CN118827165B

CN118827165B - Data encryption and decryption method and device

Info

Publication number: CN118827165B
Application number: CN202410829977.8A
Authority: CN
Inventors: 陈鹏; 蔡科; 池冰晴
Original assignee: China Construction Bank Corp; CCB Finetech Co Ltd
Current assignee: China Construction Bank Corp; CCB Finetech Co Ltd
Priority date: 2024-06-25
Filing date: 2024-06-25
Publication date: 2025-09-09
Anticipated expiration: 2044-06-25
Also published as: CN118827165A

Abstract

The present invention discloses a data encryption and decryption method and device, which relates to the fields of big data analysis and data encryption technology. The method comprises: dividing a data text into a preset number to obtain multiple segmented texts; generating multiple interference texts; encrypting the segmented texts and the interference texts based on a text encryption public key; adding a category tag number to each encrypted text based on a category encryption key; generating sending location information of the segmented encrypted texts with sequence numbers in the current round based on a preset current time parameter, a current sending number parameter, and a random number generated in the current round; assigning ungenerated sending location information to the sequence number of each interference encrypted text; and encrypting and sending the encrypted texts, encryption sequence numbers, category encryption keys, and category tag numbers arranged according to the sending location information to a data recipient based on a segmented encryption public key. The present invention is used to effectively enhance the security of data encryption.

Description

Encryption and decryption method and device for data

Technical Field

The invention relates to the technical field of big data analysis and data encryption, in particular to a method and a device for encrypting and decrypting data.

Background

This section is intended to provide a background or context to the embodiments of the invention that are recited in the claims. The description herein is not admitted to be prior art by inclusion in this section.

With the advent of the big data age, the human power technology boost has exhibited explosive growth, especially quantum computers, which have emerged in recent years, with power limits that are hardly capped. Because the main stream idea of the current encryption algorithm is to enable an unauthorized third party to forcedly decrypt only through violent operation under the condition of misinterpreting a secret key, the calculation power required by forcedly decrypting only needs to be ensured to be far beyond the calculation power limit under the current technical condition.

The traditional asymmetric encryption method or the encryption technology based on the traditional asymmetric encryption method under the objective condition does not have the security advantage of absolute security after the future quantum computer realizes calculation generalization, so that how to upgrade the encryption algorithm under the prior art condition makes the encryption means by only improving the brute force to crack the encryption become infeasible, and becomes an important research direction for coping with the security crisis brought by the growth of the computation force.

The existing asymmetric encryption technology is mainly based on the asymmetric advantages of encrypted and decrypted information, so that the encryption cost is low under the condition of a known key, and the decryption cost is unacceptably high under the condition of no key. However, as quantum computers gradually go to generalization, the level of computing power is increasingly improved, and quantum computing power possibly appears in the future is exploded, asymmetric encryption algorithms which conventionally rely on decryption computation complexity to improve security and confidentiality may have the risk of gradually failing in the future, and the security of encrypted data is rapidly reduced.

Disclosure of Invention

The embodiment of the invention provides a data encryption method, which is used for effectively enhancing the security of data encryption and solving the problems caused by the potential threat of calculation force improvement and quantum computation in the prior art, and comprises the following steps:

The method comprises the steps of dividing a data text into a preset number to obtain a plurality of divided texts, generating a plurality of interference texts, and carrying out encryption processing on the divided texts and the interference texts based on a text encryption public key to obtain a plurality of divided encryption texts and a plurality of interference encryption texts;

Based on the category encryption secret key, adding a category label number to each divided encryption text and each interference encryption text, wherein the category label number is used for a data receiver to identify the data text by using a segmented encryption private key corresponding to the segmented encryption public key;

The method comprises the steps of adding sequence numbers to each divided encryption text and each interference encryption text respectively, generating transmission position information of the divided encryption text of the sequence numbers under the current round according to random numbers generated by the current round aiming at the sequence numbers of each divided encryption text, encrypting a set of the transmission position information under each round based on a text encryption secret key to obtain encryption sequence numbers of the divided encryption text, distributing the transmission position information which is not generated to the sequence numbers of each interference encryption text, and carrying out random encryption on the set of the sequence numbers of each interference encryption text to obtain encryption sequence numbers of the interference encryption text;

The embodiment of the invention also provides a data encryption device, which is used for effectively enhancing the security of data encryption and solving the problems caused by the potential threat of calculation force improvement and quantum computation in the prior art, and comprises the following steps:

The text processing module is used for dividing the data text into a preset number to obtain a plurality of divided texts, generating a plurality of interference texts, and carrying out encryption processing on the divided texts and the interference texts based on a text encryption public key to obtain a plurality of divided encryption texts and a plurality of interference encryption texts;

the class encryption module is used for adding class mark numbers to each of the segmentation encryption text and the interference encryption text based on the class encryption secret key, wherein the class mark numbers are used for a data receiver to identify the data text by using the segmentation encryption private key corresponding to the segmentation encryption public key;

The sequence number processing module is used for adding sequence numbers to each divided encryption text and each interference encryption text respectively, generating transmission position information of the divided encryption text of the sequence numbers under the current round according to random numbers generated by the current round, encrypting a set of the transmission position information under each round based on the text encryption secret key to obtain an encryption sequence number of the divided encryption text, distributing the transmission position information which is not generated to the sequence number of each interference encryption text, and carrying out random encryption on the set of the sequence numbers of each interference encryption text to obtain an encryption sequence number of the interference encryption text;

and the encryption transmission module is used for encrypting and transmitting the segmentation encryption texts and the interference encryption texts which are arranged by the transmission position information, the encryption sequence numbers of the segmentation encryption texts, the encryption sequence numbers of the interference encryption texts, the category encryption key and the category label number to a data receiving party based on the segmentation encryption public key.

The embodiment of the invention provides a data decryption method, which is used for effectively enhancing the security of data encryption and solving the problems caused by the promotion of calculation power and potential threat of quantum computation in the prior art, and comprises the following steps:

receiving encrypted transmission data transmitted by a data receiver;

Determining a category decryption key corresponding to the category encryption key by using the segmented encryption private key, and identifying a plurality of segmented encryption texts in the encrypted transmission data according to the category mark number in the encrypted transmission data by using the category decryption key;

Decrypting the plurality of segmented encrypted texts by using a text encryption private key to obtain a plurality of segmented texts;

decrypting the encryption sequence numbers of the segmented encrypted texts in the encrypted transmission data by using a text encryption private key to obtain transmission position information of the segmented encrypted texts;

And restoring the data text based on the transmission position information of the divided encrypted text and the plurality of divided texts.

The embodiment of the invention also provides a data decryption device, which is used for effectively enhancing the security of data encryption and solving the problems caused by the potential threat of calculation force improvement and quantum computation in the prior art, and comprises the following steps:

the data receiving module is used for receiving the encrypted transmission data sent by the data receiving party;

The system comprises a segmentation decryption module, a segmentation encryption module and a segmentation encryption module, wherein the segmentation decryption module is used for determining a class decryption key corresponding to a class encryption key by using a segmentation encryption private key;

The text decryption module is used for decrypting the plurality of segmentation encrypted texts by using the text encryption private key to obtain a plurality of segmentation texts;

the transmission position decryption module is used for decrypting the encryption sequence numbers of the segmented encrypted texts in the encrypted transmission data by using the text encryption private key to obtain transmission position information of the segmented encrypted texts;

and the data text restoring module is used for restoring the data text based on the sending position information of the segmentation encryption text and the segmentation texts.

The embodiment of the invention also provides computer equipment, which comprises a memory, a processor and a computer program stored on the memory and capable of running on the processor, wherein the processor realizes the encryption and decryption method of the data when executing the computer program.

The embodiment of the invention also provides a computer readable storage medium, which stores a computer program, and the computer program realizes the encryption and decryption method of the data when being executed by a processor.

The embodiment of the invention also provides a computer program product, which comprises a computer program, and the computer program realizes the encryption and decryption method of the data when being executed by a processor.

In the embodiment of the invention, a data text is segmented into a preset number to obtain a plurality of segmented texts, a plurality of interference texts are generated, encryption processing is carried out on the segmented texts and the interference texts based on a text encryption public key to obtain a plurality of segmented encrypted texts and a plurality of interference encrypted texts, a class mark number is added to each segmented encrypted text and each interference encrypted text based on a class encryption secret key, the class mark number is used for a data receiver to identify the data text by a segmented encryption private key corresponding to the segmented encryption public key, order numbers are respectively added to each segmented encrypted text and the interference encrypted text, transmission position information of the segmented encrypted text of the order number is generated according to a random number generated by a current round, the encryption sequence number of the segmented encrypted text of each transmission position information is obtained based on the text encryption secret key, the transmission position information of each interference encrypted text is distributed to the sequence number of each interference encrypted text, the random number is obtained by the segmentation encrypted text of the data receiver, the transmission position information of the text is encrypted by the encryption sequence number of the current round, and the text is encrypted by the encryption sequence number of the text encryption secret key, the transmission position information of the text is encrypted by the encryption of the text encryption secret key, the encryption sequence number is increased by the encryption algorithm, and the encryption sequence number of the text encryption is encrypted by the encryption sequence number of the text encryption text encryption cipher number of the encryption text encryption cipher number is arranged by increasing the encryption sequence number of the text encryption key, and the encryption cipher encryption sequence number of the text encryption cipher, the segmented text and the interference text are encrypted together, so that the cracking difficulty is increased, and even if a small part of the text is cracked, the original text cannot be directly understood; the invention not only improves the security of data encryption, but also enables a receiver with a correct key to accurately identify real information, and effectively resists third party identification attempts without keys, and further ensures that the arrangement sequence of the segmented text is not easily revealed by encrypting and sending the position information, even if the position information is intercepted, the real meaning of the segmented text cannot be interpreted, and the security of the whole system is improved, in addition, the invention reduces the problem that the security threat is easily caused by the increase of quantum computing power in the asymmetric encryption in the prior art, and can not perform the inverse private key decoding without the complete encryption data through the encryption strategy of multiple dimensions and dynamic changes, and the fine management and confusion of the data segments, thereby effectively enhancing the security of the data encryption, solving the problem that the super-computer failure method brings about the security breakthrough due to the capability improvement and the calculation potential.

Drawings

In order to more clearly illustrate the embodiments of the invention or the technical solutions in the prior art, the drawings that are required in the embodiments or the description of the prior art will be briefly described, it being obvious that the drawings in the following description are only some embodiments of the invention, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art. In the drawings:

FIG. 1 is a flow chart of a method for encrypting data according to an embodiment of the invention;

FIG. 2 is a diagram illustrating a method for encrypting data according to an embodiment of the present invention;

FIG. 3 is a diagram illustrating a method for encrypting data according to an embodiment of the present invention;

FIG. 4 is a schematic diagram illustrating a structure of a data encryption device according to an embodiment of the present invention;

FIG. 5 is a flowchart of a method for decrypting data according to an embodiment of the present invention;

FIG. 6 is a diagram showing an example of a data decryption apparatus according to an embodiment of the present invention;

fig. 7 is a schematic diagram of a computer device for encrypting and decrypting data according to an embodiment of the present invention.

Detailed Description

For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the embodiments of the present invention will be described in further detail with reference to the accompanying drawings. The exemplary embodiments of the present invention and their descriptions herein are for the purpose of explaining the present invention, but are not to be construed as limiting the invention.

The term "and/or" is used herein to describe only one relationship, and means that three relationships may exist, for example, A and/or B, and that three cases exist, A alone, A and B together, and B alone. In addition, the term "at least one" herein means any one of a plurality or any combination of at least two of a plurality, for example, including at least one of A, B, C, may mean including any one or more elements selected from the group consisting of A, B and C.

In the description of the present specification, the terms "comprising," "including," "having," "containing," and the like are open-ended terms, meaning including, but not limited to. The description of the reference terms "one embodiment," "a particular embodiment," "some embodiments," "for example," etc., means that a particular feature, structure, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the application. In this specification, schematic representations of the above terms do not necessarily refer to the same embodiments or examples. Furthermore, the particular features, structures, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples. The order of steps involved in the embodiments is illustrative of the practice of the application, and is not limited and may be suitably modified as desired.

The technical scheme of the application obtains, stores, uses, processes and the like the data, which all meet the relevant regulations of national laws and regulations. The information collected in the application is information and data which are authorized by a user or are fully authorized by all parties, and the processing of the related data such as collection, storage, use, processing, transmission, provision, disclosure, application and the like is in compliance with the related laws and regulations and standards of related countries and regions, necessary security measures are taken, the public welfare is not violated, and corresponding operation entrance is provided for the user to select authorization or rejection. In addition, the application provides a corresponding operation entrance for the user to choose to agree or reject the automatic decision result, and if the user chooses to reject, the expert decision flow can be entered.

It should be noted that, in the embodiments of the present application, some existing solutions in the industry such as software, components, models, etc. may be mentioned, and, if some existing software tools, components, algorithm models, or solutions widely known in the technical field may be cited, they should be considered as exemplary, only for illustrating the feasibility of implementing the technical solution of the present application, these references should be understood as typical examples, and their core aims are to illustrate and verify the rationality and feasibility of implementing the technical solution proposed by the present application. But does not imply that the applicant has or must not have used this solution, such citations do not imply that the applicant has in fact adopted these existing solutions or that it must in the future adopt these methods during their technical implementation, in other words that these references serve only for illustrative purposes, help to understand the relevance and surpassing of the innovative point of the present application with respect to the prior art, and do not constitute an admission or dependency statement regarding specific prior art products.

Data encryption is an important component of the security field, and any enterprise, organization or individual needs encryption technology to ensure that key information related to confidentiality and privacy is not revealed in the transmission process. The encryption algorithm mainly comprises symmetric encryption and asymmetric encryption, wherein the encryption and decryption processes of the symmetric encryption are consistent, so that the difficulty of forcedly decrypting the ciphertext under the condition of no decryption key through violent operation is low, the security is poor, and the asymmetric encryption method utilizes the asymmetric advantages of information, namely, the encryption difficulty is low, the computational cost of forcedly decrypting the violent operation is high under the condition of the prior art and cannot be born, so that the encryption algorithm is favored, and the typical representative of the encryption algorithm is RSA algorithm.

However, with the advent of big data age, the improvement of human computing technology has shown explosive growth, especially the quantum computers appearing in recent years have computing limits which are hardly capped, and after the traditional RSA encryption or the encryption technology based on the traditional RSA encryption is realized in the future quantum computers to realize calculation generalization under the objective condition, the encryption algorithm is not required to be absolutely safe, so that the encryption algorithm is updated under the prior art condition, so that the encryption means are not feasible by improving computing violence, and the method becomes an important research direction for coping with the security crisis brought by computing growth.

The existing asymmetric encryption technology is mainly based on the asymmetric advantages of encrypted and decrypted information, so that the encryption cost is low under the condition of a known key, and the decryption cost is unacceptably high under the condition of no key. However, as quantum computers gradually become generalized, the practical upper limit of computing power is greatly increased and the computing power cost is greatly reduced, in this case, the security advantage brought by the traditional asymmetric algorithm only depends on the computing power cost of decryption is gradually lost, a new encryption algorithm should be found, and instead of only supporting the security guarantee on the complexity of computing power, a multi-level and multi-dimensional decryption protection barrier needs to be constructed, for example, the means of encrypting the original plaintext in sections, disturbing the order of sections, encrypting, adding nonsensical interference fields, strengthening protection and the like can be used as the thinking research direction for effectively strengthening the encryption security.

In order to solve the problems, the inventor realizes that the increasingly higher computing power level and the large explosion of quantum computing power which may occur in the future are faced, the asymmetric encryption algorithm which conventionally relies on the complex decryption computation to improve the security and confidentiality has the risk of gradually failing in the future, the diversity of the algorithm structure is improved, and the reliability of the encryption algorithm is improved by realizing a multi-dimensional algorithm anti-decoding mechanism. Therefore, the inventor provides a data encryption and decryption method in an embodiment of the present invention, which is used to effectively enhance the security of data encryption, and solve the problems caused by the potential threat of computational enhancement and quantum computation in the prior art, referring to fig. 1, the method may include:

step 101, based on a text encryption public key, encrypting the segmentation texts and the interference texts to obtain a plurality of segmentation encryption texts and a plurality of interference encryption texts;

Step 102, adding a class mark number to each of the segmented encryption text and the interference encryption text based on the class encryption key, wherein the class mark number is used for a data receiver to identify the data text by a segmented encryption private key corresponding to the segmented encryption public key;

Step 103, adding sequence numbers to each divided encryption text and each interference encryption text respectively, generating transmission position information of the divided encryption text with the sequence number under the current round according to a random number generated by the current round aiming at the sequence number of each divided encryption text, encrypting a set of the transmission position information under each round based on the text encryption secret key to obtain an encryption sequence number of the divided encryption text, distributing the transmission position information which is not generated to the sequence number of each interference encryption text, and carrying out random encryption on the set of the sequence numbers of each interference encryption text to obtain an encryption sequence number of the interference encryption text;

step 104, based on the segment encryption public key, the segment encryption text and the interference encryption text which are arranged by the transmission position information, the encryption sequence number of the segment encryption text, the encryption sequence number of the interference encryption text, the category encryption key and the category label number are transmitted to the data receiving party in an encryption mode.

In the implementation, firstly, the data text is divided into a preset number to obtain a plurality of divided texts, and a plurality of interference texts are generated.

In an embodiment, the data text is subdivided into a plurality of small segments, and this is performed according to a predetermined number N, where N is a parameter determined by a combination of data security requirements and system performance. The purpose of segmentation is to break up the original information so that each segmented text is an independent and meaningless unit. The processing can effectively disperse information, even if a single segmentation text is intercepted, the content of the segmentation text is not understandable, and the difficulty of information analysis of illegal visitors is greatly increased. The segmentation process can be realized based on the number of characters, the number of words or specific logic break points, so that the equality and the randomness of each segmented segment are ensured, and the safety is further improved.

