Encryption method, decryption method and device

By generating an initial dynamic vector using an XOR operation between a random number and an initialization vector in counter mode, and then performing accumulation and block encryption, the low security problem of plaintext transmission of the initialization vector in counter mode is solved, achieving higher data security.

CN115567189BActive Publication Date: 2026-06-09CHINA TELECOM CORP LTD

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
CHINA TELECOM CORP LTD
Filing Date
2022-09-06
Publication Date
2026-06-09

AI Technical Summary

Technical Problem

The existing block encryption and decryption method in counter mode has low security, especially when the initialization vector needs to be transmitted in plaintext.

Method used

An initial dynamic vector is obtained by XORing a random number with the initialization vector. An intermediate dynamic vector is then obtained by accumulating the data using a counter. This intermediate dynamic vector is then encrypted in parallel with a preset original key to generate dynamic vector ciphertext, which is then transmitted in place of the initialization vector.

Benefits of technology

This improves the security of data transmission, increases the difficulty of cracking, avoids the plaintext transmission of initialization vectors, and enhances data security.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN115567189B_ABST
    Figure CN115567189B_ABST
Patent Text Reader

Abstract

Embodiments of the present application provide an encryption method, a decryption method and a device. The encryption method can comprise: obtaining a random number of a preset data size; performing an exclusive or operation on the random number and a preset initialization vector to obtain an initial dynamic vector; performing N times of accumulation operation on the initial dynamic vector by a counter to obtain N intermediate dynamic vectors; performing parallel grouping encryption on a plaintext to be encrypted according to a preset original key and the N intermediate dynamic vectors to obtain a plaintext ciphertext; obtaining a dynamic vector ciphertext according to the preset original key and the initial dynamic vector; and combining the plaintext ciphertext and the dynamic vector ciphertext to obtain a final ciphertext. The technical solution provided by the embodiments of the present application can solve the problem of low security of the grouping encryption and decryption mode in the counter mode in the prior art.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This application belongs to the field of data security technology, specifically relating to an encryption method, decryption method, and apparatus. Background Technology

[0002] With the rapid development of electronic information technology, transmitting data in electronic form has become a widely used technical means.

[0003] In existing technologies, encryption methods are commonly used to improve the security of electronic data transmission. Among them, the Advanced Encryption Standard (AES) is currently one of the most widely used encryption standards.

[0004] Under the AES standard specification, the currently popular block encryption and decryption modes include counter mode (CTR mode). This mode has the advantages of parallel computing, high encryption and decryption efficiency, and no propagation of errors, but it also has certain disadvantages. In this mode, the initialization vector is accumulated by a counter to obtain the intermediate vector participating in the encryption of each block of plaintext. However, the initialization vector needs to be transmitted in plaintext, which results in lower security. Summary of the Invention

[0005] The purpose of this application is to provide an encryption method, decryption method, and apparatus to solve the problem of low security in the block encryption and decryption method under counter mode in the prior art.

[0006] In a first aspect, embodiments of this application provide an encryption method, the method comprising:

[0007] Get a random number of a preset data size;

[0008] The initial dynamic vector is obtained by performing an XOR operation between the random number and the preset initialization vector.

[0009] The initial dynamic vector is incremented N times by a counter to obtain N intermediate dynamic vectors;

[0010] Based on the preset original key and the N intermediate dynamic vectors, the plaintext to be encrypted is subjected to parallel group encryption to obtain plaintext ciphertext.

[0011] Based on the preset original key and the initial dynamic vector, the dynamic vector ciphertext is obtained;

[0012] The plaintext ciphertext and the dynamic vector ciphertext are combined to form the final ciphertext.

[0013] Secondly, embodiments of this application provide a decryption method, the method comprising:

[0014] Receive target ciphertext;

[0015] From the target ciphertext, obtain the dynamic vector ciphertext;

[0016] The initial dynamic vector is obtained based on the preset original key and the dynamic vector ciphertext;

[0017] The initial dynamic vector is incremented N times by a counter to obtain the N intermediate dynamic vectors.

[0018] Based on the preset original key and the N intermediate dynamic vectors, the plaintext and ciphertext in the target ciphertext are decrypted in parallel groups to obtain the decrypted plaintext.

[0019] Thirdly, embodiments of this application provide an encryption device, the device comprising:

[0020] The first acquisition module is used to acquire a random number of a preset data size;

[0021] The first vector acquisition module is used to perform an XOR operation between the random number and the preset initialization vector to obtain an initial dynamic vector.

[0022] The second vector acquisition module is used to perform N accumulation operations on the initial dynamic vector through a counter to obtain N intermediate dynamic vectors.

[0023] The first encryption module is used to perform parallel group encryption on the plaintext to be encrypted according to the preset original key and the N intermediate dynamic vectors to obtain plaintext ciphertext.

[0024] The second encryption module is used to obtain the dynamic vector ciphertext based on the preset original key and the initial dynamic vector;

[0025] The ciphertext processing module is used to combine the plaintext ciphertext and the dynamic vector ciphertext to form the final ciphertext.

[0026] Fourthly, embodiments of this application provide a decryption device, the device comprising:

[0027] The receiving module is used to receive the target ciphertext;

[0028] The second acquisition module is used to acquire dynamic vector ciphertext from the target ciphertext;

[0029] The first decryption module is used to obtain the initial dynamic vector based on the preset original key and the dynamic vector ciphertext;

[0030] The third vector acquisition module is used to perform N accumulation operations on the initial dynamic vector through a counter to obtain the N intermediate dynamic vectors.

[0031] The second decryption module is used to perform parallel group decryption of the plaintext and ciphertext in the target ciphertext according to the preset original key and the N intermediate dynamic vectors to obtain the decrypted plaintext.

[0032] Fifthly, embodiments of this application provide an electronic device including a processor and a memory, the memory storing a program or instructions executable on the processor, the program or instructions being executed by the processor to implement steps in the encryption method as described in the first aspect, or steps in the decryption method as described in the second aspect.

[0033] In a sixth aspect, embodiments of this application provide a readable storage medium storing a program or instructions that, when executed by a processor, implement the steps in the encryption method as described in the first aspect, or the steps in the decryption method as described in the second aspect.

