CN118890154A - Hyperchaotic key one-time pad transmission method, device, equipment, medium and product - Google Patents

Abstract

The application discloses a one-time pad transmission method, a device, equipment, a medium and a product of a hyper-chaos key, wherein chaos parameters and large prime parameters are obtained according to decryption by using a generated symmetric key; determining a chaotic function according to the chaotic parameters, and generating a random number sequence by adopting the chaotic function; generating a key stream according to the generated random number sequence and the large prime number parameter; and carrying out one-time one-secret data transmission according to the key stream. According to the scheme, based on preliminary encryption by the symmetric key, the one-time encryption key streams are respectively generated at two ends by combining the chaos theory, one-time encryption data transmission is performed by adopting the generated key streams, and a third party cannot acquire plaintext information under the condition that encrypted data can be decrypted, so that the security risk caused by sharing the key streams can be avoided, and the security performance of key transmission is improved.

Description

Hyperchaotic key one-time pad transmission method, device, equipment, medium and product

Technical Field

The present invention relates to the field of security technology, and in particular to a hyperchaotic key one-time-one-pad transmission method, device, equipment, medium and product.

Background Art

In the data transmission security protection, the one-time pad is considered to be the most secure protection method. Shannon discovered and proved the theoretical significance of the one-time pad method, and Soviet mathematician Kotelnikov proved the absolute security of the one-time pad at the same time. In order to ensure the security of data transmission, the one-time pad will use a new key to encrypt and decrypt data every time the two communicating parties transmit data.

The existing one-time pad transmission scheme generates a symmetric key stream by generating true random numbers for each data encryption and decryption transmission. However, this method requires the symmetric key to be shared between the sender and the receiver. This direct sharing of the symmetric key stream poses security risks.

Summary of the invention

In order to solve the above problems, the present invention proposes a hyperchaotic key one-time one-pad transmission method, device, equipment, medium and product to avoid the security risks caused by key stream sharing and improve the security performance of key transmission.

The embodiment of the present invention provides a hyperchaotic key one-time one-pad transmission method, comprising:

Use the generated symmetric key to decrypt the obtained chaotic parameters and large prime number parameters;

Determine a chaotic function according to the chaotic parameters, and use the chaotic function to generate a random number sequence;

Generate a key stream according to the generated random number sequence and the large prime number parameter;

The one-time pad data transmission is performed according to the key stream.

Preferably, determining a chaotic function according to the chaotic parameter, and using the chaotic function to generate a random number sequence comprises:

Determining a one-dimensional chaotic function according to the one-dimensional branch parameters in the chaotic parameters, and determining a reduced-dimensional hyperchaotic function according to the hyperchaotic parameters in the chaotic parameters;

Using the symmetric key as the initial value of the one-dimensional chaos, iterating the one-dimensional chaotic function for a preset number of times to determine an output sequence;

The initial value of the hyperchaos is determined according to the output sequence, and the determined initial value is input into the dimension reduction hyperchaos function to generate the random number sequence.

As a preferred solution, the symmetric key generation process includes:

True random numbers generated by SRAM PUF in a trusted execution environment;

The symmetric key is generated according to the true random number.

As a preferred solution, determining the initial value of hyperchaos according to the output sequence includes:

The initial value of the hyperchaos is selected from the output sequence in a reverse order.

As a preferred solution, performing one-time one-key data transmission according to the key stream includes:

storing the keystream in a trusted execution environment;

When the data to be encrypted is sensitive data, encrypting the data to be encrypted using the key stream in the trusted execution environment;

When the data to be encrypted is not sensitive data, the key stream is taken out from the trusted execution environment, and the key stream is used to encrypt the data to be encrypted in a conventional environment.

As a preferred solution, the hyperchaotic parameter determination process specifically includes:

Selecting and presetting preliminary values of two-dimensional parameters of two two-dimensional hyperchaotic functions;

Determine the dimension reduction parameter of the dimension reduction hyperchaotic function according to the distribution diagrams of the two two-dimensional hyperchaotic functions, and obtain the dimension reduction hyperchaotic function;

Identifying the distribution graph of the dimension-reduced hyperchaotic function according to a pre-trained artificial intelligence model;

When the recognition result is an invalid graph, the two-dimensional branch parameters in the two-dimensional parameters are adjusted within a preset range, the dimension reduction hyperchaotic function is re-determined, and the distribution graph of the re-determined dimension reduction hyperchaotic function is recognized;

When the recognition result is a valid graph, the latest two-dimensional parameters are used as the hyperchaotic parameters.

Furthermore, the dimension reduction parameter of the dimension reduction hyperchaotic function is determined according to the distribution diagrams of the two two-dimensional hyperchaotic functions, and the dimension reduction hyperchaotic function is obtained, including:

Determine the upper and lower boundaries of the relative aggregation area and the upper and lower boundaries of the relative discrete area of the distribution diagrams of two two-dimensional hyperchaotic functions;

Constructing the functional relationship between the upper and lower boundaries of the relative aggregation area and the upper and lower boundaries of the relative discrete area of the dimensionality reduction hyperchaotic function and the upper and lower boundaries of the relative aggregation area and the upper and lower boundaries of the relative discrete area of the distribution diagrams of two two-dimensional hyperchaotic functions, and the dimensionality reduction parameters;

The functional relationship is solved according to the boundary constraints of the dimension reduction hyperchaotic function, the dimension reduction parameters are determined, and the dimension reduction hyperchaotic function is determined according to the dimension reduction parameters.

Further, determining the upper and lower boundaries of the relative aggregation area and the upper and lower boundaries of the relative discrete area of the distribution diagrams of the two two-dimensional hyperchaotic functions includes:

For different two-dimensional hyperchaotic functions, the minimum number of minimum value distribution points and the maximum number of maximum value distribution points in the distribution diagram of the two-dimensional hyperchaotic function are counted respectively;

Determine the distribution of relatively concentrated areas and relatively discrete areas according to the size relationship between the maximum number and the minimum number;

A demarcation value that meets the preset demarcation condition is searched between the maximum value and the minimum value as the demarcation point between the relative clustering area and the relative discrete area, and the upper and lower boundaries of the relative clustering area and the upper and lower boundaries of the relative discrete area are determined.

Further, searching for a demarcation value that meets a preset demarcation condition between the maximum value and the minimum value includes:

When the maximum number is less than the minimum number, the minimum value is increased by a preset first step length, the current judgment value is updated, the current judgment number of the current judgment value is counted, and it is determined whether the current judgment number is greater than the minimum number;

If so, taking the current judgment quantity as the previous judgment quantity, increasing the current judgment value by the first step length, updating the current judgment value, re-counting the current judgment quantity, and determining whether the current judgment quantity is greater than the previous judgment quantity;

If not, calculate the ratio of the difference between the previous judgment quantity and the current judgment quantity to the cutoff value of the previous judgment quantity;

When the demarcation ratio is not greater than a preset first threshold, the current judgment quantity is used as the previous judgment quantity, the current judgment value is increased by the step length, the current judgment value is updated, the current judgment quantity is recounted, and the demarcation ratio is recalculated;

When the demarcation ratio is greater than the first threshold, the current judgment value is used as the demarcation value.

As a preferred solution, searching for a demarcation value that meets a preset demarcation condition between the maximum value and the minimum value includes:

When the maximum number is greater than the minimum number, reducing the maximum value by a preset second step length, updating the current judgment value, counting the current judgment number of the current judgment value, and determining whether the current judgment number is greater than the maximum number;

If so, taking the current judgment number as the previous judgment number, reducing the current judgment value by the first step length, updating the current judgment value, re-counting the current judgment number, and determining whether the current judgment number is greater than the previous judgment number;

If not, calculate the ratio of the difference between the previous judgment quantity and the current judgment quantity to the cutoff value of the previous judgment quantity;

When the demarcation ratio is not greater than a preset second threshold, the current judgment quantity is used as the previous judgment quantity, the current judgment value is reduced by the step length, the current judgment value is updated, the current judgment quantity is recounted, and the demarcation ratio is recalculated;

When the demarcation ratio is greater than the second threshold, the current judgment value is used as the demarcation value.

