RU2111620C1 - Method for encrypting data units - Google Patents

Abstract

FIELD: electric communications, computer engineering. SUBSTANCE: method involves generation of ENCRYPTING key as set of K sub-keys, generation of machine code of ENCRYPTING program, splitting data units into N sub-units and serial processing of sub-units. In addition method involves generation two types of binary vectors, choosing sub-key number l (where l is not greater than K) using structure of binary vector of first type, binary superposition of l-th sub-key to binary vector of second type and processing i-th sub-unit (where i is not greater than N) by means of binary superposition with second type vector of altered structure. Binary vector of first type is generated using structure of i-th sub-unit and number of sub-key which is used at previous superposition step. Binary vector of second type is generated using structure of j-th sub-unit and structure which it had at previous superposition step. EFFECT: increased speed of non-determined software ENCRYPTING. 6 cl, 3 dwg

Description

The invention relates to the field of telecommunications and computer technology, and more particularly to the field of cryptographic methods and devices for encrypting messages (information). In the aggregate of the features of the proposed method, the following terms are used:
the secret key (or password) is a combination of bits known only to a legitimate user;
cipher key (encryption key) is a combination of bits used in encryption of information data signals; the cipher key is a removable cipher element and is used to convert a given message or a given set of messages; the cipher key is known only to the legitimate user or can be generated by deterministic password procedures;
a cipher is a set of elementary steps for converting input data using a cipher key; the cipher can be implemented as a computer program or as a separate device;
a subkey is a part of a cryptographic key used in individual elementary encryption steps;
a cryptographic key (or subkey) usage schedule is a sequence of subkey usage in the encryption process;
encryption is a process that implements some way of converting data using a cryptographic key, converting data into a cryptogram, which is a pseudo-random sequence of characters from which obtaining information without knowing the cryptographic key is practically impossible;
decryption is the opposite of encryption; decryption provides recovery of information from the cryptogram with knowledge of the cipher key;
cryptographic strength is a measure of the reliability of information protection and represents the complexity, measured in the number of elementary operations that must be performed to recover information from the cryptogram with knowledge of the conversion algorithm, but without knowledge of the cipher key;
cryptanalyst - a person trying to recover information on ciphertext without knowing the encryption key.

a binary vector is a sequence of zero and one bits, for example 101101011; the specific structure of the binary vector can be interpreted as a binary number, if we assume that the position of each bit corresponds to a binary digit, i.e. a binary vector can be associated with a numerical value, which is determined uniquely by the structure of the binary vector;
program machine code is a sequence of zero and single bits, interpreted as a sequence of machine instructions and directly controlling the operation of a computing device, such as a microprocessor, to execute a given data conversion algorithm.

 Known methods of block data encryption: US standard DES (Deffi W., Hellman M. E. Security and imitation resistance. Introduction to cryptography. - TIIER, 1979 v. 67, No. 3, pp. 87-89); the FEAL-1 cipher and the B-Crypt cryptographic algorithm (Maftik S. Protection mechanisms in computer networks - M .: Mir, 1993, p. 49-52); The Russian encryption standard (USSR Standard GOST 28147-89. Information processing systems. Cryptographic protection. Cryptographic conversion algorithm).

 In known methods, encryption of data blocks is performed by forming an encryption key in the form of a set of subkeys, splitting the converted data block into subblocks and changing the latter one by one using substitution and permutation operations, as well as arithmetic operations performed on the current subblock and current subkey.

However, in the known analogous methods, the encryption procedures are the same for all users, and the strength of the encryption conversion is ensured only by the secrecy of the encryption key. The fact that the encryption algorithm is predetermined allows the cryptanalyst to study in detail the statistical properties of the encryption procedures used, to identify the characteristic features of the encryption algorithm and use them to reveal cryptographic keys. For example, a cryptanalyst has the ability to effectively apply differential cryptanalysis (Berson TA Differential Cryptanalysis Mod 2 ³² with application to MD5. - EUROCRYPT'92. Hungary, May 24-28, 1992, Proceedings, p. 67-68).

