CbF combined feedback function design method is proposed, which is easy to realize by software and hardware and has low software and hardware computing overhead. In order to ensure the efficiency of the algorithm, the combined feedback function CbF should not be designed too complicated. Try to use some simple operation logic, such as XOR, shift, etc. In addition, the calculation of CbF should not add additional storage, so that the implementation cost can be as small as possible. Based on this, this embodiment proposes a block cipher algorithm working method with combined feedback, as shown in Figure 1, specifically as follows:

加密时,将前一明文加密结果与前一加密过程产生的反馈变量输入组合反馈函数,得到当前加密过程所需的反馈变量,将得到的反馈变量与当前明文异或运算后进行加密处理,得到当前明文加密后的密文;When encrypting, the previous plaintext encryption result and the feedback variable generated by the previous encryption process are input into the combined feedback function to obtain the feedback variable required by the current encryption process, and the obtained feedback variable is XORed with the current plaintext and then encrypted to obtain The ciphertext after encrypting the current plaintext;

解密时,将前一密文与前一解密过程产生的反馈变量输入组合反馈函数,得到当前解密过程所需的反馈变量,对当前密文进行解密处理,将解密处理得到的结果与反馈变量进行异或运算,得到当前密文解密后的明文;When decrypting, the previous ciphertext and the feedback variable generated by the previous decryption process are input into the combined feedback function to obtain the feedback variable required by the current decryption process, and the current ciphertext is decrypted, and the result obtained by the decryption process is compared with the feedback variable. XOR operation to obtain the plaintext after decryption of the current ciphertext;

首次加密或解密时所需要的反馈变量根据需求设定即可。The feedback variables required for the first encryption or decryption can be set according to requirements.

该带组合反馈的分组密码算法工作方法在本实施例中采用Cb_BC模式表示,其具有基于不重复Nonce的CPA安全性和BW-CPA安全性,相较于传统的BC模式,新增了由反馈变量FB组成的序列,用于与明文变量异或。The working method of the block cipher algorithm with combined feedback is expressed in the Cb_BC mode in this embodiment, which has CPA security and BW-CPA security based on non-repeating Nonce. A sequence composed of variables FB, which is used to XOR with plaintext variables.

本实施例中,Cb_BC模式使用了基于加密Nonce的安全性增强设计和XE结构,并将原BC模式中的密文与反馈变量的异或操作替换为组合反馈函数ρ(F,C)=(I1,I2),其中I1代替原来的反馈值F成为新的反馈值与明文P进行异或,I2代替原来的反馈值F与密文C进行异或,I1、I2的反馈位置可根据需求交换。In this embodiment, the Cb_BC mode uses the security enhancement design and XE structure based on encryption Nonce, and replaces the XOR operation of the ciphertext and the feedback variable in the original BC mode with the combined feedback function ρ(F, C)=( I 1 , I 2 ), where I 1 replaces the original feedback value F as a new feedback value and XORs with the plaintext P, I 2 replaces the original feedback value F and performs XOR with the ciphertext C, I 1 and I 2 Feedback positions can be swapped as required.

在此,对该组合反馈函数ρ(F,C)进行进一步说明:Here, the combined feedback function ρ(F, C) is further explained:

对于I1∈{0,1}n,I2∈{0,1}n,组合反馈函数ρ(F,C)=(I1,I2)的具体运算为:For I 1 ∈ {0, 1} n , I 2 ∈ {0, 1} n , the specific operation of the combined feedback function ρ(F, C)=(I 1 , I 2 ) is:

Figure BDA0003956436430000051
Figure BDA0003956436430000051

Figure BDA0003956436430000052
Figure BDA0003956436430000052

其中,函数S(W)满足W→S(W)和

Figure BDA0003956436430000053
均为双射,特殊的运算实例为:令W=(w0||w1||…||wn-1)∈{0,1}n,则Among them, the function S(W) satisfies W→S(W) and
Figure BDA0003956436430000053
Both are bijective, and the special operation example is: Let W=(w 0 ||w 1 ||…||w n-1 )∈{0, 1} n , then

