Communication data encryption method and device based on DES encryption algorithm and electronic equipment
By introducing environmental dynamic perturbation seeds and dynamic subkeys into the DES encryption algorithm, the problem of insufficient security of the traditional DES algorithm in the Internet of Things environment is solved, and efficient and secure data encryption is achieved.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- GUOXIN SICUN (BEIJING) TECHNOLOGY CO LTD
- Filing Date
- 2026-05-25
- Publication Date
- 2026-07-03
AI Technical Summary
Traditional DES encryption algorithms have fixed keys and static permutation rules in IoT environments, making it difficult to adapt to complex and ever-changing environments, resulting in insufficient security, especially on resource-constrained monitoring nodes where they cannot provide adequate security.
By constructing a dynamic environmental disturbance seed, the initial permutation table of DES is dynamically adjusted. Combined with parameters such as instantaneous pressure in the pipeline and node coordinates, subkeys and S-box output sequences are dynamically generated to form a triple dynamic protection mechanism and generate message verification codes.
It significantly improves the anti-cracking capability of ciphertext, simplifies key management, improves data encryption efficiency, and provides high-security and high-efficiency communication assurance.
Smart Images

Figure CN122339837A_ABST
Abstract
Description
Technical Field
[0001] This invention relates to the field of data security technology, and in particular to a communication data encryption method, apparatus, and electronic device based on the DES encryption algorithm. Background Technology
[0002] With the rapid development of IoT technology, the secure transmission of communication data has become a critical issue that urgently needs to be addressed. Although the traditional DES encryption algorithm is widely used in the field of data encryption, its inherent defects, such as fixed keys and static permutation rules, make it difficult to adapt to the complex and ever-changing IoT environment, especially on resource-constrained monitoring nodes, where its security protection capabilities are clearly insufficient.
[0003] In IoT applications such as wireless monitoring of natural gas, monitoring nodes need to frequently upload data containing sensitive parameters such as pressure and temperature. Existing encryption methods often suffer from high computational overhead, insufficient security, or complex key management, failing to provide adequate security while ensuring transmission efficiency. This severely restricts the widespread application of IoT technology in critical fields. Summary of the Invention
[0004] The purpose of this invention is to provide a communication data encryption method, apparatus, and electronic device based on the DES encryption algorithm, so as to solve at least one of the problems existing in the prior art.
[0005] To achieve the above objectives, according to one aspect of this application, the present invention provides a communication data encryption method based on the DES encryption algorithm, comprising:
[0006] Several monitoring nodes are set up to collect monitoring information, encrypt the monitoring information, and then send the encrypted information to the dispatch center. For a single monitoring node, it includes:
[0007] Environmental dynamic disturbance seeds are constructed based on monitoring information, and the initial DES permutation table is dynamically adjusted based on the environmental dynamic disturbance seeds.
[0008] The cyclic left shift number is determined based on the instantaneous pressure inside the pipeline and the node coordinates of the monitoring node, and a subkey for each iteration number is generated based on the cyclic left shift number.
[0009] The monitoring information of the previous transmission cycle is obtained to determine the S-box output rotation factor, and the S-box output sequence is output. The S-box output rotation factor includes the S-box rotation direction and the number of rotation steps.
[0010] DES dynamic encryption is performed based on a dynamic permutation table, the number of cyclic left shift bits, and the output sequence of the S-box to obtain encrypted ciphertext and generate a message check code. Then, the encrypted ciphertext and the message check code are concatenated into encrypted information and sent to the scheduling center.
[0011] Optionally, the instantaneous pressure value in the pipeline, pipe wall temperature, natural gas flow rate, battery output voltage in the node, node coordinates, and timestamp in the monitoring information are processed to obtain 6 feature bytes, and the feature bytes are spliced and replaced to generate a 64-bit environmental dynamic disturbance seed.
[0012] The environmental dynamic disturbance seeds are split, and a permutation sequence is generated based on the splitting results. The initial permutation table is then adjusted based on the permutation sequence to obtain the dynamic permutation table.
[0013] Optionally, the process for determining the dynamic permutation table is as follows:
[0014] The lower 32 bits of the environmental dynamic perturbation seed are split into 16 consecutive 2-bit permutation sequences, denoted as C, and C = {c1, c2, c3... c16}.
[0015] The array element IP[i] with index i in the initial permutation table is adjusted according to the permutation sequence C, and the adjusted initial permutation table is used as the dynamic permutation table, where i∈[1,16]:
[0016] If ci equals 0, then IP[i] remains unchanged and no swaps are made;
[0017] If ci equals 1, then swap the values of IP[i] and IP[i+16].
[0018] If ci equals 2, then swap the values of IP[i] and IP[i+32].
[0019] If ci equals 3, then swap the values of IP[i] and IP[i+48].
[0020] Optionally, the process for generating the subkey for each iteration is as follows:
[0021] The basic offset is determined based on the instantaneous pressure inside the pipeline using a preset safety threshold.
[0022] Extract the integer part of the latitude of the node coordinates, and set the number of cyclic left shift bits for each iteration number according to the parity of the integer part;
[0023] The monitoring node performs a circular left shift on the C and D registers by the number of bits shifted left for each iteration, generating a subkey for each iteration.
[0024] Optionally, when determining the basic offset, if the instantaneous pressure in the pipeline is greater than a preset safety threshold, the basic offset is set to 2; otherwise, the basic offset is set to 1.
[0025] When setting the number of left shifts for each iteration, if the integer part of the latitude of the node coordinate is odd, the odd-even offset is set to 1; if the integer part of the latitude of the node coordinate is even, the odd-even offset is set to 0.
[0026] For the j-th iteration of encryption, calculate the final cyclic left shift number S(j), and set S(j) = base offset + parity offset + (j mod 2).
[0027] Optionally, the pressure change rate can be calculated based on the instantaneous pressure in the pipeline in the previous transmission cycle and the instantaneous pressure in the pipeline in the current transmission cycle.
[0028] Take the integer part of the pressure change rate (1 times) and the integer part of the natural gas flow rate, and then take the decimal units digit of their product as the rotation direction control bit D. Take the decimal tens digit of their product as the result of taking the remainder after dividing by 8 as the rotation step number Step.
[0029] The output sequence of the S-box is set based on the rotation direction control bit D and the rotation step number Step:
[0030] If the rotation direction control bit D is odd, the direction is determined to be left, and the original S-box output sequence is cyclically shifted to the left by Step bits.
[0031] If the rotation direction control bit D is even, the direction is determined to be right, and the original S-box output sequence is cyclically shifted to the right by Step bits.
[0032] Optionally, the instantaneous pressure value in the pipeline, pipe wall temperature, and natural gas flow rate in the monitoring information are quantized into 20-bit, 20-bit, and 24-bit binary numbers, respectively, and then sequentially concatenated into a 64-bit data block, which is used as the plaintext of the data to be encrypted.
[0033] The dynamic permutation table, the subkeys for each iteration, and the S-box output sequence are substituted into the DES encryption algorithm to complete the encryption of the plaintext data to be encrypted.
[0034] A scheduling center is also provided to receive encrypted information and decrypt it. After receiving the encrypted information, the scheduling center performs the reverse process to decrypt and verify the encrypted information.
[0035] According to another aspect of this application, a communication data encryption device based on the DES encryption algorithm is also provided, comprising:
[0036] The dynamic permutation adjustment unit is used to construct environmental dynamic disturbance seeds based on monitoring information and to dynamically adjust the initial permutation table of DES based on the environmental dynamic disturbance seeds.
[0037] The subkey generation unit is used to determine the cyclic left shift number for each iteration based on the instantaneous pressure in the pipeline and the node coordinates of the monitoring node, and to generate the subkey for each iteration based on the cyclic left shift number.
[0038] The S-box output sequence determination unit is used to obtain the monitoring information of the previous transmission cycle, determine the S-box output rotation factor, and output the S-box output sequence. The S-box output rotation factor includes the S-box rotation direction and the number of rotation steps.
[0039] The data encryption unit is used to perform DES dynamic encryption based on the dynamic permutation table, the number of cyclic left shift bits and the S-box output sequence to obtain encrypted ciphertext and generate a message check code. Then, the encrypted ciphertext and the message check code are concatenated into encrypted information and sent to the scheduling center.
[0040] The decryption and verification unit is used by the scheduling center to perform the reverse process to decrypt and verify the encrypted information after receiving it.
[0041] According to another aspect of this application, an electronic device is provided, comprising:
[0042] One or more processors;
[0043] Storage device for storing one or more programs;
[0044] When the one or more programs are executed by the one or more processors, the one or more processors implement the communication data encryption method based on the DES encryption algorithm.
[0045] Compared with the prior art, the beneficial effects of the present invention are as follows:
[0046] This invention introduces a dynamic environmental perturbation seed to dynamically adjust the initial permutation table of the DES algorithm in real time, effectively overcoming the shortcomings of the statically fixed permutation rules in the traditional DES algorithm. This perturbation seed is constructed from multi-dimensional environmental parameters such as pipeline pressure, temperature, flow rate, voltage, coordinates, and timestamps collected in real time by monitoring nodes. This ensures that the permutation table used for each encryption is tightly coupled with the current physical environment state, greatly increasing the difficulty of cryptanalysis, significantly improving the ciphertext's resistance to cracking, and effectively enhancing the efficiency of data encryption within IoT nodes.
[0047] In terms of key generation, this scheme innovatively utilizes the instantaneous pressure of the pipeline and the node coordinates to dynamically determine the number of cyclic left shifts in each iteration, thereby generating subkeys for each round. This design, which integrates dynamic parameters of the physical world into the core key scheduling mechanism, not only ensures that the keys themselves have high timeliness and uniqueness, but also eliminates the need for an additional key distribution process, simplifying system management complexity and effectively improving the efficiency of data encryption within IoT nodes.
[0048] Furthermore, by dynamically rotating the S-box output sequence based on the pressure change rate and flow rate driven by historical monitoring data, the nonlinear transformation stage in the encryption process is further disrupted. Combined with a dynamic permutation table and a dynamic subkey, a triple dynamic protection mechanism is formed. Finally, by generating a message verification code associated with the encrypted ciphertext and environmental seed, the integrity and authenticity of the data during transmission are ensured. This provides a communication guarantee that balances high security and high efficiency for key IoT applications such as natural gas monitoring, effectively improving the efficiency of data encryption within IoT nodes. Attached Figure Description
[0049] To more clearly illustrate the technical solutions in the embodiments of the present invention, the accompanying drawings used in the description of the embodiments will be briefly introduced below. Obviously, the accompanying drawings described below are only some embodiments of the present invention. For those skilled in the art, other drawings can be obtained based on these drawings without creative effort.
[0050] Figure 1 This is a flowchart illustrating the communication data encryption method based on the DES encryption algorithm in this embodiment.
[0051] Figure 2 This is a schematic diagram of the communication data encryption device based on the DES encryption algorithm provided in this embodiment.
[0052] Figure 3 This is a schematic diagram of the structure of the electronic device provided in this embodiment. Detailed Implementation
[0053] To more clearly illustrate the present invention, the following description, in conjunction with preferred embodiments and accompanying drawings, further explains the invention. Similar components in the drawings are indicated by the same reference numerals. Those skilled in the art should understand that the specific description below is illustrative rather than restrictive and should not be construed as limiting the scope of protection of the present invention.
[0054] It should be noted that although the terms first, second, third, etc., may be used in the embodiments of this application for description, these descriptions should not be limited to these terms. These terms are only used to distinguish the descriptions. For example, without departing from the scope of the embodiments of this application, first can also be referred to as second, and similarly, second can also be referred to as first.
[0055] The acquisition, storage, use, and processing of data in this application all comply with the relevant provisions of national laws and regulations.
[0056] Specifically, the communication data encryption method based on the DES encryption algorithm described in this application is applied to an Internet of Things (IoT) node network for wireless monitoring of natural gas. The IoT node network includes monitoring nodes and a dispatch center. The monitoring nodes are used to collect monitoring information, encrypt the collected monitoring information, and then send the encrypted information to the dispatch center. The dispatch center is used to decrypt the encrypted information.
[0057] Before implementing the communication data encryption method, apparatus, and electronic device based on the DES encryption algorithm, this application needs to collect the necessary parameters required by this application. The collection process is as follows:
[0058] Collect and transmit monitoring information from monitoring nodes within the transmission period;
[0059] This application uses a 30-second transmission cycle, and the monitoring information includes: instantaneous pressure value in the pipeline, pipe wall temperature, natural gas flow rate, battery output voltage in the node, node coordinates, transmission timestamp, and hardware serial number of the monitoring node;
[0060] The hardware serial number of the monitoring node is a fixed 16-bit read-only value burned into the device at the factory.
[0061] To apply the above-mentioned application scenarios, this application provides a communication data encryption method based on the DES encryption algorithm, which can be found in [reference needed]. Figure 1-2 As shown, it includes:
[0062] Step S1 involves constructing an environmental dynamic disturbance seed based on monitoring information and dynamically adjusting the initial DES permutation table based on the environmental dynamic disturbance seed. The process of constructing the environmental disturbance seed includes:
[0063] The instantaneous pressure value in the pipeline, pipe wall temperature, natural gas flow rate, battery output voltage in the node, node coordinates, and timestamp in the monitoring information are processed to obtain 6 feature bytes. The feature bytes are then spliced and replaced to generate a 64-bit environmental dynamic disturbance seed.
[0064] The environmental dynamic disturbance seeds are split, and a permutation sequence is generated based on the splitting results. The initial permutation table is then adjusted based on the permutation sequence to obtain the dynamic permutation table.
[0065] In an exemplary embodiment, the process of processing the instantaneous pressure value in the pipeline, pipe wall temperature, natural gas flow rate, battery output voltage in the node, node coordinates, and timestamp within the monitoring information to obtain 6 feature bytes can be defined by the user. This application provides an exemplary implementation process:
[0066] Divide the instantaneous pressure value in the pipeline by 10 and round down, then use the lower 8 bits of the rounded binary value as the pressure characteristic byte.
[0067] Multiply the pipe wall temperature by 2 and round down, then use the lower 8 bits of the rounded binary value as the temperature feature byte.
[0068] Multiply the natural gas flow rate by 10 and round down, then use the lower 8 bits of the rounded binary value as the flow rate feature byte.
[0069] Convert the two decimal places of the battery output voltage within the node into a binary value, and take the lower 8 bits of the binary value as the voltage feature byte.
[0070] Take the four decimal places of the longitude and latitude of the node coordinates respectively, and concatenate them into an eight-digit decimal integer. Then, take the lower 8 bits of the binary value of the decimal integer as the coordinate feature byte.
[0071] Convert the timestamp into a decimal integer in seconds, and use the lower 8 bits of the binary value of the decimal integer as the time feature byte.
[0072] Each feature byte is concatenated in order to form a 48-bit temporary byte sequence. The node's own hardware serial number is split into two bytes, the high 8 bits and the low 8 bits, which are inserted after the 24th and 40th bits of the 48-bit sequence, respectively, to form a 64-bit original seed.
[0073] Perform a bit reversal operation on the original seed to obtain the environmental perturbation seed.
[0074] Specifically, the process for determining the dynamic permutation table is as follows:
[0075] The lower 32 bits of the environmental dynamic perturbation seed are split into 16 consecutive 2-bit permutation sequences, denoted as C, and C = {c1, c2, c3... c16}.
[0076] The array element IP[i] with index i in the initial permutation table is adjusted according to the permutation sequence C, and the adjusted initial permutation table is used as the dynamic permutation table, where i∈[1,16]:
[0077] If ci equals 0, then IP[i] remains unchanged and no swaps are made;
[0078] If ci equals 1, then swap the values of IP[i] and IP[i+16].
[0079] If ci equals 2, then swap the values of IP[i] and IP[i+32].
[0080] If ci equals 3, then swap the values of IP[i] and IP[i+48].
[0081] It is worth noting that the swap operations when adjusting the initial swap table in this application are performed sequentially. The situation where a later swap may involve array positions that have been changed by the previous swap is a requirement set by the application and is not a design error.
[0082] Specifically, multiple physical parameters are merged into a 64-bit pseudo-random seed through lightweight operations such as byte concatenation, insertion of hardware serial numbers, and bit reversal. The probability of this seed repeating at different nodes and at different times is extremely low, and the calculation process only involves integer operations, making it suitable for embedded nodes and avoiding the direct use of original parameters during the encryption process.
[0083] Using 16 two-digit values from the seed, the first 16 positions of the standard IP table are selectively swapped. This method requires minimal computation, and each seed generates a unique permutation mapping. Attackers cannot reverse-engineer the fixed IP table structure using multiple sets of plaintext and ciphertext.
[0084] By introducing dynamic obfuscation at the very front of DES encryption, even if an attacker knows the standard DES structure, they cannot predict the bit rearrangement method of this encryption, which significantly increases the difficulty of known-plaintext attacks.
[0085] Please continue reading. Figure 1 As shown, the communication data encryption method based on the DES encryption algorithm further includes:
[0086] Step S2: Determine the cyclic left shift number for each iteration based on the instantaneous pressure inside the pipeline and the node coordinates of the monitoring node, and generate the subkey for each iteration based on the cyclic left shift number.
[0087] Specifically, the process for generating the subkeys for each iteration is as follows:
[0088] The basic offset is determined based on the instantaneous pressure inside the pipeline using a preset safety threshold.
[0089] Extract the integer part of the latitude of the node coordinates, and set the number of cyclic left shift bits for each iteration number according to the parity of the integer part;
[0090] The monitoring node performs a circular left shift on the C and D registers by the number of bits shifted left for each iteration, generating a subkey for each iteration.
[0091] Specifically, when determining the basic offset, if the instantaneous pressure in the pipeline is greater than the preset safety threshold, the basic offset is set to 2; otherwise, the basic offset is set to 1.
[0092] When setting the number of left shifts for each iteration, if the integer part of the latitude of the node coordinate is odd, the odd-even offset is set to 1; if the integer part of the latitude of the node coordinate is even, the odd-even offset is set to 0.
[0093] For the j-th iteration of encryption, calculate the final cyclic left shift number S(j), and set S(j) = base offset + parity offset + (j mod 2).
[0094] In one exemplary embodiment, the preset safety threshold is set to 5000 kPa.
[0095] Specifically, the generation path of the sub-keys has been changed. The 16 rounds of sub-keys are no longer determined solely by the original key, but also depend on pipeline pressure and geographical location. Even if the original key is leaked, the sub-keys of each round cannot be correctly generated if the pressure state at the time of collection is unknown, thus achieving the binding of the key to the environment.
[0096] Please continue reading. Figure 1 As shown, the communication data encryption method based on the DES encryption algorithm further includes:
[0097] Step S3: Obtain the monitoring information of the previous transmission cycle to determine the S-box output rotation factor and output the S-box output sequence. The S-box output rotation factor includes the S-box rotation direction and the number of rotation steps.
[0098] Specifically, the implementation process of step S3 is as follows:
[0099] The pressure change rate is calculated based on the instantaneous pressure in the pipeline during the previous transmission cycle and the instantaneous pressure in the pipeline during the current transmission cycle.
[0100] Take the integer part of the pressure change rate (1 times) and the integer part of the natural gas flow rate, and then take the decimal units digit of their product as the rotation direction control bit D. Take the decimal tens digit of their product as the result of taking the remainder after dividing by 8 as the rotation step number Step.
[0101] The output sequence of the S-box is set based on the rotation direction control bit D and the rotation step number Step:
[0102] If the rotation direction control bit D is odd, the direction is determined to be left, and the original S-box output sequence is cyclically shifted to the left by Step bits.
[0103] If the rotation direction control bit D is even, the direction is determined to be right, and the original S-box output sequence is cyclically shifted to the right by Step bits.
[0104] It is worth noting that, since the original S-box output sequence is obtained by cyclically shifting the original S-box output sequence by 8 bits, the result is 1 when the "decimal tens digit of the product of the two is taken as the result of taking the remainder after dividing by 8" is forcibly set to 0.
[0105] Specifically, after the adjustment in step S3 above, the same S-box input will produce completely different output arrangements at different times due to the different pressure fluctuation rate and flow rate, which greatly increases the difficulty of differential cryptography analysis.
[0106] Please continue reading. Figure 1 As shown, the communication data encryption method based on the DES encryption algorithm further includes:
[0107] Step S4: Based on the dynamic permutation table, the number of cyclic left shift bits, and the output sequence of the S-box, DES dynamic encryption is completed to obtain the encrypted ciphertext and generate a message check code. Then, the encrypted ciphertext and the message check code are concatenated into encrypted information and sent to the scheduling center.
[0108] Specifically, the process of obtaining the encrypted plaintext in step S4 is as follows:
[0109] The instantaneous pressure value inside the pipeline, pipe wall temperature, and natural gas flow rate in the monitoring information are quantized into 20-bit, 20-bit, and 24-bit binary numbers respectively, and then sequentially concatenated into a 64-bit data block, which is used as the plaintext of the data to be encrypted.
[0110] The dynamic permutation table, the subkeys for each iteration, and the S-box output sequence are substituted into the DES encryption algorithm to encrypt the plaintext data to be encrypted, thus obtaining the encrypted ciphertext.
[0111] It is worth noting that when performing the "substituting the dynamic permutation table, the subkeys for each iteration, and the S-box output sequence into the DES encryption algorithm to complete the encryption of the plaintext data to be encrypted" in this application, the remaining steps of the DES encryption algorithm are performed using the traditional DES encryption algorithm, which is a technical means well known to those skilled in the art, and will not be described in detail in this application.
[0112] Specifically, the process of generating the message verification code can be implemented in the following way:
[0113] The encrypted ciphertext is split into 8 bytes of data to be sent, and then repeatedly verified:
[0114] Initialize a 16-bit accumulator register ACC with a value of 0xFFFF;
[0115] Initialize a 16-bit shift register KEYREG with the value of the lower 16 bits of the environmental perturbation seed;
[0116] Perform the following operations for each byte of data sent:
[0117] 1. Perform a bitwise XOR operation on the k-th transmitted data byte and the time feature byte, and record the result of the XOR operation as the k-th temporary byte TMP(k);
[0118] 2. Add the k-th temporary byte to the lower 8 bits of KEYREG to obtain the 8-bit sum SUM(k);
[0119] 3. Add the value of SUM(k) to ACC;
[0120] 4. Shift ACC cyclically left by 1 bit;
[0121] 5. Circularly shift the shift register KEYREG one bit to the right;
[0122] After all data bytes have been sent, the value in ACC is used as the message checksum.
[0123] It is worth noting that the ACC value automatically resets to zero when it exceeds 65536, and continues to be calculated.
[0124] Specifically, by integrating a dynamic permutation table, dynamically generated subkeys, and dynamically rotating S-box output sequences, DES dynamic encryption of monitoring data is achieved, effectively overcoming the shortcomings of static and fixed steps in traditional DES algorithms. The physical environment characteristics are deeply integrated into the entire encryption process, making each encryption operation unique and timely, greatly enhancing the ability of ciphertext to resist various cryptanalysis attacks, and significantly improving the confidentiality of data during transmission.
[0125] Please continue reading. Figure 1 As shown, the communication data encryption method based on the DES encryption algorithm further includes:
[0126] Step S5: After receiving the encrypted information, the dispatch center performs the reverse process to decrypt and verify the encrypted information.
[0127] It is understood that the decryption process of the encrypted information by the scheduling center is the reverse process of the encryption process in this application. Those skilled in the art can decrypt the encrypted information based on the above encryption process. At the same time, the encrypted information can be verified based on the decrypted monitoring information and message verification code. This application will not elaborate on this.
[0128] Please see Figure 2 As shown, this application also provides a communication data encryption device based on the DES encryption algorithm, comprising:
[0129] The dynamic permutation adjustment unit is used to construct environmental dynamic disturbance seeds based on monitoring information and to dynamically adjust the initial permutation table of DES based on the environmental dynamic disturbance seeds.
[0130] The subkey generation unit is used to determine the cyclic left shift number for each iteration based on the instantaneous pressure in the pipeline and the node coordinates of the monitoring node, and to generate the subkey for each iteration based on the cyclic left shift number.
[0131] The S-box output sequence determination unit is used to obtain the monitoring information of the previous transmission cycle, determine the S-box output rotation factor, and output the S-box output sequence. The S-box output rotation factor includes the S-box rotation direction and the number of rotation steps.
[0132] The data encryption unit is used to perform DES dynamic encryption based on the dynamic permutation table, the number of cyclic left shift bits and the S-box output sequence to obtain encrypted ciphertext and generate a message check code. Then, the encrypted ciphertext and the message check code are concatenated into encrypted information and sent to the scheduling center.
[0133] The decryption and verification unit is used by the scheduling center to perform the reverse process to decrypt and verify the encrypted information after receiving it.
[0134] The communication data encryption device based on the DES encryption algorithm provided in this application can execute the communication data encryption method based on the DES encryption algorithm provided in any embodiment of this application, and has the corresponding functional modules and beneficial effects of executing the method.
[0135] From a hardware perspective, to implement the DES-based communication data encryption method in a computer, this application also provides an electronic device; please refer to [link to relevant documentation]. Figure 3 As shown, it is a schematic diagram of the structure of the electronic device described in this application, including:
[0136] The system comprises a processor 1, a memory 2, a communication interface 3, and a bus 4; wherein the processor 1 and the memory 2, and the memory 2 and the communication interface 3, transmit data via the bus 4; the processor is used to process data in the memory and generate commands, the memory is used to store data, the communication interface is used to receive and send data, and the bus is used to realize data transmission between the processor, the memory, and the communication interface.
[0137] In this embodiment, the communication data encryption method based on the DES encryption algorithm can be implemented as a runnable computer program. When the computer program is loaded into the processor or into the memory and processed by the processor via the bus, one or more steps of the communication data encryption method based on the DES encryption algorithm can be executed.
[0138] This embodiment also provides a computer-readable storage medium for storing the computer-executable instructions. The computer-readable storage medium is a tangible physical storage medium that can store the computer program and various types of data used in the program. The physical storage medium includes, but is not limited to, existing physical storage media or combinations thereof, such as random access memory, read-only memory, optical disk, and hard disk.
[0139] The technical solution of the present invention has been described above with reference to the preferred embodiments shown in the accompanying drawings. However, it will be readily understood by those skilled in the art that the scope of protection of the present invention is obviously not limited to these specific embodiments. Without departing from the principles of the present invention, those skilled in the art can make equivalent changes or substitutions to the relevant technical features, and the technical solutions after these changes or substitutions will all fall within the scope of protection of the present invention.
Claims
1. A communication data encryption method based on the DES encryption algorithm, comprising several monitoring nodes for collecting monitoring information, encrypting the monitoring information, and then sending the encrypted information to a dispatch center, characterized in that... For a single monitoring node, including: Environmental dynamic disturbance seeds are constructed based on monitoring information, and the initial DES permutation table is dynamically adjusted based on the environmental dynamic disturbance seeds. The cyclic left shift number is determined based on the instantaneous pressure inside the pipeline and the node coordinates of the monitoring node, and a subkey for each iteration number is generated based on the cyclic left shift number. The monitoring information of the previous transmission cycle is obtained to determine the S-box output rotation factor, and the S-box output sequence is output. The S-box output rotation factor includes the S-box rotation direction and the number of rotation steps. DES dynamic encryption is performed based on a dynamic permutation table, the number of cyclic left shift bits, and the output sequence of the S-box to obtain encrypted ciphertext and generate a message check code. Then, the encrypted ciphertext and the message check code are concatenated into encrypted information and sent to the scheduling center.
2. The communication data encryption method based on the DES encryption algorithm according to claim 1, characterized in that, The instantaneous pressure value in the pipeline, pipe wall temperature, natural gas flow rate, battery output voltage in the node, node coordinates, and timestamp in the monitoring information are processed to obtain 6 feature bytes. The feature bytes are then spliced and replaced to generate a 64-bit environmental dynamic disturbance seed. The environmental dynamic disturbance seeds are split, and a permutation sequence is generated based on the splitting results. The initial permutation table is then adjusted based on the permutation sequence to obtain the dynamic permutation table.
3. The communication data encryption method based on the DES encryption algorithm according to claim 2, characterized in that, The process for determining the dynamic permutation table is as follows: The lower 32 bits of the environmental dynamic perturbation seed are split into 16 consecutive 2-bit permutation sequences, denoted as C, and C = {c1, c2, c3... c16}. The array element IP[i] with index i in the initial permutation table is adjusted according to the permutation sequence C, and the adjusted initial permutation table is used as the dynamic permutation table, where i∈[1,16]: If ci equals 0, then IP[i] remains unchanged and no swaps are made; If ci equals 1, then swap the values of IP[i] and IP[i+16]. If ci equals 2, then swap the values of IP[i] and IP[i+32]. If ci equals 3, then swap the values of IP[i] and IP[i+48].
4. The communication data encryption method based on the DES encryption algorithm according to claim 3, characterized in that, The process for generating the subkey for each iteration is as follows: The basic offset is determined based on the instantaneous pressure inside the pipeline using a preset safety threshold. Extract the integer part of the latitude of the node coordinates, and set the number of cyclic left shift bits for each iteration number according to the parity of the integer part; The monitoring node performs a circular left shift on the C and D registers by the number of bits shifted left for each iteration, generating a subkey for each iteration.
5. The communication data encryption method based on the DES encryption algorithm according to claim 4, characterized in that, When determining the basic offset, if the instantaneous pressure in the pipeline is greater than the preset safety threshold, the basic offset is set to 2; otherwise, the basic offset is set to 1. When setting the number of left shifts for each iteration, if the integer part of the latitude of the node coordinate is odd, the odd-even offset is set to 1; if the integer part of the latitude of the node coordinate is even, the odd-even offset is set to 0. For the j-th iteration of encryption, calculate the final cyclic left shift number S(j), and set S(j) = base offset + parity offset + (j mod 2).
6. The communication data encryption method based on the DES encryption algorithm according to claim 5, characterized in that, The pressure change rate is calculated based on the instantaneous pressure in the pipeline during the previous transmission cycle and the instantaneous pressure in the pipeline during the current transmission cycle. Take the integer part of the pressure change rate (1 times) and the integer part of the natural gas flow rate, and then take the decimal units digit of their product as the rotation direction control bit D. Take the decimal tens digit of their product as the result of taking the remainder after dividing by 8 as the rotation step number Step. The output sequence of the S-box is set based on the rotation direction control bit D and the rotation step number Step: If the rotation direction control bit D is odd, the direction is determined to be left, and the original S-box output sequence is cyclically shifted to the left by Step bits. If the rotation direction control bit D is even, the direction is determined to be right, and the original S-box output sequence is cyclically shifted to the right by Step bits.
7. The communication data encryption method based on the DES encryption algorithm according to claim 6, characterized in that, The instantaneous pressure value inside the pipeline, pipe wall temperature, and natural gas flow rate in the monitoring information are quantized into 20-bit, 20-bit, and 24-bit binary numbers respectively, and then sequentially concatenated into a 64-bit data block, which is used as the plaintext of the data to be encrypted. The dynamic permutation table, the subkeys for each iteration, and the S-box output sequence are substituted into the DES encryption algorithm to complete the encryption of the plaintext data to be encrypted.
8. A communication data encryption method based on the DES encryption algorithm, which further includes a scheduling center for receiving encrypted information and decrypting the encrypted information, characterized in that... After receiving the encrypted information, the scheduling center performs the reverse process to decrypt and verify the encrypted information.
9. A communication data encryption device based on the DES encryption algorithm, applied to the communication data encryption method based on the DES encryption algorithm as described in any one of claims 1-8, characterized in that, include: The dynamic permutation adjustment unit is used to construct environmental dynamic disturbance seeds based on monitoring information and to dynamically adjust the initial permutation table of DES based on the environmental dynamic disturbance seeds. The subkey generation unit is used to determine the cyclic left shift number for each iteration based on the instantaneous pressure in the pipeline and the node coordinates of the monitoring node, and to generate the subkey for each iteration based on the cyclic left shift number. The S-box output sequence determination unit is used to obtain the monitoring information of the previous transmission cycle, determine the S-box output rotation factor, and output the S-box output sequence. The S-box output rotation factor includes the S-box rotation direction and the number of rotation steps. The data encryption unit is used to perform DES dynamic encryption based on the dynamic permutation table, the number of cyclic left shift bits and the S-box output sequence to obtain encrypted ciphertext and generate a message check code. Then, the encrypted ciphertext and the message check code are concatenated into encrypted information and sent to the scheduling center. The decryption and verification unit is used by the scheduling center to perform the reverse process to decrypt and verify the encrypted information after receiving it.
10. An electronic device, characterized in that, The electronic device includes: One or more processors; Storage device for storing one or more programs; When the one or more programs are executed by the one or more processors, the one or more processors implement the communication data encryption method based on the DES encryption algorithm as described in any one of claims 1-8.