 The closest in technical essence to the claimed method of block encryption is the method described in US patent N 5222139 from 06.22.93, in which to counteract the most powerful methods of cryptanalysis, which are based on a preliminary analysis of the properties of specific sets of encryption procedures, the totality of the procedures used encryption (making up a unique encryption algorithm for a given user) is selected depending on the user's secret key. Cryptanalysts are aware of the rules for generating an encryption algorithm, however, they do not know the user's secret key, and therefore, the specific modification of the encryption algorithm generated depending on the secret key is also unknown.

The prototype method includes generating an encryption key in the form of a set of subkeys, generating a machine code for the encryption program, splitting the input 64-bit data block into two 32-bit subblocks, and alternately converting the subblocks. The prototype method is implemented on the basis of a library of previously described encryption procedures, which are possible fragments of the encryption program. The library of encryption procedures includes tables of substitution operations (or substitution operations in terms of the description of US Pat. No. 5,222,139) and permutations of elements of a transformable data block, operations of cyclic right and left shift of bits of transformable subunits, and bitwise addition modulo two or modulo addition operations 2 ³² executed between the subunit and one of the subkeys. Machine code generation is as follows. Depending on the user's secret key, some encryption procedures are selected, the sequence of their execution and the number of cycles of each of them are set. After that, machine code is generated that corresponds to the execution of the data block transformation algorithm established by the secret key. In sets of encryption procedures, the subkey usage schedule is fixed, i.e. in the generated modifications of the encryption procedures, the subkeys are included in the conversion procedures regardless of the data being converted (for all data blocks at the given steps of using the subkeys, the same subkeys are selected). Setting the uncertainty (non-determinism) of the encryption algorithm significantly increases the strength of the cipher. The larger the number of potentially implemented modifications of encryption procedures, the higher the strength of the cipher, since the choice of a particular modification is random (since it depends on a randomly selected secret key).

However, the prototype method has drawbacks, namely, in software implementation, with the number of possible modifications of the encryption algorithm more than 10 ^9, it does not provide the high encryption speed necessary to build software systems for protecting computer information operating in real time. This drawback is due to the fact that in the prototype method the number of modifications depends on the encryption speed: at an encryption speed of about 4 Mbps (for the HITTACHI Workstation 2050/32 computer complex, which is more efficient compared to computers based on the Intel 486 / mass processor 100) the number of potential modifications is about 10 ¹⁹ . An increase in the encryption speed can be achieved by reducing the number of sequentially executed composite encryption procedures, however, a decrease in their number leads to a decrease in uncertainty in the choice of modification of the encryption algorithm. With an increase in speed, for example, up to 8 Mbps, the number of possible modifications is only about 10 ⁹ , i.e. the contribution of the fact that the encryption algorithm is not predetermined sharply decreases in the strength of the cipher.

The purpose of the invention is the development of a method of block data encryption, providing an increase in encryption speed with the number of potentially implemented nonequivalent modifications of the encryption algorithm more than 10 ²⁰ .

This goal is achieved by the fact that in the known method of block encryption, which consists in generating an encryption key in the form of a set of K subkeys, generating a machine code for the encryption program, dividing the data block into N subunits and alternately converting the subunits, two types of binary vectors are additionally generated. Choose the number l, where l = 1, 2, 3, ..., K, connecting the structure of the binary vector of the first type and using the binary operation, impose the lth subkey on the binary vector of the second type. After that, the next subblock is transformed (for example, the ith subblock B _i , where i≤N) by overlaying the converted binary vector of the second type on this subblock.

 The formation of a binary vector of the first type means the selection in the structure of a subunit or in the structure of a binary vector of the second type of a group of bits whose numerical value is taken as the number of the subkey superimposed on the subunit, or the explicit formation of a binary vector of the first type in a separate register or memory cell of a computing device. For example, the implicit formation of a binary vector of the first type is as follows: subblock B has the structure {10110 ... 11010011} and 8 low-order bits, namely the binary vector {11010011} is used as the number of the selected subkey without writing this binary vector to a separate register or memory cell.

The following three options for generating a binary vector of the first type can be used:
1. The binary vector of the first type is formed according to the structure of the j-th subblock B _j , where 1 ≤ j ≤ N. For example, use the value of the eight least significant bits as the number of the selected subkey;
2. The binary vector of the first type is formed according to the structure of the binary vector of the second type. For example, calculate the value l = (V mod 2 ⁸ ), where the operation mod A denotes the remainder of dividing the numerical value of the binary vector of the second type V by the number A. The value l is used as the number of the selected subkey;
3. The binary vector of the first type is formed by the structure of the j-th subblock B _j , where 1 ≤ j ≤ N, and by the value of the number of the subkey superimposed on the sub-block at the previous superposition step. For example, as the number of the selected subkey, use the number obtained by superimposing on the number l of the subkey superimposed on the sub block at the previous step, the remainder of dividing the value of B _j by 2 ⁸ : l: = l ⊕ (B _j mod 2 ⁸ ) .

 The formation of a binary vector of the second type means the explicit formation of a binary vector of the second type in a separate register or memory cell of a computing device.

: V := V ⊕

. Затем накладывают V на подблок B_i : B_i := B_i ⊕ V. Структура, которую имел вектор V на этом шаге наложения на подблок, сохраняется и на V накладывают следующий подключ

: V := V ⊕

. После наложения V на очередной подблок структура V опять сохраняется, на V накладывается очередной подключ и т.д. до завершения преобразования всех подблоков.The following two options for forming a binary vector of the second type can be used:
1. The binary vector of the second type is formed according to the structure of the subunit B _j , where j ≤ N. For example, a 32-bit register is allocated to store the values of the binary vector of the second type V, some initial number is written into it using the bitwise summing operation modulo two (oplus ), convert the value of V by superimposing the subunit B _j on V: V: = V ⊕ B _j . A variant is possible in which the structure of the subunit B _{j is} preliminarily written in an additional cell corresponding to the variable G, after which G is superimposed on V: V: = V ⊕ G;
2. The binary vector of the second type is formed according to the structure that it had at the previous step of superposition on the subblock. For example, a 32-bit register is allocated for storing the values of a binary vector of the second type V, some initial number A is written into it: V: = A. Using the bitwise summing operation modulo two (oplus) are applied to V subkey

: V: = V ⊕

. Then V is superimposed onto the subunit B _i : B _i : = B _i ⊕ V. The structure that the vector V had at this step of superimposing on the subunit is preserved and the next subconnect is applied to V

: V: = V ⊕

. After V is superimposed on the next subblock, the V structure is again preserved, the next subkey is superimposed on V, etc. until the conversion of all sub-blocks is completed.

The listed set of essential features provides a higher encryption speed with an equal or greater number of possible modifications of the encryption algorithm due to the following. The subkey usage schedule for each data block is undefined and unique, which provides high resistance to all known methods of cryptanalysis, including differential cryptanalysis, using even simple arithmetic operations that are quickly performed by the microprocessor. The meaning of choosing a subkey that is superimposed on a subblock at the current step, according to a specially generated binary vector, is to make the choice of subkey undefined for each step of the conversion of subblocks. This provides high encryption strength for any set of operations used to apply subkeys to subblocks, and therefore allows arbitrary modification of conversion operations. When using such a mechanism for selecting subkeys, the modification of the encryption algorithm can be performed by selecting a specific set of operations for converting subblocks depending on the user's secret key. After the aggregate of the conversion operations is generated, the machine code of the encryption program corresponding to the implementation of these conversion operations is generated. Moreover, each possible modification of the encryption algorithm is highly resistant to known methods of cryptanalysis, since for all possible modifications of the encryption algorithm, the selection of subkeys depends on the block being converted and on the cipher key. The uncertainty for the cryptanalyst of the choice of a particular modification and the large number of modifications make it practically impossible to preliminary study the statistical properties of each of them. This leads to a significant additional increase in the strength of the cipher as a whole. The inventive method allows you to build non-deterministic ciphers with the number of possible modifications of the encryption algorithm more than 10 ²⁰ , and each modification provides an encryption speed of at least 20 Mbit / s.

 The distinguishing features of the proposed method coincide with the distinctive features of the encryption method (application N 97101622. - Moldovyan AA, etc. The method of cryptographic conversion of data blocks), however, the use of these signs to obtain a technical result, which consists in obtaining a large number of nonequivalent modifications of the encryption algorithm, each of which has a high speed, is not obvious.

 The possibility of technical implementation of the proposed method of block encryption is explained as follows.

 The inventive method is focused on encryption of input blocks using non-repeating combinations of subkeys, namely, setting the dependence of the usage schedule of the subkeys on the structure of the data block and the encryption key, i.e., on specifying a pseudo-random selection of subkeys. This method allows to obtain a high encryption speed when using encryption keys with a length of, for example, from 256 to 2050 bytes. The encryption key can be formed directly by entering it into the encryption system, for example, from a removable storage medium. The encryption key can also be generated by entering a password (or secret key) from the keyboard or from a computer storage medium into a pseudo-random number generator, receiving at the output a cipher key of the required size and an additional pseudorandom sequence used to form the necessary set of conversion operations. A number of methods are known for constructing pseudorandom number generators (Brickell E.F., Odlizhko E.M. Cryptanalysis. Review of the latest results. - TIIER, 1988, v. 76, No. 5, pp. 87-89).

An additional pseudo-random sequence can be used to form the encryption algorithm as follows. A template program is preliminarily compiled, where places are reserved in which it is possible to record any of a certain set of operations (for example, binary operations). All reserved places (for conversion operations) are numbered. In turn, starting from the first, all operations are adjusted depending on the value of the element of the additional pseudo-random sequence having a number that matches the number of the custom operation. For example, the binary operation used to superimpose a subkey on a subblock is set as a bitwise summing operation modulo two (⊕) if d _i mod 3 = 0, where d _i is the value of the corresponding element of the additional pseudorandom sequence, or as a modulo 2 summing operation ³² (+) if d _i mod 3 = 1, or as a subtraction operation modulo 2 ³² (-) if d _i mod 3 = 2. In the procedures for setting the decryption algorithm, operations are configured that are inverse to the corresponding operations that are customizable in the shea algorithm facies. For this, the binary operation in the decryption algorithm is set as a bitwise summation operation modulo two (⊕), if d _i mod 3 = 0, or as a subtraction modulo 2 ³² (-) operation, if d _i mod 3 = 1, or as an operation summation modulo 2 ³² (+), if d _i mod 3 = 2. After the encryption program written in the algorithmic language (for example, SI or Pascal), the conversion operations are set in all reserved places, a machine code is generated corresponding to the encryption program, using, for example, a translator, pre forming a program compiled in an algorithmic language into a sequence of machine instructions. The encryption key and the machine code of the encryption program are recorded in the main memory of the computer (or specialized encryption device) and are there continuously for the entire time the user is working, converting the incoming data blocks for encryption. The complexity of the procedures for generating the encryption key and generating the machine code for the encryption program does not affect the encryption speed, since this procedure is performed once when the user is identified with a password at the moment the encryption device is turned on or the encryption program is called.

The inventive method can be implemented using a computer or a computing device, represented by the flowchart in FIG. 1, where:
block 1 - user password input device;
block 2 - block generating a cipher key and generating a machine code for the encryption program (cipher settings block);
block 3 - the memory block of the encryption device;
block 4 - the operational block of the encryption device containing three, four or more registers;
block 5 - encryption device;
6 - bus for transmitting information signals of the user password;
7 - a bus for transmitting information signals of the generated cipher key and information signals of the generated machine code of the encryption program;
8 - a bus for transmitting information signals of subkeys and for transmitting information signals of input data and information signals of converted subunits;
9 - addressing bus;
10 - bus for transmitting information signals of the machine code of the encryption program;
11 - input data input bus;
12 - ciphertext output bus.