Figure BDA0003956436430000054
Figure BDA0003956436430000054

本实施例提出的组合反馈函数将S(W)中的

Figure BDA0003956436430000055
比特异或减少至1比特异或,大大减少了组合反馈函数的硬件实现代价,达到了保证安全性质要求情况下算法硬件实现的异或逻辑资源最小化。The combined feedback function proposed in this embodiment will be in S(W)
Figure BDA0003956436430000055
The bit XOR is reduced to 1 bit XOR, which greatly reduces the hardware implementation cost of the combined feedback function, and achieves the minimum XOR logic resources implemented by the algorithm hardware under the condition of ensuring the safety property.

进一步的,以I1作为与明文异或反馈值,I2作为与密文异或反馈值为例,Cb_BC模式的加解密方式进行具体说明:Further, taking I 1 as the XOR feedback value with the plaintext and I 2 as the XOR feedback value with the ciphertext as an example, the encryption and decryption methods of the Cb_BC mode will be described in detail:

Cb_BC模式的加密过程为:The encryption process of Cb_BC mode is:

1、将反馈变量F1与FB1初始值置为IV:F1=FB1=IV;1. Set the initial values of feedback variables F 1 and FB 1 to IV: F 1 =FB 1 =IV;

2、FOR(i=1;i≤m;i++)2. FOR(i=1; i≤m; i++)

{{

(1)对FBi与明文Pi的异或值进行加密得到密文:(1) Encrypt the XOR value of FB i and plaintext P i to obtain the ciphertext:

Figure BDA0003956436430000056
Figure BDA0003956436430000056

(2)将密文Ci与Fi作为反馈函数ρ的输入:(2) Take the ciphertext C i and F i as the input of the feedback function ρ:

Figure BDA0003956436430000057
Figure BDA0003956436430000057

(3)IF(i<m):(3) IF(i<m):

Figure BDA0003956436430000058
分别作为下一轮反馈初始值FBi+1、Fi+1:Will
Figure BDA0003956436430000058
As the initial values FB i+1 and F i+1 of the next round of feedback respectively:

Figure BDA0003956436430000059
Figure BDA0003956436430000059

}}

3、得到所有密文C1,C2,…,Cm3. Obtain all ciphertexts C 1 , C 2 , . . . , C m .

Cb_BC模式的解密过程为:The decryption process of Cb_BC mode is:

1、将反馈变量F1与FB1初始值置为IV:F1=FB1=IV;1. Set the initial values of feedback variables F 1 and FB 1 to IV: F 1 =FB 1 =IV;

2、FOR(i=1;i≤m;i++)2. FOR(i=1; i≤m; i++)

{{

(1)对密文Ci进行解密:

Figure BDA00039564364300000510
将其与FBi异或得到明文Pi:(1) Decrypt the ciphertext C i :
Figure BDA00039564364300000510
XOR it with FB i to get the plaintext P i :

Figure BDA00039564364300000511
Figure BDA00039564364300000511

(2)将密文Ci与Fi作为反馈函数ρ的输入:(2) Take the ciphertext C i and F i as the input of the feedback function ρ:

Figure BDA0003956436430000061
Figure BDA0003956436430000061

(3)IF(i<m):(3) IF(i<m):

Figure BDA0003956436430000062
分别作为下一轮反馈初始值FBi+1、Fi+1:Will
Figure BDA0003956436430000062
As the initial values FB i+1 and F i+1 of the next round of feedback respectively:

Figure BDA0003956436430000063
Figure BDA0003956436430000063

3、得到所有明文P1,P2,…,Pm3. Obtain all plaintexts P 1 , P 2 , ..., P m .

需要说明的是,在本实施例中,加密过程与解密过程相对应,加密过程中的反馈变量F、FB与解密过程中的反馈变量F、FB对应相同。It should be noted that, in this embodiment, the encryption process corresponds to the decryption process, and the feedback variables F and FB in the encryption process are correspondingly the same as the feedback variables F and FB in the decryption process.