[0034] The technical solution provided in this application, compared to the existing block encryption / decryption method in the counter mode, no longer uses a counter to accumulate the initialization vector to obtain the intermediate vector used for each group of plaintext encryption. Instead, it first performs an XOR operation between the initialization vector and a random number to obtain an initial dynamic vector, and then uses a counter to accumulate this initial dynamic vector to obtain the intermediate vector (i.e., the intermediate dynamic vector) used for each group of plaintext encryption. This process first makes the initial dynamic vector replace the initialization vector as one of the key decryption elements. Therefore, during ciphertext transmission, it is no longer necessary to transmit the initialization vector, but rather the initial dynamic vector. Furthermore, this application embodiment can perform block encryption on the initial dynamic vector, making it invisible during transmission, increasing the difficulty of cracking, solving the problem of plaintext transmission of the initialization vector in the existing counter mode, and improving data security. Attached Figure Description

[0035] Figure 1 A flowchart illustrating the encryption method provided in this application embodiment;

[0036] Figure 2 One of the schematic diagrams of the encryption process provided in the embodiments of this application;

[0037] Figure 3 A second schematic diagram of the encryption process provided in an embodiment of this application;

[0038] Figure 4 A flowchart illustrating the decryption method provided in an embodiment of this application;

[0039] Figure 5 One of the schematic diagrams of the decryption process provided in the embodiments of this application;

[0040] Figure 6 A second schematic diagram of the decryption process provided in an embodiment of this application;

[0041] Figure 7 A schematic block diagram of an encryption device provided in an embodiment of this application;

[0042] Figure 8 A schematic block diagram of a decryption device provided in an embodiment of this application. Detailed Implementation

[0043] The technical solutions of the embodiments of this application will be clearly and completely described below with reference to the accompanying drawings. Obviously, the embodiments described below are only some, not all, of the embodiments of this application. All other embodiments obtained by those skilled in the art based on the embodiments of this application without creative effort are within the scope of protection of this application.

[0044] It should be understood that the phrase "one embodiment" or "an embodiment" in the specification means that a specific feature, structure, or characteristic related to the embodiment is included in at least one embodiment of this application. Therefore, "in one embodiment" or "in an embodiment" appearing throughout the specification does not necessarily refer to the same embodiment. Furthermore, these specific features, structures, or characteristics may be combined in any suitable manner in one or more embodiments.

[0045] In the various embodiments of this application, it should be understood that the sequence number of the steps does not imply an absolute order of execution. The execution order of each step should be determined by its function and internal logic. Therefore, the sequence number of each step should not constitute an absolute limitation on the implementation process of the embodiments of this application.

[0046] The encryption method provided in this application will be described in detail below with reference to the accompanying drawings, through specific embodiments and application scenarios.

[0047] This application provides an encryption method applied to a first electronic device, which can be a server or a terminal device. That is, the steps in the encryption method can be executed by the server or by the terminal device.

[0048] like Figure 1 As shown, the encryption method may include:

[0049] Step 101: Obtain a random number of a preset data size.

[0050] The random number can be generated automatically by the device or entered manually.

[0051] The preset data size mentioned here can be 128 bits, or 16 bytes. The random number can be composed of 128 binary numbers, 32 hexadecimal numbers, or other number bases.

[0052] Step 102: Perform an XOR operation between the obtained random number and the preset initialization vector to obtain the initial dynamic vector.

[0053] The preset initialization vector mentioned here refers to the initialization vector (IV) in the field of cryptography, which is generally a random number or a quasi-random number. In the embodiments of this application, the initialization vector can be 128 bits, or 16 bytes.

[0054] Suppose that the random numbers obtained are P SJ This indicates that the preset initialization vector is denoted by IV (hereinafter referred to as the initialization vector IV), and the initial dynamic vector is denoted by IV0 (hereinafter referred to as the dynamic vector IV0). For example... Figure 2 or Figure 3 As shown, the initialization vector IV and the random number P SJ Performing an XOR operation yields the dynamic vector IV0 (i.e., the initial value of the dynamic vector), namely: IV0 = P SJ ⊕IV.

[0055] The initial dynamic vector is used to obtain the intermediate dynamic vector used when performing block encryption on the plaintext to be encrypted (i.e., the data to be encrypted), as detailed in step 103.

[0056] Step 103: Perform N accumulation operations on the initial dynamic vector using a counter to obtain N intermediate dynamic vectors.

[0057] In this embodiment of the application, after obtaining the initial dynamic vector, a counter can be used to accumulate the initial dynamic vector to obtain a vector (i.e., an intermediate dynamic vector) for block encryption of the plaintext to be encrypted. Each accumulation operation yields an intermediate dynamic vector, and the counter value can be incremented by 1 during each accumulation operation.

[0058] Assuming the intermediate dynamic vector uses IV i If it means:

[0059]

[0060] Based on the above formula, N intermediate dynamic vectors can be obtained, namely: IV1, IV2, IV3, ..., IV N Among them, IV i Let represent the intermediate dynamic vector obtained from the i-th accumulation operation, where 1 ≤ i ≤ N.

[0061] In the block cipher algorithm, the plaintext to be encrypted needs to be divided into several groups, and the number of intermediate dynamic vectors is the same as the number of groups of the plaintext to be encrypted. One intermediate dynamic vector participates in the encryption of one group of plaintext. That is to say, the value of N depends on the number of groups of the plaintext to be encrypted, and N≥1.

[0062] Step 104: Based on the preset original key and N intermediate dynamic vectors, perform parallel block encryption on the plaintext to be encrypted to obtain the plaintext ciphertext.

[0063] In this embodiment, after obtaining N intermediate dynamic vectors, the plaintext to be encrypted can be encrypted in parallel using the intermediate dynamic vectors and a preset original key (hereinafter referred to as the original key), thereby obtaining the plaintext ciphertext. The parallel encryption computation method has low complexity and high encryption efficiency.

[0064] The preset original key is agreed upon in advance by the encryptor and decryptor and is generally fixed. If it needs to be changed, the encryptor and decryptor can renegotiate it.

[0065] The block encryption process generally includes four steps: byte substitution, row shifting, column obfuscation, and round key addition.

[0066] Step 105: Obtain the dynamic vector ciphertext after block encryption based on the preset original key and the initial dynamic vector.

[0067] Since the intermediate dynamic vector is obtained from the initial dynamic vector, in order for the ciphertext receiver to decrypt the ciphertext, the initial dynamic vector needs to be sent to the ciphertext receiver. In order to improve the security of the transmission of the initial dynamic vector, the initial dynamic vector can also be grouped and encrypted in this embodiment to obtain the dynamic vector ciphertext.

[0068] Step 106: Combine the plaintext ciphertext and the dynamic vector ciphertext to form the final ciphertext.

[0069] Finally, concatenating the plaintext ciphertext with the dynamic vector ciphertext yields the final ciphertext. This final ciphertext can then be sent to the recipient, i.e., the decryptor.