 Using block 1, a secret key is introduced, the information signal of which is sent to the input of block 2 via bus 6. In block 2, an encryption key and an encryption program code are generated. The information signal of the encryption key and the information signal of the machine code of the encryption program are transmitted via bus 7 to the memory unit 3. After that, the encryption device 5 contains the encryption key in the memory and is ready to perform encryption operations. This initialized state of the device is maintained for the entire duration of the legitimate user. The input unit is entered on the bus 11 to the operation unit 4 and then on the bus 8 - to the memory unit 3. The ciphertext block is read from bus 12. On the bus 10 to the operating unit 4 transmit machine command codes to perform conversion procedures.

The input data block is represented as a set of subblocks recorded at fixed addresses in the memory block 3. The information signals of the subunit B _j via bus 8 are input into the first register of operation block 4 (in the case of computers, into one of the microprocessor registers). In the second register, a binary vector of the first type is formed, for example, writing the contents of the 8 least significant bits of the subunit B _{j into it} . In the fourth register, sub-block B _i is introduced. In the third register of block 4, a binary vector of the second type is formed, for example, by writing to the register of the 1st subkey. The information signals of the binary vector of the first type are fed to the address bus 9 and thereby set the number l of the current subkey Q _l to be selected by the value of the binary vector of the first type. Using a binary operation, a subkey is located on the binary vector of the second type, located at the address set in the second register, i.e. by the value of the binary vector of the first type. The subblock B _{i is} transformed by superimposing on it using a binary operation a binary vector of the second type, the structure of which was previously transformed by superimposing a subkey on it. After that, they proceed to transform the next sub-block. At each new step of converting the current subblock, in the third register, the value of another subkey is accumulated, selected according to the current structure of the subblock B _j . An overlay is understood to mean performing a binary operation between two operands, for example, a subblock B _i and a binary vector of the second type V, and replacing the original value of the first operand with the value of the result of the binary operation. Analytically, the overlay procedure is written in the form of the formula B _i : = B _i • V, where the sign • denotes a binary operation; sign: = - assignment operation. The overlay scheme is shown in figure 2, where 1 is a sub-block B _i with the original structure; 2 - a binary vector of the second type V; 3 - a block performing a binary operation •; 4 - subblock B _i with a modified structure.

As a binary operation, simple arithmetic operations of addition (+) and subtraction (-) modulo 2 ³² , bitwise summation modulo 2⊕, which are quickly executed by the microprocessor, can be used. More complex binary operations can also be used, which are determined by combining the listed arithmetic operations and quickly performed unary operations, i.e. operations on one binary vector. For example, as a unary operation, the operation of cyclic shifting the operand X by d bits, denoted by the expression X ^{>> d >>} , where 1 ≤ d ≤ b-1, here b is the size of the operand X in bits, can be used. For example, the binary operation • on 32-bit vectors can be defined in the following variants corresponding to the formulas:
X • Y = (X ^{>> 11 >>} ) ⊕ Y, (1)
X • Y = (X ^{>> 11 >>} ) + Y, (2)
X • Y = (X ^{>> 1 >>} ) ⊕ (Y ^{>> 21 >>} ) (3)
Figure 3 shows the structure of the binary operation defined by formula (3), where blocks 1 and 2 are input operands X and Y, block 3 performs a cyclic shift operation 1 bit to the right, block 4 performs a cyclic shift operation 7 bits to the right, block 5 performs a bitwise summing operation modulo two; block 6 performs a composite binary operation •. The use of more complex binary operations specified by combining the three arithmetic binary operations and the unary cyclic right shift by the number of bits from 1 to 31 in the inventive method allows you to specify a very large number of implemented modifications of the encryption algorithm. This ensures a high encryption speed, since the indicated operations of addition, subtraction, bitwise summation modulo two and the cyclic shift operation are performed by modern mass processors for a small number of machine clock cycles.

The generated binary vector of the first type has a structure depending on the subblock B _j or on the structure of the binary vector of the second type. In variants of the proposed method in which the formation of a binary vector of the first type is specified, the option of generating a binary vector of the second type according to the structure of the subunit B _{j is} used according to the structure of the binary vector of the second type. This determines the dependence of the selection of the current subkey superimposed on subblock B _i on the structure of subblock B _j . Since the structure B _j during the conversion varies depending on the selected subkeys, this determines the pseudo-random nature of the change in the number of the subkey selected at the current sampling step. The generated binary vector of the second type has a structure depending on the set of subkeys selected in the previous sampling steps, so it takes values different from the values of the subkeys, and the binary vector of the second type takes a number of different values equal to approximately 2 ³² if its length is 32 bits , while the number of subkeys is usually not more than 2 ¹² .

The formation of the binary vector of the first type is performed in such a way that its structure depends on the structure of the subblock B _j and therefore determines the dependence of the choice of the current subkey superimposed on the subblock B _i on the current state of the structure of the subblock B _j . This determines the dependence of the choice of numbers of current subkeys on the structure of the input data block and on the encryption key.

 The proposed method of block encryption is easily implemented, for example, on personal computers and provides the possibility of creating high-speed encryption software modules on its basis, which allows solving a number of acute problems of protecting computer information.

Example 1. This example relates to the implementation of the tuner and is presented by the following algorithm, which uses a predetermined sequence of 16-bit words {Z _j }, where j = 0, 1, 2, ..., 511, which is supposed to be known to everyone, including cryptanalysts.

 Algorithm 1: generating a cipher key and setting up conversion operations.

 LOGIN: Password of arbitrary length.

1. Set the value of the number of rounds of encryption R. Repeat the password several times until a sequence of 1024 bytes is received: {P _j }, j = 0, 1, 2,. . ., 511, where P _j is a 16-bit representation of the information signals of the corresponding pair of password characters.

2. Calculate the control sequence: {H _j } = {Z _j ⊕ P _j }, set the counter r = 1 and determine {R _j } = {P _j }, j = 0, 1, 2, ..., 511.

3. Set the counter i = 1 and calculate the initial values of the variables G, Y, U:
G ₀ = (P ₁ - P ₉ mod 2 ¹⁶ , U ₀ = P ₁₁ ⊕ P ₁₈ , Y ₀ = (P ₂₁ + P ₃₆ ) mod 2 ¹⁶ .

] mod 2¹⁶,
U_i = {[U_i-1 + (P_i-1 div 2⁷)] mod 2¹⁶} ⊕

.4. Calculate the current values of the variables m, n, Y and U
m _i = U _i-1 mod 2 ⁹ , n _i = Y _i-1 mod 2 ⁹ ,
Y _i = [(Y _i-1 ⊕ P _i-1 +

] mod 2 ¹⁶ ,
U _i = {[U _i-1 + (P _i-1 div 2 ⁷ )] mod 2 ¹⁶ } ⊕

.

5. Perform the conversion
G _i = {[(P _i-1 ⊕ Y _i ) ^{>> r >>} ) + G _i-1 ] mod 2 ¹⁶ } ⊕ U _i .

6. Save the value of L $\genfrac{}{}{0ex}{}{\text{(r)}}{\text{i-1}}$ = G _i .

 7. If i <512, then increment i and go to step 4.

8. If r <7, then increment r, determine {R _j } = {L $\genfrac{}{}{0ex}{}{\text{(r)}}{\text{511-j}}$ }, j = 0, 1, 2, ..., 511, and go to step 4.

9. Define a 2048-byte sequence {B _l }: B _l = L $\genfrac{}{}{0ex}{}{\text{(5)}}{\text{l}}$ for l = 0, 1, 2, ..., 511; B _l = L $\genfrac{}{}{0ex}{}{\text{(7)}}{\text{l-512}}$ for l = 512, 513, ..., 1023.

знак

обозначает конкатенацию (присоединение) двоичных векторов.10. For indices f = 0, 1, 2, ..., 31, calculate
d _f = b $\genfrac{}{}{0ex}{}{\text{ef}}{\text{f}}$ mod p,
Where

sign

denotes the concatenation (joining) of binary vectors.

12. Построить последовательность {Q_l}: {Q_l} = {D_l ⊕ P_l} для l = 0, 1, 2, ..., 511, и {Q_l} = {D_l ⊕ P_l-512} для l = 512, 513,..., 1023.11. Represent the sequence {d _f }, f = 0, 1, 2, ..., 31, in the form of a sequence of 16-bit words {D _l }, l = 0, 1, 2, ..., 1023, where

12. Construct the sequence {Q _l }: {Q _l } = {D _l ⊕ P _l } for l = 0, 1, 2, ..., 511, and {Q _l } = {D _l ⊕ P _l-512 } for l = 512, 513, ..., 1023.

13. Build the cipher key {q _h }, h = 0, 1, 2, ..., 2050; q _2l = Q _l mod 2 ⁸ ; q _{2l + 1} = Q _l div 2 ⁸ , l = 0, 1, 2, ..., 1023; q ₂₀₄₈ = L $\genfrac{}{}{0ex}{}{\text{(3)}}{\text{0}}$ mod 2 ⁸ , q ₂₀₄₉ = L $\genfrac{}{}{0ex}{}{\text{(3)}}{\text{1}}$ mod 2 ⁸ and q ₂₀₅₀ = L $\genfrac{}{}{0ex}{}{\text{(3)}}{\text{5}}$ mod 2 ⁸
14. If L $\genfrac{}{}{0ex}{}{\text{(3)}}{\text{f + 40}}$ mod 3 = 0, then define the operations _└ f _┘ = ^┌ f ^┐ = ⊕ and go to step 16.

15. If L $\genfrac{}{}{0ex}{}{\text{(3)}}{\text{f + 40}}$ mod 3 = 1, then define the operations _└ f _┘ = + (mod2 ³² ) and ^┌ f ^┐ = - (mod2 ³² ), otherwise define _└ f _┘ = - (mod2 ³² ) and ^┌ f ^┐ = + (mod2 ³²⁾ ),
16. If f <12R, then increment f and go to step 14.

 17. Set the index h = 1.

18. Set the number of bits to be shifted in cyclic shift operations to the right> u _h > and to the left <u _h <: u _h = L _{h + 100} mod 2 ⁵ .

19. If u _h = 0, then u _h : = h mod 2 ⁵ .

 20. If h <6R, then increment h and go to step 18.

 21. STOP.

EXIT: 1. Encryption key {q _h }, h = 0, 1, 2, ..., 2050.

2. A set of configured operations> u _h >, <u _h <, _└ f _┘ and ^┌ f ^┐ .
In the encryption program template, numbered positions _└ f _┘ , where f is the serial number, for binary conversion operations and numbered positions for the cyclic right shift operations> u _h > are reserved, where h is the serial number. Moreover, in the encryption program template, the reserved positions are numbered sequentially, starting from the beginning of the program template towards its end. In the decryption program template, the reserved positions for binary operations ^┌ f ^┐ and the cyclic left shift operations <u _h <are numbered in the reverse order, starting from the end of the decryption program template. The decryption program template contains all the procedures of the encryption program template, but they are specified in the reverse order. The encryption program and its corresponding decryption program constitute a single cryptographic program.

 After specific conversion operations are established in the reserved positions of the cryptographic program template, the command translator is launched from the algorithmic language to the machine command language and, thus, the encryption program code generation is completed. The machine code of the encryption program is recorded in the main memory of the computer, which under his control performs the encryption of data blocks as they are received for conversion. The encryption procedures and the encryption key are generated depending on the user's secret key (password), i.e. are unique, which provides high complexity of cryptanalysis.

There is also the option of pre-generating a machine code template and writing it to RAM. In this case, after writing the machine code template of the encryption program, a special operation configuration program determines the addresses to which the codes of operations to be modified are recorded. In this variant of generating the machine code of the encryption program, clause 14 means: when the relation specified therein is fulfilled, write information signals of the machine operation code ⊕ to the RAM at the address corresponding to the reserved operations _└ f _┘ and ^┌ f ^┐ .
Clause 15 means: if the specified conditions are met, then write down the information signals of machine instruction codes corresponding to the operations + (mod 2 ³² ) and - (mod 2 ³² ) in the RAM at the address corresponding to the reserved operations _└ f _┘ and ^┌ f ^┐ .
Clause 18 corresponds to the generation of information signals of parameters that control the magnitude of the cyclic shift and their recording in RAM at the corresponding addresses of the machine code of the encryption program.

В этом случае, формируя двоичный вектор первого типа длиной 11 бит, можно задать более высокую степень неопределенности выбора текущего подключа. Возможны варианты формирования двоичных векторов длиной до 16 бит, которые позволяют повысить скорость шифрования в сравнении с приводимыми ниже примерами на 70%, однако эти варианты имеют более ограниченное применение, поскольку требуют использования шифрключей длиной 64 кбайт. Оптимальным представляется использование шифрключей длиной 259 - 2051 байт.In the cryptographic key generated by Algorithm 1, one can distinguish 2048 32-bit subkeys using the formula Q _l =

In this case, forming a binary vector of the first type with a length of 11 bits, you can set a higher degree of uncertainty in the choice of the current subkey. Variants of generating binary vectors up to 16 bits in length are possible, which allow to increase the encryption speed in comparison with the examples below by 70%, however, these options have a more limited application, since they require the use of encryption keys with a length of 64 kbytes. It seems optimal to use cipher keys with a length of 259 - 2051 bytes.

Example 2. The second example explains the encryption procedure. The input message is a 512-byte block, represented as a sequence of 128 32-bit words {T _j }, j = 0, 1, ..., 127.

INPUT: 512-byte data block {B _i }, i = 1, 2, 3, ..., 128.

 1. Set the counter for the number of rounds r = 1 and the number of rounds R = 4.

2. Set the counter s = 1, the value of the variable G, the initial value of the vector of the first type l and the initial values of the vectors of the second type U, V, Y: l = Q ₅ mod 2 ¹¹ , U = Q ₁ , V = Q ₂ , Y = Q ₃ , G = Q ₄ .

4. Сформировать текущие значения двоичных векторов

5. Сформировать текущие значения двоичных векторов

6. Вычислить номер текущего преобразуемого подблока i = 129 - s, если r = 2, 4, или i = s, если r = 1, 3.3. Generate current values of binary vectors

4. Generate current values of binary vectors

5. Generate current values of binary vectors

6. Calculate the number of the current converted subunit i = 129 - s, if r = 2, 4, or i = s, if r = 1, 3.

8. Преобразовать G: G := B_i.7. To impose on the subblock the binary vectors of the first type U and Y:

8. Convert G: G: = B _i .

.9. To impose on the subblock the binary vector of the first type V:

.

 10. If s <128, then increment s and go to step 3.

 11. If r <R, then increment r and go to step 2.

 12. STOP.

 OUTPUT: 512-byte ciphertext block.

The number of possible modifications is more than I> 10 ^14R . The decryption algorithm is obvious. The encryption speed is about 50 / R Mbps (for Intel 486/100). The parameter R sets the number of rounds of encryption. Valid values are R≥ 2. For R = 2, the encryption speed is about 25 Mbit / s, and the number of modifications of the encryption algorithm is more than 10 ²⁸ .

Claims (6)

 1. A method of encrypting data blocks, which consists in generating an encryption key in the form of a set of K subkeys and generating a machine code for the encryption program, with the help of which N subblocks are converted, which make up the data block, characterized in that binary vectors of the first and second type are additionally generated select the number l (l≤K) of the subkey according to the structure of the binary vector of the first type, using a binary operation, convert the binary vector of the second type by superimposing the lth subkey on it and transform the i-th subunit, where i≤N, by superimposing on it using a binary operation a transformed binary vector of the second type.  2. The method according to p. 1, characterized in that the binary vector of the first type is formed according to the structure of the j-th subunit.  3. The method according to p. 1, characterized in that the binary vector of the first type is formed according to the structure of the binary vector of the second type.  4. The method according to p. 1, characterized in that the binary vector of the first type is formed by the structure of the j-th subunit and by the value of the subkey number used in the previous overlay step.  5. The method according to claim 1, characterized in that the binary vector of the second type is formed according to the structure of the j-th subunit.  6. The method according to claim 1, characterized in that the binary vector of the second type is formed according to the structure that it had at the previous step of superposition on the subunit.

Images