本实施例对传统BC加密模式进行了改进设计,基于加密Nonce的安全性增强设计、XE结构和组合反馈函数等策略及设计方法,对现有CbF组合反馈函数不降低安全性的同时进行了轻量化设计,易于软硬件实现且具有较低的软硬件运算开销,得到基于带组合反馈函数设计的分组密码算法加解密工作模式Cb_BC,使其安全性得到增强从而扩大了应用灵活性和适用范围。This embodiment improves the design of the traditional BC encryption mode, based on strategies and design methods such as the security enhancement design of the encryption Nonce, the XE structure, and the combined feedback function, and performs a light modification of the existing CbF combined feedback function without reducing security. Quantitative design, easy software and hardware implementation and low software and hardware computing overhead, get the encryption and decryption working mode Cb_BC based on the block cipher algorithm with combined feedback function design, which enhances its security and expands the application flexibility and scope of application.

Cb_BC模式具有基于不重复Nonce的CPA安全性和BW-CPA安全性,因此Cb_BC不易被误用,且具有在并发的逐分组适应的选择明文攻击下的机密性,能以在线方式实现,应用于在线消息处理应用场景。此外,基于组合反馈函数设计新的算法工作模式反馈链接形式,对现有算法工作模式的进行安全性增强设计,也为算法工作模式的安全应用提供了新的设计思路。The Cb_BC mode has CPA security and BW-CPA security based on non-repeating Nonce, so Cb_BC is not easy to be misused, and has confidentiality under concurrent group-by-group adaptive chosen plaintext attacks, which can be implemented online and applied to Online message processing application scenarios. In addition, based on the combined feedback function, the feedback link form of the new algorithm working mode is designed, and the security enhancement design of the existing algorithm working mode is carried out, which also provides a new design idea for the safe application of the algorithm working mode.

实施例2Example 2

本实施例还提出了一种电子设备,包括存储器和处理器,所述存储器上存储有能够被处理器加载并执行实施例1所述的带组合反馈的分组密码算法工作方法对应的计算机程序。This embodiment also proposes an electronic device, including a memory and a processor, and the memory stores a computer program that can be loaded by the processor and execute the working method of the block cipher algorithm with combined feedback described in Embodiment 1.

实施例3Example 3

本发明还提出了一种计算机可读存储介质,其上存储有计算机程序指令,其中,所述程序指令被处理器执行时用于实现实施例1所述的带组合反馈的分组密码算法工作方法对应的过程。The present invention also proposes a computer-readable storage medium on which computer program instructions are stored, wherein, when the program instructions are executed by a processor, they are used to implement the working method of the block cipher algorithm with combined feedback described in Embodiment 1 corresponding process.

需要说明的是,在本发明实施例的描述中,除非另有明确的规定和限定,术语“设置”、“连接”应做广义理解,例如,可以是固定连接,也可以是可拆卸连接,或一体地连接;可以是直接连接,也可以通过中间媒介间接连接。对于本领域的普通技术人员而言,可以具体情况理解上述术语在本发明中的具体含义;实施例中的附图用以对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例是本发明一部分实施例,而不是全部的实施例。通常在此处附图中描述和示出的本发明实施例的组件可以以各种不同的配置来布置和设计。It should be noted that, in the description of the embodiments of the present invention, unless otherwise specified and limited, the terms "setting" and "connection" should be understood in a broad sense, for example, it can be a fixed connection or a detachable connection, or integrally connected; it may be directly connected or indirectly connected through an intermediary. For those of ordinary skill in the art, the specific meanings of the above terms in the present invention can be understood in specific situations; the drawings in the embodiments are used to clearly and completely describe the technical solutions in the embodiments of the present invention. Obviously, the The described embodiments are some, but not all, embodiments of the present invention. The components of the embodiments of the invention generally described and illustrated in the figures herein may be arranged and designed in a variety of different configurations.

尽管上面已经示出和描述了本申请的实施例,可以理解的是,上述实施例是示例性的,不能理解为对本申请的限制,本领域的普通技术人员在本申请的范围内可以对上述实施例进行变化、修改、替换和变型。Although the embodiments of the present application have been shown and described above, it can be understood that the above embodiments are exemplary and should not be construed as limitations on the present application, and those skilled in the art can make the above-mentioned The embodiments are subject to changes, modifications, substitutions and variations.

Claims (7)

1.带组合反馈的分组密码算法工作方法,其特征在于,1. the block cipher algorithm working method of band combination feedback, it is characterized in that, 加密时,将前一明文加密结果与前一加密过程产生的反馈变量输入组合反馈函数,得到当前加密过程所需的反馈变量,将得到的反馈变量与当前明文异或运算后进行加密处理,得到当前明文加密后的密文;When encrypting, the previous plaintext encryption result and the feedback variable generated by the previous encryption process are input into the combined feedback function to obtain the feedback variable required by the current encryption process, and the obtained feedback variable is XORed with the current plaintext and then encrypted to obtain The ciphertext after encrypting the current plaintext; 解密时,将前一密文与前一解密过程产生的反馈变量输入组合反馈函数,得到当前解密过程所需的反馈变量,对当前密文进行解密处理,将解密处理得到的结果与反馈变量进行异或运算,得到当前密文解密后的明文;When decrypting, the previous ciphertext and the feedback variable generated by the previous decryption process are input into the combined feedback function to obtain the feedback variable required by the current decryption process, and the current ciphertext is decrypted, and the result obtained by the decryption process is compared with the feedback variable. XOR operation to obtain the plaintext after decryption of the current ciphertext; 其中,首次加密或解密时所需要的反馈变量根据需求设定即可。Wherein, the feedback variable required for the first encryption or decryption can be set according to requirements. 2.根据权利要求1所述的带组合反馈的分组密码算法工作方法,其特征在于,所述组合反馈函数为ρ(F,C)=(I1,I2),其中F为输入的反馈变量,C为输入的密文,I1为用于与明文异或运算的反馈变量,I2为用于下一加密或解密过程输入组合反馈函数的反馈变量;2. the block cipher algorithm working method of band combination feedback according to claim 1, is characterized in that, described combination feedback function is ρ (F, C)=(I 1 , I 2 ), wherein F is the feedback of input Variable, C is the ciphertext of input, I 1 is used for the feedback variable of XOR operation with plaintext, I 2 is used for the feedback variable of next encryption or decryption process input combination feedback function; 对于I1∈{0,1}n,I2∈{0,1}n,组合反馈函数ρ(F,C)=(I1,I2)的具体运算为:For I 1 ∈{0,1} n , I 2 ∈{0,1} n , the specific operation of the combined feedback function ρ(F,C)=(I 1 ,I 2 ) is:
Figure FDA0003956436420000011
Figure FDA0003956436420000011
Figure FDA0003956436420000012
Figure FDA0003956436420000012
 其中,函数S(W)满足W→S(W)和
Figure FDA0003956436420000013
均为双射,特殊的运算实例为:令W=(w0||w1||…||wn-1)∈{0,1}n,则Among them, the function S(W) satisfies W→S(W) and
Figure FDA0003956436420000013
Both are bijective, and the special operation example is: let W=(w 0 ||w 1 ||…||w n-1 )∈{0,1} n , then
Figure FDA0003956436420000014
Figure FDA0003956436420000014
