[go: up one dir, main page]

CN118827004A - An encryption method based on edge IoT agent - Google Patents

An encryption method based on edge IoT agent Download PDF

Info

Publication number
CN118827004A
CN118827004A CN202411262677.2A CN202411262677A CN118827004A CN 118827004 A CN118827004 A CN 118827004A CN 202411262677 A CN202411262677 A CN 202411262677A CN 118827004 A CN118827004 A CN 118827004A
Authority
CN
China
Prior art keywords
character
sequence
length
codeword
ciphertext
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202411262677.2A
Other languages
Chinese (zh)
Other versions
CN118827004B (en
Inventor
杨启超
游闽
王云
王凯睿
李建
熊俊辉
傅政
付理祥
李腾
王小霞
肖凝
杨宇平
舒强
余江
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanchang Power Supply Co of State Grid Jiangxi Electric Power Co Ltd
State Grid Corp of China SGCC
Original Assignee
Nanchang Power Supply Co of State Grid Jiangxi Electric Power Co Ltd
State Grid Corp of China SGCC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanchang Power Supply Co of State Grid Jiangxi Electric Power Co Ltd, State Grid Corp of China SGCC filed Critical Nanchang Power Supply Co of State Grid Jiangxi Electric Power Co Ltd
Priority to CN202411262677.2A priority Critical patent/CN118827004B/en
Publication of CN118827004A publication Critical patent/CN118827004A/en
Application granted granted Critical
Publication of CN118827004B publication Critical patent/CN118827004B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/562Brokering proxy services

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to the technical field of data encryption transmission, in particular to an encryption method based on an edge internet of things agent, which comprises the following steps: in the data interaction process of the edge node, the Internet of things equipment and the cloud platform, plaintext data is converted into character sequences, and codewords are distributed for each character; distributing operation length and conversion key to each character according to the operation length sequence and the conversion key sequence, dividing the code word of the current character into a first code word and a second code word according to the operation length of the previous character, and carrying out subsequent operation on the second code word of each character according to the conversion keyThe bit is operated with the first codeword of the next character, the ciphertext of each character is determined according to the operation result,The operation length of each character; and splicing the first codeword of the first character in the character sequence and the ciphertext of all the characters to obtain a ciphertext sequence. The invention has the advantages of encryption and compression effects, good encryption effect and capability of resisting statistical analysis and brute force cracking attack.