[0070] The encryption method provided in this application improves upon the counter mode of block encryption. Instead of accumulating the initialization vector using a counter to obtain the intermediate vector used in each plaintext encryption group, it first XORs the initialization vector with a random number to obtain the initial dynamic vector. Then, it accumulates this initial dynamic vector using a counter to obtain the intermediate vector (i.e., the intermediate dynamic vector) used in each plaintext encryption group. This approach makes the initial dynamic vector, instead of the initialization vector, one of the key decryption elements. Therefore, during ciphertext transmission, it is no longer necessary to transmit the initialization vector, but rather the initial dynamic vector. Furthermore, this application embodiment can perform block encryption on the initial dynamic vector, making it invisible during transmission, increasing the difficulty of cracking, solving the problem of plaintext transmission of the initialization vector in the existing counter mode, and improving data security.

[0071] As an optional embodiment, the random number mentioned in step 101 can be a globally unique identifier (GUID) generated by a first preset algorithm. This improves the uniqueness of the random number, thereby increasing the uniqueness of the initial dynamic vector and reducing the risk of replay attacks. Furthermore, since the random number is generated by an algorithm and does not rely on human input, the risk of manually ensuring the uniqueness of the random number can be avoided. The first preset algorithm can be selected according to actual needs, and this embodiment does not limit its selection.

[0072] Optionally, the random number can be generated by the current electronic device. Therefore, before step 101: obtaining a random number of a preset data size, the encryption method may further include: generating a globally unique identifier according to a first preset algorithm, and determining the globally unique identifier as a random number.

[0073] As an optional embodiment, step 105: obtaining the dynamic vector ciphertext after block encryption based on the preset original key and the initial dynamic vector may include:

[0074] Based on the preset original key, the initial dynamic vector is encrypted in blocks to obtain the dynamic vector ciphertext.

[0075] like Figure 2 As shown in the embodiments of this application, the dynamic vector ciphertext can be obtained by block encryption of the dynamic vector IV0 (i.e., the initial dynamic vector) using the original key. Assume the dynamic vector ciphertext is obtained using C... IV0 In other words, C IV0 =E(IV0), where E represents the block encryption function.

[0076] Since block encryption is relatively more secure, encrypting the initial dynamic vector using block encryption can improve the security of the initial dynamic vector transmission.

[0077] As an optional embodiment, step 105: obtaining the dynamic vector ciphertext after block encryption based on the preset original key and the initial dynamic vector may include:

[0078] Based on the preset original key, the initial dynamic vector is encrypted in blocks to obtain the intermediate vector ciphertext; the intermediate vector ciphertext is XORed with the preset initialization vector to obtain the final dynamic vector ciphertext.

[0079] like Figure 3 As shown in the embodiment of this application, the dynamic vector IV0 (i.e., the initial dynamic vector) can also be first encrypted in blocks using the original key to obtain the intermediate vector ciphertext, and then the intermediate vector ciphertext can be XORed with the initialization vector IV to obtain the dynamic vector ciphertext C. IV0 ,Right now: Where E represents the block encryption function.

[0080] In this embodiment, not only is a block encryption method with relatively higher security adopted, but the result of block encryption (i.e., intermediate vector ciphertext) is also XORed with the initialization vector to obtain the final dynamic vector ciphertext. In this way, the decryptor needs to use the initialization vector and the encryption key to obtain the initial dynamic vector, which further increases the difficulty of cracking the dynamic vector ciphertext and improves the security of the initial dynamic vector transmission.

[0081] In this embodiment, the initialization vector is one of the key elements for decrypting dynamic vector ciphertext. Therefore, the encryptor and decryptor can pre-agree on the initialization vector, which eliminates the need for transmission and avoids leakage. Generally, once agreed upon, the initialization vector remains fixed. When changes are needed, the encryptor and decryptor can renegotiate the initialization vector.

[0082] As an optional embodiment, step 104: performing parallel block encryption on the plaintext to be encrypted based on the preset original key and N intermediate dynamic vectors to obtain the plaintext ciphertext, may include:

[0083] Step A1: Divide the plaintext to be encrypted into groups according to the preset data size of each group, and obtain N plaintext groups.

[0084] In the AES standard specification, the plaintext block size (or block length) can only be 128 bits, so the preset data size can be 128 bits, or 16 bytes.

[0085] When dealing with encrypted plaintext blocks, they can be grouped into sets of 16 bytes (8 bits per byte, totaling 128 bits). For the last block, if it is less than 16 bytes, padding is performed to make it 16 bytes. The padding strategy is: if n bytes are missing, add n zeros or n n; that is, if 3 bytes are missing, add 3 zeros or 3 3s (hexadecimal). If the last block is 16 bytes, it also needs to be padded with 16 bytes, specifically 16 zeros or 16 16s (hexadecimal). The main purpose of this process is that after decrypting the encrypted plaintext, the padding strategy can be used to identify which data is padding, allowing the padding data to be removed and the actual plaintext content obtained.

[0086] Among them, the N plaintext packets include the last supplementary packet.

[0087] Step A2: Perform an XOR operation between each plaintext group in the N plaintext groups and a corresponding intermediate dynamic vector to obtain N groups of intermediate plaintext ciphertext.

[0088] In this embodiment of the application, after completing the grouping of plaintext to be encrypted, each group of plaintext can be XORed with a corresponding intermediate dynamic vector to obtain N groups of intermediate plaintext ciphertext.

[0089] Generally, each set of plaintext corresponds sequentially to an intermediate dynamic vector, i.e., the first set of plaintext corresponds to the first obtained intermediate dynamic vector (i.e., dynamic vector IV1), the second set of plaintext corresponds to the second obtained intermediate dynamic vector (i.e., dynamic vector IV2), and so on, until the Nth set of plaintext corresponds to the Nth obtained intermediate dynamic vector (i.e., dynamic vector IV). N ).

[0090] Suppose that after the plaintext to be encrypted is divided into blocks, N blocks of plaintext are obtained, namely: plaintext P1, P2, ..., P... N .like Figure 2 or Figure 3 As shown, each set of plaintext is associated with a corresponding intermediate dynamic vector (i.e., dynamic vectors IV1, IV2, ..., P). N Perform an XOR operation to obtain the intermediate plaintext and ciphertext.

[0091] Step A3: Expand the preset original key according to the second preset algorithm to obtain M extended keys.

[0092] In block cipher algorithms, a second preset algorithm (such as a key arrangement function) can be used to expand the preset original key into M extended keys. The second preset algorithm can be selected according to actual needs, and this application embodiment does not specifically limit it.

[0093] In the AES standard specification, the key length can be 128 bits, 192 bits, or 256 bits. Therefore, the length of the preset original key described in this application embodiment can be 128 bits, 192 bits, or 256 bits. The value of M is related to the size of the preset original key. When the preset original key is 128 bits, M is 10; when the preset original key is 192 bits, M is 12; and when the preset original key is 256 bits, M is 14.

[0094] Step A4: Based on the M extended keys, perform parallel block encryption on each group of intermediate plaintext and ciphertext to obtain N groups of encrypted plaintext.

[0095] like Figure 2 or Figure 3 As shown, in this step, an extended key can be used to perform a block encryption process on each group of intermediate plaintext and ciphertext. After multiple rounds of transformation, N groups of encrypted plaintext are obtained, namely plaintext and ciphertext C1, C2, ..., C6. N .

[0096] Suppose that each set of plaintext and ciphertext is represented as C. i ,but Among them, C i P represents the encrypted plaintext and ciphertext of the i-th group. i Let represent the i-th block of plaintext to be encrypted, E represent the block cipher function, and IV represent the ciphertext. i Let represent the intermediate dynamic vector obtained from the i-th accumulation operation, where 1 ≤ i ≤ N.

[0097] Step A5: Concatenate the N encrypted plaintexts to form the final plaintext-ciphertext.

[0098] Finally, by concatenating the N encrypted plaintexts, the final plaintext-ciphertext can be obtained.

[0099] As an optional embodiment, step 104: performing parallel block encryption on the plaintext to be encrypted based on the preset original key and N intermediate dynamic vectors to obtain the plaintext ciphertext, may include:

[0100] Step B1: Divide the plaintext to be encrypted into groups according to the preset data size of each group, and obtain N plaintext groups.

[0101] Step B2: Expand the preset original key according to the second preset algorithm to obtain M extended keys.

[0102] Step B3: Based on the M extended keys, perform parallel block encryption on each intermediate dynamic vector to obtain the ciphertext of the intermediate dynamic vector.

[0103] Step B4: Perform an XOR operation between each set of plaintext and a corresponding intermediate dynamic vector ciphertext to obtain N sets of encrypted plaintext.

[0104] Step B5: Concatenate the N encrypted plaintexts to form the final plaintext-ciphertext.

[0105] The difference between this embodiment and the previous embodiment is that the previous embodiment performed parallel group encryption on the XOR operation result of each group of plaintext and the intermediate dynamic vector, while this embodiment first performs parallel group encryption on the intermediate dynamic vector, and then performs an XOR operation on each group of plaintext and the encrypted intermediate dynamic vector to obtain the final plaintext-ciphertext. The two implementation methods can be selected according to actual needs.

[0106] As an optional embodiment, step 106: combining the plaintext ciphertext and the dynamic vector ciphertext to form the final ciphertext may include:

[0107] The dynamic vector ciphertext is placed at a preset position and combined with N sets of plaintext and ciphertext to form the final ciphertext.

[0108] The preset position mentioned here is the grouping position, that is, the grouping arrangement position, which can be represented as the Xth grouping position.

[0109] Where X can be 1, meaning the dynamic vector ciphertext is placed in the first block position, that is, the dynamic vector ciphertext is placed at the beginning of N blocks of plaintext ciphertext, such as {C IV0 C1, C2, ..., C N}; X can also take the value N+1, which means placing the dynamic vector ciphertext at the end of N sets of plaintext ciphertext, such as {C1, C2, ..., C...} N C IV0}; Of course, X can also take a value between 1 and N+1, that is, the dynamic vector ciphertext is placed at a certain position between N sets of plaintext and ciphertext, such as {C1, C2, C...} IV0 , ..., C N The specific choice can be made according to actual needs.

[0110] The encryptor and decryptor can agree on the preset location in advance so that the decryptor can accurately obtain the dynamic vector ciphertext.

[0111] Finally, examples illustrating the application scenarios of the encryption method provided in the embodiments of this application will be given.

[0112] For example, client A is the mobile service hall of operator A, a self-service software for smartphone users. With the development of the Internet, online business processing, support, and promotional activities have become increasingly convenient and efficient. Therefore, client A inevitably needs to transmit user information with various service providers. However, due to network information security requirements, user information cannot be transmitted in plaintext over the public Internet. In this scenario, the encryption method provided in this application embodiment can be used to encrypt the user information (corresponding to the plaintext to be encrypted mentioned above) during transmission, thereby improving the security of user information transmission.

[0113] Specifically, client A, as the sender, first encrypts the user information using the encryption method provided in this application embodiment, and assembles it as parameters into the receiving address of the service provider system, then redirects to the service provider address. The service provider, as the receiver, receives client A's request, decrypts the parameters, obtains the user information, and completes the business logic.

[0114] In this process, client A and service provider can agree on a common key (corresponding to the preset original key mentioned above), and if necessary, they can also agree on a common initialization vector (corresponding to the preset initialization vector mentioned above).

[0115] The above is a description of the encryption method provided in the embodiments of this application.

[0116] This application embodiment also provides a corresponding decryption method for the encryption method described above, applied to a second electronic device, which can be a server or a terminal device. That is, the steps in the encryption method can be executed by the server or by the terminal device.

[0117] like Figure 4 As shown, the decryption method may include:

[0118] Step 401: Receive the target ciphertext.

[0119] After encrypting the plaintext to be encrypted, the first electronic device can send the final ciphertext (i.e., the target ciphertext including plaintext ciphertext and dynamic vector ciphertext) to the ciphertext recipient, namely the second electronic device.

[0120] The plaintext ciphertext is obtained based on the aforementioned step 104, and the dynamic vector ciphertext is obtained based on the aforementioned step 105.

[0121] Step 402: Obtain the dynamic vector ciphertext from the target ciphertext.

[0122] After receiving the target ciphertext, the second electronic device can extract the dynamic vector ciphertext from the target ciphertext.

[0123] Step 403: Obtain the initial dynamic vector after block decryption processing based on the preset original key and dynamic vector ciphertext.

[0124] After obtaining the dynamic vector ciphertext from the target ciphertext, an initial dynamic vector, processed by block decryption, can be obtained based on the preset original key (or simply the original key) and the dynamic vector ciphertext. This initial dynamic vector is used to obtain the intermediate dynamic vector for block decryption of the plaintext ciphertext (i.e., the data to be decrypted).

[0125] The preset original key mentioned here is agreed upon in advance by the encryptor and decryptor.

[0126] Step 404: Perform N accumulation operations on the initial dynamic vector using a counter to obtain N intermediate dynamic vectors.

