RU2124814C1 - Method for encoding of digital data - Google Patents

Abstract

FIELD: communication, computer engineering, in particular, cryptography. SUBSTANCE: method involves generation of secret key, splitting data records into N blocks, and sequential conversion of blocks by running at least one conversion for i-th block, depending on value of j-th block, where j is not equal to i. In addition after generation of secret key method involves generation of encryption algorithm depending on value of secret key by running at least one conversion operation over i-th block. Said conversion operation is designed as substitution. EFFECT: increased resistance to known methods of cryptanalysis, including differential and linear cryptanalysis. 2 cl, 3 dwg

Description

The invention relates to the field of telecommunications and computer technology, and more particularly to the field of cryptographic methods and devices for encrypting messages (information). In the aggregate of the features of the proposed method, the following terms are used:
- the secret key is binary information known only to a legitimate user;
- subkey - an element of the secret key represented as a collection of subkeys;
- encryption is a process of converting information that depends on the secret key and converts the source text into ciphertext, which is a pseudo-random sequence of characters from which obtaining information without knowing the secret key is practically impossible:
- decryption is the opposite of the encryption process; decryption provides recovery of information from the cryptogram with the knowledge of the secret key;
- the cipher is a set of elementary steps for converting input data using a secret key; the cipher can be implemented as a computer program or as a separate device;
- cryptanalysis - a method of calculating a secret key to obtain unauthorized access to encrypted information or developing a method that provides access to encrypted information without calculating a secret key;
- cryptanalyst - a person performing cryptanalysis, i.e., attacking a cipher;
- cryptographic strength is a measure of the reliability of encrypted information protection and represents the complexity, measured in the number of elementary operations that must be performed to recover information from a cryptogram with knowledge of the conversion algorithm, but without knowledge of the secret key; in the case of one-sided transformations, cryptographic strength is understood as the complexity of calculating the input value of a block from its output value;
- cyclic shift operations depending on the converted sub-blocks or depending on the binary vector — these are cyclic shift operations by the number of bits specified by the value of the sub-block or the value of the binary vector; operations of cyclic shift to the left (right) are indicated by the sign "<<<"(">>>"), for example, the entry B ₁ <B ₂ indicates the operation of cyclic left shift of the subunit B ₁ by the number of bits equal to the value of the binary vector B ₂ ;
- a single operation is an operation performed on one operand (data block or binary vector); the value of a subblock after performing some given unary operation depends only on its initial value; examples of single operations are cyclic shift operations;
- a double operation is an operation performed on two operands; the result of performing some given double operation depends on the value of each operand; examples of double operations are the operations of addition, subtraction, multiplication, etc .;
- applying a subkey to a subblock is a procedure for performing a two-step operation (*) on a subblock (B) and a subkey (Q) and assigning the result of this operation to a subblock, which is analytically written in the form of the formula B <- B * Q, where "<-" - sign of the assignment operation.

 Known methods for block encryption of data, see, for example, US standard DES [National Bureau of Standards. Data Encryption Standard. Federal Information Processing Standards Publication 46, January 1977; see also S. Maftik. Protection mechanisms in computer networks - M., Mir, 1993. S. 42-47]. In this method, the encryption of data blocks is performed by generating a secret key, dividing the converted data block into two subunits L and R and alternating the latter by performing bitwise summing operations modulo two over the subunit L and the binary vector, which is formed as the output value of some function F from values of the sub-block R. After that, the blocks are rearranged. The function F in the specified method is implemented by performing permutation and substitution operations performed on the sub-block R. This method has a high conversion speed when implemented in the form of specialized electronic circuits.

 However, the known analogue method uses a small secret key (56 bits), which makes it vulnerable to cryptanalysis based on key selection. The latter is associated with the high computing power of modern computers of mass application.

The closest in technical essence to the claimed method of cryptographic conversion of L-bit input blocks of digital data to L-bit output blocks is the method implemented in the RC5 cipher described in R. Rivest, The RC5 Encryption Algorithm / Fast Software Encryption, Second International Workshop Proceedings (Leuven, Belgium, December 14-16, 1994), Lecture Notes in Computer Science, v. 1008, Springer-Verlag, 1995, pp. 86-96. The prototype method includes the formation of a secret key in the form of a set of subkeys, splitting the input data block into subunits A and B and alternately converting the subunits. Subunits are converted by performing single and double operations on them. As two-place operations, the modulo 2 ⁿ addition operations are used, where n = 8, 16, 32, 64, and the bitwise summing operation is modulo 2. The operation of the cyclic shift to the left is used as the unary operation, and the number of bits by which the converted subunit is shifted , depends on the value of another subblock, this determines the dependence of the cyclic shift operation at the current step of transforming the subblock on the initial value of the input data block. Two-seat operation is performed on a sub-block and a sub-block, as well as on two sub-blocks. Typical of the prototype method is the use of a cyclic shift operation, depending on the value of the input block.

A subunit, for example subunit B, is transformed in the following way. The bitwise summing operation is performed modulo 2 over the subblocks A and B and the value obtained after this operation is assigned to the subblock B. This is written as the ratio B ← _ B⊕V, where the sign "<-" denotes the assignment operation and the sign " ⊕ "denotes the operation of bitwise summation modulo 2. After that, a cyclic shift operation is performed on subblock B by the number of bits equal to the value of subblock A: B <- B <<< A. Then, the summing operation modulo 2 ^{n is} performed on the subblock and one of the subkeys S, where n is the length of the subblock in bits: B <- B + S mod 2 ⁿ . After that, block A is similarly converted. Several such steps are taken to convert both sub-blocks.

 This method provides a high encryption speed when implemented in the form of a computer program. However, the prototype method has drawbacks, namely, with a software implementation for a computer with a 32-bit microprocessor, it does not provide high resistance of cryptographic data conversion to differential and linear cryptanalysis [Kaliski V. S., Yin Y.L. On Differential and Linear Cryptanalysis of the RC5 Encryption Algorithm. Advances in Cryptology - CRYPTO '95 Proceedings, Springer-Verlag, 1995, pp. 171-184]. This drawback is due to the fact that the efficiency of using operations that depend on the data to be transformed in order to complicate the known methods of cryptanalysis is reduced by the fact that the encryption algorithm is known to cryptanalysts, which allows the latter to identify statistical features of encryption procedures and use them in cryptanalysis.

 The basis of the invention is the task of developing a method of encrypting digital data blocks in which the input data is encrypted in such a way that it would be substantially more difficult to identify the statistical features of the encryption algorithm by a cryptanalyst, thereby increasing resistance to known cryptanalysis methods, including differential and linear cryptanalysis.

 The problem is achieved in that in the method of cryptographic conversion of digital data blocks, which consists in generating a secret key, dividing the data block into N≥2 subblocks and alternately converting the subblocks by performing at least one conversion operation on the subblock, which depends on the value of the input block, new according to the invention is that after the secret key is generated, an encryption algorithm is additionally formed depending on the secret key.

 Thanks to this solution, a significant complication of revealing the statistical features of the encryption algorithm by a cryptanalyst is provided, which ensures an increase in the resistance of cryptographic conversion to known cryptanalysis methods.

 It is also new that one of the subunits is additionally transformed by performing a substitution operation on it, which depends on the input block and is performed using secret substitution tables. Thanks to this solution, an additional increase in cryptographic resistance to known cryptanalysis methods is provided.

 Also new is that the encryption algorithm is formed by generating operations that depend on the input block.

 Thanks to this solution, an additional increase in cryptographic resistance to known cryptanalysis methods is provided. Also new is the fact that the encryption algorithm is formed by generating substitution operations, which depend on the input block and are performed using secret lookup tables.

 Thanks to this solution, an additional increase in cryptographic resistance to known cryptanalysis methods is provided.

 Below the essence of the claimed invention is explained in more detail by examples of its implementation with reference to the accompanying drawings.

 In FIG. 1 presents a generalized diagram of a cryptographic device for encrypting blocks of digital data in accordance with the claimed method.

 In FIG. 2 shows an encryption scheme corresponding to example 1.

 In FIG. 3 shows an encryption scheme corresponding to example 3.

The inventive method can be implemented using a computer or a computing device, represented by the flowchart in FIG. 1 where
block 1 - secret key input device;
block 2 - block generating the machine code of the encryption program (cipher settings block);
block 3 - the memory block of the encryption device;
block 4 - the operational block of the encryption device containing three, four or more registers;
block 5 - encryption device;
6 - bus for transmitting information signals of the user's secret key;
7 - a bus for transmitting information signals of the generated machine code of the encryption program and the secret key;
8 - a bus for transmitting information signals of subkeys and for transmitting information signals of input data and information signals of converted subunits;
9 - addressing bus;
10 - bus for transmitting information signals of the machine code of the encryption program;
11 - input data input bus;
12 - ciphertext output bus.

 The secret key can be generated directly by entering it into an encryption system or mainframe memory, for example, from a removable storage medium. The input data block is divided into subblocks, for example, by representing the subblock as a set of subblocks recorded at fixed addresses in the memory block 3.

 Using block 1, a secret key is entered, the information signal of which is sent to the input of block 2 on the bus 6. In block 2, an encryption algorithm is generated depending on the secret key, i.e., an encryption program code is generated under the control of the secret key. At the same time, the encryption algorithm is formed in such a way that any modification of the encryption algorithm includes dividing the digital data block into subblocks and sequentially converting the subblocks by performing a two-step operation on the subblock and subconnect and performing a conversion operation on the subblock depending on the input block.

The secret key information signal and the machine code information signal of the encryption program are transmitted via the bus 7 to the memory unit 3. After that, the encryption device 5 contains in memory the secret key and the machine code that implements the generated encryption algorithm, and is ready to perform encryption operations. This initialized state of the device is maintained for the entire duration of the legitimate user. The input digital data unit is inputted via bus 11 to the operation unit 4 and then via bus 8 to the memory unit 3. The ciphertext block is read from bus 12. The codes of machine instructions are transmitted to bus 10 to operation unit 4 to perform conversion procedures. Upon completion of data encryption, the user turns off the encryption device, which automatically erases the secret key and the generated machine code of the encryption algorithm from the memory area of block 2 and block 3, since the power to all blocks of the encryption device is turned off. Thus, a specific modification of the encryption algorithm as well as the secret key are inaccessible to a potential cryptanalyst who knows only the algorithm for generating the encryption algorithm. This makes it difficult to identify the statistical features of a particular modification of the encryption algorithm. With the number of potentially implemented modifications equal to or more than 10 ²⁰ , the claimed encryption method provides high resistance to all known cryptanalysis methods.

 The formation of the encryption algorithm can be carried out as follows. Previously, based on one of the well-known algorithmic languages, a template program is compiled. Places are reserved in the template program in which it is possible to record any of a certain set of operations (for example, double operations or cyclic shift operations depending on the input block). All reserved places (for conversion operations) are numbered. Consecutively, starting from the first, conversion operations are formed for all reserved places depending on the value of the element of the additional pseudorandom sequence having a number that matches the number of the custom operation. The generation of a pseudo-random sequence of the required length is carried out depending on the secret key, for example, using pseudo-random number generators described in the work of Brickell E.F., Odlizhko E.M. Cryptanalysis: A review of the latest results // TIIER. 1988.V. 76.N. 5.P. 87-89.

The formation of conversion operations is carried out, for example, as follows. The two-place operation used to superimpose a subkey on a subblock is set as a bitwise summing operation modulo two (⊕) if d _i mod 3 = 0, where d _i is the value of the corresponding element of the additional pseudorandom sequence, or as a summing operation modulo 2 ³² ( +), if d ⁱ mod 3 = 1, or as a subtraction operation modulo 2 ³² (-), if d _i mod 3 = 2. In the procedures for setting the decryption algorithm, operations are configured that are inverse to the corresponding operations configured in the algorithm encryption I am. For this, the binary operation in the decryption algorithm is set as a bitwise summation operation modulo two (⊕), if d _i mod 3 = 0, or as a subtraction modulo 2 ³² (-) operation, if d _i mod 3 = 1, or as an operation summation modulo 2 ³² (+) if d _i mod 3 = 2.

 After the encryption program written in the algorithmic language (for example, SI or Pascal), the conversion operations are set in all reserved places, a machine code corresponding to the encryption program is generated using, for example, a translator that converts the program compiled in the algorithmic language, in a sequence of machine instructions. The secret key and machine code of the encryption program are recorded in the main memory of a computer (or a specialized encryption device) and are there continuously for the entire duration of the given user’s work, converting the data blocks received for encryption. The complexity of the procedures for generating the encryption key and generating the machine code for the encryption program does not affect the encryption speed, since this procedure is performed once when the user is identified with a password at the moment the encryption device is turned on or the encryption program is called.

An additional increase in the cryptographic strength of encryption is achieved by setting the formation of conversion operations depending on the data being converted. For example, for a position reserved for a single operation on one of the 32-bit sub-blocks to be converted - sub-block B _i , you can specify the formation of one of the following operations: (1) operations ( ¹ S _v ) substitution over 8 low-order bits (with numbers from 1 of the 8th) subblock, performed according to the Vth substitution table, the number of which is selected depending on the subblock B _j , where i ≠ j, (2) a similar operation ( ² S _v ) substitution over the binary digits of the subblock with numbers from 9th to 16th inclusive, (3) operations (<<< ₁ V) cyclic left shift the contents of the subblock by the number of bits equal to V = B _j mod 32, where i ≠ j, (4) operations (<<< ₂ V) of cyclic left shift of the contents of the lower 16 bits of the subblock by the number of bits equal to V = B _j mod 16 , where i ≠ j, (5) operations (<<< ₃ V) of a cyclic left shift of the contents of the lower 8 bits of the subunit by the number of bits equal to the value V = B _j mod 8, where i ≠ j, (6) operations (<<< ₄ V) a cyclic left shift of the contents of binary digits from the 9th to the 16th inclusive subblock by the number of bits equal to the value V = B _j mod 8, where i ≠ j.

 After the encryption program written in the algorithmic language (for example, SI or Pascal), the conversion operations are set in all reserved places, a machine code corresponding to the encryption program is generated using, for example, a translator that converts the program compiled in the algorithmic language, in a sequence of machine instructions. The secret key and machine code of the encryption program are recorded in the main memory of the computer (or specialized encryption device) and are there continuously for the entire time the user is working, converting the blocks of digital data received for encryption.

 The complexity of the procedures for generating the encryption key and generating the machine code of the encryption program does not affect the encryption speed, since this procedure is performed once when the user is identified by his secret key when the encryption device is turned on or the encryption program is called. On modern computers, the procedure for generating an encryption algorithm in the form of a machine code for an encryption program can easily be automated and implemented as an encryption module initialization program. The time required to complete the initialization program is from 0.03 to 0.5 seconds, depending on the particular implementation of the proposed method, which is acceptable for most applications of information security systems.

 In a similar way, a cryptogram block decryption program is formed. The encryption program and its corresponding decryption program constitute a single cryptographic program. The machine code of the cryptographic program is recorded in the main memory of the computer, which under its control performs the encryption and decryption of the blocks. The encryption procedures and the encryption key are formed depending on the user's secret key (password), that is, they are unique, which ensures high complexity of cryptanalysis.

An important type of operation depending on the data being transformed is the substitution operations performed according to the tables selected depending on the input block. Let the substitution operations be performed on subblocks of digital data of length k bits, where k is an integer. Then, to specify a substitution operation that converts a k-bit input subunit into a k-bit output subunit, a table containing two rows of numbers is required:
0 1 2 ... N-1
a ₀ a ₁ a ₂ ... a _N-1 ,
Where
N = 2 ^k .

In this table, the bottom line contains all the possible values of the k-bit block exactly once, but in an arbitrary order. The order in which the numbers are located in the bottom line determines the specific variant of the lookup table, and therefore the specific version of the lookup operation performed using this table. The substitution operation is as follows. A number is selected on the top line that is equal to the value of the input block. The value under this number in the bottom line is taken as the output block. Thus, the lookup table can be placed in the main memory of the computer as a sequential record of k-bit computer words located in cells with addresses W ₀ , W ₁ , W ₂ , ..., W _N-1 . In this case, the value of the input block b is used to calculate the address W ₀ + b of the word, which is taken as the output block. This way of representing a lookup table requires a memory size of kN bits.

We select the number of lookup tables equal to 2 ^L (the amount of required memory will be 2 ^L kN bits), and place the lookup tables continuously one after another. As the address of the table with number V, we take the value of the address W _{0 of} its first k-bit word. Let the address of the table with number 0 be s. In this case, the address of the lookup table with an arbitrary number V is s + VN. If the number of the current substitution table V and the current input subblock for performing the substitution operation are specified, then it is performed by replacing the current input block with a k-bit word located at s + VN + b, where b is the value of the subblock over which the current substitution operation is performed . Using this relation, it is easy to specify the choice of a lookup table with number V and perform lookup over a subblock with value b. In the case under consideration, the assignment of the dependence of the lookup tables on the value of the binary vector and the performance of the lookup operation are carried out by the microprocessor very quickly when the appropriate values of the parameters L and k are selected, for example, with L = 5 and k = 8. With these parameters, 8 KB of RAM is required to place the lookup tables , which is acceptable, since modern computers have a RAM volume many orders of magnitude greater than this value (from 1 to 64 MB or more).

 The possibility of technical implementation of the proposed method is illustrated by the following specific examples of its implementation.

 Example 1

Let L = 5 and k = 8, i.e. 32 tables are given that specify the substitution operations on 8-bit data subunits. We will assume that the tables are known, i.e., the person trying to conduct cryptanalysis knows these tables. We will form a secret key, presented as a combination of 8R 16-bit subkeys
q ₁₀ , q ₁₁ , ...., q ₁₇ (first row of subkeys)
q ₂₀ , q ₂₁ , ...., q ₂₇ (second row of subkeys)
..........................

q _r0 , q _r1 , ..., q _r7 ((rth row of subkeys)
..........................

q _R0 , q _R1 , ..., q _R7 (Rth row of subkeys),
where R is the number of rounds of encryption.

 On the rth round of encryption, the rth row of subkeys is used.

Denote the used lookup tables as follows: T ₀ , T ₁ , T ₂ , ..., T ₃₁ , and the lookup operation defined by the table T _v as S _v , where v = 0, 1, 2, ..., 31 The permutation tables T ₀ , T ₁ , T ₂ , ..., T ₁₅ can be chosen arbitrarily, and the tables T ₁₆ , T ₁₇ , ..., T ₃₁ are taken so that the permutation operations S _v and S _31-v were mutually inverse. The last condition is satisfied if the pairs of tables T ₁₆ and T ₁₅ ; T ₁₇ and T ₁₄ ; T ₁₈ and T ₁₃ ; ...; T ₃₁ and T ₀ will specify mutually inverse substitution operations. For a set of arbitrary substitution tables T ₀ , T ₁ , T ₂ , ..., T ₅ it is easy to compose tables corresponding to the inverse substitution operations. For example, for a lookup operation defined by the following table:
0 1 2 ... 255
a ₀ a ₁ a ₂ ... a ₂₅₅ ,
and the reverse substitution is set by the table
0 1 2 ... 255
Z ₀ Z ₁ Z ₂ ... Z ₂₅₅ ,
where the row (Z ₀ , Z ₁ , Z ₂ , ..., Z ₂₅₅ ) is obtained as the top row after ordering the columns of the previous table in ascending order of numbers in the bottom row.

 In FIG. 2 shows a diagram of the rth round of encryption, where the solid vertical line corresponds to the transmission of 16-bit data subunits, the dashed line corresponds to the transmission of the binary vector V formed depending on the value of one of the converted subunits, the horizontal solid line corresponds to the transmission of the 16-bit subkey. A two-place operation performed on a sub-block and a sub-key is indicated by a block in which the sign ("*") of the two-step operation is indicated, which is formed at the stage of encryption algorithm formation and is set as one of the following operations: "⊕", "+" or "-". The subscript for the "*" sign denotes the double operation number.

A single operation performed on a subblock and generated at the stage of generating the encryption algorithm is indicated by the block in which the sign “<<< C” is indicated. This one-place operation is set as the operation of cyclic left shift by the number of bits equal to the value of parameter C. In total, 16 different types of cyclic left shift operations are possible, which are determined by the value of the parameter C = 0, 1, 2, ..., 16. The subscript of the parameter C stands for single operation number. All reserved operations "* ₁ ", "* ₂ ", ..., "* _8R-1 ", "* _8R " and "<<< C ₁ ", "<<< C ₂ ", ..., "<<< C _8R-1 ","<<< C _8R "are formed depending on the secret key and on the serial number. For the number of encryption rounds equal to R = 4, 3 ^8R 16 ^8R = 48 ^8R = 48 ³² (about 10 ⁵³ ) various modifications of the encryption algorithm are potentially implemented. The choice of a particular modification is determined by the choice of the secret key. This number of modifications is large enough, which determines the uniqueness of the encryption algorithm for each user (or a pair of users using the same secret key to transmit messages over communication lines).

Block S denotes the substitution operation performed depending on the input block according to the table with number V. q _r0 , q _r1 , ...., q _r7 - _plugs used in the rth round. The arrows on the lines indicate the direction of signal transmission.

Example 1 corresponds to the encryption of 128-bit digital data blocks. Encryption is performed in the following way. The input block is divided into 8 subblocks b ₀ , b ₁ , ..., b _{7 of} size 16 bits each. Thereafter, in the first round (r = 1) on subblock b ₀ monadic operation carried out "<<< C _1", then over the subblock and subkey b ₀ q ₁₀ perform a double operation "* _1", form a binary vector V, having a value of 5 the least significant bits of the subblock b ₀ : V <- b ₀ mod 2 ⁵ .

After that, the conversion of subblock b _{1 is} performed. The operation "<<< C ₂ " is performed _{on the} subblock b ₁ : b ₁ <- b ₁ <<< C ₂ . Then, the operation "* ₂ " is performed on b ₁ and the subkey q ₁₁ and the output value of this operation is assigned to the block b ₁ , which can be written analytically as follows: b ₁ <- b ₁ * ₂ q ₁₁ . Then, according to the lookup table with number v, the lookup operation is performed on the subblock b ₁ : b ₁ <- S _v (b ₁ ). Then, using the value of b ₁ , the binary vector V is formed (to convert the next sub-block): V <- b ₁ mod 2 ⁵ . After that, the conversion of the subblock b _{2 is} performed: b ₂ <- b ₂ <<< C ₃ ; b ₂ <- b ₂ * ₃ q ₁₂ and then b ₂ <- S _v (b ₂ ). Similarly perform the conversion of the subblocks b ₃ , b ₄ , b ₅ , b ₆ and b ₇ . At the last step of each encryption round, the sub-blocks are rearranged in the reverse order, i.e., the blocks b ₇ and b ₀ , b ₆ and b _i , b ₅ and b ₂ , b ₄ and b ₃ are swapped in pairs. The second round is performed similarly, except that instead of the first row of subkeys, the second row of subkeys is used. Then the third round of encryption is performed using the third row of subkeys, etc. In total, R rounds of encryption are performed, where R = 4. The following algorithm is the logical form of the record in Example 1.

 Algorithm 1.

где знак "

" обозначает операцию конкатенации.Input: 128-bit digital data input block, represented as a concatenation of 16-bit subunits

where is the "

"denotes a concatenation operation.

 1. Set the number of rounds of encryption R = 4 and the counter of the number of rounds r = 1.

 2. Set the counter i = 1.

3. Convert the subblock b ₀ : b ₀ <- b ₀ <<< C _8r-7 ;
b ₀ <- b ₀ * _8r-7 q _r0 .

4. Form a binary vector V: V <- b _i-1 mod 2 ⁵ .

5. Convert the subblock b _i : b _i <- b _i <<< C _{8r-7 + i} ;
b _i <- b _i * _{8r-7 + i} q _ri ;
b _i <- ¹ S _v (b _i ), where the substitution operation ¹ S _v is performed using the substitution table with number V.

6. Generate the binary vector V: V <- b _i mod 2 ⁵ .

 7. If i ≠ 7, then increment i <- i + 1 and go to step 5.

 8. If r ≠ R, then increment r <- r + 1. Otherwise, go to step 10.

 9. Rearrange the subunits in the reverse order and go to step 2.

 10. STOP.

 Output: 128-bit ciphertext block.

 The following algorithm describes decryption procedures.

 Algorithm 2.

.Input: 128-bit ciphertext input block

.

 1. Set the number of rounds of encryption R = 4 and the counter of the number of rounds r = 1.

 2. Set the counter i = 1.

3. Form a binary vector V: V <- b _i-1 mod 2 ⁵ .

4. Save the value of b _i in the variable g: g <- b ₁ .

5. Convert subblock b _i : b _i <- ¹ S _31-v (b _i ):
b _i <- b _i (*) _{8r'-7 + i} q _r'i ;
b ₀ <- b ₀ >>> C _{8r'-7 + i} q _r'0 ,
Where
r '= 5 - r; ">>>C" is the operation of cyclic right shift by C bits and "(*) _{8r'-7 + i} " is the operation inverse to the operation "* _{8r'-7 + i} ". (In operations "<<< C _x " and ">>> C _x ", the values of parameter C with the same indices are set equal. In this case, the pair of operations "<<< C _x " and ">>> C _x " is a pair of mutually reverse operations.)
6. Form a binary vector v: v <- g mod 2 ⁵ .

 7. If i ≠ 7, then increment i <- i + 1 and go to step 4.

8. Convert the subblock b ₀ : b ₀ <- b ₀ (*) _8r'-7 q _r'0 ;
b ₀ <- b ₀ >>> C _8r'-7 .

 9. If r ≠ R, then increment r <- r + 1. Otherwise, go to paragraph 11.

 10. Rearrange the subblocks in the reverse order and go to step 2.

 11. STOP.

 Output: 64-bit block of source text.

 With a software implementation, Algorithm 1 and Algorithm 2, implementing the inventive method, provide an encryption speed of about 30 Mbps for the Pentium / 200 microprocessor. If necessary, another number of rounds can be set, for example, R = 2, 3, 5, 6.

 Example 2

 This example is similar to example 1, and the only difference is that the 32 substitution tables used are secret, for example, they are formed depending on the secret key. This option is easily implemented when using a computer to encrypt data by creating lookup tables using a special program when entering a secret key into the encryption module. The formation of secret tables can be implemented, for example, by modifying the known (predefined) lookup tables by block encryption with the secret key of the elements of the bottom row of known tables (since the block encryption transformation is a lookup, the modified tables will also be lookup tables).

 Example 3

This example is also similar to example 1 and is illustrated in FIG. 3. The difference is that instead of the fixed ¹ S _v permutation operations, single conversion operations are used depending on the binary vector V (V in turn depends on the input block of digital data), which are denoted as "(<S <) _j " and are formed at the stage of encryption algorithm formation. Index j denotes the position number of the operation "(<S <)". The operations "(<S <)" are set depending on the value of j (j = 1, 2, ... 7R, where R is the number of rounds of encryption) and the secret key as one of the following five operations: " ¹ S _v ", " ² S _v ", "<<< ₂ V", "<<< ₃ V", "<<< ₄ V". All of these operations are input block dependent. Each of these operations is performed depending on the data block being transformed, since it depends on the binary vector V. If a substitution operation is set at some position originally reserved for the operation ((<S <) ", then it is performed according to the table with number V, if a cyclic shift operation is set, a cyclic shift of V bits is performed. The number of possible modifications of the encryption algorithm in this example is 5 ^7R times greater than in example 1, which is about 10 ⁷⁵ at R = 4.

 Example 4

 This example is similar to example 3, and the only difference is that the 32 lookup tables used are secret, for example, they are formed depending on the secret key. This option requires the preparation of a more complex program for generating an encryption algorithm, however, it allows to increase the cryptographic strength of encryption while maintaining a high encryption speed.

 The above examples show that the proposed method of cryptographic transformations of digital data blocks is technically feasible and allows us to solve the problem.

 The inventive method can be implemented, for example, on personal computers and provides the ability to create on its basis high-speed encryption software modules and replace expensive specialized encryption equipment for personal computers equipped with a high-speed encryption software system.

Claims (2)

 1. A method of encrypting digital data blocks, which consists in generating a secret key, dividing the data block into N≥2 subblocks and alternately converting the subblocks by performing at least one conversion operation on the i-th subblock, which depends on the value of the j-th subblock, where j ≠ i, characterized in that after generating the secret key, an encryption algorithm is additionally formed depending on the secret key by generating at least one conversion operation that is performed on the i-th m subunit depending on the j-th subunit.  2. The method according to claim 1, characterized in that form the conversion operation in the form of a substitution operation.

Images