The embodiment of the present invention further provides a hyperchaotic key one-time pad transmission device, the device comprising:

A symmetric module, used for decrypting the obtained chaotic parameters and large prime number parameters using the generated symmetric key;

A chaos module, used for determining a chaos function according to the chaos parameters, and generating a random number sequence using the chaos function;

A key generation module, used to generate a key stream according to the generated random number sequence and the large prime number parameter;

The transmission module is used to perform one-time one-key data transmission according to the key stream.

Preferably, the chaos module is specifically used for:

Determining a one-dimensional chaotic function according to the one-dimensional branch parameters in the chaotic parameters, and determining a reduced-dimensional hyperchaotic function according to the hyperchaotic parameters in the chaotic parameters;

Using the symmetric key as the initial value of the one-dimensional chaos, iterating the one-dimensional chaotic function for a preset number of times to determine an output sequence;

The initial value of the hyperchaos is determined according to the output sequence, and the determined initial value is input into the dimension reduction hyperchaos function to generate the random number sequence.

Preferably, the process of generating the symmetric key by the symmetric module includes:

True random numbers generated by SRAM PUF in a trusted execution environment;

The symmetric key is generated according to the true random number.

Preferably, the chaos module is specifically used for:

The initial value of the hyperchaos is selected from the output sequence in a reverse order.

Preferably, the transmission module is specifically used for:

storing the keystream in a trusted execution environment;

When the data to be encrypted is sensitive data, encrypting the data to be encrypted using the key stream in the trusted execution environment;

When the data to be encrypted is not sensitive data, the key stream is taken out from the trusted execution environment, and the key stream is used to encrypt the data to be encrypted in a conventional environment.

Preferably, the hyperchaotic parameter determination process specifically includes:

Selecting and presetting preliminary values of two-dimensional parameters of two two-dimensional hyperchaotic functions;

Determine the dimension reduction parameter of the dimension reduction hyperchaotic function according to the distribution diagrams of the two two-dimensional hyperchaotic functions, and obtain the dimension reduction hyperchaotic function;

Identifying the distribution graph of the dimension-reduced hyperchaotic function according to a pre-trained artificial intelligence model;

When the recognition result is an invalid graph, the two-dimensional branch parameters in the two-dimensional parameters are adjusted within a preset range, the dimension reduction hyperchaotic function is re-determined, and the distribution graph of the re-determined dimension reduction hyperchaotic function is recognized;

When the recognition result is a valid graph, the latest two-dimensional parameters are used as the hyperchaotic parameters.

Furthermore, the dimension reduction parameter of the dimension reduction hyperchaotic function is determined according to the distribution diagrams of the two two-dimensional hyperchaotic functions, and the dimension reduction hyperchaotic function is obtained, including:

Determine the upper and lower boundaries of the relative aggregation area and the upper and lower boundaries of the relative discrete area of the distribution diagrams of two two-dimensional hyperchaotic functions;

Constructing the functional relationship between the upper and lower boundaries of the relative aggregation area and the upper and lower boundaries of the relative discrete area of the dimensionality reduction hyperchaotic function and the upper and lower boundaries of the relative aggregation area and the upper and lower boundaries of the relative discrete area of the distribution diagrams of two two-dimensional hyperchaotic functions, and the dimensionality reduction parameters;

The functional relationship is solved according to the boundary constraints of the dimension reduction hyperchaotic function, the dimension reduction parameters are determined, and the dimension reduction hyperchaotic function is determined according to the dimension reduction parameters.

Furthermore, the upper and lower boundaries of the relative aggregation area and the upper and lower boundaries of the relative discrete area of the distribution diagrams of the two two-dimensional hyperchaotic functions are determined, including

For different two-dimensional hyperchaotic functions, the minimum number of minimum value distribution points and the maximum number of maximum value distribution points in the distribution diagram of the two-dimensional hyperchaotic function are counted respectively;

Determine the distribution of relatively concentrated areas and relatively discrete areas according to the size relationship between the maximum number and the minimum number;

A demarcation value that meets the preset demarcation condition is searched between the maximum value and the minimum value as the demarcation point between the relative clustering area and the relative discrete area, and the upper and lower boundaries of the relative clustering area and the upper and lower boundaries of the relative discrete area are determined.

Further, searching for a demarcation value that meets a preset demarcation condition between the maximum value and the minimum value includes:

When the maximum number is less than the minimum number, the minimum value is increased by a preset first step length, the current judgment value is updated, the current judgment number of the current judgment value is counted, and it is determined whether the current judgment number is greater than the minimum number;

If so, taking the current judgment quantity as the previous judgment quantity, increasing the current judgment value by the first step length, updating the current judgment value, re-counting the current judgment quantity, and determining whether the current judgment quantity is greater than the previous judgment quantity;

If not, calculate the ratio of the difference between the previous judgment quantity and the current judgment quantity to the cutoff value of the previous judgment quantity;

When the demarcation ratio is not greater than a preset first threshold, the current judgment quantity is used as the previous judgment quantity, the current judgment value is increased by the step length, the current judgment value is updated, the current judgment quantity is recounted, and the demarcation ratio is recalculated;

When the demarcation ratio is greater than the first threshold, the current judgment value is used as the demarcation value.

As a preferred solution, searching for a demarcation value that meets a preset demarcation condition between the maximum value and the minimum value includes:

When the maximum number is greater than the minimum number, reducing the maximum value by a preset second step length, updating the current judgment value, counting the current judgment number of the current judgment value, and determining whether the current judgment number is greater than the maximum number;

If so, taking the current judgment number as the previous judgment number, reducing the current judgment value by the first step length, updating the current judgment value, re-counting the current judgment number, and determining whether the current judgment number is greater than the previous judgment number;

If not, calculate the ratio of the difference between the previous judgment quantity and the current judgment quantity to the cutoff value of the previous judgment quantity;

When the demarcation ratio is not greater than a preset second threshold, the current judgment quantity is used as the previous judgment quantity, the current judgment value is reduced by the step length, the current judgment value is updated, the current judgment quantity is recounted, and the demarcation ratio is recalculated;

When the demarcation ratio is greater than the second threshold, the current judgment value is used as the demarcation value.

An embodiment of the present invention also provides a terminal device, including a processor, a memory, and a computer program stored in the memory and configured to be executed by the processor, and when the processor executes the computer program, it implements a hyper-chaotic key one-time one-pad transmission method as described in any of the above embodiments.

An embodiment of the present invention also provides a computer-readable storage medium, which includes a stored computer program, wherein when the computer program is running, the device where the computer-readable storage medium is located is controlled to execute a hyper-chaotic key one-time pad transmission method as described in any of the above embodiments.

An embodiment of the present invention further provides a computer program product, including a computer program/instruction, which implements the steps of the method described in any of the above embodiments when executed by a processor.

Compared with the prior art, the present invention provides a hyperchaotic key one-time secret transmission method, device, equipment, medium and product, which obtains chaotic parameters and large prime number parameters by decrypting with a generated symmetric key; determines a chaotic function according to the chaotic parameters, and uses the chaotic function to generate a random number sequence; generates a key stream according to the generated random number sequence and the large prime number parameters; and performs one-time secret data transmission according to the key stream. The present application scheme is based on the preliminary encryption of symmetric keys, and combines chaos theory to generate a one-time secret key stream at both ends, and uses the generated key stream to perform one-time secret data transmission. While ensuring that the encrypted data can be decrypted, the third party cannot obtain the plaintext information, which can avoid the security risks caused by key stream sharing and improve the security performance of key transmission.

BRIEF DESCRIPTION OF THE DRAWINGS

1 is a schematic diagram of a flow chart of a hyperchaotic key one-time pad transmission method provided by an embodiment of the present invention;

FIG2 is a bifurcation diagram corresponding to branch parameters provided in an embodiment of the present invention;

3 is a schematic diagram of the structure of a transmission system provided in an embodiment of the present invention;

FIG4 is a schematic diagram of a data encryption and decryption transmission process according to an embodiment of the present invention;

5 is a schematic diagram of a flow chart of a data packet encryption process provided by an embodiment of the present invention;

FIG6 is a distribution diagram of a two-dimensional hyperchaotic function _Xn provided in an embodiment of the present invention;

FIG7 is a distribution diagram of a two-dimensional hyperchaotic function _Yn provided in an embodiment of the present invention;

FIG8 is a schematic diagram of the structure of an artificial intelligence model provided by an embodiment of the present invention;

FIG9 is a distribution diagram of a dimensionality reduction hyperchaotic function provided in an embodiment of the present invention;

FIG10 is a distribution diagram of a one-dimensional logistic function when u=3.9 and the initial value is 0.4 provided by an embodiment of the present invention;

11 is a schematic diagram of the structure of a hyperchaotic key one-time pad transmission device provided in an embodiment of the present invention;

FIG. 12 is a schematic diagram of the structure of a terminal device provided in an embodiment of the present invention.