[0127] In this embodiment of the application, after obtaining the initial dynamic vector, a counter can be used to accumulate the initial dynamic vector to obtain a vector (i.e., an intermediate dynamic vector) for block encryption of the plaintext to be encrypted. Each accumulation operation yields an intermediate dynamic vector, and the counter value can be incremented by 1 during each accumulation operation.

[0128] Assume the initial dynamic vector is denoted by IV0 (hereinafter simply referred to as dynamic vector IV0), and the intermediate dynamic vector is denoted by IV. i If it means:

[0129]

[0130] Based on the above formula, N intermediate dynamic vectors can be obtained, namely: IV1, IV2, IV3, ..., IV N Among them, IV i Let represent the intermediate dynamic vector obtained from the i-th accumulation operation, where 1 ≤ i ≤ N.

[0131] In the block decryption algorithm, the plaintext and ciphertext need to be divided into several groups. The number of intermediate dynamic vectors is the same as the number of plaintext and ciphertext groups. One intermediate dynamic vector participates in the decryption of one group of plaintext and ciphertext. In other words, the value of N depends on the number of plaintext and ciphertext groups, and N≥1.

[0132] Step 405: Based on the preset original key and N intermediate dynamic vectors, perform parallel group decryption on the plaintext and ciphertext in the target ciphertext to obtain the decrypted plaintext.

[0133] In this embodiment, after obtaining N intermediate dynamic vectors, the plaintext and ciphertext can be decrypted in parallel groups based on the intermediate dynamic vectors and the preset original key, thereby obtaining the decrypted plaintext. The parallel decryption method has low complexity and high encryption efficiency.

[0134] As can be seen from the decryption method provided in this application, to decrypt plaintext and ciphertext, the dynamic vector ciphertext must first be decrypted to obtain the initial dynamic vector. Since the initial dynamic vector is encrypted, it is invisible during transmission. Even if an attacker intercepts the target ciphertext, it is difficult to directly obtain the same vector from the ciphertext, increasing the difficulty of cracking. The ciphertext receiver, possessing the decryption key, can decrypt the dynamic vector ciphertext to obtain the initial dynamic vector. This approach solves the problem of plaintext transmission of the initialization vector in existing counter modes, improving data security.

[0135] As an optional embodiment, when the dynamic vector ciphertext is obtained by block encryption of the initial dynamic vector based on a preset original key, step 403: obtaining the initial dynamic vector based on the preset original key and the dynamic vector ciphertext may include:

[0136] Based on the preset original key, the dynamic vector ciphertext is divided into blocks and decrypted to obtain the initial dynamic vector. For example... Figure 5 As shown, during the decryption process, the dynamic vector IV0 (i.e., the initial dynamic vector) can be obtained from the original key paired with the dynamic vector ciphertext C. IV0 The result is obtained by grouping and decryption, i.e.: IV0 = D(C IV0 ), where D represents the block decryption function.

[0137] As an optional embodiment, when the dynamic vector ciphertext is obtained by first encrypting the initial dynamic vector in blocks according to the preset original key, and then performing an XOR operation with the preset initialization vector, step 403: obtaining the initial dynamic vector according to the preset original key and the dynamic vector ciphertext may include:

[0138] Perform an XOR operation between the dynamic vector ciphertext and the preset initialization vector to obtain the intermediate vector ciphertext; decrypt the intermediate vector ciphertext in groups according to the preset original key to obtain the initial dynamic vector.

[0139] like Figure 6 As shown, during the decryption process, the dynamic vector IV0 (i.e., the initial dynamic vector) can first be generated from the dynamic vector ciphertext C. IV0 The intermediate vector ciphertext is obtained by XORing the initialization vector IV with the original key. Then, the intermediate vector ciphertext is decrypted in blocks using the original key. Where D represents the block decryption function.

[0140] In this embodiment, the initialization vector is one of the key elements for decrypting dynamic vector ciphertext. Therefore, the encryptor and decryptor can pre-agree on the initialization vector, which eliminates the need for transmission and avoids leakage. Generally, once agreed upon, the initialization vector remains fixed. When changes are needed, the encryptor and decryptor can renegotiate the initialization vector.

[0141] As an optional embodiment, for the encryption steps described in steps A1 to A5 above, this application embodiment provides corresponding decryption steps, please refer to steps C1 to C5 for details.

[0142] Step 405: Based on the preset original key and N intermediate dynamic vectors, perform parallel block decryption on the plaintext and ciphertext in the target ciphertext to obtain the decrypted plaintext, which may include:

[0143] Step C1: Obtain N sets of plaintext and ciphertext with a preset data size from the target ciphertext.

[0144] In the AES standard specification, the plaintext block size (or block length) can only be 128 bits, and the length of each plaintext ciphertext block is the same as the length of each plaintext block. Therefore, the preset data size can be 128 bits, or 16 bytes.

[0145] The number of plaintext and ciphertext groups is the same as the number of plaintext groups (including padding groups).

[0146] Step C2: Expand the preset original key according to the second preset algorithm to obtain M extended keys.

[0147] In the block decryption algorithm, a second preset algorithm (such as a key arrangement function) can be used to expand the preset original key into M extended keys. The second preset algorithm can be selected according to actual needs, and this application embodiment does not specifically limit it.

[0148] The value of M is related to the size of the preset original key. When the preset original key is 128 bits, the value of M is 10; when the preset original key is 192 bits, the value of M is 12; and when the preset original key is 256 bits, the value of M is 14.

[0149] Step C3: Based on the M extended keys, decrypt each group of plaintext and ciphertext separately to obtain N groups of intermediate plaintext and ciphertext.

[0150] like Figure 5 or Figure 6 As shown, in this step, an extended key can be used to process each set of plaintext and ciphertext (e.g., C1, C2, ..., C...). N The process involves grouping and decrypting, and after multiple rounds of changes, the intermediate plaintext and ciphertext of each group are obtained, i.e., intermediate plaintext and ciphertext i = D(C i), where i represents the i-th group of plaintext-ciphertext, C i Let represent the i-th plaintext-ciphertext group, and D represent the block decryption function, where 1 ≤ i ≤ N.

[0151] Step C4: Perform an XOR operation between each set of intermediate plaintext and ciphertext and a corresponding intermediate dynamic vector to obtain N sets of decrypted plaintext.

[0152] like Figure 5 or Figure 6 As shown, after obtaining N sets of intermediate plaintext and ciphertext, each set of intermediate plaintext and ciphertext can be associated with a corresponding intermediate dynamic vector (i.e., dynamic vectors IV1, IV2, ..., IV3). N Perform an XOR operation to obtain N sets of decrypted plaintext (i.e., plaintext P1, P2, ..., P3). N ),Right now P i This represents the i-th group of plaintext.