 3.根据权利要求2所述的带组合反馈的分组密码算法工作方法,其特征在于,加密过程具体为:3. the block cipher algorithm work method with combination feedback according to claim 2, is characterized in that, encryption process is specifically: 步骤1、设定初始反馈变量FB1与F1,对明文Pi进行加密,i=1…m;i初始取值为1;Step 1. Set the initial feedback variables FB 1 and F 1 to encrypt the plaintext P i , i=1...m; the initial value of i is 1; 步骤2、对反馈变量FBi与明文Pi进行异或处理,再进行加密得到加密结果CiStep 2. Execute XOR processing on the feedback variable FB i and the plaintext P i , and then encrypt to obtain the encrypted result C i ; 步骤3、若i<m,则将加密结果Ci与反馈变量Fi+1输入至组合反馈函数中,得到下一加密过程反馈变量FBi+1、Fi+1,i值加1;否则直接输出加密结果;重复步骤2-步骤3,得到所有明文加密结果。Step 3. If i<m, input the encryption result C i and the feedback variable F i+1 into the combined feedback function to obtain the next encryption process feedback variables FB i+1 and F i+1 , and add 1 to the value of i; Otherwise, output the encryption result directly; repeat steps 2-3 to get all plaintext encryption results. 4.根据权利要求3所述的带组合反馈的分组密码算法工作方法,其特征在于,解密过程具体为:4. the block cipher algorithm work method of band combined feedback according to claim 3, is characterized in that, deciphering process is specifically: 步骤1、设定初始反馈变量FB1与F1,对明文Ci进行解密,i=1…m;i初始取值为1;Step 1. Set the initial feedback variables FB 1 and F 1 to decrypt the plaintext Ci, i=1...m; the initial value of i is 1; 步骤2、对密文Ci解密,并将解密结果与反馈变量FBi进行异或得到明文;Step 2. Decrypt the ciphertext C i , and XOR the decryption result with the feedback variable FB i to obtain the plaintext; 步骤3、若i<m,则密文Ci与反馈变量Fi输入至组合反馈函数中,得到下一解密过程反馈变量FBi+1、Fi+1,i值加1;否则直接输出加密结果;重复步骤2-步骤3,得到所有明文。Step 3. If i<m, input the ciphertext C i and the feedback variable F i into the combined feedback function to obtain the feedback variables FB i+1 and F i+1 in the next decryption process, and add 1 to the value of i; otherwise, directly output Encrypted results; repeat steps 2-3 to get all plaintext. 5.根据权利要求4所述的带组合反馈的分组密码算法工作方法,其特征在于,加密和解密过程组合反馈函数具体为:5. the block cipher algorithm work method with combination feedback according to claim 4, is characterized in that, encryption and decryption process combination feedback function is specifically:
Figure FDA0003956436420000021
Figure FDA0003956436420000021
 其中,ρ为组合反馈函数,Fi为输入的反馈变量,Ci为输入的加密结果;
Figure FDA0003956436420000022
为输出的反馈变量FBi+1
Figure FDA0003956436420000023
为输出的反馈变量Fi+1Among them, ρ is a combined feedback function, F i is an input feedback variable, and C i is an input encryption result;
Figure FDA0003956436420000022
is the output feedback variable FB i+1 ,
Figure FDA0003956436420000023
is the output feedback variable F i+1 . 6.一种电子设备,其特征在于,包括存储器和处理器,所述存储器上存储有能够被处理器加载并执行如权利要求1至5中任一项所述的带组合反馈的分组密码算法工作方法对应的计算机程序。6. An electronic device, characterized in that it comprises a memory and a processor, the memory is stored with a block cipher algorithm that can be loaded by the processor and executed as described in any one of claims 1 to 5 with combined feedback The computer program corresponding to the working method. 7.一种计算机可读存储介质,其上存储有计算机程序指令,其中,所述程序指令被处理器执行时用于实现权利要求1至5中任一项所述的带组合反馈的分组密码算法工作方法对应的过程。7. A computer-readable storage medium on which computer program instructions are stored, wherein the program instructions are used to implement the block cipher with combined feedback according to any one of claims 1 to 5 when executed by a processor The process corresponding to the algorithm working method.
CN202211463577.7A 2022-11-22 2022-11-22 Method, device and storage medium for operating block cipher algorithm with combined feedback Pending CN116015607A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211463577.7A CN116015607A (en) 2022-11-22 2022-11-22 Method, device and storage medium for operating block cipher algorithm with combined feedback