To further confuse the viewing, the present invention introduces a large number of meaningless distracting text that is independent of the original information but is indistinguishable in appearance from the segmented text segments. The method of generating the disturbing text may be diversified, for example, using a random character generator, a pseudo-random number sequence, or a text string constructed based on a specific algorithm. The number of interfering texts T is usually much larger than the number of segmented texts M, which can greatly increase the total amount of final encrypted ciphertext, so that even if an unauthorized third party tries to break violently, the unauthorized third party is faced with the difficult task of screening out truly meaningful information from massive data. In addition, the length of the interfering text may be consistent with the segmented text to ensure consistency in subsequent encryption and reassembly processes.

In the specific implementation, after a plurality of interference texts are generated, encryption processing is carried out on the divided texts and the interference texts based on a text encryption public key, so as to obtain a plurality of divided encryption texts and a plurality of interference encryption texts.

In the embodiment, specifically, the original data text is finely divided into a predetermined number of fragments, so that the operation can disperse sensitive information, reduce the influence of a single leakage link, and lay a foundation for subsequent encryption and confusion operations. The segmentation process follows a set rule, so that the segmented text fragments can independently carry information and can restore the integrity of the original text after correct recombination.

Next, to further increase the complexity and security of the encrypted information, a plurality of meaningless distracting texts are generated. These distracting text is completely independent of the original information in content, but is similar in appearance and structure to the segmented text segment, thereby confusing the potential attacker. By adding a large amount of interference text, the total amount of the encrypted information is obviously increased, so that an illegal invader is difficult to distinguish which are real information and which are interference items, and the cost and difficulty of brute force cracking are obviously improved.

Then, a key component of the asymmetric encryption technique, namely a text encryption public key, is applied to perform encryption processing on all the divided text and the generated interference text. For each of the segmented texts, a public key is used to perform a cryptographic transformation that is converted into a ciphertext form to form a plurality of segmented encrypted texts. Similarly, each of the noisy texts is also processed by the same public key encryption method to generate a series of noisy encrypted texts. This public key based encryption method ensures that only the legitimate receiver holding the corresponding private key can decrypt the information, while an unauthorized third party has difficulty in directly reading the original content even if it intercepts the encrypted data.

In the implementation, after the segmented texts and the interference texts are encrypted based on the text encryption public key to obtain a plurality of segmented encrypted texts and a plurality of interference encrypted texts, a class mark number is added to each segmented encrypted text and each interference encrypted text based on a class encryption secret key, and the class mark number is used for a data receiver to identify the data text by a segmented encryption private key corresponding to the segmented encryption public key.

In an embodiment, after the encryption processing of the segmented text and the disturbing text by using the text encryption public key is completed, a unique class mark number is added to each encrypted segmented text and disturbing text. The design aims to enhance the identification and the safety of data transmission and ensure that a receiving party can accurately discriminate the real original data fragments from a plurality of encrypted information. The generation of the class mark number is based on a specially designed class encryption key. The key works in parallel with the traditional segmented encryption public key/private key system and is specially designed for realizing the identification of the data segment. In practice, each divided encrypted text and each interfering encrypted text is assigned a class mark number derived from a class encryption key. These numbers are like the "identity tag" of each data segment, not only contain an indication of the original text information to which the segment belongs, but also have tamper-resistant properties, ensuring the integrity of the data and the authenticity of the source.

The receiver can efficiently identify and verify these class mark numbers using the segment encryption private key it holds. The private key is used as a key for unlocking the information security lock, so that a receiving party can accurately locate and extract the split encrypted text truly belonging to the original text in the encrypted text set mixed with the real data and the interference information. The process relies on a specific mathematical relationship between the class mark number and the segmented encryption private key, so that only a legal receiver can correctly recognize and reconstruct data, and any unauthorized third party cannot correctly recognize information contained in the class mark number due to lack of a necessary private key even if the unauthorized third party obtains the encryption data, so that meaningful original texts cannot be reconstructed.

In addition, in order to further confuse the audio-visual, the design of the category label number also comprises disguising processing of the interference text, so that even if the category label number is broken, an unauthorized third party can not only distinguish the real data fragment from the interference fragment, thereby greatly increasing the difficulty and complexity of illegal decryption and realizing another heavy barrier of data protection.

In one embodiment, the class encryption key is a randomly generated prime number;

Adding a category label number to each of the split encrypted text and the interfering encrypted text based on the category encryption key, comprising:

Selecting a numerical value with zero remainder processing result of the randomly generated prime numbers as a class mark number added to the segmented encryption text based on the randomly generated prime numbers;

and selecting a numerical value which is not zero as a result of the remainder taking process on the randomly generated prime numbers aiming at each interference encryption text based on the randomly generated prime numbers, and taking the numerical value as a class mark number added to the interference encryption text.

In an embodiment, a class encryption key is introduced, which is randomly generated by a strict mathematical algorithm, ensuring that it is a prime number. The key provides a highly secure classification basis for subsequent encrypted text segmentation and interference information injection. The specific implementation method of the invention relates to the utilization of the randomly generated category encryption key to assign a unique category label number to each divided encrypted text block and the specially inserted interference encrypted text, thereby enhancing the confusion and the security of information.

The specific operation steps are that for each individual divided encryption text, numerical values with zero modulo operation result of randomly generated category encryption prime numbers are selected by executing remainder operation, and the numerical values are designated as category label numbers of the divided encryption text. This process ensures that a legitimate recipient can quickly identify a paragraph of text that actually contains the information by the mathematical properties associated with the private key that he holds.

Meanwhile, for each interference encryption text, a similar but opposite strategy is adopted, and a numerical value which is not equal to zero as a result of the remainder operation on the encryption prime numbers of the category is selected as the category label number. The design skillfully utilizes the mathematical difference to ensure the distinguishing property of the interference information and the real information on the classification mark, and the distinguishing becomes extremely difficult for an unauthorized third party.

In summary, the class encryption key based on the randomly generated prime numbers and the application thereof in the classification marks of the encrypted text and the interference text not only greatly enhance the encryption depth of the information, but also effectively improve the capability of resisting violent decryption attempts, thereby ensuring the high security and privacy protection of the communication content.

In one embodiment, selecting, for each segmented encrypted text, a value for which a result of the remainder processing on the randomly generated prime numbers is zero based on the randomly generated prime numbers, includes:

For each divided encryption text, randomly selecting a first preset number of prime numbers larger than the randomly generated prime numbers, taking the product of the randomly selected prime numbers and the randomly generated prime numbers as a numerical value with zero remainder taking processing result on the randomly generated prime numbers;

selecting a numerical value with a result of remainder taking processing on the randomly generated prime numbers being non-zero for each interference encryption text, including:

And taking the product of the randomly selected prime numbers as a numerical value with a non-zero result of the remainder taking process on the randomly generated prime numbers.

In order to enhance the security of an encryption system, the invention implements an innovative random prime number integration method. For the generation of the sequence R ₁……R_M, the product of a basic key and the subsequent 1000 independent random primes is adopted, so that the complexity and randomness of key expansion are ensured. For the sequence R _M+1……R_M+T, the process is to multiply 1001 random primes selected by new independent random, and the design is independent of a class encryption key, so that the difficulty of pattern recognition is enhanced. According to the method, by combining a large number of primes selected irregularly with multiple randomization steps, the confusion degree of encrypted data is effectively improved, correct information fragments are difficult to analyze by an adversary under the condition of unknown type encryption keys, and the protection depth of information safety is greatly enhanced.

the prime number with the first preset number prime number between the random prime number and the random prime number is used as a first target prime number; selecting a numerical value with zero result of remainder taking processing on the first target prime number for each divided encryption text;

Based on the randomly generated prime numbers, selecting a numerical value with a non-zero result of remainder taking processing on the randomly generated prime numbers for each interference encryption text, wherein the numerical value comprises the following components:

and selecting a numerical value which is not zero as a result of taking remainder processing on the second target prime number according to each interference encryption text.

In the above embodiment, in order to further strengthen the classification and confusion mechanism of the encrypted information, the differentiation processing is performed on the classified encrypted text and the disturbing encrypted text using the randomly generated prime numbers as a core basis. Specific operational details are as follows:

First, the present invention employs an innovative screening mechanism for each segmented encrypted text. In this mechanism, a first target prime number is determined, which is located after the randomly generated prime number, with a predetermined first number of prime numbers just spaced therebetween. Then, the encrypted text is divided for each segment, and the numerical values with the operation result of zero are carefully selected as the exclusive category label numbers of the divided text by executing the remainder operation on the first target prime number. This step ensures that the legitimate receiver can accurately identify the actual data segment from the encrypted information using specific mathematical logic, which constitutes a difficult surprise for an illegitimate intruder.

Secondly, for each interference encryption text, a similar but opposite strategy is adopted, so that the aim of further confusing the audio-visual is achieved, and the cracking difficulty is improved. Specifically, a second target prime number is selected, and the distance between the prime number and the randomly generated prime number is a preset second number of prime numbers. For each interference text segment, performing remainder operation on the second target prime number, and purposely selecting a numerical value with the operation result not being zero as a class mark number. This design neatly distinguishes the interfering information from the actual information on the mark, while it becomes extremely difficult for unauthorized individuals to distinguish valid information from scrambled encrypted data.

In summary, through the above fine mathematical operations, the invention not only enhances the classification logic of the encrypted data, but also significantly improves the security level of the information, and ensures that the encrypted content can still maintain high confidentiality and integrity even when facing a strong computational challenge.