[0153] Generally, each set of intermediate plaintext / ciphertext corresponds sequentially to an intermediate dynamic vector, i.e., the first set of intermediate plaintext / ciphertext corresponds to the first obtained intermediate dynamic vector (i.e., dynamic vector IV1), the second set of plaintext corresponds to the second obtained intermediate dynamic vector (i.e., dynamic vector IV2), and so on, until the Nth set of plaintext corresponds to the Nth obtained intermediate dynamic vector (i.e., dynamic vector IV). N ).

[0154] Step C5: Combine the N sets of decrypted plaintext into the final decrypted plaintext.

[0155] Finally, by concatenating the N sets of decrypted plaintext in sequence, the final decrypted plaintext can be obtained.

[0156] As an optional embodiment, for the encryption steps described in steps B1 to B5 above, this application embodiment provides corresponding decryption steps, please refer to steps D1 to D5 for details.

[0157] Step 405: Based on the preset original key and N intermediate dynamic vectors, perform parallel block decryption on the plaintext and ciphertext in the target ciphertext to obtain the decrypted plaintext, which may include:

[0158] Step D1: Obtain N sets of plaintext and ciphertext with a preset data size from the target ciphertext.

[0159] Step D2: Expand the preset original key according to the second preset algorithm to obtain M extended keys.

[0160] Step D3: Based on the M extended keys, encrypt each intermediate dynamic vector in blocks to obtain the ciphertext of the intermediate dynamic vector.

[0161] Step D4: Perform an XOR operation between each set of plaintext and a corresponding intermediate dynamic vector ciphertext to obtain N sets of decrypted plaintext.

[0162] Step D5: Combine the N sets of decrypted plaintext into the final decrypted plaintext.

[0163] The decryption steps described in this embodiment differ from those in the previous embodiment in that the previous embodiment first decrypted each group of plaintext and ciphertext to obtain intermediate plaintext and ciphertext, and then XORed the intermediate plaintext and ciphertext with the corresponding intermediate dynamic vector to obtain the decrypted plaintext. This embodiment, however, first encrypts each intermediate dynamic vector in groups to obtain intermediate dynamic vector ciphertext; then XORed each group of plaintext and ciphertext with the corresponding intermediate dynamic vector ciphertext to obtain the decrypted plaintext.

[0164] As an optional embodiment, step 403: obtaining the dynamic vector ciphertext from the target ciphertext may include:

[0165] Based on the preset data size for each group, the target ciphertext is divided into N+1 blocks of ciphertext; the ciphertext blocks at preset positions are determined as dynamic vector ciphertext.

[0166] The preset position mentioned here is the grouping position, that is, the grouping arrangement position, which can be represented as the Xth grouping position.

[0167] Where X can take the value 1, that is, the dynamic vector ciphertext is in the first block position, such as {C IV0 C1, C2, ..., C N}; X can also take the value N+1, which means placing the dynamic vector ciphertext in the last block position, such as {C1, C2, ..., C...} N C IV0}; Of course, X can also take a value between 1 and N+1, that is, to place the dynamic vector ciphertext at a certain position between N sets of plaintext and ciphertext, such as {C1, C2, C...} IV0 , ..., C N The specific choice can be made according to actual needs. The encrypting and decrypting parties can pre-agree on the preset location so that the decrypting party can accurately obtain the dynamic vector ciphertext.

[0168] The above is a description of the encryption method provided in the embodiments of this application.

[0169] In summary, in this embodiment, when encrypting the plaintext to be encrypted, an initial dynamic vector is first obtained based on the initialization vector and the obtained random number. Then, the initial dynamic vector is used in conjunction with a counter to obtain an intermediate dynamic vector. This intermediate dynamic vector is then used in parallel group encryption with the plaintext to obtain the plaintext-ciphertext. The initial dynamic vector is also subjected to group encryption, and the encrypted initial dynamic vector (i.e., the dynamic vector ciphertext) is sent along with the plaintext-ciphertext to the ciphertext receiver. Upon receiving the ciphertext (i.e., the target ciphertext), the ciphertext receiver needs to decrypt the dynamic vector ciphertext to obtain the initial dynamic vector before it can decrypt the plaintext-ciphertext based on the initial dynamic vector and the preset original key.

[0170] This approach first makes the initial dynamic vector replace the initialization vector as one of the key decryption elements. Therefore, during the ciphertext transmission process, it is no longer necessary to transmit the initialization vector, but rather the initial dynamic vector. Furthermore, the embodiments of this application can encrypt the initial dynamic vector in groups, making the initial dynamic vector invisible during transmission, increasing the difficulty of cracking, solving the problem of plaintext transmission of the initialization vector in the existing counter mode, and improving data security.

[0171] The encryption and decryption methods provided in the embodiments of this application have been described above. The encryption and decryption devices provided in the embodiments of this application will be described below with reference to the accompanying drawings.

[0172] like Figure 7 As shown in the figure, this application embodiment also provides an encryption device corresponding to the encryption method described above, which is applied to a first electronic device.

[0173] The encryption device may include:

[0174] The first acquisition module 701 is used to acquire a random number of a preset data size.

[0175] The first vector acquisition module 702 is used to perform an XOR operation between the random number and the preset initialization vector to obtain an initial dynamic vector.

[0176] The second vector acquisition module 703 is used to perform N accumulation operations on the initial dynamic vector through a counter to obtain N intermediate dynamic vectors.

[0177] The first encryption module 704 is used to perform parallel group encryption on the plaintext to be encrypted according to the preset original key and the N intermediate dynamic vectors to obtain plaintext ciphertext.

[0178] The second encryption module 705 is used to obtain the dynamic vector ciphertext after block encryption processing based on the preset original key and the initial dynamic vector.

[0179] The ciphertext processing module 706 is used to combine the plaintext ciphertext and the dynamic vector ciphertext to form the final ciphertext.

[0180] Optionally, the encryption device may further include:

[0181] The generation module is used to generate a globally unique identifier according to a first preset algorithm.

[0182] A determination module is used to determine the globally unique identifier as the random number.

[0183] Optionally, the second encryption module 705 may include:

[0184] The first encryption unit is used to perform block encryption on the initial dynamic vector according to the preset original key to obtain the dynamic vector ciphertext.

[0185] Optionally, the second encryption module 705 may include:

[0186] The second encryption unit is used to perform group encryption on the initial dynamic vector according to the preset original key to obtain the intermediate vector ciphertext.