Description

Encryption method based on edge internet of things proxy
Technical Field
The invention relates to the technical field of data encryption transmission. More particularly, the invention relates to an encryption method based on an edge internet of things proxy.
Background
In the environment of the Internet of things, edge computing pushes data processing tasks to the network edge, so that the burden of a central server is reduced, and the response speed is improved. However, with the increase in the number of devices and the proliferation of data volume of the internet of things, the security problem of data becomes particularly important. At present, in the data interaction process between the edge node and the internet of things equipment or the cloud platform, the interaction data is generally encrypted through an encryption algorithm such as AES (advanced encryption standard) so as to improve the security of the data.
For example, patent document CN114389642B discloses a distribution network communication method and system based on an edge internet of things proxy, the method is provided with a security protection module at an edge node, the security protection module is used for encrypting original data of a terminal, the encryption processing includes converting the original data into t3×3 matrices, encrypting the t3×3 matrices by using AES algorithm to obtain ciphertext CN, a secret key z, and encrypting the ciphertext CN by using the secret key z to obtain ciphertext U.
According to the method, encryption of interactive data between the edge node and the Internet of things equipment or the cloud platform can be achieved, but an AES algorithm relied on by the encryption method is block encryption, plaintext is divided into a plurality of groups of plaintext segments with the same length, encryption is conducted respectively, the lengths of ciphertext are the same as those of the plaintext, encryption results of the plaintext segments with the same content are the same in an electric codebook mode (Electronic Codebook Book, ECB) of the AES algorithm, so that a certain statistical rule is provided in the ciphertext, an attacker can dig the statistical rule in the ciphertext to conduct statistical analysis attack, and the safety of the interactive data between the edge node and the Internet of things equipment or the cloud platform is difficult to guarantee.
Disclosure of Invention
In order to solve the technical problem that an attacker can dig a statistical rule in a secret to carry out statistical analysis attack and is difficult to ensure the safety of interaction data between an edge node and internet of things equipment or a cloud platform, the invention provides an encryption method based on an edge internet of things agent, which comprises the following steps:
In the data interaction process of the edge node, the Internet of things equipment and the cloud platform, plaintext data is converted into a character sequence; assigning codewords of the same length to each character; setting an operation length sequence, wherein elements in the operation length sequence are integers with the size not exceeding the length of the code word; setting a conversion key sequence, wherein elements in the conversion key sequence are 0 or 1 and are used for representing different operation rules; sequentially distributing operation length and conversion keys for each character according to the operation length sequence and the conversion key sequence, wherein the operation length of each character does not exceed the length of a second codeword of each character; the method for acquiring the second codeword of the character comprises the following steps: front part of code word corresponding to character Using bits as a first codeword of the character, and using the remaining bits in the codeword corresponding to the character as a second codeword of the character, whereinRepresenting the operation length of the previous character of the character; based on the conversion key of each character, the second code word of each character is processedThe bits are operated with the first code word of the next character, and the operation result is spliced in front of the second code word of each characterAfter a bit, as ciphertext of each character, whereinThe operation length of each character is represented,A length of a second codeword representing each character; and splicing the first codeword of the first character in the character sequence and the ciphertext of all the characters together according to the sequence of the characters in the character sequence to obtain the ciphertext sequence.
The effect is that: according to the invention, partial bits at the tail of the codeword of the previous character and partial bits at the beginning of the codeword of the next character are operated, the ciphertext is obtained according to the operation result, the statistical characteristics of the codeword of the character are changed, the same ciphertext in the ciphertext sequence corresponds to different meanings and decoding results, an attacker is difficult to crack the ciphertext sequence by utilizing statistical analysis attack, and the safety of interaction data between the edge node and the Internet of things equipment or cloud platform is improved; according to the invention, the number of bits for operation between codewords of every two adjacent characters is different, so that the lengths of ciphertext corresponding to each character are different, the lengths of ciphertext sequences are irregular, an attacker cannot know the lengths of plaintext data according to the ciphertext sequences, the difficulty of violent cracking by the attacker is increased, violent cracking attacks can be resisted, and the safety of interactive data between the edge node and the Internet of things equipment or cloud platform is further improved; according to the invention, the ciphertext sequence has an avalanche effect, if one character in the character sequence is changed, the ciphertext of the character and all the characters after the character is changed, and an attacker cannot infer the relation between corresponding plaintext data according to different ciphertext sequences, so that the safety of interaction data between the edge node and the Internet of things equipment or the cloud platform is stronger; compared with the total length of codewords of all characters in the character sequence, the ciphertext sequence has a shorter total length, has a compression effect, and can improve the data transmission efficiency between the edge node and the Internet of things equipment or the cloud platform.
Preferably, the method further comprises: the hash value of the character sequence is taken as the complementary ciphertext.
The effect is that: the supplemental ciphertext ensures that the ciphertext sequence may be decoded.
Preferably, the setting the sequence of operation lengths includes: according to the first keyGenerating length by using Logistic chaotic mapping algorithmIs the first chaotic sequence of the first chaotic sequenceElements of the first to the secondThe individual elements are respectively withMultiplying and rounding up the obtained result to obtainPersonal (S)Integers within the range, this isThe integers form a sequence of operation lengths, whereinThe length of the character sequence is represented,The number of kinds of characters is represented,Representing the rounding-up of the symbol,The bifurcation parameters are represented as such,Represents the parameters of the initial value,Representing the iteration parameters.
The effect is that: the operation length sequence is set by using the chaotic mapping method, so that the element size in the operation length sequence is irregular, the length of ciphertext of each character is more chaotic and irregular, and the difficulty of the attacker in carrying out brute force cracking and statistical analysis attack is increased.