DETAILED DESCRIPTION

The following will be combined with the drawings in the embodiments of the present invention to clearly and completely describe the technical solutions in the embodiments of the present invention. Obviously, the described embodiments are only part of the embodiments of the present invention, not all of the embodiments. Based on the embodiments of the present invention, all other embodiments obtained by ordinary technicians in this field without creative work are within the scope of protection of the present invention.

It can be understood that the various embodiments described below can be combined or combined in a logical manner, and the embodiments of the present invention will not describe various combinations one by one.

In data transmission, the content needs to be covered with information to prevent it from being obtained by a third party. Secure data transmission based on a key system is now a common way to handle data transmission security. The plain text to be transmitted is encrypted with a key, and the encrypted ciphertext cannot be obtained without the decryption key of the other party. According to the generation and use of keys, they are divided into symmetric keys and asymmetric keys. Symmetric keys use the same key for encryption and decryption, while asymmetric keys generate a pair of keys when they are generated, called public keys and private keys, respectively. The public key is used for encryption and the private key is used for decryption.

The currently more commonly used data transmission confidentiality scheme is to use an asymmetric key mechanism to secretly share the generated symmetric key, and always use this symmetric key during data transmission. This is different from a one-time pad, which is a key that is updated once every time a data packet is transmitted during data transmission. Therefore, there are still security risks in always using the same key for data transmission.

In order to ensure the security of data transmission, a new key will be used to encrypt and decrypt data each time the two communicating parties transmit data.

The existing one-time pad transmission scheme generates a symmetric key stream by generating true random numbers for each data encryption and decryption transmission. However, this method requires the symmetric key to be shared between the sender and the receiver. This direct sharing of the symmetric key stream poses security risks.

In view of the above technical problems, the present application provides a hyperchaotic key one-time one-pad transmission method. Referring to FIG1 , it is a flow chart of the hyperchaotic key one-time one-pad transmission method provided by an embodiment of the present invention. The method comprises the following steps:

Step S1, using the generated symmetric key to decrypt the obtained chaotic parameters and large prime number parameters;

Step S2, determining a chaotic function according to the chaotic parameters, and using the chaotic function to generate a random number sequence;

Step S3, generating a key stream according to the generated random number sequence and the large prime number parameter;

Step S4, performing one-time one-key data transmission according to the key stream.

When this embodiment is implemented specifically, this case is applied to the communication end during specific execution. During specific communication, it first determines the chaotic parameters and large prime number parameters by generating a symmetric key.

The symmetric key keyg is generated according to the generation principle of the symmetric key. The symmetric key keyg is mainly used to protect the data transmission security problem when the communicating parties shake hands for the first time, that is, the chaotic parameters and large prime parameters obtained by the communicating parties during the handshake are encrypted with a symmetric key, so the symmetric key is needed to decrypt the obtained chaotic parameters and large prime parameters to obtain the chaotic parameters and large prime parameters.

Large prime number parameters are used to generate key streams. According to the mathematical principle of discrete logarithms, in the case of a large prime number, the following process is difficult to crack. The two ends of the data transmission are called Client1 and Client2.

First, large prime numbers p and G are shared between Client1 and Client2 without encryption and can be made public in plain text.

Client1 generates a random number a, calculates A=G ^a (mod p), shares A with Client2, and sends it in plain text.

Client2 generates a random number b, calculates B = G ^b (mod p), shares B with Client1, and sends it in plain text.

For the key of Client 1, _Ka = ^Ba (mod p) = ( ^Gb (mod p)) ^a (mod p) = ( ^Gba (mod p))(modp).

For the key of Client 2, K _b =A ^b (mod p) =(G ^a (mod p)) ^b (mod p) =(G ^ab (mod p))(mod p).

Therefore, when both ends share the random number, the key _Ka = _Kb generated by both ends.

In the above process, mathematical principles ensure that the symmetric key is invisible, and at the same time, key sharing is achieved at both ends of the data transmission. However, in the whole process, both parties need to share parameters many times, which will affect the efficiency requirements of data transmission. Under the requirement of non-one-time pad, this method is undoubtedly preferred, but in the case of one-time pad, this method is not applicable, but it provides a relatively high security for the start of the whole task.

The existing symmetric key generation mechanism often fails to meet the one-time pad requirement when a large number of symmetric keys are generated. It can be seen from the symmetric key generation mechanism that according to the existing system, when generating symmetric keys, it is necessary to continuously interact with large prime numbers G and P and related intermediate processes, which will waste a lot of transmission resources. If an asymmetric key transmission method is adopted, the asymmetric key needs to be transmitted before each data packet is transmitted, which is obviously unreasonable. In the mode of generating key streams, the same key is often used for repeated salting iterations. Although the number of salts ensures the security of the key, it will consume a lot of storage resources as a huge number of keys are generated.

In this case, based on the initial encryption based on symmetric keys, chaos theory is combined to generate a one-time key stream at both ends. The number of random numbers generated by the chaos function is controllable and fast, so there is no need to iterate the key with salt, and the length of the key is also controllable, which will save storage space. While ensuring one-time encryption at both ends of the communication, there is no need for the two ends to exchange symmetric keys in real time, ensuring communication efficiency and security.

Classical dynamic equations are mostly established based on linear equations. One of the characteristics of linear equations is that they are countable and additivity, that is, there is a strong regularity through the changes in adjacent numbers, and the causal relationship between the variables and the dependent variables of the entire equation can often be obtained through linear equations. The dynamic equations established based on nonlinear equations are highly discrete and particularly sensitive to initial values. In 1963, Lorenz discovered chaotic motion on strange attractors when studying the atmospheric convection model, which means that the solutions to the atmospheric convection equations will be attracted to a strange-looking area. In this area, the distribution of the solutions to the equations is completely random depending on the initial values, and there is no predictable possibility. After a sufficiently long iteration, the positions of the solutions to the equations are completely randomly distributed in a specific area.

Chaotic functions have many forms. The system dimension is divided according to the number of independent variables, and can be explained by one-dimensional logistic function and two-dimensional hyperchaotic function.

The form of the one-dimensional logistic function is: _xn+1 = _xnu (1- _xn ), where 0≤u≤4, 0< _xn≤1 .

u is used as a branch parameter, and the bifurcation of the result distribution controlled by it is shown in FIG2 , which is a bifurcation diagram corresponding to the branch parameter provided by an embodiment of the present invention, wherein the abscissa is the branch parameter u, and the ordinate is X _n .

When 3.5699456<u≤4, it enters a chaotic state. When the u value is the same, different initial values undergo multiple iterations.

From the distribution diagram of its solutions, it can be seen that when the equation enters a chaotic state, as the number of iterations increases, the position of the solution of the equation becomes more and more random. After iterations of adjacent initial values, the positions of their solutions become more and more divergent, and it does not have the listable and additivity properties of linear equations at all.

From this we can see that the chaotic parameters such as the initial value and branch parameters of the chaotic function have a great influence on the solution of the chaotic function. Without knowing the initial value and branch parameters, the chaotic function of other parameters cannot determine the solution of the chaotic function based on its randomness.

Therefore, in this case, after obtaining the chaotic parameters, the corresponding chaotic function can be determined, and a random number sequence can be generated based on the chaotic function. Since the chaotic parameters are obtained based on the interaction of symmetric keys, the chaotic functions obtained by the communicating parties are the same.

A key stream is generated according to the generated random number sequence and the large prime number parameter, and the random number sequence that can be generated based on the same initial value is also the same as the key stream.

The generated key stream is then used to transmit secret data once, ensuring that the encrypted data can be decrypted while preventing a third party from obtaining the plaintext information, thus solving the problem of the sender's data being both decryptable and undecryptable.

In another embodiment provided by the present invention, the chaotic function used in this case includes a one-dimensional chaotic function and a hyperchaotic parameter, and the process of determining the chaotic function to generate a random number sequence in step S2 specifically includes:

Determining a one-dimensional chaotic function according to the one-dimensional branch parameters in the chaotic parameters, and determining a reduced-dimensional hyperchaotic function according to the hyperchaotic parameters in the chaotic parameters;

The one-dimensional chaotic function is in the form of: _xn+1 = _xnu (1- _xn ), where 0≤u≤4, 0< _xn≤1 .

The one-dimensional chaotic function can be uniquely determined according to the one-dimensional branch parameter u in the chaotic parameters.

For hyperchaotic functions, whether an equation has chaotic properties can be identified by the Lyapunov index. The number of Lyapunov exponents of an equation is the same as the dimension of the equation, that is, one-dimensional has one Lyapunov index, and two-dimensional has two Lyapunov indexes. When the number of Lyapunov index data is greater than or equal to 2 and all Lyapunov indexes are greater than zero, it is called hyperchaos.

The two-dimensional hyperchaotic function can be expressed as follows: _xn+1 = _f1 ( _xn , _yn ), yn ₊₁ = _f2 ( _xn , _yn ).

Among them, f ₁ (x _n , y _n )=a ₁ +a ₂ x _n +a ₃ x _n ² +a ₄ y _n +a ₅ y _n ² +a ₆ x _n y _n .

f ₂ (x _n , y _n )=b ₁ +b ₂ x _n +b ₃ x _n ² +b ₄ y _n +b ₅ y _n ² +b ₆ x _n y _n .

a ₁ ...a ₆ , b ₁ ...b ₆ are the parameters to be determined.

Since the mixed terms and quadratic terms of the equation will affect the calculation speed, the above equations can be simplified while retaining the hyperchaotic characteristics of the _equations , as follows _{: f1} ( _xn , _yn )= _a4yn + _{a5yn2 , f2} ( _{xn , yn} )= _b2xn + _b4yn .

Two-dimensional data still needs to be reduced in dimension in the process of generating random numbers. To ensure the distribution of data after dimension reduction, the following formula can be used for dimension reduction. Assume that the hyperchaotic function of the data after dimension reduction is Fn, then:

F _n =m ₁ X _n +m ₂ Y _n +m ₃ .

According to the hyperchaotic parameters m ₁ , m ₂ and m ₃ in the chaotic parameters, a dimension-reduced hyperchaotic function can be determined.

The generated symmetric key is used as the initial value of the one-dimensional chaotic function, and it is iterated for more than 20 times. The number of iterations is determined according to the actual number of tasks. According to the principle of the above chaotic function, when the iteration exceeds 4 or 5 times, the results will be differentiated. In order to ensure the randomness of the results, the number of iterations of the one-dimensional chaotic function and hyperchaos is set to a minimum of 20 times. Assume that the output sequence of the one-dimensional chaotic function is [o ₁ , o ₂ , ..., o _n ].

When the two parties are communicating, n one-dimensional chaotic sequences are generated according to the number of tasks n to be sent, and the initial value of the hyperchaos is determined.

The hyperchaotic function generates n+1 random number sequences [t ₁ , t ₂ , ..., t _n+1 ] according to the input initial value, and generates a ^key stream key ₁ , key ₂ , ..., key _n+1 according to _Ka = _Kb = _G1ti mod p, i = 1, ..., n+1.

The u value of the one-dimensional chaotic sequence is shared in advance through the symmetric key keyg. Since the chaotic parameters of both A and B are the same, the sequence generated by the same initial value is also the same, so the key stream of both A and B is also the same.

It should be noted that the chaotic parameters proposed in this embodiment use a random number generation method combining a one-dimensional chaotic function and a hyperchaotic function. In other embodiments, a method of generating random numbers by determining a chaotic function based on chaotic parameters may be used, for example, a one-dimensional chaotic function or a hyperchaotic function may be used alone.

In the existing random data generation method based on chaotic function, the generated key is still the original mechanism key generation method, and the generated random number is just a cheap replacement for the original random number, and the result distribution performance of the one-dimensional chaotic function is still relatively poor compared to the two-dimensional hyperchaotic distribution result. The parameter update of the existing chaotic function is still relatively traditional, relying on manual or random number selection within a certain range. The result is that when unsupervised parameter update is required, whether the distribution characteristics of the updated results are more in line with the requirements is unknown. Therefore, this case uses a one-dimensional chaotic function and a hyperchaotic function, and uses a one-dimensional logical chaotic function + a two-dimensional hyperchaotic function mechanism to generate random numbers. Therefore, a one-dimensional logical chaotic function + a two-dimensional hyperchaotic function will be used in the one-time one-key process to generate random numbers, and a symmetric key stream will be formed unilaterally to solve the duality problem of data transmission and improve the efficiency of key generation.

In yet another embodiment of the present invention, referring to FIG3 , it is a schematic diagram of the structure of a transmission system provided in an embodiment of the present invention.

The solution provided in this application is a one-time one-pad transmission method of a hyperchaotic key based on a trusted execution environment for one-time one-pad data transmission.

The trusted execution environment has a high degree of hardware dependence, thus ensuring a high level of security protection. In a server or other terminal device, a separate operating environment based on memory and CPU is opened up to protect the applications and data required for operation and storage. The trusted execution environment ensures the security of the operating environment by establishing a root of trust in the hardware device. The root of trust is directly related to the unique physical characteristics of the device, thereby improving the security of the trusted execution environment.

In key generation, random numbers determine the security of the key, and a good random number has higher security characteristics. The reason why random numbers are used to generate keys is that the unpredictable characteristics of random numbers are utilized. According to statistical characteristics, the ideal random number distribution is relatively uniform, and the specific value of the random number cannot be calculated using statistical methods. The noise and voltage instantaneous value change characteristics in real life all have such characteristics. People call random numbers generated by physical means such as noise and voltage instantaneous value changes true random numbers, and random numbers generated by mathematical principles and computer principles pseudo-random numbers, including linear congruential method, multiple recursive method, Fibonacci method, shift register method, inverse congruential method, etc. Since true random numbers are generated based on actual physical characteristics, the generation efficiency of true random numbers is low, but the quality is high. Pseudo-random numbers are generated based on mathematical algorithms and computer principles, with high generation efficiency but low quality. In the true random number generation scheme, the method of generating random numbers based on the physical characteristics of the hardware itself can be called PUF method. The full name of PUF is Physically Unclonable Function, which is physically unclonable function. The function in PUF does not refer to the concept of mathematical function. It refers to the unique physical characteristics of an object that cannot be cloned. Currently, there are two types of random numbers based on PUF: SRAM PUF and FLASH PUF.

In the trusted execution environment of the server, the symmetric key generated by the random number generated by the PUF is used as the initial value of the one-dimensional chaotic function.

Since the security of true random numbers is very high and they are placed in a trusted execution environment and cannot be directly accessed from outside, the security of the generated symmetric keys is also high and they will not leave the trusted execution environment. The data series generated by using the symmetric key as the initial value of the one-dimensional chaotic equation will also be difficult to crack. From the perspective of the outside world, the values of these data series are random. These random values are used as the initial values of the hyperchaotic function to further ensure the randomness of the initial values.

SRAM PUF is used to generate true random numbers, and the symmetric key keyg is generated according to the principle of symmetric key generation. The symmetric key keyg is mainly used to protect the data transmission security of the first handshake between the two communicating parties. After the symmetric key is generated, the symmetric key is used to share the parameters related to the hyperchaotic and one-dimensional chaotic functions and the new large prime number G1 used to generate the key stream between the two communicating parties. All parameter encryption and decryption protection operations are performed in the trusted execution environment of both parties to ensure the security of the parameters.

In another embodiment provided by the present invention, when determining the initial value of the dimension reduction hyperchaotic function, the method of taking values in reverse order is adopted to select the initial value of the hyperchaotic function from the output sequence.

That is, when the two parties formally communicate data for the first time, the last one-dimensional chaotic sequence is selected as the initial value of hyperchaos.

In another embodiment provided by the present invention, when a key stream is used for one-time data transmission, since this case is executed in a trusted execution environment, the trusted execution environment needs to be considered when using the key. See Figure 4, which is a schematic diagram of the data encryption and decryption transmission process provided by an embodiment of the present invention.

When the communicating parties A and B perform one-time secret transmission, after obtaining the key stream, the key stream is stored in the trusted execution environment TEE.

When the encrypted data is sensitive data, the data encryption and decryption are performed in a trusted execution environment, the key stream is used to encrypt the data to be encrypted in the trusted execution environment, and the data is transmitted through a data network after encryption.

When the data is non-sensitive regular data, encryption and decryption operations can be performed in a regular environment. The key stream needs to be taken out from the trusted execution environment, and the key stream is used to encrypt the data to be encrypted in the regular environment.

The encryption and decryption algorithm can be processed according to the existing encryption and decryption algorithm. See FIG5 , which is a flowchart of the data packet encryption process provided by an embodiment of the present invention.

The key stream is stored in the order of labels. After the encryption is completed, the encrypted transmission data packet is attached with a label plaintext to identify the number of data packets sent, corresponding to the corresponding key stream. At the same time, a flag bit is added to the plaintext of the data packet to be encrypted to indicate whether the chaotic parameters need to be changed. When this bit is 1, it means that the chaotic parameters will be changed, and the chaotic parameters to be changed and the initial value of the one-dimensional chaos are attached. When it is 0, it means that the chaotic function data will not be updated. When the other party receives and decrypts the data and finds that the chaotic parameters need to be updated, the chaotic parameters can be updated and the key can be updated again.

In another embodiment provided by the present invention, when determining the hyperchaotic parameters, the following steps are specifically performed:

The two-dimensional hyperchaotic function can be expressed as follows: _xn+1 = _f1 ( _xn , _yn ), yn ₊₁ = _f2 ( _xn , _yn ).

Among them, f ₁ (x _n , y _n )=a ₁ +a ₂ x _n +a ₃ x _n ² +a ₄ y _n +a ₅ y _n ² +a ₆ x _n y _n .

f ₂ (x _n , y _n )=b ₁ +b ₂ x _n +b ₃ x _n ² +b ₄ y _n +b ₅ y _n ² +b ₆ x _n y _n .

Since the mixed terms and quadratic terms of the equation will affect the calculation speed, the above equation can be simplified while retaining the hyperchaotic characteristics of the equation, as follows:

f ₁ (x _n , y _n )=a ₄ y _n +a ₅ y _n ² ;

f ₂ (x _n , y _n )=b ₂ x _n +b ₄ y _n ;

By selecting the initial values of the two-dimensional parameters of the two-dimensional hyperchaotic functions, a ₄ = 1.55, a ₅ = -1.3, b ₂ = -1.1, b ₄ = 0.1, the two Lyapunov exponents of the equation are 0.238 and 0.166 respectively. All Lyapunov exponents are greater than zero, indicating that the system has chaotic characteristics. Taking a ₄ as a variable, it can be seen from the bifurcation diagram that when 1.55≤a4<＝1.6, the equation enters a chaotic state. Therefore, when generating random numbers, the equation parameters can be updated by adjusting the value of a4, thereby improving the security characteristics of the random number generation equation.

From the principle of chaotic function, we know that when the value of a ₄ is changed, the distribution of the entire chaotic result will also change. By changing a ₄ and then changing the distribution properties of the entire hyperchaotic function, the safety level can be improved.

Suppose the iterative sequences generated by the state quantities _Xn and _Yn are [ _X1 , _X2 , ..., _Xn ], [ _Y1 , _Y2 , ..., _Yn ] respectively. See Figure 6, which is a distribution diagram of the two-dimensional hyperchaotic function _Xn provided by an embodiment of the present invention. See Figure 7, which is a distribution diagram of the two-dimensional hyperchaotic function _Yn provided by an embodiment of the present invention.

The distribution of _Xn and _Yn can be obtained through the above process, and the distribution _Fn after dimensionality reduction can be obtained according to the dimensionality reduction formula described in the chaotic function part.

To determine whether the generated F _n meets the distribution requirements, an artificial intelligence model is used to identify the distribution graph of F _n . Once the identification is passed, the hyperfunction parameters can be updated. The artificial intelligence model is trained using the Alexnet architecture.

When training the artificial intelligence model, the data set considers the valid and invalid graphs of the _Fn distribution and the one-dimensional chaotic distribution as invalid graphs as materials. In the range of 1.55≤a4≤1.6, multiple _Fn distribution graphs are generated, with valid graphs marked as 01 and invalid graphs marked as 00. Under the one-dimensional chaotic function 3.5699456<u≤4, distribution graphs are generated with different initial values and marked as 00. The artificial intelligence model is trained and the ability to distinguish whether the _Fn distribution is valid is obtained.

After obtaining the distribution characteristics of the reduced-dimensional hyperchaotic function _Fn , the trained artificial intelligence model is used to identify whether the distribution characteristics of _Fn meet the requirements of random number distribution. If so, the relevant parameters of the existing settings are retained. If not, the program adjusts the two-dimensional branch parameters in the two-dimensional parameters, that is, adjusts a ₄ for fine-tuning until the distribution of _Fn meets the requirements. When the recognition result is a valid graph, the latest two-dimensional parameters are used as the hyperchaotic parameters, and the parameters are fixed and sent to the trusted execution environment.

In a trusted execution environment, hyperchaotic functions and dimensionality reduction equations are generated by obtaining the determined hyperchaotic parameters, and these parameters are shared with the communicating parties using a symmetric key.

It should be noted that, referring to Figure 8, which is a structural diagram of the artificial intelligence model provided by an embodiment of the present invention, the entire model has a total of 8 layers of convolutional neural networks, the first 5 layers are convolutional layers, and the last three layers are fully connected layers.

The original distribution image is processed into a 227*227 image, and after random processing it becomes 224*224.

The convolution input of the convolution layer C1 is 227*227*3, the convolution kernel size is 11*11*3, the number is 96, the edge is not expanded, that is, padding=0, stride=4, and the FeatureMap size is 55*55*96. The activation function is Relu; the pooling kernel size of the pooling layer is 3*3, the edge is not expanded, that is, padding=0, stride=2, and the output of FeatureMap C1 is 27*27*96.

The convolution input of the convolution layer C2 is 27*27*96, the convolution kernel size is 5*5*96, the number is 256, the padding of the expanded edge is 2, the stride is 1, and the FeatureMap size is 27*27*256; the activation function is Relu; the pooling kernel size of the pooling layer is 3*3, the edge is not expanded, that is, padding=0, the stride is 2, and the output of FeatureMap, that is, C2, is 13*13*256;

The convolution input of convolution layer C3 is 13*13*256, the convolution kernel size is 3*3*256, the number is 384, the padding edge is 1, the stride is 1, the FeatureMap size is 13*13*384; the activation function is Relu; there is no pooling layer, that is, the output of C3 is 13*13*384;

The convolution input of convolution layer C4 is 13*13*384, the convolution kernel size is 3*3*384, the number is 384, the expansion edge is padding=1, the step length is stride=1, the FeatureMap size is 13*13*384; the activation function is Relu; there is no pooling layer, that is, the output of C4 is 13*13*384;

The convolution input of the convolution layer C5 is 13*13*384, the convolution kernel size is 3*3*384, the number is 256, the padding of the expanded edge is 1, the stride is 1, and the FeatureMap size is 13*13*256; the activation function is Relu; the pooling kernel size of the pooling layer is 3X3, the edge is not expanded, that is, padding=0, the stride is 2, and the output of FeatureMap, that is, C1, is 6*6*256;

The fully connected layer FC1 is implemented by convolution, with an input of 6*6*256, a convolution kernel size of 6*6*256, a number of 4096, no edge expansion padding = 0, stride = 1, and a FeatureMap size of 1*1*4096; the activation function is Relu; some neural nodes are removed in the dropout process to prevent overfitting, and the output of FC1 is 1*1*4096;

The fully connected layer FC2 is implemented by convolution, with an input of 1*1*4096; the activation function is Relu; some neural nodes are removed in the dropout process to prevent overfitting, and the output of FC2 is 1*1*4096;

The fully connected layer FC3 is implemented by convolution, with an input of 1*1*4096; the activation function is softmax, the softmax is 2, and the output of FC3 is 1*1*2.

It should be noted that the specific structure of the above-mentioned artificial intelligence model is only used as a preferred implementation method and does not constitute a specific limitation on the artificial intelligence model of this scheme. In other embodiments adopted in this case, other models may also be used for distribution map recognition.

Symmetric keys are directly calculated and generated based on the chaos principle, which effectively saves the time of key generation and can effectively increase the number of keys generated. The key calculation is performed in a trusted execution environment, which has the advantages of higher security and higher key generation efficiency.

The artificial intelligence model is used to automatically process parameter updates, but the frequency of updates is still manually controlled. This automated parameter processing process is mainly to improve the security of the model. When security is guaranteed, parameter updates can be omitted and parameters can be kept stable. When the two parties in communication just start communicating, equation parameters can also be specified while ensuring security and function performance. According to the principles of chaos theory, even if the equation parameters are public, the security of the entire system is still guaranteed as long as the initial value selection is safe. However, in order to improve the security performance of the entire system, the ability to update parameters based on the artificial intelligence model is added. However, the entire update process requires a certain amount of consumption. The update of this process is an operation process outside the communication task and does not affect real-time communication.

The AI model is used to update the parameters of the chaotic function, which improves the automatic processing capability and makes the equation parameters more unpredictable. The unsupervised equation parameter update capability is improved. The key generation process is simplified and the operation is performed in a trusted execution environment, which increases the security and generation efficiency of the key. The entire solution can effectively improve the performance of the one-time pad.

_In yet another embodiment provided by the present invention, the dimension-reduced _hyperchaotic function _Fn = _m1Xn + _m2Yn + _m3 .

According to the hyperchaotic parameters m ₁ , m ₂ and m ₃ in the chaotic parameters, a dimension-reduced hyperchaotic function can be determined.

In order to solve m ₁ , m ₂ and m ₃ , it is necessary to divide the distribution diagrams of X _n and Y _n into relatively concentrated areas and relatively discrete areas, and determine the upper and lower boundaries of the relatively concentrated areas and the upper and lower boundaries of the relatively discrete areas of the distribution diagrams of the two two-dimensional hyperchaotic functions.

Give a numerical range for the corresponding area. Assume that the upper and lower boundaries of the relative aggregation area of the first two-dimensional hyperchaotic function _Xn are _X12 and _X11 , and the upper and lower boundaries of the discrete area are _X22 and _X21 ; the upper and lower boundaries of the relative aggregation area of the second two-dimensional hyperchaotic function _Yn are _Y12 and _Y11 , and the upper and lower boundaries of the relative discrete area are _Y22 and _Y21 .

The upper and lower boundaries of the relative aggregation area of the transformed reduced-dimensional hyperchaotic function _Fn are _F12 and _F11 , respectively, and the upper and lower boundaries of the relative discrete area are _F22 and _F21 , respectively.

Constructing the functional relationship between _F12 , _F11 , _F22 and _F21 and _X22 , _X21 , _X12 , _X11 , _Y22 , _Y21 , _Y12 and _Y11 , we have:

F ₂₁ =X ₂₁ *m ₁ +Y ₂₁ *m ₂ +m ₃ ;

F ₂₂ =X ₂₂ *m ₁ +Y ₂₂ *m ₂ +m ₃ ;

F ₁₁ =X ₁₁ *m ₁ +Y ₁₁ *m ₂ +m ₃ ;

The boundary of Fn is constrained, and the dimension-reduced hyperchaotic function is mirror-symmetric to the boundary of the relative discrete region, so: F ₂₂ ＝-F ₂₁ , the lower boundary of the relative clustering region is not less than the upper boundary of the relative discrete region, that is, F ₁₁ ≥F ₂₂ .

After analysis, there is only the case of X ₁₁ ≤X ₂₂ , Y ₁₁ ≤Y ₂₂ , then

When X ₁₁ ＝X ₂₂ and Y ₁₁ ＝Y ₂₂ , there is no constraint on m1 and m2;

When Y ₁₁ ≠Y ₂₂ , m ₂ <((X ₁₁ -X ₂₂ )*m ₁ /(Y ₂₂ -Y ₁₁ ));

When Y ₁₁ =Y ₂₂ and X ₁₁ !=X ₂₂ , m ₁ <0.

From the above constraints, we can see that _m1 and _m2 have opposite positive and negative values. When selecting values, since the obtained data distribution may not meet the diffusion requirements, the value can be fine-tuned around 1 in consideration of computing performance. After obtaining the one-dimensional generated sequence, the data is normalized and restricted to the interval [0,1].

Taking _X11 = -0.1, _X12 = 0.5, _Y11 = -0.5, _Y12 = 0.2, _X21 = -1.2, _X22 = -0.1, _Y21 = 0.2, _Y22 = 1.5, _m1 = 1, _m2 = -1, we obtain _m3 = 1.5. After normalization, we have _Fn = ( _Xn - _Yn + 1.5)/2.5.

See FIG. 9 , which is a distribution diagram of a dimensionality reduction hyperchaotic function provided in an embodiment of the present invention. See FIG. 10 , which is a distribution diagram of a one-dimensional logistic function provided in an embodiment of the present invention when u=3.9 and the initial value is 0.4.

By comparing the distribution diagrams, it can be seen that the randomness of the distribution of the reduced-dimensional hyperchaotic function is significantly better than that of the one-dimensional logistic function.

The dimension reduction parameters are determined by solving, and the dimension reduction hyperchaotic function is determined according to the dimension reduction parameters. The randomness of the dimension reduction hyperchaotic function is higher than that of the one-dimensional chaotic function, and the random numbers generated thereby are more secure.

In another embodiment provided by the present invention, when determining the upper and lower boundaries of the relative clustered area and the upper and lower boundaries of the relative discrete area, the distribution diagrams of _Xn and _Yn are referred to, the horizontal axis is the number of iterations, and the vertical axis is the respective distribution value. In order to be able to divide the clustered area and the discrete area, the number of data points in each row is selected as the density index, and data statistics are performed. When the number of points in each row changes by more than a certain threshold, it is used as the dividing boundary. Specifically, the boundary determination method is described by taking the distribution of _Xn as an example, and the process is as follows:

The maximum value X _max and minimum value X _min of the statistical data distribution.

The number of data points at the maximum value X _max and the minimum value X _min are calculated as the maximum number numberX _max and the minimum number numberX _min respectively.

According to the size relationship between the maximum number numberX _max and the minimum number numberX _min , the distribution of the relatively concentrated area and the relatively discrete area is determined;

If the maximum number numberX _max is less than the minimum number numberX _min , the relative clustering area is below the relative discrete area. Let X ₁₂ =X _max , X ₂₁ =X _min , take the minimum value of the distribution graph as the lower boundary of the relative clustering area, and take the maximum value of the distribution graph as the upper boundary of the relative discrete area.

If the maximum number numberX _max is equal to the minimum number numberX _min , the minimum value is increased and the maximum value is decreased by a preset step size, the maximum value and the minimum value are updated, and the maximum number and the minimum number are re-determined for judgment.

If the maximum number numberX _max is greater than the minimum number numberX _min , the relative clustering region is above the relative discrete region. Let X ₁₁ =X _min , X ₂₂ =X _max , take the minimum value of the distribution graph as the lower boundary of the relative discrete region, and take the maximum value of the distribution graph as the upper boundary of the relative clustering region.

Then, according to the preset boundary conditions, the boundary value between the relatively discrete area and the relatively concentrated area is searched between the maximum value and the minimum value. The boundary conditions specifically limit the statistical number of distribution points up to the boundary value.

According to the distribution of the relatively concentrated area and the relatively discrete area, and the location of the dividing point, the upper and lower boundaries of the relatively concentrated area and the upper and lower boundaries of the relatively discrete area are determined.

It should be noted that this embodiment uses the _Xn distribution graph as an example to illustrate the specific method for determining the upper and lower boundaries of the relatively concentrated area and the upper and lower boundaries of the relatively discrete area. The same solution can also be used for the _Yn distribution graph.

In another embodiment provided by the present invention, when searching for the boundary value between the relative discrete area and the relative concentrated area, when the relative concentrated area is located below the relative discrete area, the following steps are specifically performed:

That is, when the maximum number numberX _max is less than the minimum number numberX _min , the relative clustering area is located below the relative discrete area, then the preset first step length d is selected, and the current judgment value X _new =X _min +d is set, and the number of data points in the row where the current judgment value X _new is located is counted, that is, the current judgment number numberX _new , and it is determined whether the current judgment number numberX _new is greater than the minimum number numberX _min ;

If the current judgment number numberX _new ≤ the minimum number numberX _min , then the demarcation ratio T = (numberX _min - numberX _new )/numberX _min is calculated. When T ≤ 50%, the current judgment number numberX _new is taken as the previous judgment number numberX _new1 , and the value of X _new is continued to be increased, X _new = X _new + d, and the demarcation ratio T = (numberX _new1 - numberX _new )/numberX _new1 is recalculated. When T > 50%, X _new is considered to be the demarcation point between the relatively clustered area and the relatively discrete area.

If the current judgment number numberX _new > the minimum number numberX _min , the current judgment number numberX _new is taken as the previous judgment number numberX _new1 , and the value of X _new is continued to be increased, X _new =X _new +d; the number of data points in the row where the current judgment value X _new is located is counted, that is, the current judgment number numberX _new , and it is determined whether the current judgment number numberX _new is greater than the previous judgment number numberX _new1 .

If the current judgment number numberX _new is greater than the previous judgment number numberX _new1 , the demarcation ratio T = (numberX _new1 - numberX _new )/numberX _new1 is calculated. When T≤50%, the current judgment number numberX _new is taken as the previous judgment number numberX _new1 , and the value of X _new is continued to be increased, X _new = X _new + d, and the demarcation ratio T = (numberX _new1 - numberX _new )/numberX _new1 is recalculated. When T＞50%, X _new is considered to be the demarcation point between the relatively clustered area and the relatively discrete area.

When X _new is the dividing point, in the case of numberX _max <numberX _min , let X ₂₂ =X ₁₁ =X _new , then the upper and lower boundaries of the relatively concentrated area and the upper and lower boundaries of the relatively discrete area are determined accordingly.

In another embodiment provided by the present invention, when searching for the boundary value between the relative discrete area and the relative concentrated area, when the relative concentrated area is located above the relative discrete area, the following steps are specifically performed:

That is, when the maximum number numberX _max is greater than the minimum number numberX _min , the relative clustering area is located above the relative discrete area, then the preset second step length k is selected, and the current judgment value X _new is set to be X _ma -k, and the number of data points in the row where the current judgment value X _new is located is counted, that is, the current judgment number numberX _new , and it is determined whether the current judgment number numberX _new is greater than the maximum number numberX _max ;

If the current judgment number numberX _new ≤ the maximum number numberX _max , then the demarcation ratio T = (numberX _max - numberX _new )/numberX _max is calculated. When T ≤ 50%, the current judgment number numberX _new is taken as the previous judgment number numberX _new1 , and the value of X _new is continued to be reduced, X _new = X _new - k, and the demarcation ratio T = (numberX _new1 - numberX _new )/numberX _new1 is recalculated. When T > 50%, X _new is considered to be the demarcation point between the relatively clustered area and the relatively discrete area.

If the current judgment number numberX _new > the maximum number numberX _max , the current judgment number numberX _new is taken as the previous judgment number numberX _new1 , and the value of X _new is continuously reduced, X _new =X _new −k; the number of data points in the row where the current judgment value X _new is located is counted, that is, the current judgment number numberX _new , and it is determined whether the current judgment number numberX _new is greater than the previous judgment number numberX _new1 .

If the current judgment number numberX _new is greater than the previous judgment number numberX _new1 , the demarcation ratio T = (numberX _new1 - numberX _new )/numberX _new1 is calculated. When T≤50%, the current judgment number numberX _new is taken as the previous judgment number numberX _new1 , and the value of X _new is continued to be reduced, X _new = X _new -k, and the demarcation ratio T = (numberX _new1 - numberX _new )/numberX _new1 is recalculated. When T＞50%, X _new is considered to be the demarcation point between the relatively clustered area and the relatively discrete area.

When X _new is the dividing point, in the case of numberX _max > numberX _min , let X ₂₁ =X ₁₂ =X _new , then the upper and lower boundaries of the relatively concentrated area and the upper and lower boundaries of the relatively discrete area are determined accordingly.

Referring to FIG. 11 , it is a schematic diagram of the structure of a hyperchaotic key one-time pad transmission device provided by an embodiment of the present invention, the device comprising:

A symmetric module, used for decrypting the obtained chaotic parameters and large prime number parameters using the generated symmetric key;

A chaos module, used for determining a chaos function according to the chaos parameters, and generating a random number sequence using the chaos function;

A key generation module, used to generate a key stream according to the generated random number sequence and the large prime number parameter;

The transmission module is used to perform one-time one-key data transmission according to the key stream.

The hyperchaotic key one-time pad transmission device provided in this embodiment can execute all the steps and functions of the hyperchaotic key one-time pad transmission method provided in any of the above embodiments, and the specific functions of the device will not be described in detail here.

Referring to FIG. 12 , it is a schematic diagram of the structure of a terminal device provided by an embodiment of the present invention. The terminal device includes: a processor, a memory, and a computer program stored in the memory and executable on the processor, such as a hyperchaotic key one-time-one-pad transmission program. When the processor executes the computer program, the steps in each of the above-mentioned embodiments of the hyperchaotic key one-time-one-pad transmission method are implemented, such as steps S1 to S4 shown in FIG. 1 . Alternatively, when the processor executes the computer program, the functions of each module in the above-mentioned device embodiments are implemented.

Exemplarily, the computer program may be divided into one or more modules, and the one or more modules are stored in the memory and executed by the processor to complete the present invention. The one or more modules may be a series of computer program instruction segments capable of completing specific functions, and the instruction segments are used to describe the execution process of the computer program in the terminal device. For example, the computer program may be divided into several modules, and the specific functions of each module have been described in detail in a hyperchaotic key one-time pad transmission method provided in any of the above embodiments, and the specific functions of the device will not be repeated here.

The terminal device may be a computing device such as a desktop computer, a notebook, a PDA, and a cloud server. The terminal device may include, but is not limited to, a processor and a memory. Those skilled in the art will appreciate that the schematic diagram is merely an example of a terminal device and does not constitute a limitation on a terminal device. The terminal device may include more or fewer components than shown in the diagram, or may combine certain components, or different components. For example, the terminal device may also include an input/output device, a network access device, a bus, etc.

The processor may be a central processing unit (CPU), other general-purpose processors, digital signal processors (DSP), application-specific integrated circuits (ASIC), field-programmable gate arrays (FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, etc. The general-purpose processor may be a microprocessor or any conventional processor, etc. The processor is the control center of the terminal device, and uses various interfaces and lines to connect various parts of the entire terminal device.

The memory can be used to store the computer program and/or module, and the processor realizes various functions of the one-time one-pad transmission device of the hyper-chaotic key by running or executing the computer program and/or module stored in the memory and calling the data stored in the memory. The memory can mainly include a program storage area and a data storage area, wherein the program storage area can store an operating system, an application required for at least one function (such as a sound playback function, an image playback function, etc.), etc.; the data storage area can store data created according to the use of the mobile phone (such as audio data, a phone book, etc.), etc. In addition, the memory can include a high-speed random access memory, and can also include a non-volatile memory, such as a hard disk, a memory, a plug-in hard disk, a smart memory card (Smart Media Card, SMC), a secure digital (SecureDigital, SD) card, a flash card (Flash Card), at least one disk storage device, a flash memory device, or other volatile solid-state storage devices.

Wherein, if the module integrated in the one-time transmission device of a hyper-chaotic key is implemented in the form of a software functional unit and sold or used as an independent product, it can be stored in a computer-readable storage medium. Based on such an understanding, the present invention implements all or part of the processes in the above-mentioned embodiment method, and can also be completed by instructing the relevant hardware through a computer program. The computer program can be stored in a computer-readable storage medium, and when the computer program is executed by the processor, the steps of the above-mentioned various method embodiments can be implemented. Wherein, the computer program includes computer program code, and the computer program code can be in source code form, object code form, executable file or some intermediate form, etc. The computer-readable medium may include: any entity or device capable of carrying the computer program code, recording medium, U disk, mobile hard disk, magnetic disk, optical disk, computer memory, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), electric carrier signal, telecommunication signal and software distribution medium, etc.

An embodiment of the present invention further provides a computer program product, including a computer program/instruction, which implements the steps of any method described in the above embodiments when executed by a processor.

It should be pointed out that for ordinary technicians in this technical field, several improvements and modifications can be made without departing from the principles of the present invention, and these improvements and modifications are also considered to be within the scope of protection of the present invention.

Claims (14)

1. A one-time transmission method for a hyperchaotic key, characterized in that the method comprises: Use the generated symmetric key to decrypt the obtained chaotic parameters and large prime number parameters; Determine a chaotic function according to the chaotic parameters, and use the chaotic function to generate a random number sequence; Generate a key stream according to the generated random number sequence and the large prime number parameter; The one-time pad data transmission is performed according to the key stream. 2. The hyperchaotic key one-time pad transmission method according to claim 1 is characterized in that a chaotic function is determined according to the chaotic parameter, and a random number sequence is generated using the chaotic function, comprising: Determining a one-dimensional chaotic function according to the one-dimensional branch parameters in the chaotic parameters, and determining a reduced-dimensional hyperchaotic function according to the hyperchaotic parameters in the chaotic parameters; Using the symmetric key as the initial value of the one-dimensional chaos, iterating the one-dimensional chaotic function for a preset number of times to determine an output sequence; The initial value of the hyperchaos is determined according to the output sequence, and the determined initial value is input into the dimension reduction hyperchaos function to generate the random number sequence. 3. The hyperchaotic key one-time pad transmission method according to claim 1, characterized in that the symmetric key generation process comprises: True random numbers generated by SRAM PUF in a trusted execution environment; The symmetric key is generated according to the true random number. 4. The hyperchaotic key one-time pad transmission method according to claim 2, characterized in that the initial value of the hyperchaotic key is determined according to the output sequence, comprising: The initial value of the hyperchaos is selected from the output sequence in a reverse order. 5. The method for transmitting a hyperchaotic key one-time pad according to claim 1, characterized in that the one-time pad data transmission according to the key stream comprises: storing the keystream in a trusted execution environment; When the data to be encrypted is sensitive data, encrypting the data to be encrypted using the key stream in the trusted execution environment; When the data to be encrypted is not sensitive data, the key stream is taken out from the trusted execution environment, and the key stream is used to encrypt the data to be encrypted in a conventional environment. 6. The hyperchaotic key one-time pad transmission method according to claim 1, characterized in that the hyperchaotic parameter determination process specifically comprises: Selecting and presetting preliminary values of two-dimensional parameters of two two-dimensional hyperchaotic functions; Determine the dimension reduction parameter of the dimension reduction hyperchaotic function according to the distribution diagrams of the two two-dimensional hyperchaotic functions, and obtain the dimension reduction hyperchaotic function; Identifying the distribution graph of the dimension-reduced hyperchaotic function according to a pre-trained artificial intelligence model; When the recognition result is an invalid graph, the two-dimensional branch parameters in the two-dimensional parameters are adjusted within a preset range, the dimension reduction hyperchaotic function is re-determined, and the distribution graph of the re-determined dimension reduction hyperchaotic function is recognized; When the recognition result is a valid graph, the latest two-dimensional parameters are used as the hyperchaotic parameters. 7. The hyperchaotic key one-time pad transmission method according to claim 6, characterized in that the dimension reduction parameter of the dimension reduction hyperchaotic function is determined according to the distribution diagrams of the two two-dimensional hyperchaotic functions to obtain the dimension reduction hyperchaotic function, comprising: Determine the upper and lower boundaries of the relative aggregation area and the upper and lower boundaries of the relative discrete area of the distribution diagrams of two two-dimensional hyperchaotic functions; Constructing the functional relationship between the upper and lower boundaries of the relative aggregation area and the upper and lower boundaries of the relative discrete area of the dimensionality reduction hyperchaotic function and the upper and lower boundaries of the relative aggregation area and the upper and lower boundaries of the relative discrete area of the distribution diagrams of two two-dimensional hyperchaotic functions, and the dimensionality reduction parameters; The functional relationship is solved according to the boundary constraints of the dimension reduction hyperchaotic function, the dimension reduction parameters are determined, and the dimension reduction hyperchaotic function is determined according to the dimension reduction parameters. 8. The one-time one-pad transmission method for a hyperchaotic key according to claim 7 is characterized in that determining the upper and lower boundaries of the relative clustering area and the upper and lower boundaries of the relative discrete area of the distribution diagrams of the two two-dimensional hyperchaotic functions comprises: For different two-dimensional hyperchaotic functions, the minimum number of minimum value distribution points and the maximum number of maximum value distribution points in the distribution diagram of the two-dimensional hyperchaotic function are counted respectively; Determine the distribution of relatively concentrated areas and relatively discrete areas according to the size relationship between the maximum number and the minimum number; A demarcation value that meets the preset demarcation condition is searched between the maximum value and the minimum value as the demarcation point between the relative clustering area and the relative discrete area, and the upper and lower boundaries of the relative clustering area and the upper and lower boundaries of the relative discrete area are determined. 9. The hyperchaotic key one-time pad transmission method according to claim 8, characterized in that searching for a demarcation value that meets a preset demarcation condition between the maximum value and the minimum value comprises: When the maximum number is less than the minimum number, the minimum value is increased by a preset first step length, the current judgment value is updated, the current judgment number of the current judgment value is counted, and it is determined whether the current judgment number is greater than the minimum number; If so, taking the current judgment quantity as the previous judgment quantity, increasing the current judgment value by the first step length, updating the current judgment value, re-counting the current judgment quantity, and determining whether the current judgment quantity is greater than the previous judgment quantity; If not, calculate the ratio of the difference between the previous judgment quantity and the current judgment quantity to the cutoff value of the previous judgment quantity; When the demarcation ratio is not greater than a preset first threshold, the current judgment quantity is used as the previous judgment quantity, the current judgment value is increased by the step length, the current judgment value is updated, the current judgment quantity is recounted, and the demarcation ratio is recalculated; When the demarcation ratio is greater than the first threshold, the current judgment value is used as the demarcation value. 10. The hyperchaotic key one-time pad transmission method according to claim 8, characterized in that searching for a demarcation value that meets a preset demarcation condition between the maximum value and the minimum value comprises: When the maximum number is greater than the minimum number, reducing the maximum value by a preset second step length, updating the current judgment value, counting the current judgment number of the current judgment value, and determining whether the current judgment number is greater than the maximum number; If so, taking the current judgment number as the previous judgment number, reducing the current judgment value by the first step length, updating the current judgment value, re-counting the current judgment number, and determining whether the current judgment number is greater than the previous judgment number; If not, calculate the ratio of the difference between the previous judgment quantity and the current judgment quantity to the cutoff value of the previous judgment quantity; When the demarcation ratio is not greater than a preset second threshold, the current judgment quantity is used as the previous judgment quantity, the current judgment value is reduced by the step length, the current judgment value is updated, the current judgment quantity is recounted, and the demarcation ratio is recalculated; When the demarcation ratio is greater than the second threshold, the current judgment value is used as the demarcation value. 11. A hyperchaotic key one-time pad transmission device, characterized in that the device comprises: A symmetric module, used for decrypting the obtained chaotic parameters and large prime number parameters using the generated symmetric key; A chaos module, used for determining a chaos function according to the chaos parameters, and generating a random number sequence using the chaos function; A key generation module, used to generate a key stream according to the generated random number sequence and the large prime number parameter; The transmission module is used to perform one-time one-key data transmission according to the key stream. 12. An electronic device, characterized in that it comprises a processor, a memory, and a computer program stored in the memory and configured to be executed by the processor, wherein when the processor executes the computer program, the one-time transmission method of a hyper-chaotic key as described in any one of claims 1 to 10 is implemented. 13. A computer-readable storage medium, characterized in that the computer-readable storage medium includes a stored computer program, wherein when the computer program is running, the device where the computer-readable storage medium is located is controlled to execute the hyper-chaotic key one-time-one-pad transmission method as described in any one of claims 1 to 10. 14. A computer program product, comprising a computer program/instruction, characterized in that when the computer program/instruction is executed by a processor, the steps of the method according to any one of claims 1 to 10 are implemented.