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211463577.7A CN116015607A (en) 2022-11-22 2022-11-22 Method, device and storage medium for operating block cipher algorithm with combined feedback

Publications (1)

Publication Number Publication Date
CN116015607A true CN116015607A (en) 2023-04-25

Family

ID=86018112

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211463577.7A Pending CN116015607A (en) 2022-11-22 2022-11-22 Method, device and storage medium for operating block cipher algorithm with combined feedback

Country Status (1)

Country Link
CN (1) CN116015607A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN118797683A (en) * 2024-06-17 2024-10-18 北京鲸鲨软件科技有限公司 A sector encryption method, decryption method and device based on secure storage

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20010021254A1 (en) * 2000-03-09 2001-09-13 Soichi Furuya Method and apparatus for symmetric-key encryption
CN101001142A (en) * 2007-01-17 2007-07-18 张建华 Encipher-decipher method based on iterative random number generator

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20010021254A1 (en) * 2000-03-09 2001-09-13 Soichi Furuya Method and apparatus for symmetric-key encryption
CN101001142A (en) * 2007-01-17 2007-07-18 张建华 Encipher-decipher method based on iterative random number generator

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
小原小原吃汤圆: "《分组密码算法的工作模式(9)——分组链接工作模式》", pages 4 - 5, Retrieved from the Internet <URL:https://blog.csdn.net/weixin_42617472/article/details/125445013> *
郑凯燕;王鹏: "《BC加密模式的分析及其改进》", 知网, 16 July 2017 (2017-07-16) *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN118797683A (en) * 2024-06-17 2024-10-18 北京鲸鲨软件科技有限公司 A sector encryption method, decryption method and device based on secure storage

Similar Documents

Publication Publication Date Title
US10341094B2 (en) Multiple encrypting method and system for encrypting a file and/or a protocol
CN111541677A (en) Safe hybrid encryption method based on narrowband Internet of things
KR102304831B1 (en) Encryption systems and method using permutaion group based cryptographic techniques
CN116321129B (en) Lightweight dynamic key-based power transaction private network communication encryption method
Alemami et al. Advanced approach for encryption using advanced encryption standard with chaotic map
Noura et al. Efficient & secure cipher scheme with dynamic key-dependent mode of operation
KR102172181B1 (en) Apparatus and Method for Patterned Cipher Block for Real-Time Data Communication
Arman et al. Design and implementation of a modified AES cryptography with fast key generation technique
WO2021129470A1 (en) Polynomial-based system and method for fully homomorphic encryption of binary data
CN111314050B (en) Encryption and decryption method and device
CN118972049A (en) Double ratchet cryptographic communication method and system based on hybrid post-quantum and asymmetric cryptography
Yoshinaka et al. On implementing ChaCha on a programmable switch
Paul et al. Hybrid OPC UA: enabling post-quantum security for the industrial internet of things
Shukur et al. Digital data encryption using a proposed W-method based on AES and DES algorithms
CN111800784A (en) Block chain cloud service system based on cloud computing
CN116015607A (en) Method, device and storage medium for operating block cipher algorithm with combined feedback
Forhad et al. An improvement of advanced encryption standard
George et al. Light weight cryptographic solutions for fog based blockchain
US12174971B1 (en) System and method for secure electronic transmission
CN119051878A (en) Method and system for data encryption transmission
CN111314051B (en) Encryption and decryption method and device
Jayachitra et al. Cloud Storage and Secure File Sharing Using Blockchain with Xchacha20 and Shake Cryptography
CN114726543B (en) Method and device for key chain generation, message sending and receiving based on message chain
Arora et al. Handling Secret Key Compromise by Deriving Multiple Asymmetric Keys based on Diffie-Hellman Algorithm
CN115514486A (en) Method for using super-long key based on intelligent robot operating system and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination