Nothing Special   »   [go: up one dir, main page]

CN115333777B - Data encryption method, system, device and storage medium - Google Patents

Data encryption method, system, device and storage medium Download PDF

Info

Publication number
CN115333777B
CN115333777B CN202210819562.3A CN202210819562A CN115333777B CN 115333777 B CN115333777 B CN 115333777B CN 202210819562 A CN202210819562 A CN 202210819562A CN 115333777 B CN115333777 B CN 115333777B
Authority
CN
China
Prior art keywords
encrypted
data
packet
encryption
integer
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210819562.3A
Other languages
Chinese (zh)
Other versions
CN115333777A (en
Inventor
谢炜璇
张赫烜
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangzhou City Construction College
Original Assignee
Guangzhou City Construction College
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangzhou City Construction College filed Critical Guangzhou City Construction College
Priority to CN202210819562.3A priority Critical patent/CN115333777B/en
Publication of CN115333777A publication Critical patent/CN115333777A/en
Application granted granted Critical
Publication of CN115333777B publication Critical patent/CN115333777B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a data encryption method, a system, a device and a storage medium, which are characterized in that a preset encryption index is unfolded to obtain a large index pattern containing multi-bit digits, and then the digits of the large index pattern are divided into a plurality of integer arrays with the length of 10 from the highest bit of the large index pattern. And shaping the integer array to obtain a position substitution sequence composed of a plurality of position substitution groups, wherein the position substitution groups are completely and uniformly distributed sequences. Starting from the first bit on the left, dividing the acquired elements of the data to be encrypted into a plurality of groups to be encrypted with the length of 10, and according to a preset group corresponding relation, carrying out local position replacement on the elements in the corresponding groups to be encrypted through position replacement groups to obtain first encrypted data formed by the encrypted groups. The method has high confidentiality, is simple to realize, has few transmission parameters, and can be widely applied to data encryption scenes such as internet traffic (IoT) data transmission encryption and the like.

Description

Data encryption method, system, device and storage medium
Technical Field
The present application relates to the field of data encryption technologies, and in particular, to a data encryption method, system, device, and storage medium.
Background
With the advent of the big data age, massive data needs to be processed, and the data security problem is caused. During data transmission, data may be intercepted, resulting in data leakage. Therefore, it is proposed in the related art to encrypt data to be transmitted and transmit the encrypted data in the form of ciphertext, so as to ensure the security of the data. In the data encryption method based on the conversion of data from plaintext to ciphertext, two conditions are generally referred to for measuring the advantages and disadvantages of the encryption method, namely, the cost of decrypting the ciphertext is far greater than the value of the plaintext data, and the time required for decrypting the ciphertext is far greater than the effective time of the plaintext data. In other words, the calculation amount (or calculation complexity) of the ciphertext is the key of the data encryption method. In the related art, the data encryption method based on the conversion of data from plaintext to ciphertext generally has the problems of insufficient cracking difficulty, complicated transmission and the like.
Disclosure of Invention
The present application aims to solve at least one of the technical problems in the related art to some extent. To this end, the application provides a data encryption method, a system, a device and a storage medium.
In a first aspect, an embodiment of the present application provides a data encryption method, including: expanding a preset encryption index to obtain a large index pattern containing multi-bit numbers; dividing the digits of the large exponential pattern into a plurality of integer arrays starting from the most significant bit of the large exponential pattern; wherein the length of each integer array is 10, and each digit in the integer array is a decimal number; shaping the integer array to obtain a position substitution sequence consisting of a plurality of position substitution groups; starting from the first bit on the left, dividing the acquired element of the data to be encrypted into a plurality of groups to be encrypted; wherein the length of each packet to be encrypted is 10; according to a preset grouping corresponding relation, performing position replacement on the corresponding elements in the grouping to be encrypted through the position replacement grouping to obtain an encrypted grouping; and determining first encrypted data corresponding to the data to be encrypted according to the plurality of encrypted packets.
Optionally, the shaping the integer array to obtain a position permutation sequence composed of a plurality of position permutation groups includes: sequentially inquiring each digit in the integer array from the first left digit, and deleting the digits except the first occurrence or only the first occurrence to obtain a first array; arranging decimal numbers which do not appear in the first array in an ascending order, and sequentially supplementing the decimal numbers to the last bit of the first array to obtain the position replacement group which has the length of 10 and appears in each decimal number and appears only once; and when finishing the integer array integer, obtaining the position substitution sequence formed by a plurality of position substitution groups.
Optionally, the first number characterizes a position of a number in the position permutation sequence or of an element in the packet to be encrypted; the second number characterizes the position of the element in the encrypted packet; and performing position replacement on the corresponding element in the packet to be encrypted through the position replacement packet to obtain an encrypted packet, including: determining any element in the packet to be encrypted as an encryption starting point; determining numbers with the same number in the position replacement sequence according to the numbers of the elements in the to-be-encrypted packet; the second number in the encrypted packet having the number as the element; and determining an element corresponding to the first number which is the same as the second number as a next encryption starting point.
Optionally, the method further comprises: and if the length of the data to be encrypted is not an integer multiple of 10, supplementing padding characters after the last packet to be encrypted of the data to be encrypted, so that the length of each packet to be encrypted in the data to be encrypted is 10.
Optionally, the method further comprises: and if the length of the large exponential field is not an integer multiple of 10, discarding the last integer array with the length smaller than 10.
Optionally, shifting the element in the first encrypted data according to a preset shift direction and shift length; and taking the shifted first encrypted data as new data to be encrypted, returning to the step of expanding the preset encryption index to obtain a large index pattern containing multi-bit numbers, and re-executing the data encryption method to obtain second encrypted data.
Optionally, the method further comprises: and the data encryption transmits the encryption index and the group corresponding relation to a data receiving party, so that the data receiving party decrypts the first encrypted data according to the encryption index and the group corresponding relation to obtain the data to be encrypted.
In a second aspect, an embodiment of the present application provides a data encryption system, including: the first module is used for expanding a preset encryption index to obtain a large index field type containing multi-bit numbers; a second module for dividing the digits of the large exponent pattern into a plurality of integer arrays starting from the most significant bit of the large exponent pattern; wherein the length of each integer array is 10, and each digit in the integer array is a decimal number; a third module, configured to perform integer shaping on the integer array to obtain a position permutation sequence composed of a plurality of position permutation groups; a fourth module, configured to divide the acquired element of the data to be encrypted into a plurality of packets to be encrypted, starting from the first bit on the left; wherein the length of each packet to be encrypted is 10; a fifth module, configured to obtain an encrypted packet by performing position replacement on elements in the corresponding packet to be encrypted according to a preset packet correspondence through the position replacement packet; and a sixth module, configured to determine, according to a plurality of the encrypted packets, first encrypted data corresponding to the data to be encrypted.
In a third aspect, an embodiment of the present application provides a data encryption apparatus, including: at least one processor; at least one memory for storing at least one program; the at least one program, when executed by the at least one processor, causes the at least one processor to implement the data encryption method described above.
In a fourth aspect, an embodiment of the present application provides a computer storage medium in which a processor-executable program is stored, which when executed by the processor is configured to implement the above-described data encryption method.
The embodiment of the application has the following beneficial effects: firstly, expanding a preset encryption index to obtain a large index pattern containing multi-bit numbers, and then dividing the numbers of the large index pattern into a plurality of integer arrays with the length of 10 from the highest bit of the large index pattern. And shaping the integer array to obtain a position substitution sequence composed of a plurality of position substitution groups, wherein the position substitution groups are completely and uniformly distributed sequences. Then, starting from the first bit on the left, dividing the acquired elements of the data to be encrypted into a plurality of groups to be encrypted with the length of 10, and according to a preset group corresponding relation, carrying out local position replacement on the elements in the corresponding groups to be encrypted through position replacement groups to obtain first encrypted data formed by the encrypted groups. The embodiment of the application constructs the data encryption method by using the randomness and the uniform distribution characteristic of the large-index field type, ensures the confidentiality of an encryption scheme by realizing the high randomness of element replacement in the data to be encrypted, has simple realization and less transmission parameters, and can be widely applied to data encryption scenes such as internet of things (IoT) data transmission encryption and the like.
Drawings
The accompanying drawings are included to provide a further understanding of the application and are incorporated in and constitute a part of this specification, illustrate and do not limit the application.
FIG. 1 is a flow chart of steps of a data encryption method provided by an embodiment of the present application;
FIG. 2 is a schematic diagram of an autocorrelation function of 7 108 and cross-correlation functions of 7 108 and 7 107 according to an embodiment of the present application;
Fig. 3 is a schematic diagram of an autocorrelation function and an autocorrelation function of two random number sequences randomly generated by MATLAB according to an embodiment of the present application;
FIG. 4 is a flowchart illustrating integer array integer steps according to an embodiment of the present application;
FIG. 5 is a flowchart illustrating steps for performing position replacement to obtain an encrypted packet according to an embodiment of the present application;
FIG. 6 is a schematic diagram of a position replacement according to an embodiment of the present application;
FIG. 7 is a schematic diagram of a data encryption system according to an embodiment of the present application;
fig. 8 is a schematic diagram of a data encryption device according to an embodiment of the present application.
Detailed Description
The present application will be described in further detail with reference to the drawings and examples, in order to make the objects, technical solutions and advantages of the present application more apparent. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the application.
It should be noted that although functional block diagrams are depicted as block diagrams, and logical sequences are shown in the flowchart, in some cases, the steps shown or described may be performed in a different order than the block diagrams in the system. The terms first, second and the like in the description and in the claims and in the above-described figures, are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order.
In the above description, the calculation amount (or the calculation complexity) of the ciphertext is the key of the data encryption method, and in the common simple function, based on the positive integer n, the calculation amount of the different functions is ordered from small to large as follows:
log n,n,n2,n3,...,2n,3n,...,n!,nn
It can be seen that the factorial function n-! Is far more computationally intensive than the exponential function a n, where a is the base of the exponential function. It can be appreciated that when replacing data in plaintext with ciphertext, if a function with higher operand is used as a basis for the replacement, the difficulty of obtaining plaintext by ciphertext cracking is greater. For example, taking a plaintext data of length n as an example, if n-! Ciphertext conversion may require an attempt to make n-! The ciphertext can be cracked only once, when n is large enough, the cost of cracking the ciphertext becomes so high that the value of the ciphertext is higher than that of the plaintext data (or the time for cracking the ciphertext is far longer than the effective time of the plaintext data), so that the high confidentiality of the data can be realized. In the embodiment of the application, the position replacement sequence of the data is constructed based on the exponential function a n, and the constructed position replacement sequence can provide the data to be encrypted with the approximate n-! The encryption of plaintext data is completed, that is, the embodiment of the application provides a data encryption method which can obtain ciphertext with complexity close to the level of a factorial function by taking a simple function as a basis for position replacement. Embodiments of the present application will be further described below with reference to the accompanying drawings.
Referring to fig. 1, fig. 1 is a step flowchart of a data encryption method according to an embodiment of the present application, including, but not limited to, steps S100-S150:
s100, expanding a preset encryption index to obtain a large-index field type containing multi-bit numbers;
Specifically, the method of converting plaintext into ciphertext includes substitution encryption and substitution encryption. The substitution encryption refers to that the data in the plaintext is disordered and rearranged according to a certain rule, the structural property of the plaintext is broken, so that the plaintext is converted into ciphertext with unrecognizable meaning, and in the substitution encryption method, the element in the plaintext only changes in position. The replacing encryption refers to a method of replacing elements in the text with other kinds of elements, for example, english is replaced with corresponding Chinese characters. In the process of replacing encryption, the types of elements in the plaintext change, and when the ciphertext generated by the replacing encryption method is decrypted, a substitution table (also called a key) of the plaintext and the ciphertext used in encryption needs to be obtained. In order to further increase the cracking difficulty, multiple replacement encryption or multiple replacement encryption may be performed in practical application, or the replacement encryption and the replacement encryption may be combined.
The method provided by the embodiment of the application belongs to a displacement encryption method, the cracking difficulty of the data encryption method is higher, and the data encryption method can play a higher confidentiality level when being used as a single encryption method. In practical application, the data security can be further ensured by combining other encryption methods on the basis of the data encryption method provided by the application. The embodiment of the application only explains the principle, the implementation process and the security of the data encryption method, and does not expand the description of the combination of the data encryption method and other encryption methods. In the following, the mathematical basis of the data encryption method based on the displacement encryption according to the embodiment of the present application will be first described.
In order to improve the difficulty of ciphertext decoding in a data encryption method, the embodiment of the application constructs a position replacement sequence of data based on an exponential function a n, and encrypts the data by using the sequence to obtain an encryption space approaching to a factorial function level. In the embodiment of the present application, the exponent function a n is called an encryption exponent, a is a base of the encryption exponent, and n is a power of the encryption exponent. The encryption index is expanded, and the specific value obtained is called an index pattern. For example, when the encryption function a n=54 is used, the exponent pattern is obtained after expansion as 5 4 =5×5×5×5=625, and 625 is the exponent pattern of 5 4. If the encryption function a n=7108, the exponent field obtained after expansion is as follows:
7108=(18646,11341,71613,14493,26161,68039,56698,97144,64158,58248,58341,59291,20740,30215,43182,06422,51722,18248,01)
the index pattern contains 92 digits in total, and it should be understood that the index pattern is actually a real number, and only for convenience of reading and description, each 5 digits are separated by a comma in the above formula. It can be seen that it is not easy to calculate the exponent pattern of the encryption exponent if the exponent of the encryption exponent takes a large value. Taking n=30 and n=50 as an example, taking a=2, the function calculation amounts of the respective simple functions are shown in table 1 below.
TABLE 1
Table 1 above shows the amount of function operation of each simple function provided in the embodiment of the present application, and the time required for executing the function is shown in table 2 below, if 10 -6 seconds is required for one program operation by the computer.
TABLE 2
The operation estimated time of each simple function provided in the above table 2 is that when the power of the encryption exponent is large enough, the exponent function is selected to be used as the encryption function safely and reliably from the aspect of the function operation amount or the function operation estimated time. Therefore, in the embodiment of the present application, the exponent field after the encryption exponent is expanded should be a large exponent field.
According to the above-mentioned actual calculation data and operation data, firstly, the number in the large exponent pattern obtained after the encryption exponent expansion is explained very much. Two characteristics of the large-index pattern, which are difficult to estimate and uniformly distributed, are continuously demonstrated.
First, characteristics that are difficult to estimate by large-index patterns are demonstrated, taking encryption indexes a n=7107 and a n=7108 as examples. When appearing in an exponential form, 7 107 and 7 108 look similar, with the base of the two exponents being identical, the powers differing only by 1. And the two encryption indexes are unfolded to obtain two large-index patterns as follows:
7108=(18646,11341,71613,14493,26161,68039,56698,97144,64158,58248,58341,59291,20740,30215,43182,06422,51722,18248,01)
7107=(26637,30488,16590,20704,65945,25770,80998,53063,77369,40355,11916,56132,96290,03077,59743,77464,53174,03543)
Wherein the large index pattern of 7 107 contains 90 decimal numbers in total and the large index pattern of 7 108 contains 92 decimal numbers in total. Although the lengths of the two large exponential patterns are not far different, the arrangement of numbers within the two large exponential patterns is in fact quite different. Referring to fig. 2, fig. 2 is a schematic diagram of an autocorrelation function of 7 108 and a cross-correlation function of 7 108 and 7 107 according to an embodiment of the present application. As shown in fig. 2, the autocorrelation function of 7 108 is a blue waveform, the waveform of which exhibits an ideal pulse function result that approximates white noise. It will be appreciated that the closer the autocorrelation function is to the pulse function, the more random it represents the current sequence. Whereas the orange waveform in fig. 2 represents the cross-correlation function of 7 108 and 7 107, the waveform of which represents that the cross-correlation of 7 108 and 7 107 is very low. Further, referring to fig. 3, fig. 3 is a schematic diagram of an autocorrelation function and an autocorrelation function of two random number sequences randomly generated by MATLAB according to an embodiment of the present application, and assuming that the two random number sequences are a first random sequence and a second random sequence, a blue waveform in fig. 3 represents the autocorrelation function of the first random sequence, and an orange waveform represents the cross-correlation function of the first random sequence and the second random sequence. Comparing the waveforms of the same color in fig. 2 and 3, it can be seen that 7 108 and 7 107 are more random than the two random sequences generated randomly by MATLAB, since it is apparent that the blue waveform in fig. 2 is closer to the shape of the pulse function, and the orange waveform in fig. 2 is lower overall than the orange waveform in fig. 3.
From the foregoing, it can be seen that the large exponential patterns according to the embodiments of the present application have characteristics similar to the pulse function, and the cross-correlation properties of the cross-correlation functions of two large exponential patterns similar to each other in exponential form are very low, so it can be demonstrated that: the randomness of the large exponential field is high, and the difficulty of calculating the original exponential-form encryption function from the large exponential field is very high.
In the following, the characteristics of a uniform distribution of large-index patterns begin to be demonstrated. In the embodiment of the application, the entropy (denoted by H) of the measurement message quantity is referenced to measure the uniform distribution degree of the exponential patterns. Let n elements of a discrete information source be represented as { v 0,v1,...,vn-1 }, the relative probabilities among the elements be represented as { p 0,p1,...,pn-1 }, the entropy of the discrete information source be represented as:
if the visual index pattern (d 0d1...dn-1) is a random sequence of length N, d k-1 e {0,1,2,.,. 9} represents the kth element in the sequence, then the discrete information source has n=10 elements (i.e., d k-1 is any of the 10 elements {0,1,2,.,. 9}, then when N is sufficiently large and has high randomness, then p 0≈p1≈p2...≈p9 = 0.1 can be determined, and then the ideal entropy H 10 of the discrete information source can be calculated as follows:
If using To represent the entropy calculated from the actual p k value in the exponential pattern (d 0d1...dn-1), then defineThe uniformity of the exponential pattern is characterized. Referring to the following tables 3 and 4, table 3 shows the constitution of the exponential field form based on prime numbers and the entropy and uniformity corresponding to the exponential field form provided by the present application. Table 4 shows the composition of the exponential field pattern based on the composite number and the entropy and uniformity corresponding to the exponential field pattern provided by the present application.
TABLE 3 Table 3
TABLE 4 Table 4
The formats of the above tables 3 and 4 are the same, the first column on the left of the table is the index form of the index pattern, the index is unfolded to obtain the index pattern, the decimal numbers in the index pattern are counted, the composition of the current index pattern is determined through the second column to the eleventh column of the table, for example, referring to the second row in table 3, the index pattern obtained by unfolding the index 2 312 includes 10 numbers 0,5 numbers 1,7 numbers 2. The lengths of the patterns obtained after the development of the indices selected in tables 3 and 4 were each between 90 and 100. As can be seen from tables 3 and 4, when the index pattern is large enough, the degree of uniformity of decimal numbers in the index pattern is high, at least up to 95%, regardless of whether the base of the index is an index or a complex number.
Thus, from the foregoing, it can be determined that when the length of the exponential pattern is sufficiently long (e.g., the length demonstrated above is 90 or more), the decimal numbers 0 to 9 within the exponential pattern can be considered to be substantially uniformly distributed, i.e., the uniformly distributed characteristics of the exponential pattern are demonstrated.
According to the above, firstly, a large-index pattern with a length can be obtained according to a simple combination of a base number and an index, and in addition, even if the index structures are similar, the obtained large-index pattern has a quite degree of randomness; finally, the decimal numbers in the large-index field type have the characteristic of uniform distribution. It is because of these properties that large exponential patterns have, embodiments of the present application consider that large exponential patterns have great potential as position substitution sequences. When the position in the data to be encrypted is represented by the number in the large-exponent pattern, the randomness of the position in which the element in the data to be encrypted is replaced increases because the number in the large-exponent pattern has a considerable randomness. And because decimal numbers in the large-exponent field are uniformly distributed, in an array of one group of ten numbers, the probability that elements in the data to be encrypted are possibly replaced from the current position to nine other positions is equal, so that the unpredictability of the data to be encrypted is further enhanced. In addition, the large exponent field has a large length, so that an array obtained by combining a plurality of decimal numbers can be obtained, and the array containing the combination of different decimal numbers can also provide more choices for element replacement in the data to be encrypted. It can be said that the nature of the large exponential pattern makes it more likely that data permutations within the data to be encrypted will be more likely, more combined, and substantially difficult to estimate.
In view of the foregoing, embodiments of the present application illustrate mathematical principles and basis for data substitution in a data encryption method using a large exponential pattern, and the following description continues with respect to a specific data encryption method.
S110, starting from the highest bit of the large-index field type, dividing the number of the large-index field type into a plurality of integer arrays;
specifically, a large index pattern is obtained after expanding a preset encryption index, and the number of the large index pattern is divided into a plurality of integer arrays with the length of 10 from the highest bit of the large index pattern, wherein each digit in the integer arrays is a decimal number. It has been discussed in the foregoing that the uniformity level obtained by entropy calculation using 10 decimal numbers of 0-9 as discrete information sources in an exponential pattern can be interpreted as a substantially uniform distribution of the 10 decimal numbers of 0-9 in a large exponential pattern. Therefore, in the embodiment of the application, 10 numbers are taken as a group to obtain an integer array, and the numbers in the integer array are used as the positions of the elements in the data to be encrypted after replacement. It can be understood that on the premise of ensuring that no position conflict occurs after the position replacement of the elements in the data to be encrypted (that is, the same position is not allocated to two elements), an integer array with a length of 10 can replace the elements in the data to be encrypted with a length of 10.
In some embodiments, the large exponent pattern obtained after the exponent expansion may not be an integer multiple of 10, resulting in less than 10 digits in the last integer array after the large exponent pattern is grouped. At this time, the last integer array with the length smaller than 10 can be discarded, and only the integer array with the length of 10 is applicable to the subsequent position replacement.
S120, shaping the integer array to obtain a position substitution sequence consisting of a plurality of position substitution groups;
Specifically, an integer array of length 10 is obtained according to the above steps. The uniform distribution of the large-index patterns is uniform on the whole, which does not mean that 0-9 uniform distribution exists in each integer array with the length of 10 in the large-index patterns, so that the integer array needs to be shaped to obtain a position replacement sequence capable of being used for position replacement. The process of integer array shaping is described below in conjunction with the steps in fig. 4.
Referring to fig. 4, fig. 4 is a flowchart illustrating steps of integer array shaping according to an embodiment of the present application, where the method includes, but is not limited to, steps S400-S430:
s400, sequentially inquiring each digit in the integer array from the first left digit, and deleting the digits except the first occurrence or only the first occurrence to obtain a first array;
specifically, taking an encryption index of 2 312 as an example, the developed index pattern is as follows:
2312=(8343699359,0660550093,5555353972,4812947666,8145404556,7488260563,1280555545,8038306271,4852719565,2096)
starting from the most significant digit of the exponential pattern, every 10 digits are separated by a comma, and the 10 digits between two punctuations represent an integer array, e.g., let [8343699359] be an integer array A. In this step, each digit in the integer array is queried in turn from the first left digit, for example Representing the number a as a repetition number, and representing the number appearing first or only once by a, the integer array A can be arranged intoThe digits other than the first occurrence or only the first occurrence are deleted, resulting in a first array B of [834695].
S410, arranging decimal numbers which are not present in the first array in an ascending order, and sequentially supplementing the decimal numbers to the last bit of the first array to obtain a position replacement packet with the length of 10 and each decimal number which is present and only appears once;
Specifically, according to step S400, the decimal numbers that do not appear in the first array B include 0, 1,2, and 7, the decimal numbers that do not appear in the first array are arranged in ascending order and sequentially supplemented to the last bit of the first array, so as to obtain a position replacement packet that has a length of 10 and appears only once for every decimal number, that is, the position replacement packet obtained after the integer array a is shaped is [8346950127].
It will be appreciated that after shaping, the resulting position-permutation packet is in fact a completely uniformly distributed sequence, the 10 decimal numbers 0-9 appear the same number of times in one position-permutation packet, and that the positions appear also with a great randomness, i.e. the position-permutation packet can be considered as a set of random scrambling codes.
S420, when all the integer arrays are shaped, a position replacement sequence formed by a plurality of position replacement groups is obtained;
According to the above steps 400-S410, all the integer arrays are shaped to obtain a plurality of position replacement packets, and the position replacement packets are sequentially arranged to form a position replacement sequence. Taking the encryption index 2 312 as an example, discarding the last integer array with the length smaller than 10 in the index field, and obtaining a position replacement sequence C after shaping as follows:
2312→(8346950127,0659312478,5397201468,4812976035,8145062379,7482605319,1280543679,8036271459,4852719603)
The above formula represents a position substitution sequence constructed on the basis of 2 312, and the position substitution sequence has 90 numbers in total, that is, the position substitution sequence can perform position substitution of elements for data to be encrypted with the element length of 90 at least.
Through the steps S400-S420, the embodiment of the present application proposes a method for shaping an integer array to obtain a position substitution packet with a length of 10 and each decimal number appearing only once, and on the premise of ensuring randomness of numbers in the whole position substitution sequence, decimal numbers in each position substitution packet are uniformly distributed, so that the position substitution packet can be used for performing position substitution of elements in data to be encrypted.
The above step S120 has been completed through the above steps S400 to S420, and the following begins to describe step S130.
S130, starting from the first bit on the left, dividing the acquired element of the data to be encrypted into a plurality of groups to be encrypted;
specifically, the data to be encrypted at this time is called to-be-encrypted data, and elements in the to-be-encrypted data are divided into a plurality of to-be-encrypted packets with the length of 10. It can be understood that, because the data encryption method in the embodiment of the application is a substitution encryption method, the element types in the data to be encrypted are not affected or required, and therefore, the element types in the data to be encrypted can be in various forms such as numbers, letters, chinese characters and the like, and when the data to be encrypted are grouped, the data to be encrypted only need to be grouped according to the minimum unit of the element types in the current data to be encrypted.
In some embodiments, if the length of the data to be encrypted is not an integer multiple of 10, a preset padding character may be added after the last packet to be encrypted of the data to be encrypted, for example, the padding character is set to be digital 0, and then the last zero padding of the last packet to be encrypted of less than 10 elements of the data to be encrypted is performed, so that the length of each packet to be encrypted in the data to be encrypted is ensured to be 10.
S140, according to a preset grouping corresponding relation, performing position replacement on elements in the corresponding grouping to be encrypted through position replacement grouping to obtain an encrypted grouping;
specifically, numbering each position-permutation packet of the position-permutation sequence C obtained in the above step can obtain the position-permutation sequence as follows:
2312→([8346950127]0,[0659312478]1,[5397201468]2,[4812976035]3,[8145062379,]4,[7482605319]5,[1280543679]6,[8036271459]7,[4852719603]8)
It will be appreciated that the packets to be encrypted in the data to be encrypted may also be numbered in the same manner as described above. In the embodiment of the application, one position substitution packet is used for carrying out position substitution on one to-be-encrypted packet, so that the packet corresponding relation between the position substitution packet and the to-be-encrypted packet is required to be predetermined. For example, in some embodiments, the location permuted packet may directly correspond to the same location of the packet to be encrypted, that is, the position replacement packet numbered 0 provides a replacement for the to-be-encrypted packet numbered 0, and the position replacement packet numbered 1 provides a replacement for the to-be-encrypted packet numbered 1. In other embodiments, to further increase the randomness of the permutation, the packet correspondence between the position-permuted packet and the packet to be encrypted may be expressed in the form of a table or a function, for example, the function f m,n is used to indicate that the position-permutation is provided for the nth packet to be encrypted in the data to be encrypted by the mth position-permuted packet in the current position-permuted sequence.
After determining a position replacement packet corresponding to a packet to be encrypted according to a preset packet correspondence, performing position replacement on the packet to be encrypted by using the position replacement packet, and referring to fig. 5, a process of obtaining an encrypted packet after performing position replacement in the embodiment of the present application is described below.
Referring to fig. 5, fig. 5 is a flowchart illustrating steps of performing position replacement to obtain an encrypted packet according to an embodiment of the present application, where the method includes, but is not limited to, steps S500-S530:
s500, determining any element in a packet to be encrypted as an encryption starting point;
Specifically, assume that the data to be encrypted is a sentence of english: for convenience of reading, "experience IS THE FATHER of wisdom and memory the the mother" in the embodiment of the present application, the character "_" is used to represent a space in the english sentence, and the data to be encrypted is: "science_is_the_ father _of_ wisdom _and_memory_the_the_mother". The sentence contains 56 characters of total space length, and can be subjected to position replacement by using the first six position replacement groups of the position replacement sequence obtained based on 2 312. Assuming that the pad character is the letter o, the data to be encrypted is subjected to packet numbering to obtain the following expression:
([experience]0,[_is_the_fa]1,[ther_of_wi]2,[sdom_and_m]3,[emory_the_]4,[motheroooo]5)
And f 00,f11,f22...f55, 6 groups of substitutions are sequentially carried out on the to-be-encrypted packet with the position substitution packet as the same position.
Referring to fig. 6, fig. 6 is a schematic diagram of location replacement provided in an embodiment of the present application, and as shown in fig. 6, a first packet in brackets indicates a location replacement packet and a packet to be encrypted. Wherein the number ①-⑩ of the first row in the first bracket is the first number in the present application, which characterizes the position of the number in the position permutation sequence or of the element in the packet to be encrypted; the elements of the second row represent elements within the packet to be encrypted and the digits of the third row represent positions of the digits in the replacement packet. The second parenthesis indicates the encrypted packet. Wherein the first line number 1) -10) in the second bracket is the second number in the present application, which characterizes the position of the element in the encrypted packet; the elements of the second row represent the elements that have been position permuted, i.e. the elements in the encrypted packets.
The data encryption method based on the location permutation according to the embodiment of the present application can be conveniently understood with reference to fig. 5 and 6. Firstly, any element in the elements to be encrypted is determined as an encryption starting point of the element of the group, and the element "e" with the first number ① is taken as an encryption starting point for example.
S510, determining numbers with the same numbers in the position replacement sequence according to the numbers of the elements in the to-be-encrypted packet;
Specifically, referring to fig. 6, after determining the encryption starting point, according to the number of the element in the packet to be encrypted, the number with the same number in the position replacement sequence is determined, that is, the first number of the encryption starting point is ①, and if it is determined that the first number in the position replacement sequence is also the number corresponding to the position of ①, the correspondence between the first number, the element and the number may be represented as ①→e→8、②→x→3、⑧ →n→1, and so on.
S520, a second number in the encrypted packet with the number as an element;
In particular, the numbers in the place-than-groups in the present application are used to characterize the new order after the scrambling of the elements in the data to be encrypted, that is, the numbers in the place-than-groups are actually the second numbers of the elements in the encrypted groups. Referring to the connection line numbered 1 in fig. 6, it can be seen that the path from the first number up to the element in the encrypted packet can be expressed as: ① E→8→8) →e. Thus, referring to steps S500-S520, the corresponding positions of all elements in the packet to be encrypted in the encrypted packet can be determined, that is, after the position substitution f 00 is performed on the packet to be encrypted [ experientance ], the encrypted packet can be obtained as [ encxpieeer ], that is, experientance→ encxpieeer is implemented. And similarly, all the packets to be encrypted can be subjected to position replacement through the corresponding position replacement packets, so that the corresponding encrypted packets are obtained. If the position of the packet to be encrypted [ ther_of_wi ] is permuted by f 22, obtaining an encrypted packet [ of_h_ twrie ]; after the encrypted packet [ motheroooo ] undergoes the position replacement f 55, an encrypted packet [ rohoooemto ] is obtained.
S530, determining an element corresponding to the first number identical to the second number as a next encryption starting point.
Specifically, in some embodiments, after the position replacement of the encryption starting point is completed, the remaining elements that are not replaced may be arbitrarily selected for the next position replacement. In other embodiments, an element corresponding to a first number that is the same as a second number of a current encryption start point may be determined as a next encryption start point. As shown in fig. 6, after the connection line with the reference number 1 completes the position replacement of the element with the first number ①, if the second number 8 of the element is determined to be ⑧, the element e corresponding to ⑧ is taken as the next encryption starting point. The position replacement step as in steps S510-S520 described above is then continued. As shown in fig. 6, the connection with reference number 2 completes the replacement of the location of the first element with reference number ⑧, which is ultimately replaced into the location of the second element with reference number 2) in the encrypted packet. Therefore, if only the first number and the second number are reserved, the alternative path of the packet to be encrypted may be represented as two loops, namely, 0→8→2→4→9→7→1→3→6→0≡f (082497136) and 5→5≡f (5), and other packets may be represented in the form of such a loop sequence in turn, so that the description will not be repeated here. By means of the cyclic replacement method, it can be ensured that all elements in the packet to be encrypted are replaced by positions.
Through the above, the embodiment of the application provides a method for performing position replacement on the elements in the to-be-encrypted packet by the position replacement packet to finally obtain the encrypted packet, wherein the elements in the encrypted packet are the result of reordering the elements in the to-be-encrypted packet. The content of step S140 is already explained through steps S500-S530, and step S150 is explained below.
S150, determining first encrypted data corresponding to the data to be encrypted according to the plurality of encrypted packets;
Specifically, according to the step S140, all the packets to be encrypted are subjected to position replacement to obtain a plurality of encrypted packets, and the encrypted packets are sequentially combined to obtain the first encrypted data corresponding to the data to be encrypted. After the position replacement of the data to be encrypted, "science_is_the_ father _of_ wisdom _and_memory_the_the_moter", f mn (where m=n, m and n are integers), the first encrypted data of the resulting encrypted packet is "encxpieeen _het_ sifa _of_h_ twriedom _ smnad _ ymthor _ee_ rohoooemto".
It will be appreciated that the first encrypted data is an encrypted result calculated according to the packet correspondence of f mn, and m=n, where m may not be equal to n at all, so that the probability of the first encrypted data is n-1 times more.
Taking the data to be encrypted n=90 as an example, the data to be encrypted can be divided into nine packets to be encrypted, ten positions of each packet to be encrypted are independently replaced, and then the possibility of outputting encrypted packets with different arrangements of each packet to be encrypted is 10-! = 3628800. If the substitution of the packet to be encrypted (i.e., f mn described above and m=n) is performed only with the substitution packet of the same number, the above-described 9 possibilities of the encrypted packet need to be multiplied 9 times, and the output first encrypted data shares 10-! X 10-! X.10! = 3628800 9≈1.09×1059>2196≈1059. It can be seen that without specific information of location replacement, the time it takes to brute force crack encrypted data to such a complexity with an exhaustive method is very long. Taking the related art encryption method AES-192 as an example, the key length is 192, and the number of generated keys is at most 2 192≈6.28×1057, which is obviously much less than the possibility of outputting encrypted data by the encryption method in the embodiment of the present application. On the basis of the above, if f mn and m are not necessarily equal to n in the present application, the first encrypted data may further be added with 9-! Multiple possibilities. Through calculation, if the data to be encrypted is n=90, the confidentiality degree of the data encryption method based on the exponential integer field type provided by the embodiment of the application can be equal to that of AES-256. Therefore, by comparing the data of the security scheme in the related art with the data of the security scheme, the superiority of the data encryption method provided by the embodiment of the application in the security degree can be easily seen.
Also, it is understood that the above-described position substitution is performed within the packet, i.e., the above-described steps are actually implemented as a partial substitution scheme within the packet. In some embodiments, a global permutation scheme may also be added on a local permutation basis. The global replacement method specifically shifts the first encrypted data obtained after the first local replacement. For example, a shift direction is preset to shift rightward, a shift length is 2, and a shift mode is cyclic shift, and elements in the first encrypted data are shifted according to the preset shift direction and shift length. For example, the data to be encrypted is "science_is_the_ father _of_ wisdom _and_memory_the_the_moter", and after partial replacement, the first encrypted data corresponding to the data to be encrypted can be obtained and expressed as "encxpieeen _het_ sifa _of_h_ twriedom _ smnad _ ymthor _ee_ rohoooemto". And shifting the first encrypted data to the right according to the shifting direction, wherein the shifting length is 2, and the obtained data is toencxpieeen _het_ sifa _of_h_ twriedom _ smnad _ ymthor _ee_ rohoooem.
And after the shifting is finished, taking the shifted first encrypted data as new data to be encrypted, and carrying out a new round of local replacement on the new data to be encrypted. That is, the data encryption method based on the large exponent field in the embodiment of the present application is re-executed on the shifted first encrypted data, and the second encrypted data is retrieved, so that global permutation is completed, and the encryption round of re-executing the encryption method may be preset according to the requirement. In addition, in the actual operation process, as the operation amount and the corresponding operation time consumption of the encryption method in the embodiment of the application can be obtained through corresponding calculation of the encryption round and the selected encryption index, the round and the corresponding encryption index which are required to run by the data encryption method can be determined according to the service requirement for different data to be encrypted. For example, with higher-level security data, multiple rounds of data encryption may be performed, and each round of encryption may use a different encryption index to further increase security. For some data with high security level and shorter time effect, only one or two rounds of encryption can be carried out, and only the time required for controlling the violent decryption of the encrypted data is far longer than the effective time of the data. The embodiment of the application can obtain the encrypted data with controllable confidentiality degree and flexible elasticity only by setting the encryption indexes corresponding to different rounds, and is simple to operate. For multi-round encryption, only a plurality of encryption indexes (or a plurality of packet corresponding relations) are transmitted when the transmission is performed, and compared with the encryption scheme in the related art, the scheme still has the advantage of less transmission parameters.
The following describes the data encryption method for multiple rounds in this scheme in combination with the actual deduction procedure.
First, there are 10 elements in each packet to be encrypted, and the permutation is performed by using a position permutation packet with a length of 10, which has a completely uniform distribution property (10 tens of bits are uniformly and randomly distributed, which means 0-9), then the probability that each packet to be encrypted is obtained after the partial permutation is completed is that:
10!=10×9×8×...×2×1=3628800
If the length of the whole data to be encrypted is n=10k (k is a positive integer), the packets to be encrypted need to be encrypted have k groups, and the possibility that the whole data to be encrypted is obtained after partial replacement is completed is that:
(10!)N/10=(10!)k
If the encryption needs to be performed for the current encryption (i is an integer greater than or equal to 0) according to the security requirement, under the condition that shift is not considered, the possibility that the data to be encrypted is obtained after the encryption of the current encryption is completed for the current encryption is as follows:
(10!)(i+1)/10=(10!)(i+1)k
In the case where the shift is considered, the possibility of the shift is (N-1) for the first shift, and if the shift is performed i times in total in the plurality of rounds of encryption, the complexity level exponent O (N i) after the shift is expressed as:
O(Ni)=(N-1)(N-2)...(N-i)
therefore, in combination with shifting in multiple rounds of encryption, it can be determined that after i shifts in i+1 rounds of encryption, the probability of the encrypted data obtained by encrypting the data to be encrypted is:
O(Ni×(10!)(i+1)/10)→N!
That is, after multiple rounds of partial permutation and shift, the encryption space (encryption space refers to the sum of the possible encrypted data obtained by the current data to be encrypted) obtained by the encryption method according to the embodiment of the present application can approach N-! That is, approximating the above-mentioned n ≡ with the highest operational complexity in the simple function! Therefore, the application can well meet the requirement of high confidentiality when the application is implemented to superimpose multiple rounds of encryption. For example, when 20< N <50, i=2, o (N i×(10!)(i+1)N/10)=N2×(10!)3N/10 > N | and when 60< N <120, i=3, o (N i×(10!)(i+1)N/10)=N3×(10!)2N/5 > N | according to the above example, even in the case where the data length to be encrypted is not too long, the complexity of encryption reaches N | after 2 to 3 rounds of execution by the data encryption method of the embodiment of the present application, the above deduction and example can explain that the data encryption method of the embodiment of the present application can easily reach the encryption complexity of the order function level by superposition of encryption rounds.
Comparing the embodiment of the present application with AES-128, AES-192 and AES-256, the encryption spaces of AES-128, AES-192 and AES-256 are:
2128≈3.40×1038
2192≈6.28×1057
2256≈1.16×1077
The data encryption method in the present application is specifically compared with the AES encryption method as follows:
When n=30, i=2, o (N i×(10!)(i+1)N/10)≈6.85×1040>3.40×1038≈2128;
When n=60, i= 1,O (N i×(10!)(i+1)N/10)≈1.37×1041>3.40×1038≈2128;
When n=50, i=2, o (N i×(10!)(i+1)N/10)≈1.98×1067>6.28×1057≈2192;
When n=60, i=2, o (N i×(10!)(i+1)N/10)≈3.13×1080>1.16×1077≈2256;
When n=120, i= 1,O (N i×(10!)(i+1)N/10)≈6.26×1080>1.16×1077≈2256.
Through the comparison, the embodiment of the application can be determined to be a substitution encryption method with simple logic and few transmission parameters, has more excellent confidentiality degree than the common AES technology in the related technology, and can be widely applied to various data encryption systems.
In some embodiments, the encryption index required for encryption (i.e., the large index pattern required for encryption) may be the same as or different from the encryption index used for the first round in performing the second round of partial permutation. It can be understood that the use of different encryption indexes in different rounds can further increase the difficulty of decrypting the encrypted data, and the decryption can be completed only by acquiring the correct encryption indexes corresponding to the rounds during violent decryption. On the other hand, for the data to be encrypted with larger data length, the operation complexity can be controlled by controlling the lengths of the encryption indexes of different rounds, so that the operation amount can be reduced while the confidentiality requirement can be met. Such as encrypting with a shorter large exponential pattern in a later round, sorting with repeated use of multiple position permutation packets in the large exponential pattern, etc.
It will be appreciated that since the second encrypted data is actually also the data obtained by the substitution encryption, the elements inside are the same as the original data to be encrypted. Therefore, after the encryption round and the encryption index are determined, the data receiver can operate in reverse order according to the data encryption method in the embodiment of the application, so that the second encrypted data is decrypted, and the original plaintext of the data to be encrypted is obtained.
Therefore, the randomness of the permutation can be further improved by combining the global permutation on the basis of the local permutation, so that the security of the data encryption method is further enhanced.
It can be understood that, although the large exponent pattern used in the above description includes a plurality of numbers and a plurality of arrays, in practice, the embodiment of the present application is quite simple in implementation level, and a data encryption scheme with higher confidentiality degree can be obtained without generating a large amount of keys or establishing an excessively complex packet correspondence. In addition, when the data encryption method is actually implemented, the data encryption party only needs to send the encryption index and the packet corresponding relation to the data receiving party before data transmission, so that the data receiving party can decrypt the received first encrypted data according to the encryption index (a group of base numbers and powers) and the packet corresponding relation (for example, m=n, m=n+1, etc.), thereby obtaining the data to be encrypted in the plaintext. If global permutation is performed again based on the re-local permutation, the parameters transferred need to include the shift direction and shift length. Therefore, even under the more complex permutation and combination, only a few simple parameters are required to be transferred between the data encryption party and the data decryption party in the data encryption method in the embodiment of the application. Therefore, besides high confidentiality, the embodiment of the application has the advantages of simple flow and less transmission parameters in practical application.
Through the steps S100-S150, the embodiment of the present application proposes a data encryption method based on substitution encryption, which firstly expands a preset encryption index to obtain a large-index pattern containing a plurality of digits, and then, starting from the highest digit of the large-index pattern, divides the digits of the large-index pattern into a plurality of integer arrays with the length of 10. And shaping the integer array to obtain a position substitution sequence composed of a plurality of position substitution groups, wherein the position substitution groups are completely and uniformly distributed sequences. Then, starting from the first bit on the left, dividing the acquired elements of the data to be encrypted into a plurality of groups to be encrypted with the length of 10, and according to a preset group corresponding relation, carrying out local position replacement on the elements in the corresponding groups to be encrypted through position replacement groups to obtain first encrypted data formed by the encrypted groups. After the first encrypted data is obtained, the first encrypted data can be further encrypted according to a preset shift direction and shift length, and multiple times of encryption are performed according to a preset encryption round, so that second encrypted data is obtained. The embodiment of the application constructs the data encryption method by using the randomness and the uniform distribution characteristic of the large-index field type, ensures the confidentiality of an encryption scheme by realizing the high randomness of element replacement in the data to be encrypted, has simple implementation and few transmission parameters, and can be widely applied to data encryption scenes such as internet of things (IoT) data transmission encryption and the like.
Referring to fig. 7, fig. 7 is a schematic diagram of a data encryption system according to an embodiment of the present application, where the system 700 includes a first module 710, a second module 720, a third module 730, a fourth module 740, a fifth module 750, and a sixth module 760, and the first module is configured to expand a preset encryption index to obtain a large-index field type including multiple digits; the second module is used for dividing the number of the large index pattern into a plurality of integer arrays from the most significant bit of the large index pattern; wherein, the length of each integer array is 10, and each digit in the integer array is a decimal number; the third module is used for shaping the integer array to obtain a position substitution sequence consisting of a plurality of position substitution groups; the fourth module is used for dividing the acquired elements of the data to be encrypted into a plurality of groups to be encrypted from the first bit on the left; the fifth module with the length of 10 of each packet to be encrypted is used for carrying out position replacement on elements in the corresponding packet to be encrypted through position replacement packets according to a preset packet corresponding relation to obtain encrypted packets; the sixth module is configured to determine, according to the plurality of encrypted packets, first encrypted data corresponding to the data to be encrypted.
Referring to fig. 8, fig. 8 is a schematic diagram of a data encryption device according to an embodiment of the present application, where the device 800 includes at least one processor 810 and at least one memory 820 for storing at least one program; one processor and one memory are taken as examples in fig. 8.
The processor and the memory may be connected by a bus or otherwise, for example in fig. 8.
The memory, as a non-transitory computer readable storage medium, may be used to store non-transitory software programs as well as non-transitory computer executable programs. In addition, the memory may include high-speed random access memory, and may also include non-transitory memory, such as at least one disk storage device, flash memory device, or other non-transitory solid state storage device. In some embodiments, the memory optionally includes memory remotely located relative to the processor, the remote memory being connectable to the apparatus through a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The above described apparatus embodiments are merely illustrative, wherein the units illustrated as separate components may or may not be physically separate, i.e. may be located in one place, or may be distributed over a plurality of network elements. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
The embodiment of the application also discloses a computer storage medium, wherein a program executable by a processor is stored, and the program executable by the processor is used for realizing the method provided by the application when being executed by the processor.
Those of ordinary skill in the art will appreciate that all or some of the steps, systems, and methods disclosed above may be implemented as software, firmware, hardware, and suitable combinations thereof. Some or all of the physical components may be implemented as software executed by a processor, such as a central processing unit, digital signal processor, or microprocessor, or as hardware, or as an integrated circuit, such as an application specific integrated circuit. Such software may be distributed on computer readable media, which may include computer storage media (or non-transitory media) and communication media (or transitory media). The term computer storage media includes both volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data, as known to those skilled in the art. Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, digital Versatile Disks (DVD) or other optical disk storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to store the desired information and which can be accessed by a computer. Furthermore, as is well known to those of ordinary skill in the art, communication media typically embodies computer readable instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism and includes any information delivery media.
While the preferred embodiment of the present application has been described in detail, the present application is not limited to the above embodiment, and various equivalent modifications and substitutions can be made by those skilled in the art without departing from the spirit of the present application, and these equivalent modifications and substitutions are intended to be included in the scope of the present application as defined in the appended claims.

Claims (8)

1. A data encryption method, comprising:
expanding a preset encryption index to obtain a large index pattern containing multi-bit numbers;
dividing the digits of the large exponential pattern into a plurality of integer arrays starting from the most significant bit of the large exponential pattern;
Wherein the length of each integer array is 10, and each digit in the integer array is a decimal number;
shaping the integer array to obtain a position substitution sequence consisting of a plurality of position substitution groups;
Starting from the first bit on the left, dividing the acquired element of the data to be encrypted into a plurality of groups to be encrypted;
Wherein the length of each packet to be encrypted is 10;
According to a preset grouping corresponding relation, performing position replacement on the corresponding elements in the grouping to be encrypted through the position replacement grouping to obtain an encrypted grouping;
determining first encrypted data corresponding to the data to be encrypted according to a plurality of encrypted packets;
The integer array is shaped to obtain a position replacement sequence composed of a plurality of position replacement groups, and the integer array comprises:
Sequentially inquiring each digit in the integer array from the first left digit, and deleting the digits except the first occurrence or only the first occurrence to obtain a first array;
Arranging decimal numbers which do not appear in the first array in an ascending order, and sequentially supplementing the decimal numbers to the last bit of the first array to obtain the position replacement group which has the length of 10 and appears in each decimal number and appears only once;
when finishing the integer array integer, obtaining the position replacement sequence composed of a plurality of position replacement groups;
Wherein a first number characterizes the position of a number or element in the position permutation sequence in the packet to be encrypted; the second number characterizes the position of the element in the encrypted packet; and performing position replacement on the corresponding element in the packet to be encrypted through the position replacement packet to obtain an encrypted packet, including:
Determining any element in the packet to be encrypted as an encryption starting point;
determining numbers with the same number in the position replacement sequence according to the numbers of the elements in the to-be-encrypted packet;
The second number in the encrypted packet having the number as the element;
And determining an element corresponding to the first number which is the same as the second number as a next encryption starting point.
2. The data encryption method according to claim 1, characterized in that the method further comprises:
And if the length of the data to be encrypted is not an integer multiple of 10, supplementing padding characters after the last packet to be encrypted of the data to be encrypted, so that the length of each packet to be encrypted in the data to be encrypted is 10.
3. The data encryption method according to claim 1, characterized in that the method further comprises:
And if the length of the large exponential field is not an integer multiple of 10, discarding the last integer array with the length smaller than 10.
4. The data encryption method according to claim 1, characterized in that the method further comprises:
shifting elements in the first encrypted data according to a preset shifting direction and shifting length, and taking the shifted first encrypted data as new data to be encrypted;
Returning to the step of expanding the preset encryption index to obtain a large index pattern containing multi-bit numbers;
And re-executing the data encryption method according to a preset encryption round to obtain second encrypted data.
5. The data encryption method according to claim 1, characterized in that the method further comprises:
And the data encryption transmits the encryption index and the group corresponding relation to a data receiving party, so that the data receiving party decrypts the first encrypted data according to the encryption index and the group corresponding relation to obtain the data to be encrypted.
6. A data encryption system, comprising:
the first module is used for expanding a preset encryption index to obtain a large index field type containing multi-bit numbers;
a second module for dividing the digits of the large exponent pattern into a plurality of integer arrays starting from the most significant bit of the large exponent pattern;
Wherein the length of each integer array is 10, and each digit in the integer array is a decimal number;
a third module, configured to perform integer shaping on the integer array to obtain a position permutation sequence composed of a plurality of position permutation groups;
A fourth module, configured to divide the acquired element of the data to be encrypted into a plurality of packets to be encrypted, starting from the first bit on the left;
Wherein the length of each packet to be encrypted is 10;
a fifth module, configured to obtain an encrypted packet by performing position replacement on elements in the corresponding packet to be encrypted according to a preset packet correspondence through the position replacement packet;
A sixth module, configured to determine, according to a plurality of the encrypted packets, first encrypted data corresponding to the data to be encrypted;
The integer array is shaped to obtain a position replacement sequence composed of a plurality of position replacement groups, and the integer array comprises:
Sequentially inquiring each digit in the integer array from the first left digit, and deleting the digits except the first occurrence or only the first occurrence to obtain a first array;
Arranging decimal numbers which do not appear in the first array in an ascending order, and sequentially supplementing the decimal numbers to the last bit of the first array to obtain the position replacement group which has the length of 10 and appears in each decimal number and appears only once;
when finishing the integer array integer, obtaining the position replacement sequence composed of a plurality of position replacement groups;
Wherein a first number characterizes the position of a number or element in the position permutation sequence in the packet to be encrypted; the second number characterizes the position of the element in the encrypted packet; and performing position replacement on the corresponding element in the packet to be encrypted through the position replacement packet to obtain an encrypted packet, including:
Determining any element in the packet to be encrypted as an encryption starting point;
determining numbers with the same number in the position replacement sequence according to the numbers of the elements in the to-be-encrypted packet;
The second number in the encrypted packet having the number as the element;
And determining an element corresponding to the first number which is the same as the second number as a next encryption starting point.
7. A data encryption apparatus, comprising:
At least one processor;
At least one memory for storing at least one program;
The at least one program, when executed by the at least one processor, causes the at least one processor to implement the data encryption method of any one of claims 1-5.
8. A computer storage medium in which a processor-executable program is stored, characterized in that the processor-executable program is for implementing the data encryption method according to any one of claims 1-5 when being executed by the processor.
CN202210819562.3A 2022-07-13 2022-07-13 Data encryption method, system, device and storage medium Active CN115333777B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210819562.3A CN115333777B (en) 2022-07-13 2022-07-13 Data encryption method, system, device and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210819562.3A CN115333777B (en) 2022-07-13 2022-07-13 Data encryption method, system, device and storage medium

Publications (2)

Publication Number Publication Date
CN115333777A CN115333777A (en) 2022-11-11
CN115333777B true CN115333777B (en) 2024-07-23

Family

ID=83917286

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210819562.3A Active CN115333777B (en) 2022-07-13 2022-07-13 Data encryption method, system, device and storage medium

Country Status (1)

Country Link
CN (1) CN115333777B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116305225B (en) * 2023-05-24 2023-08-18 山东梧桐树软件有限公司 User data encryption protection method used in online payment process
CN117332432B (en) * 2023-09-21 2024-09-03 深圳高灯云科技有限公司 Data desensitization method, device, computer equipment and storage medium

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111865591A (en) * 2020-09-21 2020-10-30 北京华云安信息技术有限公司 Symmetric encryption method, device, equipment and storage medium
CN113792305A (en) * 2021-08-18 2021-12-14 广州城建职业学院 Encryption and decryption method, system, device and computer-readable storage medium

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115843360A (en) * 2020-07-27 2023-03-24 中国科学院重庆绿色智能技术研究院 Symmetric encryption and decryption method based on exponential complexity

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111865591A (en) * 2020-09-21 2020-10-30 北京华云安信息技术有限公司 Symmetric encryption method, device, equipment and storage medium
CN113792305A (en) * 2021-08-18 2021-12-14 广州城建职业学院 Encryption and decryption method, system, device and computer-readable storage medium

Also Published As

Publication number Publication date
CN115333777A (en) 2022-11-11

Similar Documents

Publication Publication Date Title
KR101267109B1 (en) Cryptographic primitives, error coding, and pseudo-random number improvement methods using quasigroups
Daemen Cipher and hash function design strategies based on linear and differential cryptanalysis
US8284933B2 (en) Encrypting variable-length passwords to yield fixed-length encrypted passwords
CN106656475B (en) Novel symmetric key encryption method for high-speed encryption
CN115333777B (en) Data encryption method, system, device and storage medium
CN115659409B (en) Financial asset transaction data safe storage method
CN116527233B (en) Energy monitoring data management system based on cloud computing
Dobraunig et al. Practical key-recovery attack on MANTIS5
CN115276989A (en) Serialized data encryption method based on direction scrambling
EP4094365A1 (en) Data compression and encryption algorithm
CN116418481A (en) Text privacy data double encryption protection method, device and equipment
Aung et al. A complex polyalphabetic cipher technique Myanmar polyalphabetic cipher
CN116663038A (en) Data encryption method and device and electronic equipment
CN107078900B (en) Cryptographic system based on reproducible random sequences
CN106027227A (en) Fermat number number-theoretic transform and SAFER (Secure And Fast Encryption Routine) cipher algorithm combined block encryption method
CN112235319B (en) Data encryption and decryption method and device and encryption and decryption circuit
CN109344627A (en) A Novel Shannon Perfect Secrecy Method
CN114285610A (en) Method for encrypting and transmitting information
US10917232B1 (en) Data enciphering or deciphering using a hierarchical assignment system
Rastaghi An efficient CCA2-secure variant of the McEliece cryptosystem in the standard model
CN109409106B (en) A Shannon Perfect Secrecy Method for a Novel Infinite Alphabet
KR20220137024A (en) Symmetric Asynchronous Generation Encryption Method
Smart et al. Historical Stream Ciphers
EP4156598A1 (en) Challenge-response pair generation apparatus and method based on puf
Cameron Notes on cryptography

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant