CN113726512B

CN113726512B - Key generation and distribution method, key generation device, and key management system

Info

Publication number: CN113726512B
Application number: CN202111016098.6A
Authority: CN
Inventors: 蔡利锋; 蔡嘉禾; 王艳
Original assignee: Individual
Current assignee: Individual
Priority date: 2021-08-31
Filing date: 2021-08-31
Publication date: 2024-10-18
Anticipated expiration: 2041-08-31
Also published as: WO2023030316A1; CN113726512A

Abstract

The invention provides a key generation and distribution method, a key generation device, a key management system and an information security delivery system. The key generation and distribution method comprises the following steps: acquiring or/and generating system information of a key generating device, wherein the system information at least comprises a main key and at least one-way data conversion algorithm, the main key consists of unpublished random information, the one-way data conversion algorithm generates output information determined by the input information according to the input information, and the output information is presumed or/and deducing the input information to be infeasible; generating a key determined by the information in the time stamp and the master key together by adopting at least one unidirectional data conversion algorithm according to the master key and by means of a time stamp composed of any non-repeated information, and associating the key with the time stamp information; and transmitting the time stamp to a paired key generating device, wherein the paired key generating device stores second system information corresponding to the system information.

Description

Key generation and distribution method, key generation device, and key management system

Technical Field

The present invention relates to the field of information security, and more particularly, to a key generation and distribution method, a key generation apparatus, a key management system, an encryption and decryption apparatus, a file security system, and an information security delivery system.

Background

The rapid development of computer and communication technology and the popularization and application of the Internet of things, cloud computing and cloud storage, which follow, provide new challenges for information security and new development opportunities. Secure transfer and storage of information is the core of information security, and information encryption is an important means for realizing information security.

Continuous encryption and decryption by storing or sharing a key in advance provides great convenience for users and is a common means in cryptography. Repeated use of the same key creates many security risks and thus derives many attack strategies for specific encryption algorithms. Encrypting a file using a one-time key can effectively avoid most cryptographic attacks against the encryption algorithm, but the generation and exchange of a large number of one-time keys is often difficult and cumbersome. Currently, it remains a challenge to design a convenient and versatile encryption scheme that can prove secure. In addition, key management is often a problem since the communicating parties need different keys for different communicating objects, which is especially serious in institutions and organizations that need to manage a large number of keys, where the number of keys involved is proportional to the square of the number of members.

Because the plaintext information quantity is usually larger than the key information quantity during encryption, the information larger than the key information quantity can be safely transmitted through the ciphertext, the shared key can be designed into a dynamic key, the key information needing to be updated is transmitted to the other party through the ciphertext along with the communication information, the shared key is dynamically updated in the communication process of the two parties, and practical one-time key encryption is realized, so that corresponding attacks are avoided. The dynamic key scheme is suitable for real-time communication and has no advantages in information storage and key management.

Therefore, a method that can rely on a master key to generate the required number of independent keys with defined key strength and can distribute these keys conveniently and securely would be expected to overcome the limitations of existing encryption schemes and solve the fundamental problems of cryptography and information security.

Disclosure of Invention

The invention solves the problems of generating and safely distributing independent secret keys with required secret key intensity, and constructs an encryption scheme which can prove safety in theory of informatics on the basis of the generation and the safety distribution of the independent secret keys with required secret key intensity, thereby constructing an information safety transmission scheme and an information safety system.

According to one embodiment described herein, there is provided a key generation and distribution method including:

Acquiring or/and generating system information of a key generating device, wherein the system information at least comprises a main key and at least one-way data conversion algorithm, the main key consists of unpublished random information, the one-way data conversion algorithm generates output information determined by the input information according to the input information, and the output information is presumed or/and deducing the input information to be infeasible;

Generating a key determined by the information in the time stamp and the master key together by adopting at least one unidirectional data conversion algorithm according to the master key and by means of a time stamp composed of any non-repeated information, and associating the key with the time stamp information; and

And sending the timestamp to a paired key generation device, wherein the paired key generation device stores second system information corresponding to the system information.

In some embodiments, generating the key comprises:

generating the time stamp by the key generation means;

Calculating the time stamp and the master key to generate an intermediate key;

taking the intermediate key as input information, and performing conversion on the intermediate key through the unidirectional data conversion algorithm to generate secondary information;

extracting information from the secondary information to generate a key; and

And associating the key with a timestamp corresponding to the key.

In some embodiments, operating the timestamp with the master key to generate an intermediate key includes:

the intermediate key is generated using a non-degenerate combination of the timestamp and the master key.

The intermediate key is generated by a second unidirectional data conversion algorithm using the timestamp and the master key as input information, the second unidirectional data conversion algorithm being the same as or different from the unidirectional data conversion algorithm.

In some embodiments, the unidirectional data conversion algorithm performs data conversion using the input information as control information to generate output information,

The system information further includes a public database configured to store public data containing a number of bits substantially greater than the number of bits contained in the master key, and

The unidirectional data conversion algorithm performs data conversion on the common data using the input information as control information to generate secondary information.

In some embodiments, the data conversion uses a combination of modular operations,

The public data is configured to be composed of N number columns with the same length, each number column contains the same bit number, is identified by a number indicating 0 to N-1 of the same bit number and is called a seed;

the input information is configured into a series consisting of M numbers in sequence, and the M numbers are sequentially pointed to M seeds identified by the numbers;

the unidirectional data conversion algorithm is configured to:

Sequentially extracting M seeds pointed by the numbers in the input information from the public data by taking the input information as control information;

And performing modular operation on the M seeds to generate secondary information with the same format as the seeds, wherein N and M are positive integers.

In some embodiments, the common data is configured as an end-to-end cyclic sequence of n×m elements, the cyclic sequence being partitioned into N units of length M, each of the units being identified by a number from 0 to N-1;

The seed is configured to extend from one of the units in the same direction across the entire annular array, forming an array of length N x M, with the starting unit number being used as the seed number.

In some embodiments, generating the key comprises:

the master key is used as control information, and public data are converted into private data through a third unidirectional data conversion algorithm under the control of the master key;

taking the timestamp as control information, and generating an intermediate key from the private data through a fourth unidirectional data conversion algorithm under the control of the timestamp;

Taking the intermediate key as control information, and converting the public data into secondary information through the unidirectional data conversion algorithm under the control of the intermediate key;

extracting information from the secondary information to generate a key; and

Associate the key with a corresponding timestamp,

Wherein the unidirectional data conversion algorithm, the third unidirectional data conversion algorithm, and the fourth unidirectional data conversion algorithm use the same or different unidirectional algorithms.

In some embodiments, the method further comprises:

receiving a second timestamp transmitted from the paired key generating device;

And generating a second key which is determined by the information in the master key and the second timestamp together by the unidirectional data conversion algorithm according to the master key and the second timestamp as a second key corresponding to the second timestamp.

In one embodiment, 3 preconditions are presented to satisfy the key generation and distribution system security:

On the premise 1, the master key is always kept safe, and all information output from the system, including keys generated and distributed in the system and information used for key distribution, cannot detect master key information.

Premise 2. The generated keys are independent of each other and do not substantially aid in deriving the next newly generated key based on all keys output from the system, in combination with known public information and methods.

Premise 3, key distribution is safe and feasible, namely, the key can be safely transmitted to a legal receiver through a public channel, and an attacker who does not grasp master key information cannot acquire essential information of the key through a key transmission path.

The information security system meeting the 3 preconditions can realize the generation and the secure distribution of independent keys with the key strength equivalent to the number of bits of the master key by means of one master key, thereby constructing an encryption system which can prove the security in theory of informatics.

In another embodiment it has been demonstrated that when the unidirectional data transformation algorithm has the following 4 features, the key generation system employing the method satisfies the above 3 preconditions in operation and application, so that any required number of independent keys of key strength comparable to the number of bits of the master key can be generated and securely distributed by means of the method by means of one master key.

Feature 1: the input information can be easily converted into secondary information determined from said input information by means of a one-way data conversion algorithm, i.e. it is determined and feasible to derive secondary information from the input information;

feature 2: it is computationally impossible to convert the generated secondary information into corresponding input information, i.e. any substantial content of the input information cannot be inferred from the secondary information;

Feature 3: the non-degenerate nonlinear conversion is carried out from the input information to the secondary information, namely, the value space of the secondary information is not smaller than the value space of the input information, so that different input information can statistically correspond to different secondary information, and small changes of the input information can lead to global changes in the secondary information which cannot be predicted only by the change amount, and under strict unidirectional data conversion, the changes of single bits in the input information can lead to unpredictable global changes of the generated secondary information.

Feature 4: the unidirectional data conversion algorithm may perform unidirectional data conversion on any input information that may be converted to conform to an input format to generate the secondary information. In the specific invention, if the number of bits included in the input information is N and the value space is 2 ^N, any information value between 0 and 2 ^N -1 can be used as effective input information, and the unidirectional data conversion is implemented to generate secondary information.

In some embodiments, the timestamp and the master key may be operated by a one-way data conversion algorithm to generate the intermediate key; and using the information in the timestamp and the master key as input information, and generating the intermediate key through the unidirectional data conversion algorithm.

In one embodiment, the encryption system adopting the method can effectively resist key collision attack by introducing the unidirectional data conversion algorithm in the intermediate key generation process, simultaneously reduce the requirement of the method on the unidirectional data conversion algorithm and enlarge the application range of the method.

Some unidirectional data conversion algorithms having the 4 features described above, which may be used in the method of the present invention, are introduced in some embodiments below, including squaring operations, division operations, and some hash functions.

In some embodiments, the unidirectional data conversion algorithm employs common data conversion under input information control; the system information of the key generating device is further added with a public database which is configured to store public data composed of non-degenerate information which does not contain a large number of repeating units, and the number of bits contained in the public data can be far greater than the number of bits contained in the master key and the input information; the unidirectional data conversion algorithm is configured to convert the common data into secondary information under control of the input information.

In some embodiments it is shown that the common data conversion under control of the input information may take a variety of forms; the plaintext can be used as public data, the encryption key is used as the input information, and common data conversion under the control of the input information is realized by using a common encryption algorithm; in addition, some data conversion methods which are unsuitable for conventional encryption algorithms because the data generated by unidirectional conversion cannot be restored by a suitable algorithm can also be used in the method of the present invention.

In some embodiments, the common data transformation under the control of the input information is a combination modular operation; the public database is configured to be composed of N number sequences with the same length, wherein each number sequence contains the same bit number and is identified by a number from 0 to N-1, and the number is called a seed; the input information is configured into a series consisting of M numbers in sequence, and the M numbers are sequentially pointed to M seeds identified by the numbers; and the combined modular operation is configured to sequentially extract M seeds pointed by the numbers in the input information from the public database, and perform modular operation on the M seeds to generate secondary information with the same format as the seeds.

In some embodiments, using the above combined modular operation, the public database is configured as an end-to-end cyclic array containing n×m elements, the cyclic array being divided into N units of length M, each of the units being identified by a number from 0 to N-1; the seed is configured to extend from one of the cells in the same direction across the entire annular array, forming an array of length N x M, with the starting cell number as the seed number.

In some embodiments, the unidirectional data conversion algorithm uses the public data conversion under the control of the input information, and may generate the key by the following procedure:

Taking the master key as input information, and converting public data into private data under the control of the master key; generating a time stamp composed of any non-repeated information, taking the time stamp as input information, and generating an intermediate key from the private data under the control of the time stamp; taking the intermediate key as input information, and converting the public data into secondary information under the control of the intermediate key; information is extracted from the secondary information to generate a key, and the key is associated with the corresponding timestamp.

By adopting the flow, the encryption algorithm with 1024-bit or higher key strength which can prove safe in theory of informatics can be conveniently realized on common communication equipment, so that unconditional safe information exchange in the real physical world can be realized by the method.

In some embodiments, the unidirectional data conversion algorithm may employ more than one unidirectional algorithm, such that different unidirectional algorithms are employed in different unidirectional data conversion steps.

In some embodiments, the key generating device adopting the method is further configured to receive a timestamp sent from the paired key generating device, and according to information in the timestamp, the key generating device adopts the single data conversion algorithm to generate a key corresponding to the timestamp by means of the master key.

According to another embodiment described herein, there is provided a key generation apparatus including:

A system information module configured to store or/and generate system information of the key generation apparatus, the system information including at least a master key and at least one-way data conversion algorithm, the master key being composed of unpublished random information, the one-way data conversion algorithm generating output information determined from the input information, and it being infeasible to infer or/and deduce the input information from the output information;

A key generation module configured to generate a key determined by the timestamp and information in the master key together by at least adopting one unidirectional data conversion algorithm according to the master key and by means of a timestamp composed of any information that is not repeated, and associate the key with the timestamp information; and

And a transmission module configured to transmit the timestamp to a paired key generation device, wherein the paired key generation device stores second system information corresponding to the system information.

In some embodiments, the key generation module is further configured to:

Generating the time stamp consisting of any information that is not repeated;

Calculating the time stamp and the master key to generate an intermediate key;

extracting information from the secondary information to generate a key; and

And associating the key with a timestamp corresponding to the key.

In some embodiments, the key generation module is further configured to:

In some embodiments, the apparatus further comprises:

and a public database configured to store public data containing a number of bits substantially greater than the number of bits contained in the master key.

In some embodiments, the system information further comprises a public database configured to store public data, the public data comprising a number of bits substantially greater than the number of bits comprised by the master key,

Wherein the unidirectional data conversion algorithm performs data conversion using the input information as control information to generate output information,

The key generation module is further configured to:

Using the input information as control information, performing data conversion on the common data by the unidirectional data conversion algorithm to generate secondary information.

the unidirectional data conversion algorithm is configured to:

In some embodiments, the key generation module is further configured to:

The master key is used as control information, and public data are converted into private data through a second unidirectional data conversion algorithm under the control of the master key;

Taking the timestamp as control information, and generating an intermediate key from the private data through a third unidirectional data conversion algorithm under the control of the timestamp;

extracting information from the secondary information to generate a key; and

The key is associated with a corresponding timestamp.

In some embodiments, the unidirectional data conversion algorithm, the second unidirectional data conversion algorithm, and the third unidirectional data conversion algorithm use the same or different unidirectional algorithms.

In some embodiments, the transmission unit is further configured to receive a second timestamp sent from the paired key generating device;

The key generation unit is further configured to generate a key by the unidirectional data conversion algorithm using the master key and the second timestamp as input information, the key being associated with the second timestamp information.

According to another embodiment described herein, there is provided a key management system including:

A management side device, the management side device comprising:

and the control module is used for: configured to generate, for each of a plurality of users, any information identifying an identity thereof as a user identification code of the user;

a user information module configured to store the user identification code;

The key generation module, which includes the key generation device according to the previous embodiment and stores a master key, is configured to generate a corresponding user key for each of a plurality of users, and transmit the user identification code and the corresponding key to the corresponding user terminal device as the user key of the user.

In some embodiments, the key generation module responds to the user identification code sent by the user information module, takes the user identification code as a time stamp, generates a key corresponding to the user identification code, and transmits the user identification code and the corresponding key to corresponding user terminal equipment as a user key of the user.

In some embodiments, the control module is further configured to:

when the user key of one or more users is lost, the control module receives corresponding user identification codes from the user terminal equipment,

The subscriber information module is further configured to verify the received subscriber identity to confirm that the subscriber identity is a stored subscriber identity,

The key generation module takes the user identification code as a time stamp, generates a user key corresponding to the user identification code, and feeds back the user key to the user terminal equipment.

In some embodiments, the key generation module is further configured to:

And combining information in the user identification codes of different user terminal equipment to generate a time stamp, and generating a secret key for communication among different users.

In some embodiments, the system further comprises:

one or more different levels of intermediate management nodes disposed between the management side device and the user side device.

In some embodiments, the system further comprises:

And one or more user terminal devices, wherein the user terminal devices store user identification codes of corresponding users.

According to another embodiment described herein, there is provided an encryption and decryption apparatus including:

The key generation apparatus as described in the previous embodiment, configured to generate a one-time key;

An input port configured to read or input data to be encrypted;

the formatting unit is configured to convert the data to be encrypted input by the input port into formatted plaintext matched with the one-time key format;

The encryption module is configured to generate a time stamp during encryption, generate a main ciphertext by using the disposable key generated by the key generation module and the formatted plaintext operation according to information in the time stamp, take the time stamp corresponding to the disposable key as a ciphertext title, and combine the main ciphertext and the ciphertext title to generate ciphertext;

And a transmission port configured to transmit the generated ciphertext to the paired decryption apparatus.

In some embodiments, the encryption and decryption apparatus further comprises:

A receiving port configured to receive ciphertext transmitted from the paired encryption device;

The decryption module is configured to analyze the received ciphertext to extract a master ciphertext and a timestamp in a ciphertext title, and according to information in the timestamp, the key generation module is used for generating a disposable key corresponding to the timestamp as a decryption key, and the decryption key is used for decrypting the master ciphertext to generate a decrypted plaintext;

The formatting unit is further configured to convert the decrypted plaintext into recovered data;

and an output port configured to output the restored data.

According to another embodiment described herein, there is provided a file management system, comprising a management side device and one or more user side devices,

The management side device comprises:

a key management module, employing the key management system as described in the previous embodiments, configured to store a system master key and generate and distribute a user master key for each user of the system;

a system encryption and decryption module, which adopts the encryption and decryption device according to the previous embodiment, and is configured to encrypt and decrypt file information exchanged between the client device and the management device;

A system file module configured to store system files of the file management system,

The user terminal device comprises:

the user encryption and decryption module, which adopts the encryption and decryption device according to the previous embodiment, is configured to encrypt and decrypt file information exchanged between the user equipment and the management equipment.

In some embodiments, the management side device generates and stores a user identification code of each user of the user side device through the key management module, generates a user master key corresponding to the user identification code, and distributes the user master key and the corresponding user identification code to each user side device;

The user terminal equipment generates a time stamp through the user encryption and decryption module, generates a disposable key corresponding to the time stamp by means of the user master key, generates a master ciphertext by using the disposable key to encrypt file information, takes the time stamp and a user identification code of the user as ciphertext titles, combines the master ciphertext and the ciphertext titles to generate ciphertext, and sends the ciphertext to the management terminal equipment through a common channel to serve as a file certificate submitted by the user to the management terminal equipment;

The management terminal equipment receives the ciphertext sent from the user terminal, analyzes the ciphertext through the system encryption and decryption module, and extracts a master ciphertext, a user identification code and a time stamp in a ciphertext title; the key management module generates a corresponding user master key according to the user identification code; the system encryption and decryption module generates a corresponding decryption key by means of the user master key according to the information in the time stamp, decrypts the master ciphertext and confirms file information;

And the management end equipment stores the ciphertext of the confirmed file information into the system file module.

In some embodiments, the management end device is further configured to generate a user master key of the target user through the key management module, as a master key of the system encryption and decryption module, generate ciphertext through encrypting file information through the system encryption and decryption module, and send the ciphertext to the target user end device through a public channel;

The target user side device is further configured to receive the ciphertext sent from the management side device through the user encryption and decryption module, decrypt the ciphertext and recover the file information.

In some embodiments, the system further comprises:

According to another embodiment described herein, there is provided an information security delivery system comprising a paired first communication device and second communication device, wherein

The first communication device includes:

first key generation means configured to generate a one-time key as a first key, using the key generation means as described in the previous embodiment;

the first input port is configured to read or input a first file to be sent;

the first formatting unit is configured to convert the first file to be transmitted, which is input by the input port, into a first formatted plaintext which is the same as the key format;

The first encryption module is configured to convert the first formatted plaintext into a first master ciphertext through a first key generated by a first key generating device, take a corresponding first timestamp of the first key as a first ciphertext title, and combine the first master ciphertext and the first ciphertext title to generate a first ciphertext;

a first transmission port configured to transmit the generated first ciphertext to the second communication device,

The second communication device includes:

second key generation means configured to generate a one-time key as a second key using the key generation means as described in the previous embodiment;

The second receiving port is configured to receive the first ciphertext sent by the first sending port;

The second decryption module is configured to parse the received first ciphertext to extract a first timestamp in a first master ciphertext and a first ciphertext title, generate a second decryption key corresponding to the first timestamp through the second key generation module according to the first timestamp, and decrypt the first master ciphertext by using the second decryption key to generate a second decrypted plaintext;

a second formatting module configured to convert the second decrypted plaintext into second recovered data;

And a second output port configured to output the second restored data as a second received file.

In some embodiments, the second communication device further comprises:

the second input port is configured to read or input a second file to be sent;

the second formatting module is simultaneously configured to convert the second file to be sent into a second formatted plaintext which is the same as the key format;

The second encryption module is configured to convert the second formatted plaintext into a second master ciphertext through a second key generated by the second key generation module, take a second timestamp corresponding to the second key as a second ciphertext title, and combine the second master ciphertext and the second ciphertext title to generate a second ciphertext;

A second transmission port configured to transmit the second ciphertext to the first communication device;

the first communication device further includes:

A first receiving port configured to receive the second ciphertext transmitted by the second transmitting port;

the first decryption module is configured to parse the received second ciphertext to extract a second master ciphertext and a second timestamp in a second ciphertext title, generate a first decryption key corresponding to the second timestamp through the first key generation module according to the second timestamp, and decrypt the second master ciphertext by using the first decryption key to generate a first decrypted plaintext;

the first formatting unit is simultaneously configured to convert the first decrypted plaintext into first recovered data;

And a first output port configured to output the first restored data as a first received file.

According to the key generation and distribution method, the key generation device, the key management system, the encryption and decryption device, the file management system and the information security transmission system, independent keys which can meet any required number of key intensities and can be equivalent to the number of bits of the master key can be generated by means of one master key, the keys can be conveniently and safely distributed among legal communicants which exclusively share the master key, and a general efficient encryption system which can prove security in theory of informatics is further constructed, so that the fundamental problem of cryptography is solved.

Furthermore, the disclosed techniques may be directly adaptable to many other communication systems and information security environments.

Other features and advantages of the key generation and secure distribution method of the present invention and its application will become more apparent from the accompanying drawings and the following detailed description of specific embodiments.

Drawings

Fig. 1 is a schematic diagram illustrating a method of generating a key according to an embodiment of the present invention.

Fig. 2 is another schematic diagram illustrating the generation of a key by a method according to an embodiment of the invention.

Fig. 3 is a schematic diagram illustrating modular operations according to an embodiment of the present invention.

Fig. 4 is a schematic diagram showing one specific example of generating a key by a method according to an embodiment of the present invention.

Fig. 5 is a schematic diagram showing a key generation apparatus according to an embodiment of the present invention.

Fig. 6 is a schematic diagram illustrating a key management system according to an embodiment of the present invention.

Fig. 7 is a schematic diagram showing an encryption and decryption apparatus according to an embodiment of the present invention.

Fig. 8 is a schematic diagram illustrating a file management system according to an embodiment of the present invention.

Fig. 9 is a schematic diagram illustrating an information security delivery system according to an embodiment of the present invention.

Detailed Description

The invention discloses a key generation method, by which independent keys with the key strength equivalent to the number of bits of a master key can be generated and safely distributed by means of the master key; an efficient, reliable, general key management system can be constructed using the method, relying on keys of multiple users in a master key management system, which may be unlimited in number in the real world; the generated secret key is used as plaintext information with the same number of encryption bits of the disposable secret key, so that a universal high-efficiency encryption system which can prove safety in theory of informatics can be constructed, and various information safety requirements are met.

The system adopting the method meets the following preconditions in the application process so as to realize the safety of the system.

Precondition 1: the master key is always kept safe, and no matter the private information is needed to be kept in the public or application process in all information output from the system, the master key information can not be detected; the output information of the system includes keys generated and distributed from the system and information for key distribution.

In cryptography applications, ciphertext is considered public, plaintext may also be disclosed at a later date, and when the file information is encrypted using a one-time key, the one-time key information is usually relatively easily deduced from the ciphertext and the file information disclosed at a later date, so that in password decryption, the one-time key can be considered to be public information after information transmission is completed; in key management systems, a system administrator typically does not want a user to probe master key information with a distributed key; therefore, in the premise, the key output from the system is regarded as information that can be used to attack the system master key.

Precondition 2: the generated keys are independent of each other and do not substantially contribute to deriving the next newly generated key based on all keys output from the system in combination with known public information and methods, i.e. there is no relation between the substantial information of the keys generated using the key generation method that can be determined by existing and future predictable methods, i.e. the keys contain independent information determined by the key strength.

Precondition 3: the key distribution is safe and feasible, namely the key can be safely distributed to legal receivers through a public channel, and the illegal receivers without master key information can not acquire the essential information of the key through a key transmission path; in a specific cryptography application, a legitimate recipient who owns the master key can conveniently generate the key to be transmitted from the key distribution information by the master key, without an attacker who does not own the master key obtaining substantial information about the distribution key from the key distribution information and any public information and knowledge.

The information security system meeting the preconditions 1,2 and 3 can realize the generation and the secure distribution of the required number of independent keys with the intensity equivalent to that of the master key by means of one master key, thereby constructing an encryption system which can prove the security in theory of informatics.

In modern cryptography practice, it is required that other system information including, but not limited to, algorithms, processes, data formats, control parameters, etc. be disclosed externally in addition to some system parameter information that can be encoded into a key in an encryption system. Therefore, in the key generation method and the information security system constructed by the method, unless specifically indicated, the master key is the unique private information of the system, and the key strength of the system is determined by the number of bits of the master key and the key generation method and the encryption and decryption flow, so that the specific definitions of undetectable, undeveloped, unknown, unavailable and the like described in the above premise depend on the key strength of the system adopted.

Here, by cryptographic practices we define the key strength as the degree of difficulty in successfully deducing, by means of public information and prior knowledge, information encrypted by a key, as compared to the degree of difficulty in deducing an N-bit unpublished random information. The possible values of the N-bit random information are uniformly distributed in a key space with the size of 2 ^N, and the success rate of randomly presuming a key with the key strength of N bits is 1/2 ^N. Thus, the above-mentioned preconditions, undetectable, deductible, unknown, unavailable, etc., may be defined in specific practice as: when the encryption method of the N-bit key strength is adopted to encrypt the information, the success rate of detecting, deducing and acquiring the target information each time is not obviously more than 1/2 ^N or the number of attempts required to successfully acquire the file information encrypted by the encryption method of the N-bit key strength is not obviously less than 2 ^N depending on the information and knowledge outside the key.

The above substantial information is a specific arrangement of bits contained in the key, so as to distinguish the key length, format and the like from information disclosed according to the cryptographic practice requirement, and avoid confusion. The bits are basic units of information familiar to those skilled in the art of information science, and the information of a plurality of bits may be determined by a corresponding number of 0 s or 1 s in a specific arrangement order.

The present specification mainly discusses digitized information, the basic form is a binary number sequence consisting of 0 or 1, and other binary number sequences can be used, such as, but not limited to, octal, decimal, hexadecimal, so as to facilitate manual reading and identification. The binary number sequences and the binary number sequences have a one-to-one convertible relationship, and in this specification, these sequences having a one-to-one convertible relationship may be regarded as equivalent.

Many forms of physical signals that can be detected and repeatedly generated are digitized, and can include, for example, but not limited to, light waves, radio waves, current pulses, sound waves, nuclear radiation, graphics, symbols, etc., all of which can be ultimately converted into binary coded information that can be recognized and processed by a computer processor through digital processing; at the same time, the digitized information may also be transmitted, processed, or responded to by being converted into suitable physical signals and symbols; such digitized physical signal and symbol combinations are also considered equivalent to sequences in the field of informatics and are thus included in the information category discussed in this specification.

Hereinafter, a key generation method, a key generation apparatus, a key management system, an encryption and decryption apparatus, a file management system, an information security delivery system according to an embodiment of the present invention will be described in detail with reference to the accompanying drawings.

The key generation method of the present application and various devices or systems employing the method are presented to provide examples of embodiments of the claimed subject matter. The embodiments described below are not limiting of any claimed subject matter, and any claimed subject matter may encompass different methods or systems than those described below. The claimed subject matter is not limited to systems or methods having all of the features of any one system or method described below, nor is it limited to features common to more or all of the described devices or methods described below. It is possible that the system or method described below is not an embodiment set forth in any claimed subject matter. Any subject matter disclosed in the systems or methods described below, but not claimed in this document, may be the subject matter of another protective tool, such as a sustained patent application, and any such subject matter is disclosed in this document, the inventors, or owners, do not intend to forego, deny or dedicate them to the public.

In the description of the embodiments of the present invention, some optimization, assessment and analysis demonstration is generally employed to facilitate a better understanding of the present invention by those skilled in the relevant art, it being understood that numerous specific details are set forth in order to provide a thorough understanding of the embodiments described herein, and should not be taken as limiting the claims claimed in the present invention. In practice, the specific procedures and algorithms may be optimized using prior knowledge and means commonly used in the art to improve efficiency and ease of use. The skilled artisan, using means well known in the art, may optimize the embodiments of the described embodiments, give alternative parameters or suggestions to increase efficiency and expand the applicable scope, or, based on the evaluations and analyses described herein, through rigorous scientific demonstrations, may find or make up for the deficiencies of the evaluations and analyses provided herein, and result in some technical improvements; these possible technical improvements and advantageous suggestions, without exceeding the novel teaching and the innovative spirit of the invention, should not jeopardize the claims of the invention as claimed. However, it will be understood by those of ordinary skill in the art that in some instances the embodiments described herein may be practiced without these specific details. In other instances, well-known methods, procedures, and modules have not been described in detail so as not to obscure the embodiments described herein. Moreover, the drawings and their descriptions should not be taken to limit the scope of the embodiments described herein.

Described herein are various embodiments of methods, systems, computer readable media, and devices for providing data protection. In general, embodiments described herein provide methods for generating encryption keys for securely encrypting files. Embodiments described herein also provide a method for generating a corresponding decryption key, i.e. a secure distribution of keys, the generated corresponding decryption key being used for decrypting said encrypted file. In general, the embodiments described herein fall within the category of symmetric encryption, wherein the encryption key and the decryption key are the same. In general, features of the various embodiments described herein may be used in any combination with one another, unless otherwise indicated.

Embodiments described herein may address issues associated with key generation and management. In particular, embodiments described herein may be used to provide one-time key data encryption, i.e., encrypting the same plaintext as the number of bits of the one-time key using a one-time key, such that the corresponding ciphertext and encryption system are informatically theoretically provably secure, while ensuring that the key may be securely generated and distributed by the methods of the present invention.

< First embodiment >

Fig. 1 shows a schematic diagram of the generation of a key by the method of the invention. With the aid of fig. 1, this embodiment describes a method for implementing an independent key with a key strength comparable to the number of bits of the master key, by means of the method according to the invention, by means of a time stamp, which may consist of arbitrary information, by means of at least one unidirectional data conversion algorithm, by means of a master key generation and secure distribution to the required number.

The method of the embodiment of the invention can be generally realized through a key generation module; the key generation module can be used for various systems including, but not limited to, a key generation device, a key management system, an encryption and decryption device, a file management system, an information security transmission system and the like, and can be used as a component of communication equipment in the system to generate keys in the form of hardware or/and software by adopting the method described by the embodiment of the invention, and the keys are applied to the communication equipment to realize secure distribution and/or secure communication of the keys.

For implementing the method of the present invention, the master key and the unidirectional data transformation algorithm may be generated and/or stored in the key generation module by a common technical method as system information of the key generation module.

As described in fig. 1, first, system information stored in a key generation apparatus is acquired. The system information includes at least a master key 101 and a unidirectional data conversion algorithm 102. The master key consists of unpublished random information and is used as unique private information in the system; the unidirectional data conversion algorithm is configured to convert input information into secondary information determined from the input information, but detecting corresponding input information from the secondary information is not possible or computationally difficult. That is, the unidirectional data conversion algorithm is used to perform irreversible data conversion on input information to generate output information.

In another embodiment, system information may also be flexibly generated based on usage scenarios. For example, two or more devices may flexibly set various parameters in a unidirectional data conversion algorithm. Two or more devices may also generate the same master key.

To achieve secure distribution of keys, the method introduces a time stamp that can take any information.

Then, using the master key and the time stamp as input information, a key is generated by the unidirectional data conversion algorithm, and the key is associated with the time stamp information.

And finally, the timestamp is sent to a paired key generation device, wherein the paired key generation device stores second system information corresponding to the system information.

The information in the time stamp is extensive and any information that does not appear repeatedly may be used.

In one embodiment, the time stamp is generated by the key generation means. The time when the key is generated may be taken as a time stamp; by adopting time as the time stamp, the value space of the time stamp can be ensured to be open and the information in the time stamp does not appear to be repeated.

In another embodiment, some redundant random information can be added as a timestamp with the time at which encryption is performed; by adopting the time stamp, the redundant random information can be used as a buffer while the time stamp value space is kept open and the information in the time stamp does not appear repeatedly, so that the time stamp has better expandability under the condition of keeping a fixed format; for example, the lower limit of the time code can be extended with the increase of the encryption frequency, and the year code can be extended with the increase of the service life of the system.

Specifically, as shown in fig. 1, the key generation module generates a key by:

Generating a time stamp 111; combining the timestamp 111 with the master key 101 to generate an intermediate key 112; generating secondary information 113 by the unidirectional data conversion algorithm 102 using the intermediate key 112 as input information; information generation key 114 is extracted from secondary information 113, and key 114 is associated with corresponding timestamp 111.

The unidirectional data conversion algorithm has the following characteristics:

Feature 3: the non-degenerate nonlinear conversion is carried out from the input information to the secondary information, namely, the value space of the secondary information is not smaller than the value space of the input information, so that different input information can statistically correspond to different secondary information, and small changes of the input information can lead to global changes in the secondary information which cannot be predicted only by the change amount, and under strict unidirectional data conversion, the changes of single bits in the input information can lead to unpredictable global changes of the generated secondary information. In practice, it is possible to use a significantly larger number of bits of secondary information than of input information and introduce a nonlinear algorithm or a nonlinear transformation.

Feature 4: the unidirectional data conversion algorithm may perform unidirectional data conversion on any input information that may be converted to conform to an input format to generate the secondary information. In the specific invention, if the input information is N bits and the value space is 2 ^N, any information value between 0 and 2 ^N -1 can be used as effective input information, the unidirectional data conversion is implemented, and the secondary information is generated.

The key generation module sends a timestamp A corresponding to the key 114 to a paired key generation module, wherein the paired key generation module adopts the same system information;

After the paired key generation modules receive the time stamp A, the key A corresponding to the time stamp A is generated by adopting the same steps according to the same system information by the method, so that key transmission is realized.

In the whole key generation and transmission process, the intermediate key only appears in the calculation, exists in the memory or the cache of the computer, and the output information of the system does not comprise intermediate key information.

In the key generation and distribution system, the master key is unique private information, and other system information including, but not limited to, system architecture, key format, timestamp format, flow, etc., may be kept public.

It is demonstrated below that when the unidirectional data transformation algorithm 102 is provided with the features 1, 2, 3, 4 described above, the key generation and distribution system employing the method can satisfy the preconditions 1, 2, 3 described above in operation and application, so that by means of the method, a master key can be relied upon to generate and securely distribute the same number of independent keys of the same key strength and the same number of bits of the master key as required.

The following was demonstrated:

All information output by the system includes a time stamp and possibly a key used to encrypt file information or an object to which the system belongs, except for no other information that can be used to probe the master key. Since the substantial information of the intermediate key cannot be detected from the secondary information by the unidirectional data conversion algorithm conforming to feature 2, even if the information in the generated key is totally exposed for various reasons after use, the intermediate key information cannot be presumed from some or all of the secondary information presumed from the exposed key information, and the substantial information of the master key cannot be obtained; since the time stamp is composed of information which can be arbitrary and can be used in common and is completely independent of the key generation method and the system information, the time stamp does not expose the system information and the master key information. Thus, the master key may remain secure in operation of the key generation system, premise 1 being satisfied.

In the key generating device, the master key and the system information are fixed, and finally, the time stamps with different values can be adopted for outputting different secondary information and keys. The time stamp which is formed by any information which can not be repeated is adopted, the value space of the time stamp is open, and the information in the time stamp can be independent. The intermediate key is generated by combining the time stamp with the master key, and can inherit the independent information in the time stamp by adopting non-degenerate combination. By adopting the unidirectional data conversion algorithm conforming to the characteristics 3 and 4, any intermediate key can be converted into effective input information, and independent secondary information which can inherit independent information in the intermediate key is generated, so that the independent key can be selected from the independent secondary information. Premise 2 is satisfied.

The intermediate key is generated by a non-degenerate combination and can inherit the key strength of the master key, so that even with a short time stamp, the key strength of the master key can be transferred to the secondary information by the intermediate key, and an independent key which can have the same key strength as the master key can be generated from the secondary information.

If necessary, the intermediate key, the secondary information and the key can be sequentially generated by the method shown in fig. 1 by using the same time stamp as the number of bits of the master key; it is also easy to implement in the key generation system with long time stamps; under the condition that the bit number of the secondary information is obviously larger than the bit number of the key, the adoption of the long time stamp has no obvious influence on the calculated amount required for generating the secondary information and the corresponding key and the information processing efficiency of the system. The openness of the time stamp value space also ensures that any desired number of keys can be generated by the time stamp.

It is obvious that by means of the method a key is generated that can be distributed easily by means of a time stamp. Adopting a unidirectional data conversion algorithm conforming to the characteristics 2 and 3, wherein the change of a single bit of the intermediate key can cause unpredictable global change of the generated secondary information, so that the change of the corresponding secondary information can not be estimated according to the change of the timestamp under the condition that the essential information of the intermediate key is not exposed; therefore, the key generation flow shown in fig. 1 is adopted, so that the intermediate key substantial information is ensured not to be exposed, the corresponding secondary information and the key generated therefrom cannot be deduced according to the information in the time stamp, and the key can be safely distributed through the time stamp. Premise 3 is satisfied.

Therefore, by adopting the unidirectional data conversion algorithm conforming to the features 1,2, 3 and 4, the method ensures that the master key essence information is not exposed through a path other than the key generation and distribution process and the intermediate key essence information is kept not exposed in the application process, and by means of the time stamp, any required number of independent keys with the key strength equivalent to the number of bits of the master key can be met by means of one master key generation and secure distribution.

In another embodiment, the combination of the timestamp and the master key may be combined in a simple non-degenerate manner, such as modulo operation or simple information addition, to generate the intermediate key.

According to the foregoing analysis, in the case of employing the unidirectional data conversion algorithm conforming to the features 1, 2, 3, 4 and not disclosing the intermediate key information, the above simple combination can also ensure that any required number of independent keys are generated depending on the master key from the information in the time stamp, the master key information remains secure during the key generation and distribution process, and the secondary information generated by the intermediate key through the unidirectional data conversion algorithm cannot be detected from the information in the time stamp, thereby realizing the generation and secure distribution of the independent keys satisfying any required number.

In cryptography practice, there is a key collision, i.e. two independently selected or independently generated keys are identical; key collisions can generally be avoided by expanding the key space, i.e. increasing the key strength; under the same key strength, the known information which is easy to memorize can be avoided to be used as a key by adopting a random key, so that an effective key space is maintained, and key collision is reduced.

In the embodiment of the invention, as with the conventional encryption method, the direct collision of the master key is not considered; because the embodiment of the invention generally generates a large number of disposable keys through one master key, collision among the disposable keys can be considered in the application process, and an attacker is prevented from attacking the system through the collided disposable keys. Although, as will be described later, the key generation using the method of the present invention is very efficient, a very high key strength can be chosen, for example, according to the description in the second embodiment, a 1024-bit or higher strength key can be implemented relatively easily on a common communication device, so that it can be ensured statistically that random collisions between these disposable keys are unlikely to occur in the real world.

In the worst case, an attacker with strong capability can acquire all the disposable keys and corresponding time stamps output by the key generation system adopting the method through ciphertext and decrypted plaintext, simultaneously generates a large number of disposable keys by adopting the same method by using own master keys, expects to collide with the acquired disposable keys, and detects the master key information of the opposite party from the collided disposable keys. Although, as previously mentioned, such attacks have little effect on high strength keys so that they are unlikely to occur in the real world.

If a key collision is observed, an attacker can easily derive intermediate key information for generating a corresponding key from his own system from the collided keys.

The above-described intermediate key generation by a simple combination of a time stamp and a key is vulnerable to the above-described key collision attack, for example, an attacker can relatively easily derive master key information from the intermediate key information and the corresponding time stamp information, thereby cracking the entire system.

In another embodiment, to avoid the collision attack described above, the master key and the time stamp are used to generate the intermediate key by a one-way data conversion algorithm.

Next, a specific example of key generation and distribution will be described with reference to a specific example:

in this example, a fixed 6-bit number master key 763403 is set, and the one-way data conversion algorithm employs an evolution algorithm.

The time stamp being the date when encrypted, e.g. 0803 (three days of August)

The key is generated and distributed using the steps of:

generating a time stamp: 0803

The timestamp and the master key are combined by multiplying to obtain the remainder of less than 100 ten thousand, namely the last six digits, which are used as an intermediate key:

763403 x 0803= 613012609, taking the last six bits, obtaining the intermediate key 012609

Generating secondary information by a unidirectional data conversion algorithm (evolution operation) by taking the intermediate key as input information:

input information 012609 is given a root number to obtain 112.28980363327740720570916632036, and 18 digits after 6 digits of decimal places are taken to obtain a:633277407205709166

Adding 1 to the input information 012609, namely 012610, opening the root number again to obtain 112.2942563090383532372986924121, and taking 18 digits after 6 digits of the decimal point to obtain b:309038353237298692

And (3) carrying out bit-wise modular operation on the a and the b to obtain secondary information.

a：633277407205709166

b：309038353237298692

Bit-by-bit addition, taking the unit number of the sum of the two

Secondary information 932205750432997758

Extracting information from the secondary information, such as the middle six bits, 750432, as a key, marking key 750432 with timestamp 0803;

The timestamp 0803 is sent to the paired key generating device, and the paired key generating device generates the key 750432 corresponding to the timestamp 0803 by the same steps by means of the same master key 763403, so that key transfer is realized.

Further, when the date is 0804 (four days of august), the key generation and distribution step of date 0804:

generating a time stamp: 0804

Timestamp in combination with master key: 763403 x 0804= 613776012, taking the last six bits to get the intermediate key 776012;

Taking the intermediate key 776012 as input information;

Input information 776012 is given a root number to obtain 880.91543294461585905541320952872, and 18 digits after 6 digits of decimal places are taken to obtain a:944615859055413209

Adding 1 to the input information 776012, namely 776013, opening the root number again to obtain 880.9160005358059109568403944211, and taking 18 digits after 6 digits of the decimal point to obtain b:535805910956840394

a：944615859055413209

b：535805910956840394

Secondary information 479410769901253593

Extracting information from the secondary information, such as the middle six bits, 769901, as a key, marking key 769901 with timestamp 0804;

The time stamp 0804 is sent to the paired key generating device, and the paired key generating device generates the key 769901 corresponding to the time stamp 0804 by the same steps by means of the same master key 763403, so that key transfer is realized.

The above process has the following characteristics:

1. the timestamp form and content may be irrelevant to the master key and key generation scheme, and thus the master key information is not exposed.

2. The timestamp may be combined with the master key to generate an intermediate key, and thus the determined secondary information and key are generated by unidirectional data conversion, and it is impossible to infer the corresponding intermediate key from the secondary information and key, and thus the master key cannot be inferred, so that the generated key does not expose the master key information.

3. Without generating an intermediate key in combination with the master key, it is also impossible to infer the corresponding key from the time stamp and the change in the time stamp, and thus the key can be securely distributed by the time stamp. The key values corresponding to the very close time stamps 0803 and 0804 of the above-described form are very different.

The required number of non-duplicate keys may be generated by a time stamp of an appropriate length, for example 1 million keys may be generated using an 8-bit time stamp.

Fig. 2 shows one available flow for generating a master key and a time stamp via a one-way data conversion algorithm to generate an intermediate key, and thus secondary information and keys. Unlike the example of fig. 1, the intermediate key is generated by a one-way conversion algorithm in the example of fig. 2.

Specifically, the master key 201 and the time stamp 211 are used as input information, and the intermediate key 212 is generated by the unidirectional data conversion algorithm 202; the intermediate key 212 is used as input information, secondary information 213 is generated by the unidirectional data conversion algorithm 203, information generation key 214 is extracted from the secondary information 213, and the key 214 is associated with a corresponding time stamp.

In the above embodiment, since a one-way data conversion algorithm is used to generate the intermediate key, the transformation from the master key and the timestamp into the intermediate key is nonlinear, and a single bit change in the timestamp will cause an unpredictable global change in the generated intermediate key information. Therefore, even if an attacker can acquire a small amount of intermediate key information through the above-described key collision attack, it is impossible to effectively probe the master key essence information from the intermediate key and the corresponding time stamp information. Thus, generating the intermediate key in the manner described above is effective against the above-described key collision-based attacks.

In some embodiments, some unidirectional data conversion algorithms are described that may be used in the methods of the present invention. It should be understood that these embodiments are merely illustrative of one-way data conversion algorithms usable with the methods of the present invention and are not meant to limit the claims claimed in the present invention, nor should any one-way data conversion algorithm applicable to the key generation method and its associated information security system described in the present invention be construed to jeopardize the novelty of the present invention and the claims claimed in the present invention.

Unidirectional data conversion algorithms that conform to the features 1, 2, 3, 4 are ubiquitous.

In one embodiment, secondary information meeting the desired arbitrary length that can be determined from an input value can be generated, for example, by an evolution operation, or other operation that can generate irrational numbers determined from the input value.

Specifically, for example, the following steps may be taken:

the input information is digitized, and the digitized information is converted into a non-negative integer N as an input value.

Calculation ofAfter the decimal point is accurate, the numerical value meeting the required length is obtained, the integral part and the decimal part which is adjacent to the decimal point and has at least equal length with N are discarded, and the numerical value a of the determined length of the subsequent part is selected;

Calculation of The numerical value of the required length is met after the decimal point is accurate, the integer part and the decimal part which is adjacent to the decimal point and has at least equal length with N are discarded, and the numerical value b of the determined length of the subsequent part is selected;

and (3) carrying out modular operation modulo the N system by bits on the a and the b to generate secondary information.

A decimal number is adopted, N=1889 demonstrates a specific calculation process, the corresponding input information is 1-8-8-9, the length of the secondary information is 24 bits, N is a very large number in practical application, and the number of bits of the secondary information is very long;

Calculation of Discarding the integer part and the 4-bit digits after the decimal point to obtain 2762420146175670116696808, and taking 24 digits to obtain a as 276242014617567011669680;

Calculation of Discarding the integer part and the 4-bit number after the decimal point to obtain 1713900185020498627353631, and taking the 24-bit number to obtain b as 171390018502049862735363;

and (3) carrying out modular operation taking 10 as a module on the a and the b bit by bit to generate secondary information, wherein the specific operation is as follows:

a：276242014617567011669680

b：171390018502049862735363

modulo operation with 10 as a modulus

Secondary information: 347532022119506873394943

In the modulo operation with 10, the numbers at the corresponding positions in a and b are added bit by bit, if the sum of the two is smaller than the modulus 10, the calculated result takes the sum of the two, if the sum of the two is larger than the modulus, the sum of the two is subtracted by the modulus 10 or the integer multiple of the modulus 10, and the non-negative integer smaller than the modulus 10 is taken as the calculated result. The method can be generalized to the modulo operation of all the numbers.

The above-mentioned evolution operation is a one-way data conversion algorithm with features 1, 2, 3, 4, proved as follows:

the feature 1 is provided by computationally feasible operation of the second order information determined by the square operation of the input values.

Obviously, through modular operation, the a and the b can select any value of the same length array to generate target secondary information; for example, the first digit of the secondary information is 3, the first digit of a or b may be any one of 0 to 9, and 3 is obtained by the above-mentioned modulo operation by pairing, for example, 0 and 3, 1 and 2, 2 and 1,3 and 0, 4 and 9, 5 and 8, 6 and 7, 7 and 6, 8 and 5, 9 and 4, and the other digits are the same; it is impossible to infer a and b from the secondary information, and thus N and input information cannot be obtained; in addition, the data conversion is nonlinear in that single value changes in the input value N can cause global changes in the generated a or b and secondary information, with the integer and high order fraction being discarded. The feature 2 is provided.

Obviously, any input information can be converted into a determined non-negative integer smaller than the value space value of the input information, so that the input information can be used as legal input; the calculation uses the common knowledge that N and n+10 cannot be the complete square number at the same time, ensures that non-0 secondary information of any required length can be output, and features 3 and 4 are provided.

It can be seen from the above calculations that it is also difficult to infer N from a or b, and the algorithm described above can be further optimized.

The decimal operation is used in the above and following presentations to facilitate a better understanding of the present invention by those skilled in the relevant art in a broader field. In the actual calculation, binary system and octal or hexadecimal which can be conveniently converted with binary system are more convenient; with binary, the modulo operation can be accomplished by an XOR operation that is more appropriate for the computer.

In another embodiment, with common data, an efficient one-way data conversion algorithm can be constructed by division operations.

Converting input information into a numerical form, e.g. into a form such as x₁x₂x₃…x_i-2x_i-1x_iy₁y₂y₃…y_i-2y_i-1y_i;

Public data in numerical form, for example in a form such as z ₁z₂z₃…z_k-2z_k-1z_k;

Advantageously, k is much greater than 2i;

Calculating 1z₁z₂z₃…z_k-2z_k-1z_k1/1x₁x₂x₃…x_i-2x_i-1x_i1,, namely dividing 1z ₁z₂z₃…z_k-2z_k-1z_k 1 by 1x ₁x₂x₃…x_i-2x_i-1x_i 1, calculating a bit number long enough to a decimal point, discarding high-order numbers with equal length of an integer part of a calculation result and input information, and selecting a numerical value a with equal length of the whole part and common data;

When the method is used for calculating, a non-0 digit is added before and after the numerical value, so that the situation that the format of a calculation result is changed greatly due to the fact that more 0 values appear before and after input information and public data can be effectively avoided.

Calculating bits long enough from 1z₁z₂z₃…z_k-2z_k-1z_k1/1y₁y₂y₃…y_i-2y_i-1y_i1 to decimal point, discarding high-order numbers with equal length of integer part of calculation result and input information, and selecting a value b with equal length of the integer part and common data;

and (3) carrying out modular operation modulo the numerical value system used by the a and b bit by bit to generate secondary information.

The calculation process is demonstrated by using 8-bit decimal value input information 3-7-2-8-1-5-9-6, the converted input information is in a format of 3728-1596, the public data is 24-bit number 367368971209437083569112, and the input information and the public data length are far longer than those of the above examples in practical application;

13673689712094370835691121/137281, calculating to obtain 99603657549802018019.1805 20246793, discarding 8-bit high-order digits of the integer part to obtain 549802018019.180520246793, and selecting 24-bit numerical values to obtain a 549802018019180520246793;

13673689712094370835691121/115961, calculating to obtain 117916279715545492326.653 96986918, discarding 8-bit high-order digits of the integer part to obtain 9715545492326.65396986918, and selecting 24-bit numerical values to obtain b as 971554549232665396986918;

a：549802018019180520246793

b：971554549232665396986918

modulo operation with 10 as a modulus

Secondary information: 410356557241745816122601

The division operation is a unidirectional data conversion algorithm with characteristics 1, 2, 3 and 4, and is proved as follows:

Generating the determined secondary information from the input information by division is operationally feasible, and feature 1 is provided.

Since the modulo operation is adopted in the secondary information generation process, it is impossible to estimate a and b from the secondary information, and thus the input information cannot be estimated either, and the feature 2 is provided.

The effective secondary information which is obviously larger than the length of the input information and is determined by the length of the public data can be output from the division operation, so that the non-degenerate transformation from the input information to the secondary information is ensured; the data conversion is nonlinear because the higher digits of the division result are discarded, and a single numerical change of the input information can cause global change of the calculated numerical value. The feature 3 is provided.

Obviously, any input information can be converted into a certain non-negative integer smaller than the value space value, so that the input information can be used as legal input. The feature 4 is provided.

It can be seen from the above calculations that it is also difficult to infer the input information from a or b before the fractional part is looped.

The calculation speed of the division unidirectional data conversion algorithm for generating the secret key is inversely proportional to the length of the secret key, and is equivalent to the speed of the current fastest encryption algorithm.

The public data can be commonly used in the method adopting different master keys, can be used as public information of a system and can be publicly stored and transmitted, and the master key is still the only variable private information which needs to be shared with different legal communicants in the system; under the existing information and computer technical conditions, the introduction of the public data does not increase the additional information storage burden of the communication equipment adopting the method.

In the division operation adopted in the embodiment and other unidirectional data conversion algorithms described in the later embodiments, the randomness requirement on the public data is not high, and as long as digital information of a large number of repeated fragments does not appear, the digital information can be used as qualified public data, for example, a random number generator in a computer accessory can be adopted to generate the public data.

In addition, in addition to the very special key, for example, all the keys are composed of 0, in the division operation of this embodiment, when the length of the secondary information is far greater than the length of the input information but is not close to the non-negative integer value corresponding to the input information, 1 or other simple numerical value may be used as a default value to replace the common data. The above precondition can be easily satisfied, for example, the length of the secondary information satisfying the above precondition can reach thousands of bits by using the above 8-bit input information 3-7-2-8-1-5-9-6.

In some embodiments, the unidirectional data conversion algorithm may employ common data conversion under input information control.

The system information of the key generation module is added with a public database based on the master key and a unidirectional data conversion algorithm, and is configured to store public data, wherein the public data can be configured to adopt random numbers generated by a random number generator in a common computer accessory.

The common data conversion under the control of the input information is configured to convert the common data into secondary information under the control of the input information.

The common data conversion under the control of the input information can be constructed by means of a common encryption algorithm or can be directly used as the common data conversion under the control of the input information.

Common encryption algorithms, such as DES, AES, etc., have the basic function of converting plaintext into ciphertext under the control of a key, and usually the number of bits of the plaintext and the converted ciphertext is much larger than the number of bits of the key; if a key of a common encryption algorithm is used as input information, a plaintext to be encrypted is used as public data, and a ciphertext generated by the encryption algorithm is used as secondary information, the encryption process of the common encryption algorithm is a unidirectional data conversion algorithm with characteristics 1,2, 3 and 4. The following was demonstrated:

The convenient conversion of plaintext into ciphertext through a secret key is the basic function of all encryption algorithms, so that public data (plaintext) can be conveniently converted into secondary information (ciphertext) under the control of input information (secret key) by utilizing the encryption algorithms, and the characteristic 1 is provided with;

Conventional encryption algorithms require that it is either impossible or computationally infeasible to derive plaintext from ciphertext, and the degree of computational difficulty determines the key strength of the encryption method; in a common encryption algorithm that encrypts different plaintext multiple times using the same key, it is also not feasible to infer the key from the ciphertext and the corresponding plaintext. The feature 2 is provided.

The efficient encryption algorithm also requires that the transformation from key and plaintext to ciphertext be nonlinear, requiring small changes in the key or plaintext information to cause global changes in the generated ciphertext that cannot be predicted from the amount of change in the key or plaintext information; the generation of ciphertext, which is much larger than the number of key bits, from plaintext data, which is much larger than the number of key bits, by a key encryption bit is also a fundamental requirement of conventional encryption algorithms, ensuring a non-degenerate conversion from input information to output information. The feature 3 is provided.

In addition to the public key algorithm, any bit combination conforming to the key format can be used as a key in the usual encryption algorithm, which becomes valid input information, and feature 4 is provided.

In the method, the intermediate key is used as the one-time input information to participate in the public data conversion to generate the secondary information and the key, so that the encryption method and the information security system constructed by the method are generally ineffective against the attack of the common encryption algorithm.

Thus, many existing encryption algorithms can be used as the one-way data conversion algorithm of the method of the present invention.

In other embodiments, the one-way data transformation algorithm with features 1,2,3,4 may be selected from a number of hash functions.

In another embodiment, the common data transformation under the control of the input information is a combined modular operation. The public database may be configured to consist of N arrays of equal length, identified by numbers from 0 to N-1, called seeds, each of which contains the same number of bits; accordingly, the input information is configured as a series of M numbered sequences, each of the input information sequences being directed to M seeds identified by the number.

The unidirectional data conversion algorithm may be as follows:

Sequentially extracting M seeds pointed by the numbers in the input information; and performing modular operation on the M seeds to generate secondary information with the same format as the seeds.

The combination modular operation is a unidirectional data conversion algorithm with characteristics 1, 2, 3 and 4, and is proved to be as follows:

Selecting M seeds determined by the numbers in the input information from the input information to carry out modular operation, so that secondary information determined by the input information can be conveniently generated, and the characteristic 1 is provided with;

The secondary information is generated by selecting corresponding seeds in a public database according to the numbers in the input information and performing modular operation on the seeds; according to the characteristics of the modular operation, as mentioned above, any sequence with the same format as the secondary information can be generated with the proper sequence with the same format through the modular operation, so that any seed in the public data cannot be excluded before all seed combinations are tried; the different combination numbers of the numbers in the input information, namely the seed combination modes, are equal to the value space of the input information; in the case of hiding the input information, the degree of difficulty in detecting the corresponding input information from the secondary information is not less than that of randomly guessing the input information, and therefore, no substantial information of the corresponding input information is detected from the secondary information. The feature 2 is provided.

Since the input information consists of seed numbers, the change of single bits in the input information changes a number value, thereby changing the seeds participating in the combination, and since the secondary information is equal to the seeds in length, the change of the single seeds participating in the combination causes global change of the generated secondary information, and therefore, the combination modulo operation accords with strict nonlinear transformation; and, the length of the generated secondary information can be significantly larger than the length of the input information, ensuring that the conversion from the input information to the secondary information is non-degenerate. The feature 3 is provided.

Obviously, any input information can be converted into the number sequence, so that the input information can be legal. The feature 4 is provided.

Under the condition of keeping seed information in the database unpublished, the combined modular operation is a strict unidirectional data conversion algorithm; in the case of seed information in the public database, the master key and the time stamp are required to be used as input information, and an intermediate key is generated through a unidirectional data conversion algorithm; the intermediate key is generated by adopting the unidirectional data conversion algorithm, the single bit change in the timestamp causes unpredictable global change of the intermediate key, the secondary information and the key generated by the secondary information cannot be deduced from the information change in the timestamp without disclosing the information of the intermediate key, and the combined modular operation accords with strict unidirectional data conversion.

By adopting the combined modular operation, the key generation efficiency can be remarkably improved under the condition that the number of seeds is enough. Compared with division operation, under the condition of adopting 2 ^N seeds, the efficiency of combined modular operation can be improved by nearly N times. For example, a key generation system with 256=2 ⁸ bits of keys is selected, the division operation needs about 256 addition operations to generate the keys, if 256 seeds are adopted, each seed is 8 bits, the combined modular operation only needs 32 modular addition operations, and the efficiency is improved by 8 times.

In another embodiment, the unidirectional data conversion algorithm adopts combined modular operation, the public database is configured into an end-to-end annular array containing N x M elements, the annular array is divided into N units with the length of M, and each unit is identified by a number from 0 to N-1; the division of the circular array into units of length M is to enable shift-modulo arithmetic, as will be described in detail later;

the seeds are configured to extend from one of the units in the same direction across the entire annular array, forming an array of length N x M, with the starting unit number being the corresponding seed number.

Determining N seeds with the same bit number as the cyclic number sequence from the cyclic number sequence formed by the N x M elements; the use of a circular array can maintain a maximum number of seeds containing the most number of bits with the least common database capacity.

One specific example of the modular operation is described below in conjunction with fig. 3.

As shown in fig. 3, the common database is a 64-bit binary circular array divided into 16 4-bit cells, which are sequentially identified with 4-bit binary numbers from 0000 to 1111. In practice, the length of the ring array should be much greater.

16 Seeds can be derived from the binary cyclic sequence, each seed starting from one of the cells, spanning the entire cyclic sequence to form a 64-bit binary sequence of equal length to the cyclic sequence, with the number of the cell being the corresponding seed number.

For example, as shown in fig. 3, the seed of the number 0101 sequentially extends from the element '1001' of the number 0101 to the element '1100' of the number 1111 in the annular sequence, further spans the element of the number 1111, contacts the element '1010' of the number 0000 at the beginning, and ends in the element '0110' of the number 0100, thereby forming a binary number sequence of 64-bits in length.

The input information is a 16-bit binary number array, which sequentially contains 4 seed numbers: 1010-0110-0111-0101.

The combined module operation adopts the following steps:

Sequentially selecting seeds with corresponding numbers in the input information: 1010. 0110, 0111 and 0101, numbering the seeds according to a selection sequence, wherein the sequence numbers are from No. 0 to No.3 as shown in FIG. 3;

Before modular operation, shifting the selected seeds, and shifting bits of the selected seed number sequence along the same direction by bits corresponding to the corresponding sequence number value; for example, as shown in fig. 3, seed number 0 1010 remains unchanged, the sequence of seed number 1 0110 is shifted back by 1 bit, and finally the extra 1 bit number is folded back, keeping the length of the array unchanged; in the same way, seed sequences No. 2 and No. 3 are respectively shifted backwards by 2 bits and 3 bits; the numbers folded back are underlined in fig. 3;

And performing modular operation on the sequence after the shift operation to generate secondary information. With a binary array, the modulo operation becomes an XOR operation that facilitates computer operation. For the bitwise XOR operation of a plurality of columns, only the number of times of occurrence of 1 at the corresponding position is counted during calculation, the result of 1 in odd number is 1, and the result of 1 in even number is 0.

By adopting the shift module operation, different secondary information can be generated from the input information containing different sequence combinations of the same seeds, so that the secondary information and the input information maintain a one-to-one correspondence in statistics.

Obviously, in the above combined modular operation, a single bit change in the input information will cause an unpredictable global change in the generated secondary information, ensuring that the conversion from the input information to the secondary information conforms to a strict nonlinear transformation.

Obviously, in the above combined modular operation, the input information 0000-0000-0000-0000 composed of all 0 points to 4 different varieties of seeds numbered 0000, which is equivalent to 4 different number columns, and the input information and other input information have the same complexity; thus, unlike conventional algorithms, in combined modular arithmetic, all input information has the same complexity with a fixed input information format.

In some embodiments, with the aid of the flows described in fig. 1 and 2, different unidirectional data transformation algorithms, different intermediate key generation manners, and different combinations of these unidirectional data transformation algorithms and intermediate key generation manners described in the above embodiments may be employed to construct a key generation method suitable for a specific application.

With the above embodiments, the present specification shows that by means of the method of the present invention, by means of a time stamp that can use arbitrary information, at least one unidirectional data conversion algorithm is used, and by means of a master key generation and secure distribution, any desired number of independent keys with a key strength that can be equal to the number of bits of the master key can be satisfied.

Returning to fig. 1, the above method generates a key from a timestamp through the following data transformation chain: timestamp + master key → intermediate key → secondary information → key, the timestamp and key that are output are at both ends of the data transformation chain.

Because the unidirectional data conversion algorithm is adopted in the conversion process of the intermediate key-secondary information, the possibility of presuming the previous information from the generated secondary information and the key, including the intermediate key and the master key, is cut off, and the system is ensured to randomly output the key which does not influence the security of the master key; because of the arbitrary nature of the information in the timestamp, it can be independent of the key generation method, so the timestamp used to distribute the key also does not expose any system information; the above features ensure that the private information master key unique to the system remains secure throughout the key generation and application process.

The non-linear nature of the unidirectional data transformation algorithm for the method of the present invention described by means of the above embodiments is such that a change in a single bit of the intermediate key will cause a global change in the corresponding secondary information and information in the key; the intermediate key information is not disclosed, and the path of presuming the generated secondary information and the corresponding key from the intermediate key change caused by the information change in the time stamp is blocked, so that the key can be safely distributed through the time stamp. In some embodiments, a unidirectional data conversion algorithm is introduced in the process of the timestamp+the master key- & gt the intermediate key, so that the requirement on the unidirectional data conversion algorithm is further reduced, and the application range of the method is enlarged.

In the system, system information including the master key is fixed, and the final decision key information is a time stamp. The time stamp of optional information has an open value space, so that the independence of the information in the time stamp is ensured, and any required number of independent keys corresponding to the time stamp can be generated.

As unique private information in the system, the master key participates in the generation of the intermediate key. The intermediate key is generated by adopting the time stamp and the master key through non-degenerate combination, so that the intermediate key can inherit the key strength of the master key, the method can conveniently generate and distribute the key equivalent to the master key strength by means of the shorter time stamp, and the system can generate the independent key through the intermediate key by adopting the time stamp of any information.

Therefore, the method generates the intermediate key which is not disclosed outside by the non-degenerate combination of the independent timestamp and the master key which can adopt any information, converts the intermediate key into the secondary information through the unidirectional data conversion algorithm, extracts the key from the secondary information, and simultaneously achieves two targets which are difficult to achieve in the prior art:

1. The arbitrary nature of the information in the time stamp enables the system adopting the method of the invention to distribute the key by adopting the universal time stamp which is independent of the system and the algorithm and does not expose the system information, eliminates the possibility of attacking the system in the key distribution process, and simultaneously eliminates the possibility of depending on the system information from the information detection in the universal time stamp, and inherits the secondary information and the key of the key strength of the master key from the master key, thereby constructing an ideal key security distribution scheme according to the method;

2. The independence of the information in the time stamp ensures that the intermediate key generated by the time stamp and the master key through non-degenerate combination inherits the independent information in the time stamp, and ensures the independence of the secondary information and the key generated by the intermediate key through a unidirectional data conversion algorithm; therefore, even if the secondary information and the key information are all exposed after use, the substantial information of the newly generated and transmitted key cannot be presumed from all the key information that has been generated and used; so that an ideal key generation mechanism can be constructed according to the above method.

In the above embodiment, by introducing a time stamp and a master key to generate an intermediate key via a non-degenerate combination, two beneficial results are produced at the same time:

1. the intermediate key can inherit the key strength of the master key, so that a short time stamp can be adopted to generate and distribute a high-strength key determined by the bit number of the master key, thereby realizing convenient key generation and distribution;

2. The time when the key is generated can be used as a time stamp, and the information in the time stamp is not repeated and the number of the generated time stamps is opened, so that the intermediate key, the secondary information and the number of the keys generated by the time stamp are opened, and the generation and distribution of any required number of independent keys are realized.

In the above embodiment, the time stamp and the master key are used as common input information, and the key capable of simultaneously inheriting the key strength of the master key and the independent information in the time stamp is generated through a non-degenerate unidirectional data conversion algorithm; by means of the randomness of the information in the time stamp and the openness of the value space, the key with unlimited number can be generated and safely distributed by the universal time stamp which can be independent of the key generation method. Some specific key generation processes using the method and unidirectional data conversion algorithms usable in the method are described in the above embodiments, and the uniqueness of the algorithms and the security of the processes are primarily evaluated.

By means of the method described in this embodiment, the present invention solves the problem of convenient generation and secure distribution of independent keys with the required key strength, which can meet any required number. The time stamp is used as a user identification code, a general reliable key management system can be constructed by using the method, and keys of a complex system which can contain any number of users can be efficiently and conveniently managed by means of a master key; the key is used as plaintext information with the same number of encryption bits of the disposable key, the corresponding timestamp is used as decryption clue, the method can be used for constructing a universal encryption algorithm which can prove safety in theory of informatics, and the efficient, convenient and unlimited safety information exchange is realized by means of an exclusive shared master key.

< Second embodiment >

Next, a specific example of generating a key according to the second embodiment will be described with reference to fig. 4. The unidirectional data conversion algorithm employs a common data conversion under the control of input information. That is, the unidirectional data conversion algorithm performs data conversion using input information as control information to generate output information.

As shown in fig. 4, the system information may include a master key 401, a public database 402, unidirectional data conversion algorithms 403, 404, and 405;

in the method of the second embodiment, the system information further includes common data stored in a common database of the key generation apparatus, the common data including a number of bits that is much larger than a number of bits included in the master key.

In this example, the unidirectional data conversion algorithm performs data conversion on the common data using the input information as control information to generate output information.

The key may be generated by the steps of:

Taking the master key 401 as input information, under the control of the master key 401, converting public data 402 into private data 410 through a unidirectional data conversion algorithm 403;

generating a time stamp 411 which is composed of any information which is not repeated, and using the time stamp 411 as input information, generating an intermediate key 412 from the private data 410 through the unidirectional data conversion algorithm 404 under the control of the time stamp 411;

Using the intermediate key 412 as input information, under control of the intermediate key 412, the public data 402 is converted into secondary information 413 by a unidirectional data conversion algorithm 405;

information generation key 414 is extracted from secondary information 413, and key 414 is associated with a corresponding timestamp.

In one embodiment, the common data transformation under the control of the input information may employ a combination of modular operations.

Correspondingly, the public database 402 may be a 512Kb binary circular array, divided into 65536=2 ¹⁶ units, each unit length of 64 bits, consisting of 64 0 or 1 sequences, identified by 16 bit numbers, in a manner similar to that shown in fig. 3; starting from one unit, the seeds span the whole annular number sequence along the same direction to form a 512Kb binary number sequence, and the initial unit number is used as a corresponding seed number; 2 ¹⁶ 512Kb seeds can be extracted from the public database 402, identified by a 16-bit number.

The master key 401 may be a 1024-bit unpublished binary random number sequence consisting of 1024 0 or 1 sequences containing 64 16-bit said seed numbers, pointing to 64 said seeds in sequence.

The unidirectional data conversion algorithm 403 may employ the following combined modular operation:

Taking the master key 401 as input information, sequentially extracting 64 seeds pointed by numbers in the master key 401 from a public database 402;

The extracted seeds may be subjected to a shift modulo operation similar to that shown in fig. 3; specifically, the 64 seeds are numbered from 0 to 63 according to the extraction sequence, the seed number sequence is shifted to the same direction by the number of digits corresponding to the sequence number value of the seeds, for example, the number 0 number sequence is kept unchanged, the number 1 number sequence is shifted back by 1 bit, the number 2 number sequence is shifted back by 2 bits, and the like, and the numerical value with the excessive last digits is folded back to keep the length of the number sequence unchanged; introducing a shift operation may statistically ensure a one-to-one correspondence of the input information and the generated secondary information.

The binary seeds for the shift operation described above are modulo-computed, and an XOR operation as shown in fig. 3 may be used to generate 512Kb of private data 410.

The key generation device generates a time stamp 411 according to the time at that time, takes the time stamp 411 as input information, and generates an intermediate key 412 from the private data 410 through the unidirectional data conversion algorithm 404.

The unidirectional data conversion algorithm 404 may employ the following combined modular operation:

Sequentially dividing the 512Kb private data 410 into 4096=2 ¹² 1024-bit pieces of information, each piece of information being identified by a 12-bit number; the information in the private database 410 is only present in the computer memory or cache during encryption.

The method adopts a 48-bit time stamp, comprising 8-bit year, 4-bit month, 5-bit date, 5-bit hour (adopting 24-hour system), 6-bit minute and 6-bit second, wherein the rest 14 bits are used as redundant information, random information can be filled as standby at ordinary times to maintain the stability of the time stamp format, the time code of less than 10-bit second can be added as expansion information when needed, for example, the time resolution of an encryption system can be improved to millisecond in a high-frequency encryption process, and the effective time span of the encryption system adopting the method can be improved to 2 ¹² = 4096 years by further adding 4 bits in the year code.

The 48-bit timestamp may comprise 4 12-bit numbers in sequence, pointing to 4 of the pieces of information in the private database 410 in sequence.

Sequentially selecting information fragments corresponding to 4 numbers in the timestamp 411 from the private database 410 by taking the timestamp 411 as input information, and generating a 1024-bit intermediate key 412 by the shift modulo operation; the intermediate key information exists only in the computer memory or cache.

The year, month, date, hour, minute, second encoded information and the alternate information may be dispersed into different numbers in the timestamp, maintaining a highly dynamically changing intermediate key.

Specifically, for example, the timestamp 411 may take the following format:

Y₁M₁D₁H₁m₁S₁Y₂rD₂H₂m₂S₂-Y₃M₂D₃H₃m₃S₃Y₄rrrm₄S₄-Y₅M₃D₄H₄m₅S₅Y₆rrrrr-Y₇M₄D₅H₅m₆S₆Y₈rrrrr

Where Y represents the binary code for the place year, the subscript indicates the number of the binary code from left to right, and likewise M represents month, D represents date, H represents hour, M represents minute, S represents second, and r represents spare number.

For example, the time stamp of 11, 26, 15, 36 minutes, 57 seconds in 1998 is constructed as follows:

1998 is larger than the maximum value 255 of 8-bit encodable information, divided by 256 to obtain a remainder, 206, and binary codes are 11001110, which respectively correspond to Y ₁Y₂Y₃Y₄Y₅Y₆Y₇Y₈ in the timestamp format.

Taking binary codes 1011 of 11 for 11 months, wherein the binary codes correspond to M ₁M₂M₃M₄ in the timestamp format respectively;

26 days, taking 26 binary codes 11010 corresponding to D ₁D₂D₃D₄D₅ in the timestamp format;

15, taking binary codes 01111 of 15, and respectively corresponding to H ₁H₂H₃H₄H₅ in the timestamp format;

36 minutes, taking the binary codes 100100 of 36, which respectively correspond to m ₁m₂m₃m₄m₅m₆ in the timestamp format;

57 seconds, taking binary codes 111001 of 57, which respectively correspond to S ₁S₂S₃S₄S₅S₆ in the timestamp format;

Therefore, the effective information of the timestamp corresponding to 15 minutes and 57 seconds at 11/26/1998 is: 1110111r1101-0001010rrr10-1111001 rrr-1101010 rrr;

The key generation module randomly generates 14-bit binary spare numbers, for example 01101011011001, sequentially replaces the undetermined r in the time stamp, and the time stamp used in the final calculation is as follows:

111011101101-000101011010-111100110110-110101001001；

the time stamp coding mode can ensure that the information in 2 adjacent generated time stamps can code more than 2 different numbers and corresponds to more than 2 different information units in the private database, so that the high dynamic property of the corresponding intermediate key is maintained;

The format of the timestamp may be set to be a check code composed of 14 bits of information immediately after the current time, for example, a 16-system code check code may be adopted, the additional information may be grouped into 0110-1011-0110-01, and the check code is 6B61; the time stamp format may be 1998-11-26-15-36-57-6B61 for easy recognition and processing by the processor of the reading and communication device.

The 48-bit timestamp code can support 1024 key generation frequencies per second and the application requirement of 4096 years of time span after expansion, and can be expanded at any time on the basis of not affecting the operation speed and the key generation flow, for example, a 72-bit timestamp is adopted, and only 2 modulo operations are needed to be added in the intermediate key generation process, so that the number of keys which can be distributed in a code is further expanded by 2 ²⁴ times.

Using the intermediate key 412 as input information, under control of the intermediate key, the public data 402 is converted into secondary information 413 by a unidirectional data conversion algorithm 405;

the 1024-bit intermediate key may be sequentially divided into 64 16-bit numbers in the same manner as the master key, and the unidirectional data conversion algorithm 405 may use the same algorithm as 403:

sequentially extracting 64 seeds pointed by the intermediate key 412 from the public database 402, performing shift-modulo operation on the seeds to generate 512Kb of secondary information 413, and extracting a key with a required length from the secondary information 413; the longest can be used as a disposable key by using 512Kb secondary information, and the plaintext with the same bit number is encrypted through modulo operation; 1024-bit keys of equal length to the master key may also be extracted.

The generation of the intermediate key by the private database method described in this embodiment does not significantly increase the calculation amount of the generated key. In general, in a primary encryption application, only a primary private database can be calculated and used as a cache, so that all keys required in the primary encryption application are generated, and therefore, in application scenarios with high requirements on encryption speed, such as real-time secure communication and encryption and decryption of large-capacity information, the influence of the additional calculation amount required by the generation of the primary private database on the overall encryption speed is negligible.

With the above-described procedure, the key strength of the generated key is 1024 bits, while ensuring that the master key information is not revealed by a path other than the key and the time stamp output from the system.

Unlike the key length referred to in public key algorithms or in some encryption algorithms, for example, the 1024-bit key proposed in public key algorithms generally refers to the number of bits of the key employed, since the optional integer values of the key in public key algorithms are discontinuous, the actual key space is much less than 2 ¹⁰²⁴, and based on the key selection rules, the success rate of guessing one of the unpublished random public keys is much greater than 1/2 ¹⁰²⁴, and the corresponding key strength can be significantly less than 1024 bits; the key strength in the embodiment of the invention can be equivalent to the bit number of the master key, the possible values of the 1024-bit master key are uniformly distributed in the key space of 2 ¹⁰²⁴, the success rate of randomly guessing an undisclosed random master key is not obviously more than 1/2 ¹⁰²⁴, and the key strength of the system is 1024 bits.

Keys with an intensity of 1024 bits may be considered to be indestructible in the real physical world. A key of 1024 bits in strength means that an attacker not in possession of the key information would need to approach 2 ¹⁰²⁴ attempts if he wants to obtain the key-encrypted file information with certainty; the estimates obtained using different statistical methods may be slightly lower than this, but not orders of magnitude different. The real world following basic laws of physics has the following physical limitations: the information processing speed cannot be faster than the light speed, namely 3x10 ⁸ m/s; The size of the observable universe is about 140 billions of light years, about 1.4x10 ¹⁰x10¹⁶＝1.4x10²⁶ meters, and the corresponding universe age is about 140 billions of years, about 1.4x10 ¹⁰x3x10⁷＝4.2x10¹⁷ seconds; the smallest steerable particle, such as a nucleus, has a diameter of 10 ^-15 meters. Under these physical law constraints, assuming that a 10 ^-15 meter processor reads information through the speed of light, the upper limit of the processing speed of a single processor is (3 x10 ⁸ meters/second)/(10 ^-15 meters), i.e., 3x10 ²³ times/second; Consider a computer comparable to the current cosmic volume, the upper number of said processors that can be contained being (1.4x10 ²⁶ meters) ³/(10^-15 meters) ³＝2.8x10¹²³; the upper limit of the information processing speed of the computer is (3 x10 ²³ times/second) x (2.8x10 ¹²³) =8.4x10 ¹⁴⁶ times/second; At the current cosmic age scale, the upper limit of the amount of calculation that can be done is (8.4x10 ¹⁴⁶ times/sec) x (4.2x10 ¹⁷ seconds) =3.53x10 ¹⁶⁴ times, not more than 2 ⁵⁴⁷ times. Thus, a key with a key strength of 1024 bits cannot be broken in the real world following the laws of physics.

The estimation default processors can finish calculation together by free cooperation division, the cooperation is practically impossible to realize on the computer with the volume under the limitation of the light speed, and the cooperation division also needs additional calculation resources, so that the upper limit of the completable calculation amount also needs to be further adjusted down. Different operable minimum particle sizes, the range of observable universe, and the universe age may give different estimates, but have little impact on the conclusion.

The above information theory can prove that a key with a key strength of 1024 bits that is secure can be regarded as an unconditionally secure key in the real world following the basic laws of physics.

By adopting the flow in the embodiment, the calculated amount required for generating the key with 1024-bit strength is slightly more than 64 XOR operations; the 4-time 48-bit length XOR operation to generate the intermediate key, reduced to the last generation of the 512Kb one-time key, is increased by a ratio of (4 x 48)/(512 x8x 64) =0.07%, approaching 0.

The secondary information generated by the method can be used as a disposable secret key, ciphertext is generated by modular operation with plaintext information in the same format, the corresponding timestamp is used as a decryption clue, and the ciphertext is transmitted between the communicants sharing the master secret key, so that an encryption method which can prove safety in the theory of informatics can be constructed. In the encryption method with 1024-bit key strength, the calculation amount in the encryption and decryption process is 65 modulo operations, wherein 64 times are used for generating the disposable key and 1 time are used for generating the ciphertext or recovering the plaintext information from the ciphertext.

The encryption method adopting the method of the invention can be efficiently realized on conventional portable communication equipment. For example, using a conventional portable intelligent communications device with a1 ghz processor, the speed of processing the unconditionally secure ciphertext information with a key strength of 1024 bits is 15MbP, and the 512Kb public database storage space is also easily implemented on current common intelligent communications devices.

In the embodiment, the common data and the corresponding algorithm parameters can be conveniently adjusted to meet different application requirements.

In another embodiment, the public database 402 may employ a 4Kb circular array containing 256 128 bit cells from which 256 4Kb seeds may be extracted, using an 8 bit seed number. Then 128 modulo operations are required to generate a 1024 bit strength key, the length of the one-time key is 4Kb, and 129 modulo operations are required for the encryption and decryption process.

Generating a 256-bit strength key in the current mainstream encryption protocol requires 32 modulo operations, and the encryption and decryption process requires 33 modulo operations.

Obviously, the encryption algorithm of 2048 bits or higher key strength can be easily implemented according to the above-described embodiment.

In the encryption algorithm adopting the method, the information capacity of the main ciphertext and the information capacity of the plaintext are the same, and the bit number of the timestamp serving as a decryption clue added to the ciphertext can be ignored compared with the main ciphertext, so that the information bearing proportion of the ciphertext can be close to 1, and an efficient encryption method is formed.

The above embodiments illustrate that any desired number of unconditionally secure keys in the real physical world can be generated and securely distributed on a conventional communication device by the method of the present invention; the encryption algorithm which can prove safe in theory of informatics can be constructed by taking the secret key as a disposable secret key to encrypt plaintext information with the same bit number as the secret key, unconditional safe communication in the real physical world is realized, and the information processing speed and the file transmission efficiency of an information security system adopting the encryption algorithm can be obviously higher than that of the existing encryption application.

< Third embodiment >

Next, a key generation apparatus according to an embodiment of the present invention will be described with reference to fig. 5.

The key generation apparatus 500 of the embodiment of the present invention as shown in fig. 5 may include:

A system information module 510 configured to store or/and generate system information of the key generating device, which may include a master key, at least one unidirectional data conversion algorithm, and a public database may be added as needed; the unidirectional data conversion algorithm generates output information determined from input information from which it is not feasible to infer or/and derive the input information.

A key generation module 520 configured to generate a time stamp that can be encoded by arbitrary information that is not repeated, and generate a key corresponding to the time stamp according to the system information;

a transmission module 530 configured to receive and transmit the time stamps.

The key generation module 520 generates a key by means of one or more of the system information in the system information module 510 by the method as described in the previous embodiment, the following procedure may be adopted:

Generating the timestamp; generating an intermediate key by calculating the information in the timestamp and the information in the master key; the intermediate key is used as input information, and secondary information is generated through the unidirectional data conversion algorithm; information is extracted from the secondary information to generate a key a, and the timestamp is associated with the key a.

The transmission module 530 transmits the time stamp a to the paired key generating device; the paired key generation device has the same configuration as the key generation device 500, and uses the same system information.

In another embodiment, the transmission module 530 may also receive the timestamp B sent from the paired key generating device; the key generation module 520 is further configured to generate a corresponding key B in accordance with the received time stamp B by means of the system information 510, using the steps described above.

The key generation module 520 is further configured to generate the timestamp.

The key generation module 520 may generate a key according to the method of the previous embodiment.

For example, key generation module 520 may be configured to operate on the timestamp and the master key to generate an intermediate key; the intermediate key is used as input information, and secondary information is generated through the unidirectional data conversion algorithm; extracting information from the secondary information to generate a key; and associating the key with a timestamp corresponding to the key.

Further, key generation module 520 may use a non-degenerate combination of the timestamp and the master key to generate the intermediate key.

In one example, the key generation module 520 is further configured to generate the intermediate key through a second one-way data conversion algorithm using the timestamp and the master key as input information.

Although not shown in the drawings, the key generation apparatus 500 may further include a public database. The public database may be configured to store public data containing a number of bits that is substantially greater than the number of bits contained by the master key.

The key generation module 520 may also generate secondary information through the unidirectional data conversion algorithm using the common data as input information; extracting information from the secondary information to generate a key; and associating the key with a timestamp corresponding to the key.

In some examples, the unidirectional data conversion algorithm also performs data conversion on the common data using the input information as control information, and the data conversion employs a combined modular operation.

For example, the common data is configured to be composed of N number sequences of the same length, each of which contains the same number of bits, is identified by a number indicating 0 to N-1 of the same number of bits, and is referred to as a seed. The control information is configured as a sequence of M numbers of the number sequences, pointing sequentially to M seeds identified by the numbers.

And the combined modular operation is configured to sequentially extract M seeds pointed by the numbers in the control information from the public data, and then carry out modular operation on the M seeds to generate secondary information with the same format as the seeds, wherein N and M are positive integers.

Furthermore, the common data may be configured as an end-to-end cyclic sequence of n×m elements, said cyclic sequence being divided into N units of length M, each of said units being identified by a number from 0 to N-1. The seed is then arranged to extend from one of said units in the same direction across the entire annular array, forming an array of length N x M, with said starting unit number being used as said seed number.

The key generation module 520 may further use the master key as control information, and convert public data into private data through a second unidirectional data conversion algorithm under the control of the master key; taking the timestamp as control information, and generating an intermediate key from the private data through a third unidirectional data conversion algorithm under the control of the timestamp; taking the intermediate key as control information, and converting the public data into secondary information through the unidirectional data conversion algorithm under the control of the intermediate key; extracting information from the secondary information to generate a key; and associating the key with a corresponding timestamp.

The unidirectional data conversion algorithm, the second unidirectional data conversion algorithm, and the third unidirectional data conversion algorithm use the same or different unidirectional algorithms.

The transmission unit 530 may also receive a second time stamp transmitted from the paired key generating device. The key generation module 520 then uses the master key to generate a second key corresponding to the second timestamp by the unidirectional data transformation algorithm, relying on the second timestamp.

This embodiment illustrates that any desired number of independent keys, the key strength of which may be comparable to the number of master key bits, may be securely generated and exchanged between legitimate correspondents sharing the master key by the key generation means 500 using the method of the present invention. The key generating device described in this embodiment can be used as a basic module of a communication device to construct an information security system with multiple purposes, so as to realize the secure information exchange with the required key strength, which can be proved by the informatics theory described by the method of the present invention.

< Fourth embodiment >

Next, a key management system according to an embodiment of the present invention will be described with reference to fig. 6.

The key management system 600 of the embodiment of the present invention shown in fig. 6 includes a management side 610 and one or more user sides 620. The user terminal device stores the user identification code of the corresponding user.

The user end 620 comprises each user 620-i to which the system belongs; the sequence number i is only used to indicate that the user terminal 620 includes different users, which has no substantial meaning, and in specific system management, the user to which each system belongs may be identified by its user identification code.

The management end 610 includes: a control module 611 configured to generate and receive a user identification code; a user information module 612 configured to store the user identification code; the key generation module 613, using the key generation apparatus according to the third embodiment, is configured to generate a user key corresponding to the user identification code using the user identification code as a time stamp.

The control module 611 may generate, for each of a plurality of users, any information identifying the identity thereof as a user identification code of the user.

The control module 611 generates a user identification code i for each user 620-i, and stores the user identification code i in the user information module 612; the user identification code can be a piece of arbitrary information, for example, some random information can be added to the user characteristic information, and the user identification code can be in a form of two-dimensional code, bar code and the like which are convenient for common information technology equipment to read;

The key generation module 613 responds to the user identification code i from the user information module 612, takes the user identification code i as a time stamp, generates a corresponding user key i, submits the user key i and the corresponding user identification code i to a corresponding system user 620-i in the user terminal 620, and realizes key distribution;

When the user 620-i key is lost, the user side submits a key recovery application to the management side 610; the management side 610 may ask the user side to submit the user id i.

The management end 610 receives the user identification code i through the control module 611; the user information module 612 may detect whether the user identification code i matches information stored in the system; the key generation module 613 takes the user identification code i as a time stamp, generates a user key i corresponding to the user identification code i, submits the user key i to the user 620-i, and recovers the user key.

In some examples, the key generation module 613 includes the key generation apparatus of the previous embodiments and stores a master key configured to generate a respective user key for each of a plurality of users and to communicate the user identification code and the corresponding key to the corresponding user side device as the user key for the user.

The key generation module 613 generates a key corresponding to the user identification code in response to the user identification code transmitted from the user information module using the user identification code as a time stamp, and transmits the user identification code and the corresponding key to the corresponding user terminal device as a user key of the user.

When the user key of one or more users is lost, the control module 611 receives the corresponding user identification code from the user side device.

The user information module 612 verifies the received user identification code to confirm that the user identification code is a stored user identification code.

The key generation module 613 takes the user identification code as a time stamp, generates a user key corresponding to the user identification code, and feeds back the user key to the user terminal device.

Further, the key generation module 613 may also respond to 2 or more user identification codes from the user information module 612, combine these user identification codes as a time stamp, generate a corresponding key, and assign the key to the users as a key for communication between the users.

By the key management system described in this embodiment, a public user identification code which can include public personal characteristic information and some random information of the user is allocated to each user by adopting a current common technical means; the key management system generates and manages user information including user identification codes, takes the user identification codes as time stamps, generates corresponding user keys and distributes the corresponding user keys to users; and when the user loses the user key, the user key is recovered conveniently through the system according to the user identification code submitted by the user.

In this embodiment, the system side may distribute the key to the system user in a secure manner, for example, the generated user key may be stored in a medium, such as a magnetic disk, a U-disc, a paper print, etc., the corresponding medium is marked with the user identification code, and the medium is delivered and transferred to the user in a secure manner, or the user may directly receive the user key from the management side.

In this embodiment, the user identification code used for generating and recovering the user key may be any general information independent of the key management system, so as to completely avoid the risk of disclosure of the user key and the system master key information in the key management application process.

In the key management system, other information except the system master key needs to be kept private, including the user identification code, can be public, so that the running and maintenance cost of the system is reduced to the greatest extent; the user key can be effectively prevented from losing by generating and recovering the user key through the user identification code which can be stored or called in a public way, and the reliability of the key management system is further improved.

By means of the key management system, keys of a plurality of users in the system can be generated and maintained safely and conveniently by means of a system master key, the plurality of users can be any required number of users in the real world, the keys comprise keys which need to be shared among the users, and the number of the keys can be far greater than the number of the users and the number of stored corresponding user identification codes.

In another embodiment, a specific application of the key management system is described.

Each correspondent holds a master key and manages all relevant keys through the key management system.

The communication party can use the master key as the master key of the key management system shown in fig. 6 under the safe environment isolated from external information, generate an identification code which can be any information through the control module 611, use the identification code as a time stamp, generate a master key corresponding to the identification code through the key generation module 613, and store the master key and the corresponding identification code information in the communication equipment as the master key under a certain period or application scene. The backbone key may be, for example, a master key for the current year communication, and may use the current year number, for example 2021, as an identification code.

Under the current technical condition, the independent processor which is in the private space and does not have external communication connection is adopted for operation, so that the operation can be generally regarded as a safe environment, and the conventional key management requirement can be met; the specific requirements for a secure environment will vary with technological developments and specific security requirements.

The communicator uses its own main key as the main key of the next-stage key management system, i.e. the main key of the application level key management system, to build the key management system for different communication objects.

For example, the communicator may set an identification code, which may be any information, for each communication object, the identification code may be set by the communicator itself, or public identification information of the communication object may be used, for example, a name, a mobile phone number, an ID number, etc. of the communication object, or a combination thereof; the identification codes of the communication objects can be disclosed and can be mutually defaulted.

Advantageously, each of the communicants may be advised to have a permanent or relatively fixed personal identification code which may contain information that the communicant is willing to disclose to the public to determine the identity of the communicant, in the form of a two-dimensional code, bar code or the like which is conveniently readable by existing communication equipment.

The communicator uses the personal identification code as a time stamp by utilizing the key management system of the application level according to the personal identification code of the communication object, and generates a communication object key corresponding to the personal identification code by means of the trunk key; and sending the communication object key to a communication object in a safe mode. The communication object stores the secret key under the electronic business card of the sender, and the electronic business card simultaneously comprises the personal identification code of the sender.

The two communication parties exchange keys with each other in the mode to establish a secure connection. Personal identification codes of the opposite parties are respectively stored in electronic business cards of the two parties of the communication party for establishing the secure connection, and secret keys sent from the opposite parties are respectively stored in the electronic business cards of the two parties.

The a and B establishing the secure connection may communicate securely by:

the correspondent A generates A secret key A-B corresponding to the personal identification code of the correspondent B through the application level secret key management system, and the secret key A-B generated by the correspondent B and stored in the address book is combined to generate A secret key AB; the communicator B generates A secret key B-A corresponding to the personal identification code of the communicator A through the application level secret key management system, and the secret key B-A is combined with the secret key A-B generated by the communicator A and stored in the address book to generate A secret key BA; by adopting symmetrical combination, the secret key AB and the secret key BA are the same, and the secret key AB and the secret key BA are used as master secret keys for communication of both parties, so that the safety communication between A and B can be realized.

The key management system starts from a main key of a communication person, forms a hierarchical key management system through a main key and a communication object key, and can realize the following beneficial effects:

The method has the advantages that the main key can be generated in an absolute safe environment and used for actual communication, the direct use of the main key is avoided, the safety of the main key is enhanced, and therefore when the main key leaks, the use of the corresponding main key can be stopped, and the influence range is limited to be minimum;

in the key management system, the key is generated from the key management system of the corresponding hierarchy through the public key identification code, so that the key management is facilitated, and convenience is provided for the key management of a large number of dynamic communication objects; meanwhile, the key can be recovered conveniently through the key identification code, so that the loss of the key is avoided, and the reliability of the system is enhanced;

The secret key combination of both sides of the communication party is adopted for communication, so that information false sending can be effectively reduced; meanwhile, when the unilateral secret key of the communication party is lost, the communication object can be contacted in an emergency through the partial secret key generated by the own party, and the secret key is recovered safely.

Key management, including key generation, exchange and security maintenance, is often an extremely difficult problem in large-scale information security systems. By means of the key management system, keys of a system with unlimited number and complexity of users can be managed and maintained conveniently, efficiently, orderly and reliably by means of a master key. By the embodiment, the method and the device solve the problems of key generation and safety maintenance in a large-scale complex structure information safety system.

< Fifth embodiment >

Next, an encryption and decryption apparatus according to an embodiment of the present invention will be described with reference to fig. 7.

The encryption/decryption apparatus 700 according to the embodiment of the present invention shown in fig. 7 includes:

The key generation module 701 employs the key generation apparatus as described in the third embodiment, and is configured to use the generated secondary information as a one-time key.

An input port 702 configured to read or input a file to be transmitted;

a formatting module 703, configured to convert the file to be sent into a formatted plaintext a that is the same as the key format;

An encryption module 704 configured to convert the formatted plaintext a into a master ciphertext a using the one-time key generated by the key generation module 701, and combine the master ciphertext a and the ciphertext header a to generate a ciphertext a using a timestamp a corresponding to the one-time key as a ciphertext header;

The transmission port 705 is configured to transmit the ciphertext a to the paired encryption and decryption apparatus.

Further, the encryption/decryption device 700 according to the present embodiment further includes:

a receiving port 706 configured to receive ciphertext B transmitted from the paired encryption and decryption apparatus;

A decryption module 707 configured to parse the received ciphertext B to generate a master ciphertext B and a timestamp B, and decrypt the master ciphertext B by the key generation module 701 to generate a decrypted plaintext B;

The formatting module 703 is further configured to convert the decrypted plaintext B into recovered data;

an output port 708 configured to output the restored data as a received file, the received file being identical to a file to be transmitted from the paired encryption and decryption device.

The embodiment shows that the method of the invention can be adopted, the encryption and decryption device 700 is used for generating a disposable key which can meet any required number of key strength and can be equivalent to the number of bits of the master key by means of a master key by using a timestamp composed of any non-repeated information, the disposable key is used for encrypting plaintext with the same number of bits to generate ciphertext, the timestamp which corresponds to the disposable key and can be universally independent of the key generation mode is used as a unique decryption clue, and the ciphertext can be decrypted only by a legal communicator sharing the master key information through the timestamp, so that the system information and the key information are not exposed in the ciphertext transmission process, and the encryption method which can prove the security in theory of informatics is realized. The encryption and decryption device can be used as an independent unit in the communication equipment to encrypt and decrypt the communication information, can conveniently set the required key strength, and constructs an unconditional and safe communication system in the real physical world.

< Sixth embodiment >

Next, a file management system according to an embodiment of the present invention will be described with reference to fig. 8.

The file management system 800 of the embodiment of the present invention shown in fig. 8 includes a management side 810 and a user side 820.

The client 820 includes each user 820-i belonging to the system, the communication device of each user 820-i is provided with a user encryption and decryption module 821, and the encryption and decryption device according to the fifth embodiment is configured to encrypt and decrypt file information transferred between the user 820-i and the management end 810, where the number i is only used to indicate that the client 820 includes different users in the present specification, and has no substantial meaning, and each user belonging to the specific file management system can be identified by its user identification code.

The management end 810 includes: a system encryption/decryption module 811 configured to encrypt and decrypt file information transferred between the management side 810 and the user side 820 using the encryption/decryption apparatus as described in the fifth embodiment; a key management module 812, employing the key management system according to the fourth embodiment, configured to distribute and manage the user master key and user information of the system user; the storage module 813 is configured to store a system file.

The key management module 812 generates a user identification code and a corresponding user master key for each user in the system, and assigns the user identification code and the corresponding user master key to each user 820-i of the user side 820.

The user 820-i generates a primary ciphertext by using the user master key i and generating one-time key encryption file information through the user encryption and decryption module 821, takes a timestamp corresponding to the one-time key and the user identification code i as a ciphertext title, combines the primary ciphertext and the ciphertext title to generate a ciphertext, and sends the ciphertext to the management end 810 through a conventional channel. As a proof that the user 820-i submitted the file to the managing end.

The management end 810 analyzes the received ciphertext transmitted from the user 820-i through the system encryption and decryption module 811, and extracts the master ciphertext, the user identification code i and the time stamp in the ciphertext header; the key management module 812 generates a corresponding user master key i according to the user identification code i; the system encryption and decryption module 811 generates a corresponding decryption key according to the information in the timestamp by means of the user master key i, decrypts the master ciphertext, confirms the file information, and stores the ciphertext of the confirmed file information in the storage module 813.

The management end 810 is further configured to generate a user master key i of the target user 820-i through the key management module 812, generate a one-time key encryption file information by means of the user master key i through the system encryption and decryption module, generate a ciphertext, and send the ciphertext to the target user 820-i through a public channel;

The user terminal 820 is further configured to receive the ciphertext sent from the management terminal through the user encryption and decryption module, decrypt the ciphertext, and recover the file information.

The client 820 is further configured to send a key recovery request to the management end 810 when the user master key i of the user 820-i is lost.

The key management module 812 of the management end 810 is further configured to generate a user master key i of the user 820-i according to the user identification code i of the user 820-i, transmit the user master key i to the user 820-i in a secure manner, and recover the user master key.

In one embodiment, the management end may be a manager of an organization or company, and the user may be a subordinate user of the manager; the transferred file may be a work report sent by the subordinate user to the manager as a work proof of the subordinate user.

By using the file management system, a manager can safely exchange work file information with a plurality of subordinate users independently by means of a system master key by adopting the method of the invention.

In another embodiment, the managing terminal may be a publishing agency or a patent acceptance agency, and the user may be a contributor or a patent submitter; the document transferred may be a pending form article or patent application material as proof of material submitted by the contributor or patent applicant to the publisher or patent acceptance entity.

By using the file management system, a manager can safely and independently process application information of a plurality of highly dynamic users by means of a master key of the system by adopting the method of the invention.

In another embodiment, the key management system 812 may use the hierarchical key management system as described in the fourth embodiment, and in a similar manner, an intermediate management end of different hierarchy is set between the management end and the user end, so as to build a hierarchical file management system.

By using the hierarchical file management system, the method can be used for safely and conveniently managing the file information of the complex system through a system master key.

< Seventh embodiment >

Next, an information security delivery system according to an embodiment of the present invention will be described with reference to fig. 9.

The information security transfer system of the embodiment of the present invention as shown in fig. 9 includes a paired first communication device 900A and second communication device 900B, wherein the first communication device 900A and second communication device 900B may have the same structure and configuration, employing the encryption and decryption apparatus as described in the fifth embodiment.

The first communication device 900A may be held by a communicator a and the second communication device 900B may be held by a communicator B.

Specifically, for example, the first communication device 900A may include:

The first key generation module 901A, employing the key generation apparatus as described in the third embodiment, is configured to generate secondary information as a one-time key.

A first input port 902A configured to read or input a file a to be transmitted;

A first formatting module 903A configured to convert the file a to be sent into a formatted plaintext a that is the same as the key format;

The first encryption module 904A is configured to generate a master ciphertext a from the one-time key generated by the first key generation module 901A and the formatted plaintext a through modulo operation, take a timestamp a corresponding to the key as a first ciphertext title, and combine the master ciphertext a and the first ciphertext title to generate a ciphertext a;

A first transmission port 905A configured to transmit the ciphertext a to the second communication device 900B;

The second communication device 900B includes:

The second key generation unit 901B, employing the key generation apparatus as described in the third embodiment, is configured to generate secondary information as a one-time key.

A second receiving port 906B configured to receive the ciphertext a transmitted by the first transmitting port;

The second decryption module 907B is configured to parse the received ciphertext a to extract the master ciphertext a and the timestamp a in the first ciphertext header, generate a decryption key a corresponding to the timestamp a by using the second key generation module 901B, and generate a decrypted plaintext a by performing inverse operation of the modulo operation on the decryption key a and the master ciphertext a.

A second formatting module 903B configured to convert the decrypted plaintext a into recovered data;

A second output port 908B is configured to output the restored data as a received file a, which is identical to the file a to be transmitted.

Similarly, the second communication device 900B further includes:

a second input port 902B configured to read or input a file B to be transmitted;

the second formatting module 903B is configured to convert the file B to be sent into formatted plaintext B that matches the key format;

The second encryption module 904B is configured to generate a master ciphertext B from the one-time key generated by the second key generation module 901B and the formatted plaintext B through modulo operation, take a timestamp B corresponding to the key as a second ciphertext title, and combine the master ciphertext B and the second ciphertext title to generate a ciphertext B;

A second transmission port 905B configured to transmit the generated ciphertext B to the first communication device 900A;

the first communication device 900A further includes a first receiving port 906A configured to receive the ciphertext B transmitted by the second transmitting port;

A first decryption module 907A configured to parse the received ciphertext B to extract the master ciphertext B and a timestamp B in the second ciphertext header, generate a decryption key B corresponding to the timestamp B by using a first key generation unit 901A, and generate a decrypted plaintext B by performing inverse operation of modulo operation on the decryption key B and the master ciphertext B;

the first formatting module 903A is configured to convert the decrypted plaintext B into recovered data;

a first output port 908A configured to output the restored data as a received file B; wherein the received file B is identical to the file B to be transmitted from the second communication device.

The embodiment shows that the method of the invention can be adopted, through the information security transmission system 900, the legal target communicants can utilize the same type of encryption and decryption device to establish the security connection through the exclusive shared master key, encrypt and decrypt the information to be transmitted, and realize the information transmission which can prove the security in theory of informatics. A 1024-bit strength master key as described in the second embodiment can be used to construct a convenient and universal real-world unconditionally secure communication system by the information security delivery system described in the present embodiment.

The above embodiments outline the flow of generating independent keys that can be securely distributed by the method of the present invention and the available unidirectional data conversion algorithms, and the key generation apparatus, key management system, encryption apparatus, file management system, information and method aspects required by the information secure transfer system constructed by the method and/or the method of implementing other steps by programs. Program or flow portions of the technology may be considered as "products" or "articles of manufacture" in the form of executable code and/or related data, and the methods and steps may be embodied or carried out in software by a computer readable medium. Computer readable media may take many forms, including tangible storage media, carrier wave media, or physical transmission media; a tangible, stable storage medium may include any memory or storage used by a computer, processor, or similar device or associated module. For example, various semiconductor memories, optical disks, magnetic tape drives, and other storage systems used in computers or the like can implement the system components depicted in the figures. The unstable storage media may include dynamic memory, such as the main memory of a computer platform, and the like.

All or a portion of the software may sometimes communicate over a network, such as the internet or other communication network. Such communication may load software from one computer device or processor to another. For example: a hardware platform loaded from a server or host computer of the internet of things system to a computer environment, or other computer environment implementing the system, or a system of similar functionality related to providing information required by the internet of things. Thus, another medium capable of carrying software elements may also be used as a physical connection between local devices, such as optical, electrical, electromagnetic, etc., propagating through cable, optical cable, air, etc. Physical media used as carrier waves, such as electrical, wireless, or optical, and the like, as well as wires forming buses within a computer system, may also be considered to be media carrying software. Carrier wave transmission media can convey electrical, electromagnetic, acoustic or optical signals, etc. These signals may be generated by radio frequency or infrared, visible light, sonic data communication methods. Typical computer-readable media include hard disks, floppy disks, magnetic tape, any other magnetic media; CD-ROM, DVD, DVD-ROM, any other optical medium; punch cards, any other physical storage medium containing a small pore pattern; RAM, PROM, EPROM, FLASHEPROM, any other memory slice or tape; a carrier wave transmitting data or instructions, a cable or connection means for a carrier wave, any other program code and/or data that can be read by a computer. In the form of such computer-readable media, there are numerous ways of presenting a processor in the course of executing instructions, delivering one or more results. Unless limited to a tangible "storage" medium, other terms used herein to refer to a computer or machine "readable medium" mean any medium that participates in the execution of any instructions by a processor.

A "module" in this specification refers to logic or a set of software instructions stored in hardware, firmware. The term "module" as referred to herein can be implemented by software and/or hardware modules or can be stored in any one of a variety of computer-readable non-transitory media or other storage devices. In some embodiments, a software module may be compiled and connected into an executable program. It will be apparent that the software modules herein may respond to information conveyed by themselves or by other modules, and/or may respond upon detection of certain events or interrupts. A software module may be provided on a computer readable medium that may be configured to perform operations on a computing device (e.g., a processor). The computer readable medium herein may be an optical disc, a digital optical disc, a flash memory disc, a magnetic disk, or any other kind of tangible medium. The software modules may also be obtained in a digital download mode (where digital downloads also include data stored in compressed packages or installation packages, requiring decompression or decoding operations prior to execution). The code of the software modules herein may be stored, in part or in whole, in a memory device of a computing device executing operations and applied in the operations of the computing device. The software instructions may be embedded in firmware, such as erasable programmable read-only memory (EPROM). It will be apparent that a hardware module may comprise logic elements, such as gates, flip-flops, and/or programmable elements, such as a programmable gate array or processor, connected together. The functions of the modules or computing devices described herein are preferably implemented as software modules, but may also be represented in hardware or firmware. In general, the modules described herein are logical modules, and are not limited by their specific physical form or memory. One module can be combined with other modules or separated into a series of sub-modules.

Typically, the key generation means or communication device comprises a processor, volatile and non-volatile memory, which may contain at least one network interface, and input/output devices. The network interface of the communication device may include a connection to a network, such as a wired or wireless connection to the internet, to a cloud server, with which data stored on the cloud server may be accessed by the communication device. The data processing module of the communication device may include a server computer, desktop computer, notebook computer, tablet computer, PDA, smart phone, or other programmable computer. The user side may include any connection or "smart" device capable of data communication, such as thermostats, air quality sensors, industrial equipment, and the like. As more and more devices are networked through the internet of things, the types of devices contained in the user side are more and more.

When stored in non-volatile memory on either the user device or on other devices such as cloud servers, the data managed by the example systems described herein may remain encrypted at all times.

In some embodiments, each programmable computer may include an input device for inputting information into the device. For example, the input device may be a keyboard, keypad, cursor control device, touch screen, camera, scanner, or microphone. In some embodiments, input information may be received from programmable computers on other networks through a communications interface. In some implementations, the computing device may include a display device for presenting visual information. For example, the display device may be a computer display, a flat panel display, a projector, or a display panel. In some embodiments, the display device displays to the user one or more files encrypted via the encryption agent according to the systems and methods described herein.

Embodiments of the modules, apparatus, systems, processes, and methods described herein may be implemented in hardware or software, or a combination of both. Or the embodiments may be implemented in computer programs executing on programmable computers each comprising at least one processor (e.g., microprocessor), a data storage system (including volatile and non-volatile memory and/or storage elements), at least one input device, and at least one output device. For example, but not limited to, the programmable computer (hereinafter device, computing device or server) may be a personal computer, laptop computer, personal data assistant, cellular telephone, smart phone device, tablet computer, and/or wireless device. For any software component, program code is applied to input data to perform the functions described herein and generate output information. The output information is applied to one or more output devices in a known manner.

Each software component or program may be implemented in a high level procedural or object oriented programming and/or scripting language to communicate with a computer system. The program(s) can be implemented in assembly or machine language, if desired. In any event, the language may be a compiled or interpreted language. Furthermore, the processes and methods in the described embodiments can be distributed for sale in the form of a computer-readable medium comprising a computer-readable medium bearing computer-useable instructions for one or more processors. The media may be provided in various forms including one or more floppy disks, optical disks, magnetic tape, chips, cable transmissions, satellite transmissions, internet transmission or downloads, magnetic and electronic storage media, digital and analog signals, and the like. The computer usable instructions may also be in various forms, including compiled and non-compiled code.

Various embodiments have been described herein for using the described method to rely on one master key to generate and securely distribute independent keys of any desired key strength to meet any desired number. With these embodiments, the use of one-time keys in large-scale data communication and storage systems can be achieved while eliminating the challenges of distributing and managing large numbers of random keys.

Various example embodiments have been described herein. However, it will be understood by those skilled in the art that other variations and modifications may be made without departing from the scope of the embodiments as defined in the following claims.

Unless otherwise defined, all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this disclosure belongs. It will be appreciated that terms such as those defined in commonly used dictionaries should be interpreted as having a meaning that is consistent with their meaning in the context of the relevant art and will not be interpreted in an idealized or overly formal sense unless expressly so defined herein.

The foregoing is illustrative of the present disclosure and is not to be construed as limiting thereof. Although a few exemplary embodiments of this disclosure have been described, those skilled in the art will readily appreciate that many modifications are possible in the exemplary embodiments without materially departing from the novel teachings and advantages of this disclosure. Accordingly, all such modifications are intended to be included within the scope of this disclosure as defined in the claims. It should be understood that the various embodiments described herein are presented by way of illustrative example only and should not be construed to limit the scope of the claims. As described above, embodiments may be implemented in the form of articles of manufacture, each of which includes one or more software programs executed by processing circuitry of a user equipment, a communication device, other elements of a communication system. Conventional aspects of such circuitry are well known to those skilled in the art and will not be described in detail herein. Alternative embodiments may utilize different key generation methods, key generation means, key management systems, encryption and decryption means, file management systems, key generation and distribution processes, file transfer protocols and file formats in the information security delivery system than described above in the context of the illustrative embodiments. These and many other alternative embodiments within the scope of the appended claims will be apparent to those skilled in the art. And modifications to the disclosed embodiments, as well as other embodiments, are intended to be included within the scope of the appended claims. The disclosure is defined by the claims and their equivalents.

Claims

1. A key generation and distribution method, comprising:

Transmitting the time stamp to a paired key generating device, wherein the paired key generating device stores second system information corresponding to the system information;

The key is generated by adopting the following procedures:

generating the time stamp by the key generation means;

Calculating the time stamp and the master key to generate an intermediate key;

extracting information from the secondary information to generate a key; and

And associating the key with a timestamp corresponding to the key.

2. The method of claim 1, wherein operating the timestamp with the master key to generate an intermediate key comprises:

3. The method of claim 1, wherein operating the timestamp with the master key to generate an intermediate key comprises:

4. The method of claim 1, wherein the unidirectional data conversion algorithm performs data conversion using the input information as control information to generate output information,

5. The method of claim 4, wherein the data transformation uses a combination of modular operations,

the unidirectional data conversion algorithm is configured to:

6. The method of claim 5, wherein said common data is configured as an end-to-end circular array of N x M elements, said circular array being partitioned into N units of length M, each of said units being identified by a number from 0 to N "1;

the seed is configured to extend from one of the cells in the same direction across the entire annular array, forming an array of length N x M, with the starting cell number serving as the seed number.

7. The method of claim 4, wherein generating the key using a process comprising:

extracting information from the secondary information to generate a key; and

Associate the key with a corresponding timestamp,

8. The method of claim 1, further comprising:

receiving a second timestamp transmitted from the paired key generating device;

9. A key generation apparatus comprising:

A transmission module configured to transmit the time stamp to a paired key generation apparatus, wherein the paired key generation apparatus stores second system information corresponding to the system information;

wherein the key generation module is further configured to:

generating the timestamp;

Calculating the time stamp and the master key to generate an intermediate key;

extracting information from the secondary information to generate a key; and

And associating the key with a timestamp corresponding to the key.

10. The apparatus of claim 9, wherein the key generation module is further configured to:

11. The apparatus of claim 9, wherein the system information further comprises a public database configured to store public data, the public data comprising a number of bits substantially greater than a number of bits comprised by the master key,

The key generation module is further configured to:

12. The apparatus of claim 11, wherein the data transformation uses a combination of modular operations,

the unidirectional data conversion algorithm is configured to:

13. The apparatus of claim 12, wherein the common data is configured as an end-to-end circular array of N x M elements, the circular array being partitioned into N units of length M, each of the units identified by a number from 0 to N "1;

14. The apparatus of claim 11, wherein the key generation module is further configured to:

extracting information from the secondary information to generate a key; and

Associate the key with a corresponding timestamp,

15. The apparatus of claim 9, wherein the transmission module is further configured to receive a second timestamp sent from a paired key generating device;

the key generation unit is further configured to generate, by means of the second timestamp, a second key determined jointly by the master key and the information in the second timestamp as a second key corresponding to the second timestamp by means of the unidirectional data conversion algorithm, based on the master key.

16. A key management system, comprising:

A management side device, the management side device comprising:

a user information module configured to store the user identification code;

Key generation module comprising a key generation means as claimed in any of claims 9 to 15 and storing a master key, configured to generate a respective user key for each of a plurality of users and to communicate the user identification code and the corresponding key to the corresponding user side device as the user key for the user.

17. The system of claim 16, wherein the key generation module generates a key corresponding to the user identification code as a time stamp in response to the user identification code transmitted from the user information module, and transmits the user identification code and the corresponding key to the corresponding user side device as a user key of the user.

18. The system of claim 16, wherein the control module is further configured to:

19. The system of claim 16, wherein the key generation module is further configured to:

20. The system of claim 16, further comprising:

21. The system of claim 16, further comprising:

22. An encryption/decryption apparatus comprising:

The key generation apparatus of any of claims 9-15, configured to generate a one-time key;

An input port configured to read or input data to be encrypted;

23. The encryption and decryption device of claim 22, further comprising:

and an output port configured to output the restored data.

24. A file management system comprises a management end device and one or more user end devices,

The management side device comprises:

a key management module employing the key management system of any one of claims 16 to 21, configured to store system master keys, and to generate and distribute user master keys for each user of the system;

A system encryption and decryption module, employing the encryption and decryption apparatus as claimed in claim 22 or 23, configured to encrypt and decrypt file information exchanged between the client device and the management device;

The user terminal device comprises:

a user encryption/decryption module, employing the encryption/decryption apparatus as claimed in claim 22 or 23, configured to encrypt/decrypt file information exchanged between the user side device and the management side device.

25. The system of claim 24, wherein the management side device generates and stores a user identification code of each user of the user side device through the key management module, generates a user master key corresponding to the user identification code, and distributes the user master key and the corresponding user identification code to each user side device;

26. The system of claim 25, wherein the management side device is further configured to generate a user master key of the target user through the key management module, as a master key of the system encryption and decryption module, generate ciphertext through the system encryption and decryption module encrypting file information, and send the ciphertext to the target user side device through a common channel;

27. The system of claim 26, further comprising:

28. An information security delivery system comprising a paired first communication device and second communication device, wherein

The first communication device includes:

First key generation means configured to generate a one-time key as the first key using the key generation means according to any one of claims 9 to 15;

the first input port is configured to read or input a first file to be sent;

The second communication device includes:

Second key generation means configured to generate a one-time key as the second key using the key generation means according to any one of claims 9 to 15;

29. The information security delivery system of claim 28, wherein

The second communication device further includes:

the second input port is configured to read or input a second file to be sent;

the first communication device further includes: