Search

CN-122027150-A - Information security encryption method, system and device

CN122027150ACN 122027150 ACN122027150 ACN 122027150ACN-122027150-A

Abstract

The invention discloses an information security encryption method, system and device, relating to the technical field of cryptography and information security, wherein the method comprises the steps of constructing a generalized Boolean function; the method comprises the steps of constructing an optimization model with multiple cryptographic property constraints by taking Gao Ersi norm minimization of a generalized Boolean function as an optimization target, adopting an optimization algorithm to iteratively update function parameters based on the optimization model, outputting an optimization function meeting all the cryptographic property constraints, generating a session key by combining an initial key input by a user based on a linear item coefficient matrix and a nonlinear item index set of the optimization function, grouping plaintext, carrying out nonlinear confusion by using the optimization function and the session key, generating ciphertext, calculating Gao Ersi norm values of the optimization function, and adding the Gao Ersi norm values as check bits into the ciphertext to finish encryption.

Inventors

  • YANG ZHIYAO

Assignees

  • 淮北师范大学

Dates

Publication Date
20260512
Application Date
20260403

Claims (10)

  1. 1. An information security encryption method is characterized by comprising the following steps: Acquiring plaintext data to be encrypted; Grouping plaintext data to be encrypted, and carrying out nonlinear confusion on each group of plaintext by using a target encryption function and a session key to generate an initial ciphertext, wherein the initial ciphertext is obtained by minimizing Gao Ersi norms of a generalized Boolean function as an optimization target, iteratively updating function parameters until a constraint condition of multiple cryptology properties is met, and outputting the target encryption function, wherein the Gao Ersi norms are obtained by calculating a Walsh spectrum of the target encryption function, and the session key is obtained by transforming an input initial key preset by a user on the basis of a linear term coefficient matrix and a nonlinear term index set of the target encryption function; and (3) taking the Gao Ersi norm value of the target encryption function as a check bit to be added into an initial ciphertext after being subjected to integer conversion, and outputting a final ciphertext.
  2. 2. The information security encryption method according to claim 1, wherein the Gao Ersi norm calculation process specifically includes the following steps: Calculating the Walsh spectrum of the target encryption function: ; Wherein the method comprises the steps of Is the root of the primitive unit of q value, As a vector of frequencies, ; According to the relation between Gao Ersi norms and Walsh spectrums, d-order Gao Ersi norms are calculated: ; Wherein, the Representing a vector space of n and m dimensions, respectively, x representing an n-dimensional vector.
  3. 3. The information security encryption method according to claim 1, wherein the multi-cryptology property constraint comprises the steps that nonlinearity is not lower than a preset threshold, difference uniformity is not higher than a preset upper limit, a Walsh spectrum maximum value is not higher than a preset threshold and algebraic times are not lower than a preset lower limit, wherein the preset threshold of the nonlinearity is determined according to an input dimension of a generalized Boolean function, the preset upper limit of the difference uniformity is determined according to a finite field size of the generalized Boolean function, the preset threshold of the Walsh spectrum maximum value is determined according to an output dimension of the generalized Boolean function, and the preset lower limit of the algebraic times is set according to security requirements.
  4. 4. The information security encryption method according to claim 1, wherein the optimization is performed by using an improved particle swarm algorithm, and the objective encryption function satisfying all the cryptographic constraints is output, and specifically comprises the following steps: Initializing a population to generate 50 vector Boolean function individuals, wherein each individual represents a group of function parameters including a linear term coefficient matrix and a nonlinear term index set; calculating the fitness of each individual based on Gao Ersi norm values and the satisfaction degree of the constraint condition; And iteratively updating individual parameters until convergence conditions are met, and outputting an optimal vector Boolean function meeting all constraints, wherein updating the individual parameters comprises adjusting the non-zero element positions of a linear term coefficient matrix and adjusting prime number combinations of a nonlinear term index set.
  5. 5. An information security encryption method according to claim 1, characterized in that the generation process of the session key comprises the steps of: splitting the user initial key into a plurality of sub-blocks; And after matrix multiplication operation on the remaining class ring is carried out by using the linear term coefficient matrix of the optimization function, adding on the remaining class ring is carried out by combining the nonlinear term index set of the optimization function, and a session key is output.
  6. 6. The method for encrypting information according to claim 1, wherein said grouping plaintext data to be encrypted, and using said objective encryption function and said session key to perform nonlinear confusion on each group of plaintext, generates an initial ciphertext, comprises the steps of: dividing a plaintext into a plurality of packets, each packet having a length that matches an output dimension of the target encryption function; and performing nonlinear confusion operation on each group of plaintext by using the target encryption function and the corresponding sub-block of the session key to generate an initial ciphertext.
  7. 7. The method of claim 1, wherein the check bits are bit strings of a fixed length obtained by calculating Gao Ersi norm values of the target encryption function and performing integer processing on the values.
  8. 8. An information security encryption system, comprising: the acquisition module is used for acquiring plaintext data to be encrypted; The first encryption module is used for grouping plaintext data to be encrypted, and nonlinear confusion is carried out on each group of plaintext by using a target encryption function and a session key to generate an initial ciphertext; the method comprises the steps of obtaining a session key by converting an input initial key preset by a user based on a linear term coefficient matrix and a nonlinear term index set of a target encryption function, wherein the Gao Ersi norm of a generalized Boolean function is minimized as an optimization target, and iteratively updating function parameters until a constraint condition of multiple cryptology properties is met, and outputting the target encryption function; And the second encryption module is used for adding the Gao Ersi norm value of the target encryption function into the initial ciphertext as a check bit after being subjected to integer and outputting a final ciphertext.
  9. 9. An information security encryption computer arrangement comprising a memory, a processor and a computer program stored in said memory, said processor implementing the steps of the information security encryption method according to any one of claims 1-7 when said computer program is executed.
  10. 10. A readable storage medium, characterized in that the readable storage medium stores a computer program comprising program instructions for performing the steps of the information security encryption method according to any one of claims 1-7 when the program instructions are executed by a processor.

Description

Information security encryption method, system and device Technical Field The invention relates to the technical field of cryptography and information security, in particular to an information security encryption method, system and device. Background The development of information security is not separated from the powerful support of theory and technology, the encryption algorithm is used as the core of information security, the intensity of the encryption algorithm directly determines the confidentiality, the integrity and the availability of data, and the existing mainstream encryption algorithm system is facing the unprecedented challenges from the evolution of computing power, the diversification of attack means, the complicacy of application scenes and the like. With the popularization of information technologies such as the internet of things, 6G communication and edge computing, an encryption algorithm needs to run on a limited terminal, which must consider practical overhead such as computational complexity, space storage and energy requirements. From the perspective of scene cryptography attack, for example, a side channel attack utilizes the information revealed by the physical implementation thereof to recover a secret key (such as power consumption, electromagnetic radiation and time consumption) instead of directly attacking the underlying mathematical principle of an algorithm, the performance and the safety of the traditional encryption algorithm are gradually limited when the traditional encryption algorithm faces to continuously updated attack means, a (vector) Boolean function is used as one of important primitives in cryptography, and the safety of the cryptography algorithm is directly determined by the quality of the cryptographic property, for example, a bent function, a plateau function, a perfect nonlinear function, a related immune function and other special Boolean functions can effectively resist differential and linear attacks; However, the existing encryption scheme based on the Boolean function has certain limitations when processing high-dimensional data and complex encryption operation, namely (1) the cryptographic measurement index of the security is single and mutual constraint exists, namely the advantages and disadvantages of the Boolean function property depend on a series of cryptographic indexes such as balance, nonlinearity, related immunity, algebraic times and the like, however, the indexes have a constraint relation in mathematical relation and cannot be simultaneously optimized. For example, SIEGENTHALER indicates that the algebraic number of the n-element m-th order related immune Boolean function does not exceed n-m-1 at most, that the optimal bent function of nonlinearity is unbalanced, and that a Boolean function with high related immunity has difficulty in achieving high nonlinearity. The present cryptographic algorithm analysis technology is not only a single attack, but also a multi-dimensional and compound "combined boxing" type attack method is generally adopted, higher requirements are put on the design of the cryptographic algorithm, the present algorithm scheme can be designed for one or a few known cryptographic analysis technologies, the existing algorithm scheme lacks uniform and integral security measures and is difficult to adapt to the technology which is continuously updated, and meanwhile, the design, standardization and implementation processes of some cryptographic algorithms are based on the "ideal and isolated threat standard", such as the isolation of design and analysis, the expansion of a short board effect and an attack surface and the synergistic effect of multiple attacks, in summary, the cryptographic algorithm under multiple attacks has limitation, and the existing constraint on the cryptographic algorithm is resistant to the situation that the existing algorithm scheme spans the uniform security of a computer resource and the security resource is not required, and the security of the algorithm is not calculated from the uniform security resource of the computing method. While the premise of the design of the cryptographic algorithm is that the cryptographic algorithm cannot be calculated under the condition of limited time, calculation power and memory, from the aspect of efficiency, a designer hopes that a legal user has high speed, low power consumption and the like when performing operations such as decryption or signature verification, namely 'legal operability' and 'illegal inoperability', and the like cause contradiction between the safety and the efficiency. In order to achieve higher security, designers may start from the aspects of complexity, algorithm iteration, mathematical difficulty and the like, introduce complex logic operations or more recursion rounds, resulting in increased computational overhead and increased power consumption. In the application scenarios of high-performance computing and resource limitation (