[0187] The third encryption unit is used to perform an XOR operation between the intermediate vector ciphertext and the preset initialization vector to obtain the dynamic vector ciphertext.

[0188] Optionally, the first encryption module 704 may include:

[0189] The first grouping unit is used to group the plaintext to be encrypted into N plaintext groups according to the preset data size of each group.

[0190] The fourth encryption unit is used to perform an XOR operation on each of the N plaintext groups and a corresponding intermediate dynamic vector to obtain N groups of intermediate plaintext ciphertext.

[0191] The first key is located in the unit and is used to expand the preset original key according to the second preset algorithm to obtain M extended keys.

[0192] The fifth encryption unit is used to perform parallel group encryption on each group of intermediate plaintext and ciphertext according to the M extended keys, so as to obtain N groups of encrypted plaintext.

[0193] The ciphertext processing unit is used to concatenate the N groups of encrypted plaintext to form the final plaintext-ciphertext.

[0194] The encryption device provided in this application embodiment can achieve... Figure 1 The various processes of the encryption method implemented in the illustrated embodiment will not be described again here to avoid repetition.

[0195] like Figure 8 As shown in the embodiments of this application, in addition to the decryption method described above, a corresponding decryption device is also provided, which is applied to a second electronic device.

[0196] The decryption device may include:

[0197] The receiving module 801 is used to receive the target ciphertext.

[0198] The second acquisition module 802 is used to acquire dynamic vector ciphertext from the target ciphertext.

[0199] The first decryption module 803 is used to obtain the initial dynamic vector after group decryption processing based on the preset original key and the dynamic vector ciphertext.

[0200] The third vector acquisition module 804 is used to perform N accumulation operations on the initial dynamic vector through a counter to obtain the N intermediate dynamic vectors.

[0201] The second decryption module 805 is used to perform parallel group decryption of the plaintext and ciphertext in the target ciphertext according to the preset original key and the N intermediate dynamic vectors to obtain the decrypted plaintext.

[0202] Optionally, when the dynamic vector ciphertext is obtained by block encryption of the initial dynamic vector based on the preset original key, the first decryption module 803 may include:

[0203] The first decryption unit is used to decrypt the dynamic vector ciphertext in groups according to the preset original key to obtain the initial dynamic vector.

[0204] Optionally, if the dynamic vector ciphertext is obtained by first encrypting the initial dynamic vector in blocks according to the preset original key, and then performing an XOR operation with the preset initialization vector, the first decryption module 803 may include:

[0205] The sixth encryption unit is used to perform an XOR operation between the dynamic vector ciphertext and the preset initialization vector to obtain the intermediate vector ciphertext.

[0206] The second decryption unit is used to decrypt the intermediate vector ciphertext in groups according to the preset original key to obtain the initial dynamic vector.

[0207] Optionally, when the plaintext to be encrypted is first XORed with the intermediate dynamic vector and then obtained by block encryption using the preset original key, the second decryption module 805 may include:

[0208] The second grouping unit is used to obtain N sets of plaintext and ciphertext of the preset data size from the target ciphertext;

[0209] The second key is located in the unit and is used to expand the preset original key according to the second preset algorithm to obtain M extended keys;

[0210] The third decryption unit is used to perform parallel group decryption of each group of plaintext and ciphertext according to the M extended keys to obtain N groups of intermediate plaintext and ciphertext.

[0211] The fourth decryption unit is used to perform an XOR operation on each set of intermediate plaintext and ciphertext and a corresponding intermediate dynamic vector to obtain N sets of decrypted plaintext.

[0212] The plaintext processing unit is used to combine the N sets of decrypted plaintext into the final decrypted plaintext.

[0213] The decryption device provided in this application embodiment can achieve... Figure 4 The various processes of the decryption method implemented in the illustrated embodiment will not be repeated here to avoid duplication.

[0214] The technical solution provided in this application, compared to the existing block encryption / decryption method in the counter mode, no longer uses a counter to accumulate the initialization vector to obtain the intermediate vector used for each group of plaintext encryption. Instead, it first performs an XOR operation between the initialization vector and a random number to obtain an initial dynamic vector, and then uses a counter to accumulate this initial dynamic vector to obtain the intermediate vector (i.e., the intermediate dynamic vector) used for each group of plaintext encryption. This process first makes the initial dynamic vector replace the initialization vector as one of the key decryption elements. Therefore, during ciphertext transmission, it is no longer necessary to transmit the initialization vector, but rather the initial dynamic vector. Furthermore, this application embodiment can perform block encryption on the initial dynamic vector, making it invisible during transmission, increasing the difficulty of cracking, solving the problem of plaintext transmission of the initialization vector in the existing counter mode, and improving data security.

[0215] According to one aspect of the embodiments of this application, an electronic device is also provided, including a processor and a memory. The memory stores a program or instructions that can be executed on the processor. When the program or instructions are executed by the processor, they implement the various steps of the above-described encryption method embodiments or the various steps of the decryption method embodiments, and can achieve the same technical effect. To avoid repetition, they will not be described again here.

[0216] According to another aspect of the embodiments of this application, a readable storage medium is also provided, on which a program or instructions are stored. When the program or instructions are executed by a processor, they implement the various processes of the above-described encryption method embodiments or the various processes of the decryption method embodiments, and can achieve the same technical effect. To avoid repetition, they will not be described again here.

[0217] The device embodiments described above are merely illustrative. The units described as separate components may or may not be physically separate. The components shown as units may or may not be physical units; that is, they may be located in one place or distributed across multiple network units. Some or all of the modules can be selected to achieve the purpose of this embodiment according to actual needs. Those skilled in the art can understand and implement this without any creative effort.

[0218] Through the above description of the embodiments, those skilled in the art can clearly understand that each embodiment can be implemented by means of software plus necessary general-purpose hardware platforms, and of course, it can also be implemented by hardware. Based on this understanding, the above technical solutions, in essence or the part that contributes to the prior art, can be embodied in the form of a software product. This computer software product can be stored in a computer-readable storage medium, such as ROM, RAM, magnetic disk, optical disk, etc., including several instructions to cause a computer device (which may be a personal computer, server, or network device, etc.) to execute the methods described in the various embodiments or some parts of the embodiments.

[0219] Finally, it should be noted that the above embodiments are only used to illustrate the technical solutions of this application, and are not intended to limit them. Although this application has been described in detail with reference to the foregoing embodiments, those skilled in the art should understand that modifications can still be made to the technical solutions described in the foregoing embodiments, or equivalent substitutions can be made to some of the technical features. Such modifications or substitutions do not cause the essence of the corresponding technical solutions to deviate from the spirit and scope of the technical solutions of the embodiments of this application.

Claims

1. An encryption method, characterized in that, include: Get a random number of a preset data size; The initial dynamic vector is obtained by performing an XOR operation between the random number and the preset initialization vector. The initial dynamic vector is incremented N times by a counter to obtain N intermediate dynamic vectors; Based on the preset original key and the N intermediate dynamic vectors, the plaintext to be encrypted is subjected to parallel group encryption to obtain plaintext ciphertext. Based on the preset original key and the initial dynamic vector, the dynamic vector ciphertext after block encryption is obtained; The plaintext ciphertext and the dynamic vector ciphertext are combined to form the final ciphertext.

2. The encryption method according to claim 1, characterized in that, Before obtaining a random number of a preset data size, the encryption method further includes: Generate a globally unique identifier according to the first preset algorithm; The globally unique identifier is determined as the random number.

3. The encryption method according to claim 1, characterized in that, The step of obtaining the dynamic vector ciphertext after block encryption based on the preset original key and the initial dynamic vector includes: Based on the preset original key, the initial dynamic vector is grouped and encrypted to obtain the dynamic vector ciphertext.

4. The encryption method according to claim 1, characterized in that, The step of obtaining the dynamic vector ciphertext after block encryption based on the preset original key and the initial dynamic vector includes: Based on the preset original key, the initial dynamic vector is grouped and encrypted to obtain the intermediate vector ciphertext; The dynamic vector ciphertext is obtained by performing an XOR operation between the intermediate vector ciphertext and the preset initialization vector.

5. The encryption method according to claim 1, characterized in that, The step of performing parallel block encryption on the plaintext to be encrypted based on the preset original key and the N intermediate dynamic vectors to obtain plaintext ciphertext includes: According to the preset data size of each group, the plaintext to be encrypted is grouped into N plaintext groups; Perform an XOR operation between each of the N plaintext groups and a corresponding intermediate dynamic vector to obtain N groups of intermediate plaintext ciphertext. According to the second preset algorithm, the preset original key is expanded to obtain M extended keys; Based on the M extended keys, each group of intermediate plaintext and ciphertext is encrypted in parallel to obtain N groups of encrypted plaintext. The N groups of encrypted plaintext are concatenated to form the final plaintext-ciphertext.

6. A decryption method, characterized in that, Used for decrypting plaintext encrypted by the encryption method according to any one of claims 1 to 5, the decryption method comprising: Receive target ciphertext; wherein the target ciphertext includes: the plaintext ciphertext and the dynamic vector ciphertext; The dynamic vector ciphertext is obtained from the target ciphertext; Based on the preset original key and the dynamic vector ciphertext, the initial dynamic vector after block decryption processing is obtained; The initial dynamic vector is incremented N times by a counter to obtain the N intermediate dynamic vectors. Based on the preset original key and the N intermediate dynamic vectors, the plaintext and ciphertext in the target ciphertext are decrypted in parallel groups to obtain the decrypted plaintext.

7. The decryption method according to claim 6, characterized in that, When the dynamic vector ciphertext is obtained by block encryption of the initial dynamic vector based on the preset original key, obtaining the initial dynamic vector after block decryption based on the preset original key and the dynamic vector ciphertext includes: Based on the preset original key, the dynamic vector ciphertext is decrypted in groups to obtain the initial dynamic vector.

8. The decryption method according to claim 6, characterized in that, When the dynamic vector ciphertext is obtained by first encrypting the initial dynamic vector in blocks according to the preset original key, and then performing an XOR operation with the preset initialization vector, the step of obtaining the initial dynamic vector after block decryption based on the preset original key and the dynamic vector ciphertext includes: The dynamic vector ciphertext is XORed with the preset initialization vector to obtain the intermediate vector ciphertext. Based on the preset original key, the intermediate vector ciphertext is decrypted in groups to obtain the initial dynamic vector.

9. The decryption method according to claim 6, characterized in that, When the plaintext to be encrypted is first XORed with the intermediate dynamic vectors and then block-encrypted using the preset original key, the step of performing parallel block decryption on the plaintext and ciphertext in the target ciphertext according to the preset original key and the N intermediate dynamic vectors to obtain the decrypted plaintext includes: Obtain N sets of plaintext and ciphertext of the preset data size from the target ciphertext; According to the second preset algorithm, the preset original key is expanded to obtain M extended keys; Based on the M extended keys, each group of plaintext and ciphertext is decrypted in parallel to obtain N groups of intermediate plaintext and ciphertext. Perform an XOR operation between each set of intermediate plaintext and ciphertext and a corresponding intermediate dynamic vector to obtain N sets of decrypted plaintext. The N sets of decrypted plaintext are combined to form the final decrypted plaintext.

10. An encryption device, characterized in that, The device includes: The first acquisition module is used to acquire a random number of a preset data size; The first vector acquisition module is used to perform an XOR operation between the random number and the preset initialization vector to obtain an initial dynamic vector. The second vector acquisition module is used to perform N accumulation operations on the initial dynamic vector through a counter to obtain N intermediate dynamic vectors. The first encryption module is used to perform parallel group encryption on the plaintext to be encrypted according to the preset original key and the N intermediate dynamic vectors to obtain plaintext ciphertext. The second encryption module is used to obtain the dynamic vector ciphertext after block encryption processing based on the preset original key and the initial dynamic vector; The ciphertext processing module is used to combine the plaintext ciphertext and the dynamic vector ciphertext to form the final ciphertext.

11. A decryption device, characterized in that, The device includes: The receiving module is used to receive the target ciphertext; The second acquisition module is used to acquire dynamic vector ciphertext from the target ciphertext; The first decryption module is used to obtain the initial dynamic vector after block decryption processing based on the preset original key and the dynamic vector ciphertext. The third vector acquisition module is used to perform N accumulation operations on the initial dynamic vector through a counter to obtain N intermediate dynamic vectors. The second decryption module is used to perform parallel group decryption of the plaintext and ciphertext in the target ciphertext according to the preset original key and the N intermediate dynamic vectors to obtain the decrypted plaintext.

12. An electronic device, characterized in that, It includes a processor and a memory, the memory storing a program or instructions that can run on the processor, the program or instructions being executed by the processor to implement the steps of the encryption method as claimed in any one of claims 1 to 5, or to implement the steps of the decryption method as claimed in any one of claims 6 to 9.

13. A readable storage medium, characterized in that, The readable storage medium stores a program or instructions that, when executed by a processor, implement the steps of the encryption method as described in any one of claims 1 to 5, or the steps of the decryption method as described in any one of claims 6 to 9.