Preferably, the setting the conversion key sequence includes: according to the second keyGenerating length by using Logistic chaotic mapping algorithmIs the second chaotic sequence of the (2), the first chaotic sequenceElements of the first to the secondRounding the elements to obtainA number of 0 or 1, and this is usedThe number constitutes a sequence of conversion keys, wherein,The length of the character sequence is represented,The bifurcation parameters are represented as such,Represents the parameters of the initial value,Representing the iteration parameters.
Preferably, the allocating the operation length to each character sequentially includes: taking the first element of the length of the second codeword which is not greater than the current character in the operation length sequence as the operation length of the current character, deleting the operation length of the current character and all the previous elements in the operation length sequence from the operation length sequence, and realizing the update of the operation length sequence; and distributing the operation length for the next character according to the updated operation length sequence.
The effect is that: and allocating an operation length which is not more than the second codeword length of the current character to the current character, so that the current character can be successfully encrypted.
Preferably, the distribution method of the conversion key is as follows: the serial number of the current character in the character sequence is recorded asWill convert the first in the key sequenceThe individual elements are used as the conversion key for the current character.
Preferably, the second code word of each character is subjected to the following according to the conversion key of each characterThe operation of the bits with the first codeword of the next character comprises: in response to the conversion key of a character being 0, post-in the second codeword for that characterPerforming exclusive OR operation on each bit and the first codeword of the next character; in response to the conversion key of a character being 1, a post-in the second codeword for the characterThe bits are exclusive-ored with the first codeword of the next character.
The effect is that: different operations are carried out on part of bits of every two adjacent characters, so that the complexity of a ciphertext sequence is increased, the same ciphertext corresponds to different decoding results, and the difficulty of carrying out statistical analysis attack by an attacker is further improved.
Preferably, the converting the plaintext data into a sequence of characters includes: the plaintext data is encoded into a binary sequence using GB2312 encoding, and the binary sequence is encoded into a character sequence using Base64 encoding.
Preferably, the allocating the codewords with the same length to each character includes: according to the number of kinds of charactersBinary numbers with the same length are allocated to each character, and as code words of each character, the length of the code words is as followsWhereinRepresenting rounding up symbols.
The invention has the following beneficial effects:
1. According to the invention, the statistical characteristics of the codewords of the characters are changed, so that the same ciphertext in the ciphertext sequence corresponds to different meanings and decoding results, an attacker is difficult to crack the ciphertext sequence by utilizing statistical analysis attack, and the safety of interaction data between the edge node and the Internet of things equipment or the cloud platform is improved;
2. according to the invention, the length of the ciphertext sequence is irregular, an attacker cannot know the length of plaintext data according to the ciphertext sequence, the difficulty of the attacker in carrying out violent cracking is increased, and the violent cracking attack can be resisted;
3. The ciphertext sequences in the invention have avalanche effect, and an attacker cannot infer the relation between corresponding plaintext data according to different ciphertext sequences, so that the safety of interaction data between the edge node and the Internet of things equipment or the cloud platform is further improved;
4. The ciphertext sequence has the effect of compression, and can improve the data transmission efficiency between the edge node and the Internet of things equipment or the cloud platform.
Drawings
The above, as well as additional purposes, features, and advantages of exemplary embodiments of the present invention will become readily apparent from the following detailed description when read in conjunction with the accompanying drawings. In the drawings, embodiments of the invention are illustrated by way of example and not by way of limitation, and like reference numerals refer to similar or corresponding parts and in which:
FIG. 1 is a flow chart of steps of an encryption method based on an edge Internet of things proxy according to an embodiment of the present invention;
FIG. 2 is a schematic diagram of codewords corresponding to each character according to an embodiment of the present invention;
FIG. 3 is a schematic diagram of an encryption process according to an embodiment of the present invention;
FIG. 4 is a schematic diagram of a decryption process of a decryption result according to an embodiment of the present invention;
fig. 5 is a schematic diagram of a decryption process of another decryption result according to an embodiment of the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and fully with reference to the accompanying drawings, in which it is evident that the embodiments described are some, but not all embodiments of the invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
The edge internet of things agent is an intelligent bridge of a connector and a network and is responsible for data processing and management between internet of things equipment and a cloud platform. In the data interaction process of the edge node, the Internet of things equipment and the cloud platform, the data needs to be encrypted so as to improve the safety of the data. Therefore, the invention provides an encryption method based on the edge internet of things proxy, which encrypts interaction data between the edge node and the internet of things equipment as well as the cloud platform. When the internet of things equipment or the cloud platform sends data to the edge node, the internet of things equipment and the cloud platform are the sending end, and the edge node is the receiving end; when the edge node sends data to the Internet of things equipment or the cloud platform, the edge node is a sending end, and the Internet of things equipment and the cloud platform are receiving ends.
Specific embodiments of the present invention are described in detail below with reference to the accompanying drawings.
Referring to fig. 1, a flowchart of a method for encrypting an edge-based internet of things agent according to an embodiment of the invention is shown, the method includes the following steps:
s001, converting the plaintext data to be transmitted into a character sequence.
Specifically, at the transmitting end, the GB2312 code is utilized to code plaintext data to be transmitted into a binary sequence, and the Base64 code is utilized to code the binary sequence into a character sequence. It should be noted that, since the plaintext data to be transmitted may include a plurality of data types, such as numbers, english characters, kanji characters, etc., the plaintext data to be transmitted is encoded into a binary sequence and then encoded into a character sequence, so that the data types can be unified, and the encryption difficulty is reduced. The invention takes GB2312 code and Base64 code as examples, the coding method is not limited in particular, and an operator can select the coding method, such as UTF-8 code, ASCII code and the like according to practical implementation conditions.
So far, the conversion of the plaintext data is realized, and the character sequence is obtained.
S002, the code words with the same length are allocated to each character.
Specifically, according to the number of kinds of charactersBinary numbers with the same length are allocated to each character, and as code words of each character, the length of the code words is as followsWhereinRepresenting rounding up symbols. The codewords for each character are required to be different. In order to ensure that decryption can be achieved, the code word corresponding to each character is agreed in advance by the sending end and the receiving end.
For example, when the number of kinds of charactersWhen the length of the code word of each character isWhen the character sequence is { A, C, A, B, A, A, E, F, V, D, V, D, A, B, B, H, S, B, A, S, S, C, G }, the codeword corresponding to each character is as shown in FIG. 2. In the present invention, the number of kinds of characters is 10 as an example, and in the actual implementation, the operator needs to determine the number of kinds of characters according to the encoding method adopted when encoding the binary sequence in step S001, for example, when Base64 encoding is adopted, the Base64 encoding includes 64 kinds of characters, and the character sequence includes at most 64 kinds of different characters, and the number of kinds of characters; When ASCII codes are used, the ASCII codes contain 128 characters, and the character sequence contains 128 different characters at most, so that the number of kinds of the characters is the same
So far, the code word distribution of the characters is realized.
S003, setting an operation length sequence, wherein each element in the operation length sequence is an integer with the size not exceeding the length of each character codeword; setting a conversion key sequence, wherein elements in the conversion key sequence are 0 or 1 and are used for representing different operation rules.
In one embodiment, a first key is setAnd a second keyWhereinRepresents bifurcation parameters with a range of valuesRepresenting initial value parameters, the range of values isRepresents iteration parameters, and the value range isAnd (2) andAre integers. The first key and the second key are agreed in advance by the transmitting end and the receiving end.
It should be noted that, the first key and the second key are set based on the Logistic chaotic mapping algorithm, the bifurcation parameter and the initial value parameter are parameters of the Logistic chaotic mapping algorithm, the value range is determined by the Logistic chaotic mapping algorithm, and the specific principle is not described here again. Because the Logistic chaotic mapping algorithm enters the chaotic state when iterating for more than 30 times, the set iteration parametersThe range of the values is as follows
According to the first keyGenerating length by using Logistic chaotic mapping algorithmIs the first chaotic sequence of the first chaotic sequenceElements of the first to the secondThe individual elements are respectively withMultiplying and rounding up the obtained result to obtainPersonal (S)Integers within the range, this isThe integers form a sequence of operation lengths, whereinRepresenting the length of the character sequence; The number of kinds of characters is represented, Representing the length of the codeword for each character.
According to the second keyGenerating length by using Logistic chaotic mapping algorithmIs the second chaotic sequence of the (2), the first chaotic sequenceElements of the first to the secondRounding the elements to obtainA number of 0 or 1, and this is usedThe numbers form a sequence of conversion keys.
In the conversion key sequence, 0 and 1 represent different operation rules, in this embodiment, 0 represents an exclusive or operation, and 1 represents an exclusive or operation. In other embodiments, the practitioner may set the operation rules represented by 0 and 1 according to the actual implementation, for example, 0 represents an exclusive nor operation and 1 represents an exclusive or operation.
Thus, the operation length sequence and the conversion key sequence are obtained.
It should be noted that, in this embodiment, the Logistic chaotic mapping algorithm is adopted to obtain the operation length sequence and the conversion key sequence according to the first key and the second key, and in other embodiments, the transmitting end and the receiving end may directly agree on the operation length sequence and the conversion key sequence, or use other chaotic mapping algorithms to obtain the operation length sequence and the conversion key sequence, but it should be noted that when using other chaotic mapping algorithms, the corresponding first key and second key need to be set according to parameters of the chaotic mapping algorithm used.
S004, encrypting the character sequence according to the code word, the operation length sequence and the conversion key sequence of each character to obtain a ciphertext sequence.
Specifically, at the transmitting end, encrypting each character in the character sequence in sequence, including:
The serial number of the current character in the character sequence is recorded as Will convert the first in the key sequenceThe individual elements are used as the conversion key for the current character. The first element of the length of the second codeword which is not greater than the current character in the operation length sequence is taken as the operation length of the current character and is recorded asThe operation length of the current character in the operation length sequence is calculatedAnd deleting all the previous elements from the operation length sequence to realize the updating of the operation length sequence.
The second codeword obtaining method comprises the following steps: when (when)When the code word corresponding to the current character is used as a first code word of the current character, the rest bit in the code word corresponding to the current character is used as a second code word of the current character; when (when)When the current character is corresponding to the former code wordThe bit is used as the first codeword of the current character, the rest bit in the codeword corresponding to the current character is used as the second codeword of the current character,Representing the length of the operation of the previous character.
When (when)When the length of the second codeword of the current character is recorded asIn response to the conversion key of the current character being 0, the second codeword of the current character is followed byExclusive OR operation is carried out on the bits and the first code word of the next character, and the obtained result is spliced in front of the second code word of the current characterAfter a bit, the current character is taken as ciphertext; in response to the conversion key of the current character being 1, the second codeword of the current character is laterThe bit is exclusive nor operated with the first code word of the next character, and the obtained result is spliced in front of the second code word of the current characterAfter a bit, the current character is taken as ciphertext; when (when)When the second codeword of the current character is used as the ciphertext of the current character, whereinRepresenting the length of the character sequence.
And splicing the first codeword of the first character in the character sequence and the ciphertext of all the characters together according to the sequence of the characters in the character sequence to obtain the ciphertext sequence. In order to ensure that the subsequent decoding can be performed smoothly, the hash value of the character sequence is obtained and used as the complementary ciphertext.