The method comprises the steps of adding a category mark number to each divided encryption text and each interference encryption text based on a category encryption key, wherein the category mark number is used for enabling a data receiver to identify a data text through a segmented encryption private key corresponding to a segmented encryption public key, adding an order number to each divided encryption text and each interference encryption text respectively, generating sending position information of the divided encryption text of the order number under the current round according to a random number generated by the current round aiming at the order number of each divided encryption text, encrypting a set of the sending position information under each round based on the text encryption key to obtain an encryption order number of the divided encryption text, distributing the un-generated sending position information to the order number of each interference encryption text, and conducting random encryption on the set of the order number of each interference encryption text to obtain the encryption order number of the interference encryption text.

In an embodiment, the key step of the enhanced encryption process involves a multi-level policy design to ensure a high level of security and anti-hacking capability for information transmission. The specific operation flow is as follows, firstly, each divided encrypted text and the interference encrypted text are finely classified by using a special type encryption key, and a unique type mark number is assigned. The introduction of the mark number aims at enabling a data receiver to efficiently identify which are real text data fragments and which are interference information which is specially implanted by utilizing a segment encryption private key corresponding to a segment encryption public key held by the data receiver, and lays a foundation for subsequent data recombination.

Further, each text segment is systematically assigned an order number for each segment of classified encrypted text, and labeled interfering encrypted text. For each sequence number of the segmented encrypted text, the invention adopts a dynamic generation strategy which comprehensively considers preset current time parameters, accumulated sending times parameters and random numbers generated by a random number generator in the current round, and the exact sending position information of the sequence number under the current round is calculated based on the three elements. It is noted that the total amount of the transmitted position information is equal to the sum of the divided text and the interference text, so that all the fragments are ensured to have the corresponding positioning information.

Next, the text encryption key is adopted to encrypt the transmission position information set of all the divided encrypted texts in each round, so as to generate an encryption sequence number, and the step effectively conceals the real arrangement sequence of the data. Meanwhile, the remaining sending position information which is not allocated to the segmented encrypted text is assigned to the sequence number of each interference encrypted text, and the sequence information of the interference text is further confused by adopting a random encryption algorithm to generate an encryption sequence number, so that the difficulty of an illegal invader in analyzing an actual text sequence is increased.

Through the steps, the invention not only realizes high-strength segmented encryption of data, but also integrates a dynamically adjusted sequence number and position information encryption mechanism, greatly improves the security level of information transmission, and ensures that the encryption system can maintain inherent security and reliability even when facing increasingly strong computational capability challenges.

In one embodiment, the total number of the transmission position information is the sum of the number of the divided text and the disturbing text;

for each sequence number of the segmented encrypted text, generating transmission position information of the segmented encrypted text of the sequence number under the current round according to the random number generated by the current round, including:

and generating the sending position information of the segmented encrypted text with the sequence number under the current round according to the preset current time parameter, the current sending frequency parameter and the random number generated by the current round aiming at the sequence number of each segmented encrypted text.

In one embodiment, for each order number of the segmented encrypted text, the transmission position information of the segmented encrypted text of the order number under the current round is generated according to the preset current time parameter, the current transmission number parameter and the random number generated by the current round, as shown in fig. 3, and includes:

step 301, if the transmission position information of the sequence number divided encryption text under the current round is generated and is the same as the transmission position information of the sequence number divided encryption text under the previous round, the transmission position information is increased backwards by a preset number of bits to obtain a transmission position information update value;

step 302, if the transmission position information updated value is the same as the transmission position information of the divided encrypted text of the sequence number in the previous round, repeating the above operation until the transmission position information updated value is different from the transmission position information of the divided encrypted text of the sequence number in the previous round;

And 303, using the updated value of the transmission position information as the transmission position information of the divided encrypted text of the sequence number under the current round.

In an embodiment, at the order number assigned to each split encrypted text, its generation of transmission location information is intended to further enhance the randomness and unpredictability of the encrypted communication. The specific operation follows the following steps:

first, based on a series of preset parameters including, but not limited to, a specific timestamp parameter at the current time, an accumulated number of times of transmission of the present communication, and a random number independently generated in the present round, the parameters participate in calculation together to determine the transmission position information of the divided encrypted text corresponding to the sequence number in the present round. This calculation process aims to use a combination of these dynamic factors to ensure a high degree of randomness and uniqueness in the arrangement of each transmission location.

However, to prevent the same order numbered split encrypted text from being assigned to the same transmission location in successive rounds, the present invention introduces a set of efficient collision resolution mechanisms. Specifically, if it is detected that the transmission position information generated by dividing the encrypted text by the sequence number in the current round overlaps with the position information in the previous round, the system automatically increases the transmission position by a predetermined number of bits, and generates a so-called transmission position information update value. This incremental operation aims to avoid position duplication in real time, increasing the difficulty of an unauthorized third party to track the original data distribution pattern.

If the updated value of the transmission position information after the increment is still the same as the previous transmission position, the increment operation is repeatedly executed until a new position which is not repeated with the transmission position of the sequence number division encryption text in all previous rounds is obtained. This process ensures that even if a position collision occurs with a very small probability, there is a reliable mechanism to make immediate corrections, maintaining the uniqueness and random distribution of the transmitted positions.

Finally, the updated value of the transmission position information obtained through the conflict detection and correction flow is formally confirmed as the exact transmission position information of the divided encrypted text of the sequence number in the current round. The series of carefully designed operations not only greatly enhance the transmission safety of the encryption information, but also effectively prevent potential attackers from predicting the current position by using the historical communication data, thereby fundamentally improving the robustness and the safety of the encryption system.

In one embodiment, further comprising:

If the transmission position information update value obtained by repeatedly performing the above operation is the transmission position information maximum value and the transmission position information maximum value is the transmission position information of the previous round, the operation of obtaining the transmission position information update value is restarted from the transmission position information minimum value until the transmission position information which is not generated in the previous round is determined.

In an embodiment, for the extreme situation that may occur, that is, in the process of continuously incrementing the update value of the transmission position information to solve the position conflict, if the update value reaches the preset maximum transmission position limit, and the maximum value has been used in the previous round, a circular backtracking strategy is adopted to ensure the uniqueness and continuity of the transmission position information.

Specifically, when it is detected that the generated transmission position information update value is equal to a preset transmission position information maximum threshold value, and this maximum value has been occupied by a previous round, the search start point of the transmission position information is automatically reset to the minimum value, that is, a new transmission position information update value is retried to be generated from the start position of the transmission position information sequence. This process ensures that even in the event that the transmission location resources appear to be exhausted, a transmission location that has not been allocated in all past rounds can be searched and designated in a cyclic manner, thereby maintaining the security isolation and confusion of information transmissions.

The introduction of the circulation mechanism not only effectively avoids the problem of exhaustion of the resource for transmitting the position information, but also further enhances the complexity of encrypted communication, and forms a more serious challenge for potential attackers. In this way, even if facing a highly optimized analysis algorithm, an attacker can hardly accurately predict or inversely push out the real arrangement sequence of the information, thereby guaranteeing the safety and the integrity of the data in the transmission process and fully embodying the innovation and the practicability of the invention in the technical field of encryption.

In one embodiment, further comprising:

after the transmission position information of the divided encryption text of the sequence number under the current round is generated, a data dictionary carrying the association relation between the divided encryption text and the transmission position information is generated according to the divided encryption text of each round and the transmission position information.

In a specific embodiment, the present invention further covers the step of generating a dictionary of current location codes and segment information association data. Specifically, this step is immediately after generating the transmission position information of each divided encrypted text in the current round, and aims to establish an efficient indexing mechanism, not only a unique transmission position information is allocated to each segment of text that is encrypted by a segment, but also an exhaustive data dictionary is created, which records in detail the mapping relationship between the encrypted content of each segment and its specific transmission position.

The construction process of the data dictionary fully considers the information security, and ensures that even if partial data is intercepted or analyzed in the transmission process, an attacker cannot easily read the real ordering of the segmented text and the content thereof. The setting of the association relationship in the data dictionary utilizes advanced encryption logic to bind the segment numbers with the randomized distribution of the segment numbers in the encrypted information stream, and the binding relationship is completely hidden and difficult to crack from the outside. The receiving party can quickly identify and restore the correct ordering of the divided texts under the condition of holding the corresponding decryption key and the decoding rule, so that the original information is recombined, and an unauthorized third party cannot restore the original appearance of the information due to lack of necessary decryption means and understanding of the data dictionary structure.

The introduction of the data dictionary not only improves the flexibility and efficiency of encryption communication, but also remarkably enhances the firmness of the whole encryption system, so that the encryption method can still keep excellent defending performance and ensure the safe transmission of sensitive information even when facing increasingly enhanced computing capability and advanced analysis technology.

The method comprises the steps of carrying out encryption on a set of transmitting position information under each round based on a text encryption key to obtain an encryption sequence number of a segmented encryption text, carrying out random encryption on the set of sequence numbers of each interference encryption text to obtain the encryption sequence number of the interference encryption text, and then carrying out encryption transmission on the segmented encryption text and the interference encryption text which are arranged through the transmitting position information, the encryption sequence number of the segmented encryption text, the encryption sequence number of the interference encryption text, the class encryption key and the class mark number to a data receiver based on a segmented encryption public key.

In an embodiment, the above-mentioned carefully arranged split encrypted text and the interference encrypted text, the respective encryption sequence numbers, and the category encryption key and category label number for category identification are included together into an encryption category by using a public key of the split encryption, so as to form a comprehensive encrypted packet. The series of data is securely transmitted to the intended data receiver after encryption, ensuring the integrity and confidentiality of the information during transfer. The implementation of the comprehensive encryption strategy not only strengthens the protection of core information, but also effectively aims at potential decryption attempts by introducing elements with randomness and dynamic change, and particularly aims at the threat of the possible increase of computing capacity or quantum computing technology in the future, thereby providing more stable and strong-adaptability safety guarantee for data communication.

A specific embodiment is given below to illustrate a specific application of the method of the present invention, and the objective of this embodiment is to implement further enhancement of the encryption algorithm based on the traditional asymmetric encryption, because the main idea of the current encryption algorithm is to let an unauthorized third party only force decryption through brute force operation under the condition of misinterpreting the secret key, and only need to ensure that the calculation force required for forced decryption far exceeds the calculation force limit under the current technical condition. However, the computing technology has been developed, so as to avoid the failure of the current encryption algorithm caused by the occurrence of a large burst of the computing technology at a future time point, such as the birth of a generalized quantum computer, and a novel multi-dimensional decryption prevention mechanism with high difficulty of forcedly decrypting computing is required to be constructed.

For a clearer explanation of the design concept of the present patent, the RSA algorithm in the asymmetric encryption technology is now described as an example, but this by no means that the novel encryption technology of the present invention can only be upgraded for this asymmetric encryption technology. The concept of the embodiment is specifically described as follows, as shown in fig. 2:

1. Asymmetric encryption RSA algorithm.

The RSA algorithm is a classical asymmetric algorithm, the core theory of the design is based on arithmetic characteristics related to factorization and remainder calculation in number theory, in short, the algorithm can ensure that a user can easily complete encryption and decryption of texts under the condition of having a secret key, but an unauthorized third party can restore the texts by violently decrypting the ciphertext under the condition of not having the secret key, the required calculation amount of the algorithm needs more than 100 trillion years of decryption time according to the technical level of the current supercomputer, and therefore irreversible decryption is realized in a physical sense.

Specifically, RSA designs a pair of keys, namely a public key and a private key, which are a group of pairs, and are marked as a public key (E, N) and a private key (D, N), the public key is used for encrypting an original text, the private key is used for decrypting, and it is to be noted that E and N are public, but D of the private key is not public, only the user knows itself, the core of the RSA encryption algorithm is to digitize a segment of plaintext into a code replaced by a number, note that here the plaintext is encoded into a digital code which does not belong to an encrypted part, and this encoding may be knowledge of a certain public generalized encoding mode, if the original text has ten words, the encoding into numbers (x ₁,x₂,…,x₁₀), then a real encryption process can be started, and (x ₁,x₂,…,x₁₀) is made separatelyProcessing, namely marking a processing result as:

Where% is the operator of the remainder, e.g., 7%5 =2.

(Y ₁,y₂,…,y₁₀) is the encrypted ciphertext, and the RSA encryption algorithm can ensure that the receiver goes through the decryption process after receiving the ciphertext (y ₁,y₂,…,y₁₀)Can be retrieved (x ₁,x₂,…,x₁₀), that is:

Then the receiver reversely decodes (x ₁,x₂,…,x₁₀) in a public way to obtain the original text. In the process, an unauthorized third party can only intercept the intermediate encrypted ciphertext, namely (y ₁,y₂,…,y₁₀), if no key (D, N) exists, the super computer can only be used for decrypting all possible D, the correlation property of the Euler theorem can be proved from the theoretical level under the system of number theory, and the required violent calculation decryption time is in the order of megahundred million years as long as the value of N is large enough (for example, more than 1024 bits).

Therefore, if the computer power technology does not break through greatly, the security of the encryption algorithm is very high. However, the appearance of the quantum computer may break the situation, the upper speed limit scientists for quantum computing cannot evaluate until now, and the quantum computer may be hundreds of trillion times that of the existing supercomputer, if the generalized quantum computer is once appeared, the encryption algorithm which can be decrypted only needs a few seconds at present, so that encryption upgrading is necessary in other aspects, and the encryption security is not only derived from the high severity of the calculation power requirement of the decryption algorithm. The present invention thus proceeds to devise unique new encryption logic.

2. Double-key segmented encryption:

The sectional encryption is an important means for improving the encryption security, for a piece of text, supposing that the text is coded into a number (x ₁,x₂,…,x_N), and N is the length of the text, the text coding number is not secure enough to be directly and asymmetrically encrypted, and a mode of double-key sectional encryption is adopted, wherein the specific design thinking is as follows:

(1) The double key is different from the traditional encryption method, and only one group of public and private keys are used for encryption. There are two sets of public and private keys, labeled text encryption public and private keys (E ₁,N₁) and (D ₁,N₁) for text encryption, and segment encryption public and private keys (E ₂,N₂) and (D ₂,N₂) for segment encryption, respectively.

The original text (x ₁,x₂,…,x_N) is cut into segments, assuming M segments, each segment having a length K, n=m×k. Thus (x ₁,x₂,…,x_N) is partitioned into:

K₁＝(x₁,x₂,…,x_K)、K₂＝(x_K+1,x_K+2,…,x_2K)、……、K_M＝

(x_N-K+1,x_N-K+2,…,x_K)。

The public key (E ₁,N₁) for text encryption of each segment after segmentation is non-piled up for encryption.

(2) The segmented K ₁……K_M is respectively assigned with category label numbers which are a series of codes, the category label number of each segmented segment can be combined with the segmented encryption private key (D ₂,N₂) of the receiver to calculate a fixed value of 0 so as to indicate that the segments come from the same original code, thus a large amount of interference text codes can be added to be mixed with K ₁……K_M after the unique identification is obtained, and the interference text codes are marked as followsWherein T is much greater than M,The length of each segment of the document is the same as any of K ₁……K_M, namely the length is K, and the document also has a class mark number, except that the class mark number of the interfering text is calculated to be different from 0 by combining the private key of the receiver, thereby the interfering text can be seenThe existing value is to mix with K ₁……K_M, so that an unauthorized third party cannot find out the constituent segment K ₁……K_M of the original text code (x ₁,x₂,…,x_N) from massive segmentation information. The specific operation is as follows:

The class number of the marker K ₁……K_M is R ₁……R_M, and the marker is simultaneously The class numbers of (2) are R _M+1……R_M+T, and the class numbers are formed by a series of numbers. Here, a class decryption key D ^*,D^* is generated as a randomly generated prime number, R ₁……R_M is generated based on D ^*, and the selection principle is that R _m％D^* =0, m=1, 2,..m, that is, the selected R ₁……R_M is divisible by the class decryption key D ^*, and the selection principle of R _M+1……R_M+T is that R _h％D^* >0, h=m+1, m+2,..m+t, that is, the selected R _M+1……R_M+T is not divisible by the class decryption key D ^*.

When the encryption work is carried out, the public key (E ₂,N₂) is carried out by encrypting the D ^* and all text and class mark numbers R _m, m=1, 2, & gt, and M+T together, so that after receiving the ciphertext and the encrypted secret key D ^*, an addressee (receiver) can decrypt the D ^* through the private key (D ₂,N₂) of the own segmented encryption, and then the class mark numbers R _m, m=1, 2, & gt, M+T of all the fragments in the ciphertext can judge which original text encrypts information and which are only interference information, so that the interference information fragments for protection can be directly removed.

It should be noted that, in order to further increase the security, the generating process of R ₁……R_M and R _M+1……R_M+T is designed in a refinement manner, where R ₁……R_M uses a secret key D ^* multiplied by 1000 random primes thereafter, and R _M+1……R_M+T uses 1001 random primes after D ^* multiplied to obtain, since the random primes after D ^* are infinitely many, and the selected primes have no specific rule, it is impossible to calculate the category attribution of each text segment as long as the hacker does not crack the segment encryption private key (D ₂,N₂), and it is not possible to learn which of the massive encryption segments is the correct useful information.

Specifically, in order to deepen the encryption security level and improve the cracking difficulty, the scheme designs the generation mechanism of R ₁……R_M and subsequent R _M+1……R_M+T. Specifically, each class mark number in R ₁……R_M is obtained by multiplying the key D ^* by the 1000 independent randomly selected primes thereafter. This strategy ensures that complex mathematical relationships exist between even adjacent elements, and the establishment of such relationships is based on highly random and voluminous prime products, greatly enhancing the uncertainty.

While for the R _M+1……R_M+T part, a different strategy is adopted. Although the product of 1001 random prime numbers is used to construct each class mark number, the product is not directly multiplied by the key D ^*, but directly multiplied by 1001 independent randomly selected prime numbers after the key D ^*, and the design further confuses the generation mode, so that even if an attacker grasps certain mode characteristics, the prime number sequence cannot be directly and reversely deduced or the true identity of the text fragment can not be determined.

Since prime numbers are selected according to the principle of no specific rule, and the number is theoretically unlimited, unless an attacker can successfully crack the private key of the segment encryption, the prime numbers are almost inexhaustible in combination, and further, it is not possible to accurately judge which fragments belong to the original information and which are intentionally implanted interference items. The method not only effectively conceals the truly valuable data fragments, but also makes the information discrimination in the massive encrypted fragments into tasks which are almost impossible to finish, thereby remarkably enhancing the anti-decoding capability of encrypted communication and providing a powerful defense barrier even facing the future potential quantum computing threat.

3. A wheel ordering mechanism.

The design concept of segment encryption has been introduced, but the design concept of segment encryption is still far from sufficient, because the segment encryption itself still does not significantly improve the anti-decoding capability of the encryption technology, the stability of encryption can be improved by combining and nesting the double keys, but if the calculation power is exponentially increased, the nested encryption still fails, meanwhile, the former segment encryption only solves the method of identifying the original text segments in a plurality of interference segments, and does not relate to the content of how the segments are reordered and combined, it is known that even if the decrypted original text is obtained, if the segments cannot be recombined according to the correct sequence, the transmission is still invalid, so that a rotating wheel ordering mechanism needs to be designed, not only the normal and efficient encryption transmission can be performed by a user, but also the fact that even if the calculation power is increased, an unauthorized third party can truly ensure that the calculation power is violently cracked, but also fails because the correct segment ordering cannot be performed, so that the rotating wheel ordering mechanism is the core of the whole encryption method.

Each segment is assigned an order number, i.e. K ₁、……、K_M numbers 1 to M, along with the preceding label, while forThe number M +1 is used for the control of the machine, the term, M+T.

K ₁、……、K_M Can only be selected from 1 to M + T.

When in encryption transmission, the serial number information of the fragments cannot be directly encrypted and transmitted, otherwise, once an unauthorized third party breaks the serial numbers of the fragments, the former segmented encryption and interference information directly lose the protection effect, a set of method capable of continuously changing the serial number sequence disorder mode along with time needs to be designed, and the method capable of ensuring the serial number disorder cannot be easily broken. To meet this requirement, the following number scrambling algorithm may be designed:

(1) For K ₁、……、K_M, the numbers 1 to M are known, and the number scrambling method is determined based on the current time interval and the current transmission number, and these two determining factors are called as determining data 1 and determining data 2, and are respectively denoted as n_1 and n_2.

The current time is the time interval from the current date to a fixed time point after the current date is accurate to a second, and by way of example, assuming that the current time is 0 minutes 0 seconds at 1 month 1 day 0 in 2000, the fixed time is 0 minutes 0 seconds at 0 day 1 in 1900, the current time interval is (100×365+25) ×24×60×60= 3155760000 seconds, and the time interval is less than 1 second, calculated as 1 second, and 3155760000 is the determination data 1 for the disorder of the ranking, that is, n_1.

The current number of times the sender sends the encrypted ciphertext is n_2.

(2) The invention designs a sequencing scrambling algorithm which starts from K ₁, a numerical U_1 is randomly generated from 0-M by a calculation formula of the position, U_1 is processed by (U_ ^N_2 +N_1)% (M+T), so that a number between 1 and M+T is generated, the number is the position code w_1 of a segment K ₁, then a random number U_2 is generated from 0-M again for K ₂, and the position code w_2 is generated by (U_ ^N_2 +N_1)% (M+T).

If the generated position codes w_2 and w_1 are repeated, then the position code is extended backward to the last unoccupied number as the position code w_2.

If the following position codes are all occupied, the smallest unoccupied number is selected as the numerical code from 1, and then the position code of K ₁、……、K_M is obtained successively.

The position codes and subscripts, namely numbers, of the position codes are in one-to-one correspondence to form a data dictionary as follows:

Indicating at which position from 1 to M+T the fragments K ₁、……、K_M are located, respectively, 1≤w ₁,…,w_M≤M+T. The location information { W ₁,…,w_M } of segment K ₁、……、K_M is labeled W ₀, then the remaining locations {1,2,., m+t } - { W ₁,…,w_M } are randomly assigned to the interfering segments And marks the location information of the interference segment as W ₁.

(3) Next, W ₀ is encrypted with a text encryption public key (E ₁,N₁), and the receiver receives the information and decrypts it with a private key (D ₁,N₁). For W ₁, random encryption is performed by any method, only the fact that the encrypted data in W ₁ is different from the encrypted data of W ₀ is guaranteed, so that after a receiving party receives a ciphertext, the ciphertext of W ₁ is decrypted by a private key (D ₁,N₁) to analyze meaningless messy codes, and the receiving party can complete the reassembly of the fragments by only selecting and sequencing and combining the corresponding fragments with the position information of 1-M, so that the complete original text is obtained.

The design of the encryption idea introduces two uncontrollable variables of the current time and the signaling times in the encryption stage, so that the ordering of the fragments is more random, but the encryption idea has no influence on the receiving and transmitting parties, and only the difficulty is increased for an unauthorized third party to decipher the ciphertext.

Meanwhile, if an unauthorized third party wants to use ultra-high-computation-force violent cracking private key, the unauthorized third party needs to possess a complete corresponding public key encryption ciphertext as a sample to carry out reverse-derivation operation, the position information of a large number of introduced interference fragments adopts random encryption, the unauthorized third party needs to obtain the private key to reject the interference sample when knowing which samples are public key encryption, otherwise, the ciphertext sample encrypted by the non-public key becomes impurities to cause failure of reverse-derivation calculation. Therefore, an unauthorized third party can fall into the logic dilemma of the hen and the hen eggs when cracking the ciphertext, and the mechanism of the circulation protection can ensure that a cracked calculation entry point cannot be found even if the calculation force breaks through growth, so that a cracking strategy for simply improving the calculation force is invalid.

Finally, because the K ₁、……、K_M position code is generated by adopting a cyclic reciprocating mechanism, the position code can be backwards and forwards extended after being occupied, and if the position code is backwards extended to the last position, the mechanism is similar to a revolver of a revolver, so that the random generation of the position is ensured, and the confusion is avoided, and the vacancy is continuously and repeatedly inserted, so the mechanism is called a revolver sequencing mechanism.

4. The encrypted ciphertext is integrated and sent out.

The double-key segmented encryption information, the category number encryption information, the segment K ₁……K_M position number encryption information, the interference item segment position random encryption information and the like are integrated together to form a unified ciphertext which is sent to a receiver, so that a ciphertext sending flow can be completed, and the receiver can decrypt according to two corresponding sets of keys after receiving the ciphertext.

Of course, it is to be understood that other variations of the above detailed procedures are also possible, and all related variations should fall within the protection scope of the present invention.

As described above, the present invention has the following beneficial effects:

1. Based on the asymmetric encryption algorithm, the deep transformation is performed, the decoding difficulty of the algorithm is improved by performing segmented encryption on the original text and performing order scrambling, and a unique runner type ordering segmentation algorithm is designed aiming at the order scrambling, so that the ordering change is ensured not to be repeated.

2. And adding an interfering text with no practical meaning into the segmented text, encrypting the text for protecting, designing a unique identification method for the interfering text, and ensuring that all the text fragments can be found out from the complicated encrypted ciphertext when a receiver decrypts the text, wherein an unauthorized third party without a decryption key cannot find out the original ciphertext from the huge interfering text and splice the original ciphertext even if intercepting the ciphertext.

3. The rotating wheel ordering mechanism, the segmented encryption method and the interference fragment random encryption are combined, namely, the calculation reverse private key can not be cracked without complete encrypted data, and the complete encrypted data can not be obtained without private key identification interference information. The unauthorized third party can fall into logic dilemma of the hen and the hen eggs when cracking the ciphertext, and the user cannot go from the hand. Thereby avoiding the risk of failure of the encryption method simply caused by breakthrough promotion of the computing power of the supercomputer.

The embodiment of the invention also provides a device for encrypting and decrypting the data, as expressed in the following embodiment. Because the principle of the device for solving the problem is similar to that of the encryption and decryption method of the data, the implementation of the device can refer to the implementation of the encryption and decryption method of the data, and the repetition is omitted.

The embodiment of the invention also provides a data encryption device, which is used for effectively enhancing the security of data encryption and solving the problems caused by the potential threat of calculation force improvement and quantum calculation in the prior art, as shown in fig. 4, and comprises the following steps:

The text processing module 401 is used for dividing the data text into a preset number to obtain a plurality of divided texts, generating a plurality of interference texts, and carrying out encryption processing on the divided texts and the interference texts based on a text encryption public key to obtain a plurality of divided encryption texts and a plurality of interference encryption texts;

The class encryption module 402 is configured to add a class mark number to each of the split encrypted text and the interference encrypted text based on a class encryption key, where the class mark number is used for a data receiver to identify a data text with a segment encryption private key corresponding to the segment encryption public key;

the sequence number processing module 403 is configured to add a sequence number to each of the split encrypted text and the interference encrypted text, generate, for each of the sequence numbers of the split encrypted text, transmission position information of the split encrypted text with the sequence number under the current round according to a random number generated by the current round, encrypt, based on the text encryption key, a set of the transmission position information under each round to obtain an encryption sequence number of the split encrypted text, assign the transmission position information that is not generated to the sequence number of each of the interference encrypted texts, and randomly encrypt the set of the sequence numbers of each of the interference encrypted texts to obtain an encryption sequence number of the interference encrypted text;

An encryption transmission module 404 for encrypting and transmitting the divided encrypted text and the interference encrypted text arranged by the transmission position information, the encryption order number of the divided encrypted text, the encryption order number of the interference encrypted text, the category encryption key, and the category label number to the data receiving side based on the divided encryption public key.

In one embodiment, for each order number of the divided encrypted text, generating transmission position information of the divided encrypted text of the order number under the current round according to the preset current time parameter, the current transmission number parameter and the random number generated by the current round includes:

If the transmission position information of the divided encryption text with the sequence number under the current round is generated and is the same as the transmission position information of the divided encryption text with the sequence number under the previous round, the transmission position information is increased backwards by a preset number of bits, and a transmission position information update value is obtained;

If the transmission position information updating value is the same as the transmission position information of the segmented encrypted text of the sequence number in the previous round, repeating the operation until the transmission position information updating value is different from the transmission position information of the segmented encrypted text of the sequence number in the previous round;

And using the updated value of the transmission position information as the transmission position information of the segmented encrypted text of the sequence number under the current round.

In one embodiment, further comprising:

The embodiment of the invention provides a data decryption method, which is used for effectively enhancing the security of data encryption and solving the problems caused by the potential threat of calculation force improvement and quantum computation in the prior art, as shown in fig. 5, and comprises the following steps:

step 501, receiving encrypted transmission data transmitted by a data receiver;

Step 502, determining a category decryption key corresponding to the category encryption key by using the segmented encryption private key, and identifying a plurality of segmented encryption texts in the encrypted transmission data according to the category mark number in the encrypted transmission data by using the category decryption key;

step 503, decrypting the multiple divided encrypted texts by using the text encryption private key to obtain multiple divided texts;

Step 504, decrypting the encryption sequence numbers of the divided encryption texts in the encrypted transmission data by using the text encryption private key to obtain transmission position information of the divided encryption texts;

And step 505, restoring the data text based on the transmission position information of the segmentation encryption text and the plurality of segmentation texts.

In the above-described embodiments, the decryption method is directed to a data encryption technique aimed at securely restoring information encrypted by a data encryptor. The method comprises the following specific steps:

firstly, a decryption party receives a ciphertext data packet subjected to complex encryption processing from a data receiving party, wherein the data packet comprises an original text segment, an interference segment and corresponding control information which are encrypted in a splitting way.

With the segment encryption private key, the decryptor can determine and obtain the class decryption key with which it is paired. This step is based on a double key mechanism used in the encryption process to ensure that only legitimate recipients can correctly identify and classify the encrypted text.

By applying the category decryption key, the decryptor is able to identify from the ciphertext those multiple segmented encrypted texts carrying category label numbers. These numbers help to distinguish which are the original pieces that really need to be decrypted and which are the interfering items, thus laying the foundation for subsequent processing.

Then, the decryption party decrypts the identified divided encrypted texts one by using the text encryption private key, and restores the original divided texts. This step ensures the recovery of the data content, but the text segment is still in a cluttered state at this time.

Further, the encrypted sequence numbers are decrypted using the text encryption private key, the numbers indicating the correct position of each split text in the original text. This step is critical for the final reduction of the complete original text.

And finally, according to the decrypted segmented text and the corresponding sending position information, the decryption party can recombine all the segmented texts according to the correct sequence, so that the original data text is completely restored. This process involves ordering and stitching the segmented text using the location information to ensure the integrity and readability of the information.

In summary, the decryption method effectively and reversely executes the encryption process through a series of carefully designed steps, thereby not only ensuring the safe transmission of information, but also overcoming the complexity caused by segmentation, encryption, ordering disorder and interference information introduction and realizing the accurate decryption of encrypted data.

An embodiment is given below to specifically describe the data decryption method, in the embodiment of the data decryption method of the present invention, for the encryption process described above, the data decryption party needs to follow strict steps to recover the original data text, so as to ensure accurate lossless recovery of information. The specific implementation steps are as follows:

1. The decryption party first receives an encrypted data packet sent by the encryption party through the secure channel, wherein the data packet comprises the split encrypted text, the interference encrypted text, the encryption sequence number, the class mark number and necessary auxiliary information (such as an encryption form of a class encryption key). The decrypting party decrypts the category encryption key by using the private key corresponding to the segment encryption public key so as to be used in the subsequent steps.

2. Identifying and classifying text fragments, namely identifying the class mark numbers in the encrypted data by using the decrypted class decryption keys by a decryption party. By calculating the mathematical relationship (such as the remainder operation) between each text segment and the category decryption key, the decryption party can distinguish the true segmentation encryption text from the interference encryption text, and ensure that only the actual data segment is decrypted.

3. And decrypting the divided texts, namely aiming at the identified divided encrypted texts, decrypting the divided texts one by using a text encryption private key by a decryption party. This step restores the original content of the segmented text, but at this point the order of the text segments has not yet been restored.

4. Decrypting and applying the location information next, the decrypting side decrypts the encryption order number using the text encryption private key, thereby obtaining the transmission location information of the divided text. These position information indicate the correct arrangement order of the segmented text in the text. If there is a processing mechanism of the position conflict (such as backward forward rule when the repeated position is encountered), the decryption party needs to reversely analyze according to the same rule to ensure the correct application of the position information.

5. And reorganizing the original data text, namely, reordering the data fragments by a decryption party according to the decrypted segmented text and the corresponding sending position information. This step may involve sorting according to a location information dictionary, stitching the segmented text in the correct order, excluding all interfering text, and thus fully recovering the original data text.

6. And (3) integrity verification, namely in order to ensure the integrity of the decrypted data, the decrypting party can further calculate a hash value of the restored original text and compare the hash value with the hash value added during transmission to verify whether the data is tampered during transmission.

Through the detailed steps, the decryption party can efficiently and accurately recover the original information from the encrypted data, the whole process not only depends on the safe keeping of the private key, but also fully utilizes dynamic factors such as time, transmission times and the like and the complexity of a mathematical algorithm, effectively prevents unauthorized access and information tampering, and ensures the safety and reliability of data transmission.

In the decryption method embodiment of the present invention, the data receiver first receives an encrypted data packet sent by the sender, where the data packet contains a carefully designed split encrypted text, an interference encrypted text and its corresponding encryption order number, class mark number, etc. The decryption process is detailed and is aimed at recovering the original data text and ensuring its integrity and safety, and the data receiving module firstly ensures that the encrypted data is received safely, including the encrypted divided text, the interference text and the respective encryption sequence number and class mark number. The decryption module first decrypts the class mark number using the segment encryption private key, thereby identifying which are the true data segment texts and which are the interfering texts. This process relies on the class encryption key to ensure that only legitimate recipients can be accurately distinguished. And decrypting the encryption sequence numbers of the segmented encrypted texts by using the text encryption private key by using a decryption module to obtain the sending position information of the segmented texts. The key of this step is that even if the location information is intercepted, the location information remains in an indecipherable state without a correct key, enhancing security. And according to the decrypted sending position information, the data text restoring module reorganizes the segmentation text and the interference text according to the original sequence, eliminates the interference text and reorganizes the complete data text. This process effectively counteracts any attacks that attempt to reconstruct the original by analyzing the location information. The decryption method combines the current time parameter and the transmission times through the dynamically adjusted transmission position information generation algorithm, so that the data position arrangement of each encryption is unique, even if the same data is transmitted at different times, the encryption layout is greatly different, and the difficulty of decryption is greatly improved. Even facing the potential threat of quantum computing, the method has the advantages that the method is not only a single key, but also position information and category marks of each fragment and an overall dynamic structure are required to be cracked, so that the complexity of cracking is remarkably improved, and the safety of data is ensured. Through the multidimensional decryption flow, the vulnerability of the traditional asymmetric encryption algorithm in the presence of computational enhancement, especially quantum computation, is overcome, and a firm defense line is constructed through combination of category labels and double-key segmentation encryption and dynamic encryption of position information. The method ensures that the security of data encryption does not depend on the difficulty of decryption calculation, but makes it difficult for illegal visitors to reconstruct meaningful original text even if partial encryption information is acquired under the condition of no private key through a series of complex and interdependent mechanisms, thereby effectively defending potential impact of calculation force improvement and quantum computation on encryption technology.

The embodiment of the invention also provides a data decryption device, which is used for effectively enhancing the security of data encryption and solving the problems caused by the potential threat of calculation force improvement and quantum calculation in the prior art, as shown in fig. 6, and comprises the following steps:

a data receiving module 601, configured to receive encrypted transmission data sent by a data receiving party;

the segment decryption module 602 is configured to determine a class decryption key corresponding to the class encryption key by using the segment encryption private key, and identify a plurality of segment encrypted texts in the encrypted transmission data according to the class mark number in the encrypted transmission data by using the class decryption key;

the text decryption module 603 is configured to decrypt the plurality of split encrypted texts with a text encryption private key to obtain a plurality of split texts;

A transmission position decryption module 604, configured to decrypt the encryption sequence numbers of the divided encrypted texts in the encrypted transmission data with the text encryption private key, to obtain transmission position information of the divided encrypted texts;

The data text restoring module 605 is configured to restore the data text based on the transmission position information of the split encrypted text and the plurality of split texts.

In particular embodiments of the present invention, the proposed "decryption device of data" is a highly integrated and security-superior system specifically designed to combat the increasing computational challenges and potential threats of quantum computing. The device ensures that encrypted data can be decrypted safely and efficiently through precise modularized design, and the specific structure and functions are as follows:

1. Data receiving module

The module serves as the front end of the device and is responsible for receiving encrypted data packets transmitted by the data sender over the secure network channel. The data packet contains key information such as encrypted segmentation text, interference text, category label number, encryption sequence number and the like. The data receiving module needs to ensure the data integrity and provide accurate input for subsequent decryption operations.

2. Segmented decryption module

The module uses the segment encryption private key as a starting key, and deduces a category decryption key through built-in algorithm logic. This process is based on asymmetric encryption principles, ensuring the security and uniqueness of the key. After the category decryption key is obtained, the module analyzes the category label number in the encrypted data, and the module uses the category label number as a clue to identify which is a real data segmentation encrypted text and which is an interference text for confusion use, so that a foundation is laid for accurate decryption.

3. Text decryption module

The text fragments in the encrypted state are converted back to the plaintext state by decrypting them one by one using the true segmentation encrypted text obtained from the segmentation decryption module using the text encryption private key. This process is based on an asymmetric encryption algorithm, ensuring that only legitimate receivers can perform decryption operations.

4. Transmitting position decryption module

This module also relies on the text encryption private key to decrypt the encryption sequence numbers associated with the split encrypted text in the encrypted transmission data. The decrypted sending position information provides key guidance for correct ordering of the restored data. By decrypting, the device can determine the correct position of each segmented text in the original data, ready for final text reorganization.

5. Data text reduction module

Based on the transmission position information obtained from the transmission position decryption module, the module rearranges and combines the individual divided texts in the correct order. By this process all the segmented text is placed precisely in their place while excluding any disturbing text, eventually restoring the original, unencrypted complete data text. In addition, to ensure the integrity of the decrypted data, the module may integrate a verification mechanism, such as comparing the hash values of the data before and after decryption, to verify whether the data has been tampered with during transmission.

In summary, the data decryption device of the present invention not only ensures the secure decryption of encrypted data, but also effectively improves the reliability and security of data transmission through the cooperation of the modules, and particularly provides an advanced solution for data protection in the context of computational enhancement and quantum computation challenges.

The embodiment of the invention provides a computer device for realizing all or part of contents in the encryption and decryption method of the data, which specifically comprises the following contents:

The system comprises a processor (processor), a memory (memory), a communication interface (Communications Interface) and a bus, wherein the processor, the memory and the communication interface are used for completing communication among the related devices through the bus, the communication interface is used for realizing information transmission among the related devices, and the computer device can be a desktop computer, a tablet computer, a mobile terminal and the like, and the embodiment is not limited to the above. In this embodiment, the computer device may be implemented with reference to an embodiment of the method for implementing encryption and decryption of data and an embodiment of the apparatus for implementing encryption and decryption of data, and the contents thereof are incorporated herein, and are not repeated here.

Fig. 7 is a schematic block diagram of a system configuration of a computer device 1000 according to an embodiment of the present application. As shown in fig. 7, the computer device 1000 may include a central processor 1001 and a memory 1002, the memory 1002 being coupled to the central processor 1001. It is noted that this fig. 7 is exemplary, and that other types of structures may be used in addition to or in place of the structures to implement telecommunications functions or other functions.

In one embodiment, the encryption and decryption functions of the data may be integrated into the central processor 1001. The central processor 1001 may be configured to control, among other things, the following:

Dividing the data text into preset numbers to obtain a plurality of divided texts;

Encrypting the segmentation texts and the interference texts based on a text encryption public key to obtain a plurality of segmentation encryption texts and a plurality of interference encryption texts;

The divided encrypted text and the interference encrypted text arranged by the transmission position information, the encryption order number of the divided encrypted text, the encryption order number of the interference encrypted text, the category encryption key, and the category label number are transmitted to the data receiving side by encryption based on the segment encryption public key.

Or (C),

Receiving encrypted transmission data transmitted by a data receiver;

In another embodiment, the encryption and decryption device for data may be configured separately from the cpu 1001, for example, the encryption and decryption device for data may be configured as a chip connected to the cpu 1001, and the encryption and decryption function for data may be implemented under the control of the cpu.

As shown in fig. 7, the computer device 1000 may further include a communication module 1003, an input unit 1004, an audio processor 1005, a display 1006, a power supply 1007. It is noted that the computer device 1000 does not necessarily have to comprise all the components shown in fig. 7, and that the computer device 1000 may also comprise components not shown in fig. 7, to which reference is made in the prior art.

As shown in fig. 7, the central processor 1001, sometimes also referred to as a controller or operational control, may include a microprocessor or other processor device and/or logic device, and the central processor 1001 receives input and controls the operation of the various components of the computer device 1000.

The memory 1002 may be, for example, one or more of a buffer, a flash memory, a hard drive, a removable media, a volatile memory, a non-volatile memory, or other suitable device. The above-described information about the device may be stored, and a program for executing the information may be stored. And the central processor 1001 can execute the program stored in the memory 1002 to realize information storage or processing, and the like.

The input unit 1004 provides input to the central processor 1001. The input unit 1004 is, for example, a key or a touch input device. The power supply 1007 is used to provide power to the computer device 1000. The display 1006 is used for displaying display objects such as images and characters. The display may be, for example, but not limited to, an LCD display.

The memory 1002 may be a solid state memory such as Read Only Memory (ROM), random Access Memory (RAM), SIM card, and the like. But also a memory which holds information even when powered down, can be selectively erased and provided with further data, an example of which is sometimes referred to as EPROM or the like. Memory 1002 may also be some other type of device. Memory 1002 includes a buffer memory 1021 (sometimes referred to as a buffer). The memory 1002 may include an application/function storage 1022, the application/function storage 1022 for storing application programs and function programs or for executing a flow of operations of the computer apparatus 1000 by the central processor 1001.

The memory 1002 may also include a data store 1023, the data store 1023 for storing data such as contacts, digital data, pictures, sounds, and/or any other data used by a computer device. The driver store 1024 of the memory 1002 can include various drivers for the computer device for communication functions and/or for performing other functions of the computer device (e.g., messaging applications, address book applications, etc.).

The communication module 1003 is a transmitter/receiver 1003 that transmits and receives signals via an antenna 1008. A communication module (transmitter/receiver) 1003 is coupled to the central processor 1001 to provide an input signal and receive an output signal, which may be the same as in the case of a conventional mobile communication terminal.

Based on different communication technologies, a plurality of communication modules 1003, such as a cellular network module, a bluetooth module, and/or a wireless lan module, etc., may be provided in the same computer device. The communication module (transmitter/receiver) 1003 is also coupled to a speaker 1009 and a microphone 1010 via an audio processor 1005 to provide audio output via the speaker 1009 and to receive audio input from the microphone 1010 to implement usual telecommunications functionality. The audio processor 1005 may include any suitable buffers, decoders, amplifiers and so forth. In addition, an audio processor 1005 is also coupled to the central processor 1001 so that sound can be recorded locally through the microphone 1010 and so that sound stored locally can be played through the speaker 1009.

It will be appreciated by those skilled in the art that embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.

The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

The foregoing description of the embodiments has been provided for the purpose of illustrating the general principles of the invention, and is not meant to limit the scope of the invention, but to limit the invention to the particular embodiments, and any modifications, equivalents, improvements, etc. that fall within the spirit and principles of the invention are intended to be included within the scope of the invention.

Claims

1. A method for encrypting data, applied to a data encryption party, comprising:

2. The method of claim 1, wherein the class encryption key is a randomly generated prime number;

3. The method of claim 2, wherein selecting, for each segmented encrypted text, a value for which the result of the remainder processing on the randomly generated prime numbers is zero based on the randomly generated prime numbers, comprises:

4. The method of claim 1, wherein for each sequence number of the divided encrypted text, generating transmission position information of the divided encrypted text of the sequence number under the current round according to the preset current time parameter, the current transmission number parameter, and the random number generated by the current round, comprises:

5. The method as recited in claim 4, further comprising:

6. The method of claim 1, wherein the total number of transmission location information is a sum of the number of divided texts and the number of interference texts;

7. The method as recited in claim 1, further comprising:

8. A data encryption apparatus, applied to a data encryption party, comprising:

9. A method for decrypting data, applied to a data decrypting side, comprising:

receiving encrypted transmission data transmitted by a data receiver;

10. A data decryption apparatus, which is applied to a data decryption side, comprising:

11. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the method of any of claims 1 to 7 or claim 9 when executing the computer program.

12. A computer readable storage medium, characterized in that it stores a computer program which, when executed by a processor, implements the method of any one of claims 1 to 7 or claim 9.

13. A computer program product, characterized in that it comprises a computer program which, when executed by a processor, implements the method of any one of claims 1 to 7 or claim 9.