For example, the character sequence is { A, C, A, B, A, A, E, F, V, D, V, D, A, B, B, H, S, B, A, S, S, C, G }, the operation length sequence is {2,1,1,2,1,3,3,1,2,2,3,2,1,2,1,3,1,2,2,3,3,1,2,1,2,1,3,3,1,1,1,2,3,1,3,3,2,1,2,3,2,1,2,1,3,2}, the conversion key sequence is {1,0,1,1,0,1,0,0,1,0,1,0,0,0,1,1,0,1,1,0,0,1,0}, and the encryption process is shown in FIG. 3 when the codeword of each character in the character sequence is shown in FIG. 2: the first codeword of the first character A in the character sequence is 0110, the first codeword of the character A is 0, the second codeword is 110, the first element 2 in the operation length sequence is not greater than the length of the second codeword of the character A, therefore, 2 is taken as the operation length of the character A, the first element 1 in the conversion key sequence is taken as the conversion key of the character A, the codeword of the second character C in the character sequence is 0001, the first codeword of the character C is 00, the second codeword is 01, and since the conversion key is 1, the last 2 bits in the second codeword of the character A and the first codeword of the character C are subjected to the same-or operation to obtain 01, and the 01 is spliced to the front of the second codeword of the character AAfter a bit of 1, the ciphertext 101 of character a is obtained. Similarly, ciphertext of the 2 nd character to the 22 nd character in the character sequence is sequentially obtained, the second codeword of the 23 rd character (namely the last character) G in the character sequence is 110, and the second codeword of the last character G is used as the ciphertext of the character G. And splicing the first codeword 0 of the first character A in the character sequence and the ciphertext of all the characters together according to the sequence of the characters in the character sequence to obtain a ciphertext sequence {0101011100111010000110101110111110101111000 1010000001100}. Before encryption, the sequence of codewords corresponding to all the characters in the character sequence is {011000010110100101100110101110001110001011100010011010011001010000001001011000000 00000011100}, the length of the sequence is 92, and since the codeword length of each character is the same, the occurrence rule of the codewords in the sequence can be counted, for example, 0110 occurs 6 times in the sequence, and the distribution of the characters in the character sequence can be estimated according to the rule. After encryption, the length of the ciphertext sequence is 56, which is reduced by 36 compared with the sequence length formed by the code words corresponding to all the characters in the character sequence, so that the encryption method has the compression effect. Meanwhile, the lengths of ciphertext corresponding to each character in the ciphertext sequence are different, the rule of codewords of each character is destroyed, an attacker cannot infer the distribution of the characters in the character sequence according to the distribution of 0 and 1 in the ciphertext sequence, and the confidentiality is high.
Thus, the encryption of the character sequence is realized, and the ciphertext sequence and the complementary ciphertext are obtained.
S005, sending the ciphertext sequence to the receiving end so that the receiving end can decrypt the ciphertext sequence to obtain plaintext data.
The receiving terminal decrypts the ciphertext sequence according to the received complementary ciphertext, and the specific process is as follows:
acquiring all ciphertext segments in the ciphertext sequence, wherein The method for acquiring the ciphertext segments comprises the following steps: when (when)At the time, the front part in the ciphertext sequenceThe first ciphertext fragment is a bit of a first one,The number of kinds of characters is represented,A length of a codeword representing each character; when (when)At the time, the first in the ciphertext sequenceBit to bitThe bit is the first bitA ciphertext segment, whereinRepresent the firstThe operational length of the ciphertext segments.
The operation length of each ciphertext segment is sequentially acquired, and the acquisition method specifically comprises the following steps: when (when)When the first element in the operation length sequence is used as the first elementCalculation length of ciphertext segmentDeleting the first element in the operation length sequence from the operation length sequence whenWhen the operation length sequence is not greater thanAs the first element of (1)The operation length of each ciphertext segment is calculated in the operation length sequenceAnd all previous elements are deleted from the sequence of operation lengths.
For example, when the operation length sequence is {2,1,1,2,1,3,3,1,2,2,3,2,1,2,1,3,1,2,2,3,3,1,2,1,2,1,3,3,1,1,1, 2,3,1,3,3,2,1,2,3,2,1,2,1,3,2}, and the ciphertext sequence is {010101110011101000011010111011111010111100 01010000001100}, the first 4 bits in the ciphertext sequence are used as the 1 st ciphertext segment 0101, the first element 2 in the operation length sequence is used as the operation length of the 1 st ciphertext segment 0101, and the operation length sequence is updated to obtain {1,1,2,1,3,3,1, 2,2,3,2,1,2,1,3,1,2,2,3,3,1,2,1,2,1,3,3,1,1,1,2,3,1,3,3,2,1,2,3,2,1,2,1,3,2}; will be the first in the ciphertext sequenceBit to bitThe bit is used as the 2 nd ciphertext segment 0101, and the operation length sequence is not more thanIf the first element of (2) is 1, using 1 as the operation length of the 2 nd ciphertext fragment, and updating the operation length sequence to obtain {1,2,1,3,3,1,2,2,3,2,1,2,1,3,1, 2,2,3,3,1,2,1,2,1,3,3,1,1,1,2,3,1,3,3,2,1,2,3,2,1,2,1,3,2}; will be the first in the ciphertext sequenceBit to bitThe 3 rd ciphertext segment 1110 is not greater thanIf the first element of (2) is 1, using 1 as the operation length of the 3 rd ciphertext segment, and updating the operation length sequence to obtain {2,1,3,3,1,2,2,3,2,1,2,1,3,1,2,2,3,3,1,2,1,2,1,3,3,1,1,1,2,3,1,3,3,2,1,2,3,2,1,2,1,3,2}; similarly, all ciphertext segments are obtained :0101、0101、1110、0011、1110、0100、1000、0011、1101、0101、0111、1011、1111、1101、1010、0111、1110、1000、0101、0100、0000、0001、1100.
Will convert the first in the key sequenceThe first element isA conversion key for each ciphertext fragment. Decrypting each ciphertext segment in turn according to the conversion key of each ciphertext segment, specifically:
for the first Ciphertext segment, whenAt the time, the firstFront in ciphertext segmentThe number of bits is taken as the known bits, and the code word of all characters is obtained beforeAll codewords having the same bit as the known bit are respectively used as the first bitOne candidate codeword of each ciphertext segment takes the character corresponding to the candidate codeword as the first characterCandidate characters of ciphertext fragment according to the firstConversion key of ciphertext fragment and the firstCandidate codewords of ciphertext segment, pairCorrecting the ciphertext segments to obtain a plurality of corrected ciphertext segments; when (when)At the time, the firstFront of each corrected ciphertext segment corresponding to each ciphertext segmentThe number of bits is taken as the known bits, and the code word of all characters is obtained beforeAll codewords having the same bit as the known bit are respectively used as the first bitOne candidate codeword of each ciphertext segment takes the character corresponding to the candidate codeword as the first characterCandidate characters of ciphertext fragment according to the firstConversion key of ciphertext fragment and the firstCandidate codewords of ciphertext segment, pairAnd correcting the ciphertext segments to obtain a plurality of corrected ciphertext segments.
Wherein, according to the firstConversion key of ciphertext fragment and the firstCandidate codewords of ciphertext segment, pairThe ciphertext segments are corrected to obtain a plurality of corrected ciphertext segments, which are specifically as follows:
Will be the first Post of ciphertext fragmentBits as conversion bits, whenWhen the conversion key of the ciphertext segment is 0, the conversion bit is the firstPost candidate codewords for ciphertext segmentsBit number ofFront of codeword of corresponding character of cipher text segmentExclusive OR of bits results, whenWhen the conversion key of the ciphertext segment is 1, the conversion bit is 1Post candidate codewords for ciphertext segmentsBit number ofFront of codeword of corresponding character of cipher text segmentThe result of the exclusive OR of the bits according to the conversion key and the firstAfter each candidate codeword of each ciphertext segmentOne bit can obtain the firstFront of codeword of corresponding character of cipher text segmentMultiple cases of a single bit will beFront in ciphertext segmentThe bit is replaced with the first bitFront of codeword of corresponding character of cipher text segmentBit of realizing the firstCorrection of the ciphertext segment to obtain the firstAnd a plurality of corrected ciphertext segments corresponding to the ciphertext segments.
For example, the number of the cells to be processed, when the ciphertext segment is 0101、0101、1110、0011、1110、0100、1000、0011、1101、0101、0111、1011、1111、1101、1010、0111、1110、1000、0101、0100、0000、0001、1100,, the operation length of each ciphertext segment is 2, 1,2, 1, 31, 2, 1, 3, 1,2, 1,2, 1, 3, when the conversion key sequence is {1,0,1,1,0,1,0,0,1,0,1,0,0,0,1,1,0,1,1,0,0,1,0}, and the codeword of each character is shown in fig. 2, the method for obtaining the candidate codeword of the1 st ciphertext segment is as follows: taking the first 4-2=2 bits 01 in the1 st ciphertext segment 0101 as known bits, and taking the codewords with the same first 4-2=2 bits as the known bits 01 as 0110 and 0100 in the codewords of all characters, wherein the candidate codewords of the1 st ciphertext segment are 0110 and 0100, and the corresponding candidate characters are A, H. The method for acquiring the candidate code word of the2 nd ciphertext fragment comprises the following steps: post-processing of ciphertext 1 st segmentBit 01 is used as a conversion bit, the conversion key of the 1 st ciphertext segment is 1, the conversion bit 01 is the same or result of the last 2 bits of the candidate codeword 0110 of the 1 st ciphertext segment and the first 2 bits of the codeword of the character corresponding to the 2 nd ciphertext segment, or the same or result of the last 2 bits of the candidate codeword 0100 and the first 2 bits of the codeword of the character corresponding to the 2 nd ciphertext segment, then the first 2 bits of the codeword of the character corresponding to the 2 nd ciphertext segment are 00 or 10, and then the corrected ciphertext segment corresponding to the 2 nd ciphertext segment is 0001, 1001; when the candidate codeword of the 1 st ciphertext segment is 0110, the corrected ciphertext segment corresponding to the 2 nd ciphertext segment is 0001, the first 4-1=3 bits 000 in the corrected ciphertext segment corresponding to the 2 nd ciphertext segment are 0001 are taken as known bits, and among codewords of all characters, the codewords of the first 4-1=3 bits which are identical to the known bits 000 are 0001 and 0000 respectively, the candidate codeword of the 2 nd ciphertext segment is 0001 and 0000, and the corresponding candidate character is C, S; when the candidate codeword of the 1 st ciphertext fragment is 0100, the corrected ciphertext fragment corresponding to the 2 nd ciphertext fragment is 1001, the first 4-1=3 bits 100 of the corrected ciphertext fragment corresponding to the 2 nd ciphertext fragment is 1001 are taken as the known bits, and among the codewords of all the characters, the codewords of the first 4-1=3 bits, which are the same as the known bits 100, are 1000 and 1001, respectively, the candidate codeword of the 2 nd ciphertext fragment is 1000 and 1001, and the corresponding candidate character is B, F. And by analogy, candidate code words of all ciphertext segments can be obtained.
Note that, the 1 st ciphertext block corresponds to a plurality of candidate codewords, the 2 nd ciphertext block corresponds to a plurality of candidate codewords under any one candidate codeword of the 1 st ciphertext block, the 3 rd ciphertext block corresponds to a plurality of candidate codewords under any one candidate codeword of the 2 nd ciphertext block, and the 4 th ciphertext block corresponds to a plurality of candidate codewords, … under any one candidate codeword of the 3 rd ciphertext block. Thus, there are a variety of decryption results for ciphertext sequences.
The method for obtaining each decryption result is as follows: setting an empty candidate decryption sequence, taking any one candidate codeword of the 1 st ciphertext segment as a first optional codeword, and adding the first optional codeword to the end of the candidate decryption sequence; taking any one candidate codeword corresponding to the 2 nd ciphertext segment under the first selected codeword as a second selected codeword, and adding the second selected codeword to the end of the candidate decryption sequence; taking any one of candidate codewords corresponding to the 3 rd ciphertext segment under the second selected codeword as a third selected codeword, and adding the third selected codeword to the end of the candidate decryption sequence; and so on until all ciphertext segments have a candidate codeword added to the candidate decryption sequence, and taking the candidate decryption sequence at that time as a decryption result. Similarly, various decryption results can be obtained by selecting each selected codeword through traversal.
For example, when the ciphertext sequence is {01010111001110100001101011101111101011110001010000001100}, the operation length sequence is {2,1,1,2,1,3,3,1,2,2,3,2,1,2,1,3,1,2,2,3,3,1,2,1,2,1,3,3,1,1,1,2,3,1,3,3,2,1,2,3,2,1, 2,1,3,2}, the conversion key sequence is {1,0,1,1,0,1,0,0,1,0,1,0,0,0,1,1,0,1,1,0,0,1,0}, and the codeword of each character is shown in fig. 2, { a, S, V, B, a, D, H, G, a, D, a, F, E, H, S, F, G, B, F, S, H } is a decryption result, and the decryption result corresponds to the decryption process shown in fig. 4, the gray character in the candidate character column represents the selected character, and the gray codeword in the candidate codeword column represents the codeword corresponding to the selected character; { A, C, A, B, A, A, E, F, V, D, V, D, A, B, B, H, S, B, A, S, S, C, G } is a decryption result, the decryption process corresponding to the decryption result is shown in FIG. 5, gray characters in the candidate character columns in FIG. 5 represent selected characters, and gray codewords in the candidate codeword columns represent codewords corresponding to the selected characters.
And obtaining the hash value of each decryption result, and taking the hash value and the decryption result of the complementary key as final decryption results.
And decoding the final decryption result by using Base64 coding to obtain a binary sequence, and decoding the binary sequence by using GB2312 coding to obtain plaintext data. The encoding method for decoding the final decryption result corresponds to step S001.
Thus, the decryption of the ciphertext sequence is realized, and the plaintext data is obtained.
The above description is only of the preferred embodiments of the present invention and is not intended to limit the invention, but any modifications, equivalent substitutions, improvements, etc. within the principles of the present invention should be included in the scope of the present invention.

Claims (9)

1. An encryption method based on an edge internet of things proxy is characterized by comprising the following steps:
In the data interaction process of the edge node, the Internet of things equipment and the cloud platform, plaintext data is converted into a character sequence; assigning codewords of the same length to each character; setting an operation length sequence, wherein elements in the operation length sequence are integers with the size not exceeding the length of the code word; setting a conversion key sequence, wherein elements in the conversion key sequence are 0 or 1 and are used for representing different operation rules;
Sequentially distributing operation length and conversion keys for each character according to the operation length sequence and the conversion key sequence, wherein the operation length of each character does not exceed the length of a second codeword of each character; the method for acquiring the second codeword of the character comprises the following steps: front part of code word corresponding to character Using bits as a first codeword of the character, and using the remaining bits in the codeword corresponding to the character as a second codeword of the character, whereinRepresenting the operation length of the previous character of the character;
Based on the conversion key of each character, the second code word of each character is processed The bits are operated with the first code word of the next character, and the operation result is spliced in front of the second code word of each characterAfter a bit, as ciphertext of each character, whereinThe operation length of each character is represented,A length of a second codeword representing each character; and splicing the first codeword of the first character in the character sequence and the ciphertext of all the characters together according to the sequence of the characters in the character sequence to obtain the ciphertext sequence.
2. The encryption method based on the edge internet of things proxy according to claim 1, further comprising: the hash value of the character sequence is taken as the complementary ciphertext.
3. The encryption method based on the edge internet of things proxy according to claim 1, wherein the setting the operation length sequence includes:
Generating length by using Logistic chaotic mapping algorithm Is the first chaotic sequence of the first chaotic sequenceElements of the first to the secondThe individual elements are respectively withMultiplying and rounding up the obtained result to obtainPersonal (S)Integers within the range, this isThe integers form a sequence of operation lengths, whereinThe length of the character sequence is represented,The number of kinds of characters is represented,Representing the rounding-up of the symbol,Representing the iteration parameters in the first key.
4. The encryption method based on the edge internet of things proxy according to claim 1, wherein the setting the conversion key sequence comprises:
Generating length by using Logistic chaotic mapping algorithm Is the second chaotic sequence of the (2), the first chaotic sequenceElements of the first to the secondRounding the elements to obtainA number of 0 or 1, and this is usedThe number constitutes a sequence of conversion keys, wherein,The length of the character sequence is represented,Representing the iteration parameters in the second key.
5. The encryption method based on the edge internet of things agent according to claim 1, wherein the sequentially allocating operation lengths to the characters comprises:
Taking the first element of the length of the second codeword which is not greater than the current character in the operation length sequence as the operation length of the current character, deleting the operation length of the current character and all the previous elements in the operation length sequence from the operation length sequence, and realizing the update of the operation length sequence; and distributing the operation length for the next character according to the updated operation length sequence.
6. The encryption method based on the edge internet of things proxy according to claim 1, wherein the distribution method of the conversion key is as follows:
The serial number of the current character in the character sequence is recorded as Will convert the first in the key sequenceThe individual elements are used as the conversion key for the current character.
7. The encryption method based on edge internet of things agent according to claim 1, wherein the second codeword of each character is processed according to the conversion key of each characterThe operation of the bits with the first codeword of the next character comprises:
In response to the conversion key of a character being 0, post-in the second codeword for that character Performing exclusive OR operation on each bit and the first codeword of the next character; in response to the conversion key of a character being 1, a post-in the second codeword for the characterThe bits are exclusive-ored with the first codeword of the next character.
8. The encryption method based on the edge internet of things agent according to claim 1, wherein the converting the plaintext data into a sequence of characters comprises:
the plaintext data is encoded into a binary sequence using GB2312 encoding, and the binary sequence is encoded into a character sequence using Base64 encoding.
9. The encryption method based on the edge internet of things agent according to claim 1, wherein the assigning the codewords with the same length to each character comprises:
according to the number of kinds of characters Binary numbers with the same length are allocated to each character, and as code words of each character, the length of the code words is as followsWhereinRepresenting rounding up symbols.
CN202411262677.2A 2024-09-10 2024-09-10 An encryption method based on edge IoT agent Active CN118827004B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202411262677.2A CN118827004B (en) 2024-09-10 2024-09-10 An encryption method based on edge IoT agent

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202411262677.2A CN118827004B (en) 2024-09-10 2024-09-10 An encryption method based on edge IoT agent

Publications (2)

Publication Number Publication Date
CN118827004A true CN118827004A (en) 2024-10-22
CN118827004B CN118827004B (en) 2025-01-10

Family

ID=93076738

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202411262677.2A Active CN118827004B (en) 2024-09-10 2024-09-10 An encryption method based on edge IoT agent

Country Status (1)

Country Link
CN (1) CN118827004B (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080144809A1 (en) * 2006-12-19 2008-06-19 Fujitsu Broad Solution & Consulting Inc. Encryption process, encryption device, and computer-readable medium storing encryption program
CN104794243A (en) * 2015-05-12 2015-07-22 西安电子科技大学 Third-party ciphertext retrieval method based on file name
CN105391514A (en) * 2014-09-05 2016-03-09 北京奇虎科技有限公司 Character coding and decoding method and device
CN105897402A (en) * 2016-04-05 2016-08-24 乐视控股(北京)有限公司 Parameter encryption method and parameter encryption device
CN112035827A (en) * 2020-11-03 2020-12-04 腾讯科技(深圳)有限公司 Cipher data processing method, device, equipment and readable storage medium
CN114553391A (en) * 2022-03-18 2022-05-27 南通大学 Character string encryption method based on hierarchical shift
CN116132021A (en) * 2023-04-04 2023-05-16 深圳市聚力得电子股份有限公司 Method for sending card swiping data by card reader

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080144809A1 (en) * 2006-12-19 2008-06-19 Fujitsu Broad Solution & Consulting Inc. Encryption process, encryption device, and computer-readable medium storing encryption program
CN105391514A (en) * 2014-09-05 2016-03-09 北京奇虎科技有限公司 Character coding and decoding method and device
CN104794243A (en) * 2015-05-12 2015-07-22 西安电子科技大学 Third-party ciphertext retrieval method based on file name
CN105897402A (en) * 2016-04-05 2016-08-24 乐视控股(北京)有限公司 Parameter encryption method and parameter encryption device
CN112035827A (en) * 2020-11-03 2020-12-04 腾讯科技(深圳)有限公司 Cipher data processing method, device, equipment and readable storage medium
CN114553391A (en) * 2022-03-18 2022-05-27 南通大学 Character string encryption method based on hierarchical shift
CN116132021A (en) * 2023-04-04 2023-05-16 深圳市聚力得电子股份有限公司 Method for sending card swiping data by card reader

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
刘倍雄;肖巧玲;张毅;陈孟祥;: "基于优化对称加密算法的网络密码安全传输研究", 信息与电脑(理论版), no. 22, 25 November 2018 (2018-11-25) *

Also Published As

Publication number Publication date
CN118827004B (en) 2025-01-10

Similar Documents

Publication Publication Date Title
CN116032474B (en) A computer network security protection system based on big data
KR100657062B1 (en) Information encryption method and apparatus for realizing this method
KR102136904B1 (en) Shared secret key generation device, encryption device, decryption device, shared secret key generation method, encryption method, decryption method, and program
US20070028088A1 (en) Polymorphic encryption method and system
CN108173640B (en) High-security symmetric encryption and decryption method for character strings
US20120284528A1 (en) Multi-purpose multi-dimensional, variable and multi-key e-mail and data encryption method
CN112769545B (en) Image Encryption Method Based on Adjacent Pixel Joseph Transform and Mealy State Machine
CN116866029B (en) Random number encryption data transmission method, device, computer equipment and storage medium
CN110543778A (en) linear random encryption and decryption algorithm for character data
CN115834163B (en) Method, device, equipment and storage medium for generating secret key of encrypted data
Paragas et al. Hill cipher modification: A simplified approach
JP2004258667A (en) Method for generating pseudo random permutation of word comprising n pieces of digits
CN114500006A (en) Query request processing method and device
CN115632765B (en) Encryption method, decryption method, device, electronic device and storage medium
US20020136400A1 (en) R-conversion encryption method and system
KR101790325B1 (en) Encryption and Decryption System
CN105718978B (en) QR code generation method and device, and decoding method and device
CN108270546A (en) A kind of method and system of information transmission
CN118827004B (en) An encryption method based on edge IoT agent
JP2001282103A (en) Encryption method
CN117057804B (en) Financial transaction data secure storage method and system based on hash sequence
CN107493164B (en) A DES encryption method and system based on chaotic system
CN118316610A (en) Data encryption method, system and medium for realizing double protection
CN117436110A (en) Data encryption and data decryption methods and devices
CN114785484A (en) Big data secure transmission method and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant