A source encryption method and system for beidou emergency broadcast narrowband communication
By generating dynamic factor strings and target keys in BeiDou emergency broadcast narrowband communication, the problem of initialization vector and session key reuse is solved, thereby improving the security and real-time performance of emergency broadcast messages without increasing message length or communication burden.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- MOBILE BROADCASTING & INFORMATION SERVICE IND INNOVATION RES INST (WUHAN) CO LTD
- Filing Date
- 2026-03-04
- Publication Date
- 2026-07-14
Smart Images

Figure CN122395587A_ABST
Abstract
Description
Technical Field
[0001] This application relates to the technical field of data processing, specifically to a source encryption method and system for narrowband communication in BeiDou emergency broadcasting. Background Technology
[0002] As an important component of the national emergency communication system, BeiDou emergency broadcasting typically relies on BeiDou short messages to achieve the dissemination of emergency information over a wide area. Its communication links are characterized by narrow bandwidth, limited message length, and high timeliness requirements.
[0003] In this communication environment, existing narrowband communication encryption schemes mostly employ fixed initialization vectors or long-term session keys, lacking dynamic constraint mechanisms for individual messages. In scenarios involving multiple broadcasts or repeated transmission of the same service content, initialization vector reuse or key reuse issues easily occur. This allows attackers to infer message content or weaken encryption strength through replay analysis, correlation analysis, and other methods, failing to meet the security requirements of emergency broadcasting in complex adversarial environments. Furthermore, BeiDou emergency broadcasting exhibits significant regional and device heterogeneity characteristics. Broadcast services at different times, on different devices, and in different locations show significant differences in security attributes. Existing technologies have not yet effectively incorporated time characteristics, device characteristics, and location characteristics into the source encryption process without altering the communication bearer structure or increasing message length, resulting in insufficient correlation between encryption parameters and specific communication scenarios.
[0004] Therefore, under the narrowband communication conditions of BeiDou emergency broadcasting, how to achieve dynamic encryption constraints for each message without increasing message length or introducing additional communication burden, so that each emergency broadcast message has unique encryption conditions in the three dimensions of time, device and location, thereby reducing the risk of replay attacks caused by the reuse of initialization vector and session key and improving the strength of security protection, has become an urgent technical problem to be solved. Summary of the Invention
[0005] This application provides a source encryption method and system for narrowband communication of BeiDou emergency broadcasting, which can reduce the risk of replay attacks caused by the reuse of initialization vectors and session keys and improve the strength of security protection.
[0006] The first aspect of this application provides a source encryption method for narrowband communication of BeiDou emergency broadcasting. The method includes: acquiring an emergency broadcast plaintext message to be sent, and determining a fixed packet length based on the bearer constraints of BeiDou emergency broadcast short messages, so as to divide the emergency broadcast plaintext message into a set of continuous plaintext blocks under the constraints of the fixed packet length; acquiring a set of dynamic factors to characterize the current emergency broadcasting communication state around the message identifier corresponding to the emergency broadcast plaintext message, and generating a dynamic factor string based on the dynamic factor set, wherein the dynamic factor set includes communication time, communication device characteristic information, and communication location code, and the dynamic factor string has the characteristic of being reproducible under the same message identifier and has the characteristic of being distinguishable under different message identifiers; generating a dynamic initialization vector corresponding to the message identifier based on the dynamic factor string, and obtaining a target initialization vector uniquely corresponding to the emergency broadcast plaintext message by combining the dynamic factor string with the preset auxiliary parameters of the dynamic initialization vector and performing hash processing. The dynamic session key is obtained by constructing derived material from the dynamic factor string and the preset master key and performing hash processing. After obtaining the target initialization vector and the dynamic session key, a block encryption mode of the symmetric encryption algorithm is configured, and the target initialization vector is used as the initial chain value constraint of the block encryption mode. The dynamic session key is used as the encryption control parameter of the block encryption mode. At the same time, block encryption processing is performed on each continuous plaintext block according to the order of the continuous plaintext block set to generate target ciphertext blocks corresponding to each continuous plaintext block. The target ciphertext blocks are concatenated according to the corresponding block order to form a ciphertext sequence. The overall length of the ciphertext sequence is consistent with that of the emergency broadcast plaintext message to meet the constraint requirement of non-expandable message length in Beidou emergency broadcast narrowband communication. After the ciphertext sequence is generated, the session context corresponding to the dynamic session key and the target initialization vector is cleared to resist replay attacks without increasing additional communication overhead and improve security protection strength.
[0007] A second aspect of this application provides a source encryption system for narrowband communication of BeiDou emergency broadcasting. The system includes an acquisition module and a processing module. The acquisition module acquires an emergency broadcast plaintext message to be sent and determines a fixed packet length based on the bearer constraints of BeiDou emergency broadcast short messages, dividing the emergency broadcast plaintext message into a set of continuous plaintext blocks under the constraints of the fixed packet length. The processing module acquires a set of dynamic factors characterizing the current emergency broadcast communication state around the message identifier corresponding to the emergency broadcast plaintext message, and generates a dynamic factor string based on the dynamic factor set. The dynamic factor set includes communication time, communication device characteristic information, and communication location code. The dynamic factor string has the characteristic of being reproducible under the same message identifier and has the characteristic of being distinguishable under different message identifiers. The processing module further generates a dynamic initialization vector corresponding to the message identifier based on the dynamic factor string, and obtains a target uniquely corresponding to the emergency broadcast plaintext message by combining the dynamic factor string with preset auxiliary parameters of the dynamic initialization vector and performing hash processing. The processing module is further configured to: first, obtain a target initialization vector; second, obtain a dynamic session key by constructing derived material from the dynamic factor string and a preset master key and performing hash processing; third, after obtaining the target initialization vector and the dynamic session key, configure a block cipher mode for a symmetric encryption algorithm, using the target initialization vector as the initial chain value constraint of the block cipher mode, using the dynamic session key as the encryption control parameter of the block cipher mode, and simultaneously performing block cipher processing on each consecutive plaintext block according to the order of the consecutive plaintext block set to generate target ciphertext blocks corresponding one-to-one with each consecutive plaintext block; fourth, concatenate each target ciphertext block according to the corresponding block order to form a ciphertext sequence, the overall length of which is consistent with the emergency broadcast plaintext message to meet the constraint requirement of non-expandable message length in BeiDou emergency broadcast narrowband communication, and clear the session context corresponding to the dynamic session key and the target initialization vector after completing the generation of the ciphertext sequence, so as to resist replay attacks and improve security protection strength without increasing additional communication overhead.
[0008] A third aspect of this application provides an electronic device including a processor, a memory, a user interface, and a network interface. The memory is used to store instructions, and both the user interface and the network interface are used to communicate with other devices. The processor is used to execute the instructions stored in the memory to cause the electronic device to perform the method described above.
[0009] A fourth aspect of this application provides a non-transitory computer-readable storage medium storing instructions that, when executed, perform the method described above.
[0010] In summary, one or more technical solutions provided in this application have at least the following technical effects or advantages: Under the strictly limited length of narrowband communication messages in BeiDou emergency broadcasting, a comprehensive reconstruction of the encryption parameter generation and block encryption process enables high-strength security protection for individual emergency broadcast messages without relying on any additional message fields or communication overhead. This scheme integrates communication time, communication device characteristic information, and communication location code into a dynamic factor set, using message identifiers as a consistent constraint. This ensures a logical one-to-one correspondence between the dynamic factor string, target initialization vector, and dynamic session key and the specific message, guaranteeing that each emergency broadcast message possesses unique encryption conditions in terms of time, device, and location. This effectively avoids security vulnerabilities introduced by initialization vector reuse and session key reuse. Furthermore, by dividing continuous plaintext blocks under a fixed block length and using equal-length block encryption, the encrypted ciphertext sequence maintains the same overall length as the original emergency broadcast plaintext message, directly adapting to the bearer structure of BeiDou emergency broadcasting short messages and avoiding impact on existing communication protocols and scheduling mechanisms. Furthermore, by promptly clearing the session context corresponding to the dynamic session key and target initialization vector after the ciphertext sequence is generated, the session parameters are limited to one-time use, reducing the risk of replay attacks and correlation analysis attacks from a mechanism perspective. Overall, this technical solution achieves message-level dynamic encryption for emergency broadcast scenarios without increasing communication burden or changing the existing bearer structure. It balances the real-time and security requirements in narrowband communication environments, and facilitates the reduction of replay attack risks caused by the reuse of initialization vectors and session keys, thereby improving security protection strength. Attached Figure Description
[0011] Figure 1 A flowchart illustrating a source encryption method for narrowband emergency broadcast communication using BeiDou, provided as an embodiment of this application; Figure 2 A schematic diagram of a source encryption system for narrowband emergency broadcast communication using BeiDou provided in this application embodiment; Figure 3 This is a schematic diagram of the structure of an electronic device provided in an embodiment of this application.
[0012] Explanation of reference numerals in the attached figures: 21. Acquisition module; 22. Processing module; 31. Processor; 32. Communication bus; 33. User interface; 34. Network interface; 35. Memory. Detailed Implementation
[0013] To enable those skilled in the art to better understand the technical solutions in this specification, the technical solutions in the embodiments of this specification will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some embodiments of this application, and not all embodiments.
[0014] In the description of the embodiments of this application, the words "for example" or "for instance" are used to indicate examples, illustrations, or explanations. Any embodiment or design that is described as "for example" or "for instance" in the embodiments of this application should not be construed as being more preferred or advantageous than other embodiments or design options. Rather, the use of the words "for example" or "for instance" is intended to present the relevant concepts in a specific manner.
[0015] In the description of the embodiments of this application, the term "multiple" means two or more. For example, multiple systems means two or more systems, and multiple screen terminals means two or more screen terminals. Furthermore, the terms "first" and "second" are used for descriptive purposes only and should not be construed as indicating or implying relative importance or implicitly specifying the indicated technical features. Thus, a feature defined with "first" or "second" may explicitly or implicitly include one or more of that feature. The terms "comprising," "including," "having," and variations thereof all mean "including but not limited to," unless otherwise specifically emphasized.
[0016] To address the aforementioned technical problems, this application provides a source encryption method for narrowband emergency broadcast communication using the BeiDou Navigation Satellite System, referring to... Figure 1 , Figure 1 This is a flowchart illustrating a source encryption method for narrowband emergency broadcast communication using the BeiDou Navigation Satellite System, provided as an embodiment of this application. The method is applied to a server and includes steps S110 to S160, as follows:
[0017] S110. Obtain the emergency broadcast plaintext message to be sent, and determine the fixed packet length according to the bearing constraints of the Beidou emergency broadcast short message, so as to divide the emergency broadcast plaintext message into a set of continuous plaintext blocks under the constraint of the fixed packet length.
[0018] Specifically, a server refers to a computing node in a network architecture that undertakes centralized processing, storage, and control functions, providing data processing capabilities, business services, or management functions to other devices or systems. In the BeiDou emergency broadcasting system, the server is deployed on the emergency broadcasting service platform or command and dispatch center, serving as the core node for the generation, management, and distribution of emergency broadcasting information. Its main responsibilities include receiving emergency broadcasting content from business systems or manual instructions, standardizing, encrypting, and scheduling plaintext emergency broadcasting messages, and sending emergency broadcasting information to terminal devices or broadcast coverage areas via the BeiDou short message communication link. When the server begins processing a single emergency broadcast message on the sending side, it first establishes a plaintext processing context. This plaintext processing context is used to uniformly store the message identifier, emergency broadcast plaintext message, bearer constraint parameters, fixed block length, continuous plaintext block set, and temporary state required for subsequent encryption within the same processing cycle, thereby avoiding state overlap between different messages. Subsequently, the server retrieves the emergency broadcast plaintext message to be sent from the plaintext processing context and solidifies it into a byte stream. A byte stream refers to the result of mapping characters, punctuation, control fields, etc., into a continuous byte sequence according to a unified encoding rule, so that subsequent block segmentation based on byte boundaries will not produce encoding ambiguity. At the same time, the server records the association between the total length of the byte stream, the encoding identifier, and the message identifier in the plaintext processing context to ensure that subsequent determination of the fixed block length and block segmentation are carried out around the same message identifier.
[0019] In the plaintext processing context, the bearer constraint parameters corresponding to the BeiDou emergency broadcast short message communication protocol are read. These bearing constraint parameters constrain the value space of the fixed packet length and ensure that subsequent packet encryption processing does not introduce additional communication overhead. The bearing constraint parameters include the upper limit of the effective payload length allowed to be carried by a single short message, the constraint condition that the message length extension is not allowed to be introduced during the encryption process, and the alignment requirements of the packet encryption mode for the packet size. The upper limit of the effective payload length is used to limit the maximum number of bytes that the ciphertext sequence can be carried by the short message at one time. The non-expandable message length constraint is used to limit that the total byte length cannot be changed by padding bytes, adding authentication fields, or adding random fields during the packet process. The alignment requirements are used to limit that the fixed packet length must meet specific packet boundary rules so that the packet encryption mode can be directly processed. To make the subsequent calculations reproducible, the above bearing constraint parameters are standardized into the same set of fields in the plaintext processing context, and the field order, field encoding, and field boundaries are solidified into a protocol constraint snapshot to ensure consistency in the determination of the fixed packet length under the same protocol version.
[0020] The fixed packet length for processing plaintext messages in this emergency broadcast is determined based on a comprehensive set of bearing constraint parameters. This ensures that the fixed packet length simultaneously satisfies the short message carrying capacity constraint and the consistency requirements of the packet encryption mode for the packet structure, while also meeting the non-expandable message length constraint. Specifically, candidate values for the fixed packet length are constructed as integer multiples of the alignment requirements, and a safety margin factor is introduced. This allows the fixed packet length to reserve carrying space for protocol header fields or scheduling fields while meeting the alignment requirements, thereby avoiding the risk of truncation when the ciphertext sequence is written into the short message. The fixed packet length can be determined according to the following complex constraint optimization form: in, This indicates a fixed group length, and its value is a positive integer that satisfies the alignment requirements. This indicates the granularity of the block alignment, and its value is determined by the alignment requirements of the selected block encryption mode. For example, the alignment granularity can be given by the algorithm implementation constraints. This indicates the maximum effective payload length that a single short message is allowed to carry; the value is obtained from the payload constraint parameters. This indicates the protocol's reserved payload length, the value of which is determined by the protocol constraint snapshot, and is used to reserve space for necessary fields in the protocol layer. This indicates the length reserved for scheduling redundancy. Its value is determined by the service-side scheduling strategy and is used to reserve space for broadcast scheduling or routing fields. This represents the set of indices for the set of block lengths that can be supported by the block encryption mode; the values are given by the algorithm implementation constraints. Indicates that the index is The supported block length is determined by the block encryption mode parameter. This indicates that the index is The supported safe deduction amount for group length, the value of which is determined by the implementation strategy, is used to avoid group length unavailability due to boundary conditions; Used to select the most stringent upper bound under multiple constraints; This is used to round down to ensure that the fixed packet length does not exceed the upper limit of the constraint; this form ensures that the fixed packet length does not exceed the short message carrying limit, maintains strict consistency with the packet alignment granularity, and reserves a deterministic safety boundary for the non-extendable length constraint.
[0021] After determining the fixed block length, the emergency broadcast plaintext message is sequentially scanned byte-wise from its starting position, and equal-length data segments are sequentially extracted using the fixed block length as the sole segmentation criterion to form multiple plaintext blocks. Sequential scanning refers to reading the byte stream incrementally by index and performing segmentation when a predetermined boundary is reached. Equal-length data segments refer to each plaintext block having a fixed block length, ensuring that subsequent block encryption modes can perform consistent block operations on each plaintext block. To ensure stable and reproducible segmentation boundaries, a subscript interval mapping is established in the plaintext processing context driven by block sequence numbers, and a boundary indicator function is introduced to adapt to cases where the byte stream length is not an integer multiple of the fixed block length. The mapping relationship between plaintext blocks and the byte stream can be expressed as: in, Indicates the first Within the plaintext group, the first The value of each byte position; This indicates that the byte stream corresponding to the plaintext emergency broadcast message is located at index [index missing]. The value of the byte at that location is obtained by reading from the byte stream. This represents the block number, with values starting from 1 and incrementing. This indicates a fixed group length, the value of which is determined by the aforementioned constraint optimization. Indicates the offset index within the group, with a value range of 0 to... ; This represents the total length of the byte stream, and its value is obtained from the byte stream length statistics. This indicates a boundary indicator function, which takes the value 1 when the condition inside the parentheses is true, and 0 otherwise. The out-of-bounds placeholder byte is generated by the structural rearrangement rules of the subsequent equal-length mapping method. It is used to ensure that the plaintext block length is strictly equal and the total length is not expanded by adding padding bytes. By introducing the boundary indicator function and the out-of-bounds placeholder byte, the scanning truncation has a unified expression in mathematical structure and provides an operable interface for the subsequent structural rearrangement without length expansion.
[0022] When the scan reaches the end of the emergency broadcast plaintext message and the remaining byte length is less than the fixed packet length, without introducing additional padding bytes, the remaining bytes and adjacent plaintext packets are structurally rearranged according to the equal-length mapping method allowed by the BeiDou emergency broadcast short message protocol to ensure that each resulting plaintext packet meets the fixed packet length requirement. The equal-length mapping method refers to redistributing the remaining bytes that are insufficient to form a group at the end to the byte positions of the last few plaintext packets through deterministic permutation mapping while keeping the total length of the byte stream unchanged. This ensures that each plaintext packet still has a fixed packet length and the mapping is reversible, so that the receiving side can restore the original byte order after decryption based on the same permutation mapping. To ensure that the rearrangement rule is reproducible and reversible, a permutation index is constructed in the plaintext processing context and associated with the message identifier. The structural rearrangement can be characterized by the following permutation mapping form: in, This represents the last byte vector involved in the reordering. Its value is obtained by truncating the end of the byte stream and its length is equal to the total number of bytes involved in the reordering. This represents the rearranged byte vector, whose value is the result of concatenating byte sequences used to fill the last few equal-length plaintext blocks; Indicates the rearrangement parameters A deterministic permutation matrix, which contains only 0 and 1 and has only one 1 in each row and column, is used to express deterministic permutations of byte positions. This represents the set of rearrangement parameters, whose values are determined by the protocol-allowed equal-length mapping method, fixed packet length, remaining byte length, and message identifier. These parameters are fixed in the plaintext processing context to ensure consistency between the sending and receiving sides. This permutation mapping does not introduce any new bytes, but only changes the position allocation of the last few bytes within the equal-length packet, thereby simultaneously satisfying the fixed packet length requirement and the non-expandable message length constraint, and providing a strictly equal-length processing object for subsequent packet encryption modes.
[0023] Multiple plaintext packets are numbered according to their order of appearance in the corresponding emergency broadcast plaintext messages. A continuous plaintext block set containing block numbers and plaintext byte content is constructed, making the continuous plaintext block set the sole traversal object for subsequent packet encryption processing. The block number is used to identify the logical position of each plaintext packet in the overall byte order. The continuous plaintext block set is used to provide a definite processing order and the order basis for the ciphertext splicing stage in a block number-driven manner, thereby ensuring that the target ciphertext block set can maintain a one-to-one correspondence with the continuous plaintext block set. To avoid the numbering process being affected by abnormal segmentation or rearrangement, the number of blocks, the starting offset of each block, and the effective byte mask of each block are recorded simultaneously in the plaintext processing context. This ensures that the continuous plaintext block set can be stably reproduced under the same numbering rules in subsequent encryption and decryption, and that the structure is strictly consistent with the emergency broadcast plaintext message in terms of length when constructing the ciphertext sequence.
[0024] S120. Based on the message identifier corresponding to the emergency broadcast plaintext message, obtain a set of dynamic factors to characterize the current emergency broadcast communication status, and generate a dynamic factor string based on the dynamic factor set. The dynamic factor set includes communication time, communication equipment characteristic information, and communication location code. The dynamic factor string has the characteristic of being reproducible under the same message identifier and has the characteristic of being distinguishable under different message identifiers.
[0025] Specifically, when establishing a one-to-one correspondence message identifier for an emergency broadcast plaintext message on the sending side, the message identifier is first generated in the message processing context and written into the message processing context as a unique association index. This ensures consistency in subsequent dynamic factor set collection, dynamic factor string generation, and subsequent initialization vector and session key derivation, all revolving around the same message identifier. The message identifier is a logical marker used to uniquely identify a single emergency broadcast plaintext message within the sending side. It does not carry plaintext semantics and is not equivalent to the sequence number field in the communication protocol. The message identifier must remain globally unique within its validity period on the same sending side and can be repeatedly read within the same message processing context. To avoid the collision risk caused by the message identifier being unrelated to the plaintext content, and to maintain a traceable association with the communication status, the message identifier can be generated by constraints from the emergency broadcast plaintext message byte stream digest, communication time, communication device characteristic information, and communication location code. It is stored on the sending side as a fixed-length field, and its generation function can be expressed as: in, This represents the message identifier, which takes the value of a fixed-length byte sequence and is uniquely bound to the emergency broadcast plaintext message in the message processing context; This represents a truncation function that truncates the first part of the input result according to predetermined rules. 1 byte to obtain a fixed-length output The value is pre-configured by the system. This represents a hash function used to map an input byte sequence to a fixed-length digest. The hash function can be a hash algorithm that meets cryptographic security requirements. Indicates the plaintext message The byte stream obtained by encoding is encoded using a method agreed upon by the system and consistent on both the sending and receiving sides. Indicates communication time The normalization result, the normalization method is used to convert the time representation into a fixed-format byte field; Represents communication device characteristic information The normalization result, the normalization method is used to convert the device stability identifier field into a fixed format byte field; Indicates communication location code The normalization result, the normalization method is used to convert the location code into a fixed format byte field; This indicates a concatenation operation, used to join multiple byte fields sequentially into a single byte sequence. The message identifier salt value is a fixed byte sequence that is preset during system deployment and remains unchanged during operation. It is used to reduce the probability of message identifier collisions under boundary conditions and enhance unpredictability.
[0026] When collecting a dynamic factor set to characterize the current emergency broadcast communication status based on the message identifier, communication time, communication device characteristic information, and communication location code are collected separately using the message identifier as an index within the message processing context to form a dynamic factor set. The dynamic factor set refers to a multi-field set that can be stably reproduced within the same message processing cycle and reflects the current communication status. Communication time refers to the time parameter obtained from a unified time base source, used to characterize the time state of the current message generation and encryption on the sending side. Precision normalization processing refers to truncating or rounding the original time representation according to a predetermined time granularity and unifying the time zone or time base source, thereby avoiding cross-end inconsistencies caused by sub-second jitter. Communication device characteristic information refers to a stable identifier field read from within the communication device, used to characterize the device performing encryption and transmission. The identity feature and consistency verification refer to performing format verification, version verification, or checksum verification on the stable identifier field to prevent abnormal values from being read into the dynamic factor set. The communication location code refers to the location code obtained from the location configuration or scheduling information bound to the emergency broadcast service, which is used to characterize the broadcast coverage area or service area to which the message is directed. The location configuration refers to the location code table predefined in the service system, and the scheduling information refers to the location parameters carried when the message sending task is issued. In order to ensure the traceability of the dynamic factor set within the message processing cycle, each dynamic factor is bound to the message identifier and written into the message processing context. At the same time, the source of the timing source identifier, the device identifier field, and the location code are recorded to ensure that each dynamic factor can be processed with the same field semantics in the subsequent normalization and splicing stages.
[0027] After completing the collection of dynamic factor sets, when performing unified normalization processing, the following steps are first performed in the message processing context: fixing the field order, aligning the field length, and unifying the field encoding format for communication time, communication device characteristic information, and communication location code. Fixing the field order means defining a unique field arrangement order for the dynamic factor set that cannot be changed during operation, avoiding inconsistencies in dynamic factor strings caused by different implementations using different arrangements for the same field set. Field length alignment means converting each field into a byte field of a predetermined length. For fields shorter than the predetermined length, a deterministic alignment strategy is used to generate padding results; for fields longer than the predetermined length, a deterministic truncation strategy is used to generate truncation results, making field boundaries resolvable and reproducible. Unifying the field encoding format means unifying the field content to the same encoding system and byte order rule. For example, unifying numeric fields to big-endian byte order or network byte order, and unifying string fields to a specified character set encoding, thereby avoiding encoding differences between different platforms. To ensure the determinism of the normalization processing, the normalization operation for each dynamic factor field can be abstracted into a parameterized mapping function, and the mapping parameters are fixed in the message processing context. The normalization result can be represented as: in, Represents dynamic factor field The normalized byte field output takes the value of a fixed-length byte sequence; This indicates an encoding function that encodes the field. By encoding parameters Convert to a byte sequence The value is determined by the field type and is predefined in the system; This represents a length alignment function that aligns the encoded byte sequence to a length of [length value missing]. Fixed-length byte fields, This indicates the target length of the field; its value is configured by the system and bound to the field's semantics. This parameter represents the alignment strategy, and its values specify the padding method, truncation method, and byte order rule. This field represents the communication time, and its value is obtained from the time source and normalized for precision. This field represents the characteristic information of the communication device, and its value is read from the stability identifier field and verified for consistency. This field represents the communication location code, and its value is obtained from the location configuration or scheduling information.
[0028] When generating a dynamic factor string based on normalization, the normalized byte fields of communication time, communication device feature information, and communication location code are concatenated according to a pre-agreed and immutable concatenation order to form the dynamic factor string. A unique binding relationship is then established between the dynamic factor string and the message identifier in the message processing context, making the dynamic factor string the sole parameter carrier for subsequent initialization vector generation and session key derivation. A dynamic factor string is a single byte sequence formed by concatenating multiple normalized byte fields in a fixed order. This immutable concatenation order ensures that the dynamic factor string can be repeatedly generated under the same message identifier and possesses distinguishable characteristics under different message identifier conditions. These distinguishable characteristics arise from variations in communication time, differences in communication device feature information, differences in communication location codes, and contextual differences introduced by message identifier binding. To enhance the collision resistance of the dynamic factor string under boundary conditions while ensuring that the concatenation boundaries are parseable, deterministic boundary labels can be inserted between the fields, and structured encapsulation can be introduced. The dynamic factor string can be represented as: in, This represents a dynamic factor string, whose values are byte sequences that can be directly used by subsequent hashing and derivation processing. This indicates encapsulation and concatenation of functions, according to the encapsulation parameters. Combine multiple labeled fields into a single byte sequence. The value is used to define the field concatenation order, boundary representation, and overall encapsulation format; A normalized byte field representing the communication time; A normalized byte field representing characteristic information of a communication device; The normalized byte field representing the communication zone code; , , These represent field cells with boundary labels. , , The boundary label is a fixed byte label pre-defined by the system to ensure that the field boundaries remain definite after concatenation. By encapsulating the deterministic constraints of the concatenation function, the dynamic factor strings generated under the same message identifier can be stably reproduced, and the dynamic factor strings generated under different message identifiers remain statistically distinguishable, thus meeting the dual requirements of consistency and distinguishability for subsequent security parameter generation.
[0029] S130. Generate a dynamic initialization vector corresponding to the message identifier based on the dynamic factor string. By combining the dynamic factor string with the preset auxiliary parameters of the dynamic initialization vector and performing hash processing, obtain the target initialization vector that uniquely corresponds to the emergency broadcast plaintext message.
[0030] Specifically, when reading preset auxiliary parameters in the message processing context corresponding to the emergency broadcast plaintext message, the storage identifier of the preset auxiliary parameters is first located in the message processing context, and the preset auxiliary parameters are read from the configuration storage area. The preset auxiliary parameters are then written into the message processing context and bound to the message identifier, ensuring that the construction of subsequent initialization vector input data has a consistent data source within the same message processing context. Preset auxiliary parameters refer to a fixed set of parameters pre-configured during system deployment and unchanged during operation. These parameters are used to introduce stable constraints for dynamic initialization vector generation and reduce the probability of collisions between different dynamic factor strings under boundary conditions. Preset auxiliary parameters do not change with the emergency broadcast plaintext message and are not equivalent to the preset master key. The parameters include at least the initialization vector salt, domain separation label, version identifier, length constraint identifier, and iteration round identifier. The initialization vector salt is used to increase the unpredictability of the hash input, the domain separation label is used to distinguish the input domain of the initialization vector generation from other derived processes, the version identifier is used to keep the generation rules controllable during the upgrade process, the length constraint identifier is used to indicate the target length of the target initialization vector and match the block encryption mode, and the iteration round identifier is used to constrain the number of iterations in the multi-round hybrid process to ensure consistency across different implementations. After reading, the version number of the preset auxiliary parameters, the verification result of the checksum, and the effective range marker are recorded in the message processing context to avoid configuration drift causing the same message to generate different target initialization vectors in different running instances.
[0031] When dynamic factor strings are combined with preset auxiliary parameters according to a pre-agreed and immutable combination method, structured encapsulation is performed on the dynamic factor strings and preset auxiliary parameters in the message processing context. The combination method includes a fixed combination order, clear field boundaries, and consistent field length constraints, thereby forming an initialization vector input data with a definite structure and repeatable construction. The fixed combination order means that the order of the preset auxiliary parameter fields and dynamic factor string fields is uniquely specified in the system and cannot be adjusted during operation. Clear field boundaries mean that the start and end positions of each field can still be determined after concatenation to avoid field ambiguity. Consistent field length constraints mean that each field is converted into a byte field of a predetermined length or carries a length prefix before combination to ensure that the encapsulation is parseable. To make the initialization vector input data have stronger context binding in the message identification dimension, and to make the field boundaries parseable at the byte level, a layered encapsulation form with length prefix, boundary label, and field separation can be adopted. The initialization vector input data can be represented as: in, This represents the initialization vector input data, which takes the value of a structured byte sequence used for hash processing. This indicates encapsulation and concatenation of functions, according to the encapsulation parameters. Combine multiple field units into a single byte sequence. The value is used to define the field concatenation order, boundary label encoding rules, length prefix encoding rules, and overall encapsulation format; This indicates the salt value field of the initialization vector in the preset auxiliary parameters, and its value is a fixed byte sequence configured during the system deployment phase; The dynamic factor string takes the value of a byte sequence obtained by normalizing and encapsulating communication time, communication device characteristic information, and communication location code. This indicates the version identifier field in the preset auxiliary parameters, whose value is a fixed byte sequence used to distinguish different generation rule versions; This indicates the length constraint identifier field in the preset auxiliary parameters, and its value is a fixed-encoded field used to indicate the target length of the target initialization vector; This represents the message identifier, and its value is a fixed-length byte sequence that corresponds one-to-one with the emergency broadcast plaintext message in the message processing context. This represents a length retrieval function, used to obtain the byte length of the corresponding field and convert it into a length prefix field according to a unified encoding rule; , , , , These represent field units with boundary labels and length prefixes, respectively. , , , , This represents a boundary label, with a value that is a fixed byte label pre-defined by the system. It is used to ensure that the field boundaries can still be determined after combination and to avoid field ambiguity.
[0032] When performing hash processing on the initialization vector input data to obtain the first hash output result, and then performing length normalization processing to generate the target initialization vector after hash processing, the initialization vector input data is first submitted to the hash function in the message processing context to obtain the first hash output result. Hash processing refers to the cryptographic transformation process of mapping an arbitrary length byte sequence to a fixed length digest, which is used to make local changes in the input globally diffused in the output and irreversible, thereby weakening the output correlation that may be caused by the dynamic factor string having similar local fields. The length of the first hash output result is determined by the selected hash algorithm, which may be inconsistent with the requirements of the block cipher mode for the initial chain value length. Therefore, length normalization processing is performed in the message processing context to transform the first hash output result into a target initialization vector that meets the target length. To avoid structural bias caused by direct truncation and to enhance robustness and consistency to different implementation details, the length normalization processing adopts a composite process of "multi-round field separation expansion - sliding window folding - rotation XOR compression - deterministic truncation", so that the target initialization vector satisfies the target length constraint and maintains sufficient diffusion. The process can be represented as: in, Indicates the first The intermediate hash block after round expansion takes the value of a fixed-length byte sequence; This represents a hash function used to map an input byte sequence to a fixed-length digest. The choice of hash function is predetermined by the system implementation and remains consistent during operation. This represents the input data for the initialization vector; This indicates the initialization vector field separation label, which takes the value of a fixed byte sequence in the preset auxiliary parameters and is used to distinguish the input field generated by the initialization vector; This represents the round-based encoding function, used to index the rounds. Convert to a fixed-format byte field according to unified encoding rules. The range of values is determined by the iteration round identifier; This indicates a mixed-domain separation label, with a value being a fixed byte sequence in the preset auxiliary parameters. It is used to isolate the secondary hash branches to reduce the correlation caused by structural repetition. This indicates the number of expansion rounds, and its value is determined by the iteration round identifier in the preset auxiliary parameters. It is used to ensure that different implementations generate the same number of intermediate hash blocks. This represents the extended byte stream obtained by concatenating all intermediate hash blocks in round-order. This indicates a sequential concatenation operation. Indicates from arrive Assemble them sequentially; This represents the normalized intermediate vector after folding and compression, with a value of length . byte sequence; This represents the target length of the target initialization vector. Its value is determined by the block cipher mode's requirement for the initial chain value length and is consistent with the length constraint identifier in the preset auxiliary parameters. This represents the number of collapsed windows, and its value satisfies the following conditions: ,in Indicates the length of the extended byte stream and is determined by Determined in conjunction with the output length of a single-round hash; Indicates the position of the extended byte stream The byte value at that location; This represents the XOR operation, used to stack multiple bytes bitwise to achieve folded compression. This represents a circular left shift function, which shifts bytes... Cyclic left shift Output after bit 1, The value of is given by the spin scheduling function; Represents the spin-off scheduling function, used to give the first... The output position and the first The number of rotations corresponding to each folded window The value ranges from 0 to 7 and is determined by the scheduling rules in the preset auxiliary parameters, thereby ensuring that the rotational mixing process is reproducible. This indicates an output field separation label, whose value is a fixed byte sequence in the preset auxiliary parameters, used to separate the final output compressed field from the preceding extended field. This indicates a check domain separation label, whose value is a fixed byte sequence in the preset auxiliary parameters, used to introduce a consistency check branch to enhance diffusion; This represents a deterministic truncation function that truncates the input result to a length of a predetermined value according to a predefined rule. byte sequence; The target initialization vector is a fixed-length byte sequence that meets the initial chain length requirement of the block cipher mode and is uniquely bound to the message identifier in the message processing context, so that it can be stably reproduced under the same message identifier and maintains distinguishability under different message identifiers.
[0033] S140. By constructing derived material from the dynamic factor string and the preset master key and performing hash processing, the dynamic session key is intercepted.
[0034] Specifically, when reading the preset master key from the secure storage area in the message processing context corresponding to the plaintext emergency broadcast message, the sending side first locates the secure storage area based on the key index recorded in the message processing context, and triggers the key reading process under the constraints of the access control policy, loading the preset master key into the controlled operating environment. The secure storage area refers to a key storage space with access authentication, anti-tampering, and isolation protection capabilities, used to prevent unauthorized entities from directly reading or copying the key content. The preset master key refers to the root key parameter that is written once during the system deployment phase and remains unchanged during system operation. Its function is to serve as the basis for the derivation of dynamic session keys rather than being used directly as the working key for block encryption mode. During the reading process, only the reference relationship or handle identifier of the preset master key is saved in the message processing context, and the plaintext of the preset master key is not persistently saved in ordinary memory, thereby reducing the risk of exposure of the preset master key in the operating environment. At the same time, the key version identifier and reading status are recorded in the message processing context to ensure the consistency and auditability of the subsequent derivation process.
[0035] After reading the preset master key, the dynamic factor string is combined with the preset master key according to a pre-agreed and immutable derivation structure to form derived material. The derivation structure defines the order of the preset master key fields and dynamic factor fields during the combination process, field boundary identifiers, and field length constraint rules, making the derived material structurally deterministic and resolvable. The fixed order ensures that different implementations or devices generate completely consistent derived material under the same message identifier. The field boundary identifiers distinguish the preset master key fields from the dynamic factor fields after combination, avoiding inconsistencies in the derivation results caused by field ambiguity. The field length constraint rules are used to perform fixed-length processing or add length descriptions to each field, making the combination result have a stable parsing method at the byte level. The derived material refers to a structured data object composed of the preset master key, dynamic factor string, and necessary derivation control fields in the same message processing context. Its content reflects the system-level key base and the time, device, and location status corresponding to the current emergency broadcast message, thus providing an input basis for the subsequent generation of dynamic session keys that correspond only to the current message.
[0036] After the derived material is generated, a hash process is performed on the derived material to obtain a second hash output. The hash process is a cryptographic process that maps the derived material to a fixed-length output. This process ensures that the information in each field of the derived material is fully diffused in the output and has irreversible properties. This guarantees that even if an attacker obtains the dynamic session key, it will be difficult to deduce the original content of the preset master key or dynamic factor string. The second hash output is the direct output of the hash function. Its length is determined by the selected hash algorithm and may not be consistent with the requirements of the block cipher mode for the working key length. Therefore, after the hash process is completed, according to the requirements of the block cipher mode for key length, a length truncation process is performed on the second hash output to generate a dynamic session key. The length truncation process is to select a continuous byte sequence of a predetermined length from the second hash output according to deterministic rules as the final dynamic session key, so that the same derived material always produces a consistent dynamic session key in different running instances.
[0037] Through the aforementioned reading of the preset master key, construction of derived materials, hash processing, and length truncation processing, the generated dynamic session key is logically uniquely bound to the message identifier corresponding to the plaintext emergency broadcast message, making the dynamic session key valid only in the block encryption processing of the current message. Since the preset master key does not directly participate in plaintext encryption operations, and the dynamic session key is promptly cleared after message processing, the risk of exposure of the preset master key is reduced in the mechanism, and the security risks caused by the reuse of the session key in different emergency broadcast messages are effectively avoided.
[0038] S150. After obtaining the target initialization vector and the dynamic session key, configure the block encryption mode of the symmetric encryption algorithm, and use the target initialization vector as the initial chain value constraint of the block encryption mode, and the dynamic session key as the encryption control parameter of the block encryption mode. At the same time, perform block encryption processing on each continuous plaintext block one by one according to the order of the continuous plaintext block set to generate a target ciphertext block that corresponds one-to-one with each continuous plaintext block.
[0039] Specifically, when selecting the block encryption mode and configuring the block length in the message processing context corresponding to the emergency broadcast plaintext message, the message length non-expandable constraint is first fixed in the message processing context, ensuring that the ciphertext output must be consistent with the emergency broadcast plaintext message in terms of overall byte length. Then, a block encryption mode that satisfies equal-length output and can introduce chain constraints is selected from the set of block encryption modes available for symmetric encryption algorithms. The block length of the block encryption mode is configured to be consistent with the block length of each consecutive plaintext block in the set of consecutive plaintext blocks, thereby ensuring that no padding data is introduced when each consecutive plaintext block enters the block encryption process. Block encryption mode refers to the symmetric encryption algorithm in the case of multiple blocks. The above set of operational rules establishes inter-group dependencies and is used to extend single-group encryption transformation into chained encryption of multi-group sequences. The group length refers to the byte limit of a single group encryption transformation, and the block length refers to the fixed byte length of each consecutive plaintext block in the set of consecutive plaintext blocks. The consistency constraint between ciphertext length and plaintext length means that the encryption process must not change the total byte length to maintain the short message carrying structure. To avoid inconsistent group length configurations due to implementation differences, the group encryption mode identifier, group length value, block length value, and no-fill constraint flag are recorded in the message processing context. Consistency checks are used to ensure that the group length and block length are completely equal before proceeding to the next stage.
[0040] The target initialization vector is written to the initial chain value register, and the dynamic session key is written to the key register. Simultaneously, when establishing the chain value state variable, the block cipher mode runtime environment is first initialized in the message processing context, and the target initialization vector is written to the initial chain value register, making it the initial chain value constraint when the first consecutive plaintext block enters the chain encryption. Then, the dynamic session key is written to the key register, making it the unique encryption control parameter for this message's block cipher processing. At the same time, the chain value state variable is established in the message processing context, and its initial value is set to the target initialization vector. The initial chain value register refers to the area used to store the initial chain value of the block cipher mode. The controlled storage area of the chain value, the key register area refers to the controlled storage area used to store the working key of the block encryption mode, and the chain value state variable refers to the runtime variable used to carry the chain state of "the previous ciphertext affects the encryption of the next block" during the block encryption process. Its life cycle is limited to the current message encryption cycle and needs to be cleared after the message is completed. In order to make the initialization of the chain value state variable strongly bound to the message identifier and make the chain constraint of each subsequent block traceable, the number of blocks, the block sequence number range and the chain value update strategy flag are also recorded in the message processing context, so that the chain value state variable can be updated according to the consistent rules after each target ciphertext block is generated.
[0041] When traversing consecutive plaintext blocks according to their block numbers and performing block encryption under chain constraints, the process begins by using the block number as the unique order constraint in the message processing context. Starting with the smallest block number, the corresponding consecutive plaintext blocks are read sequentially. While processing the consecutive plaintext block corresponding to the current block number, the chain value state variable and the dynamic session key are simultaneously read. This allows the current consecutive plaintext block to complete chain fusion and block encryption transformation under the combined constraints of the chain value state variable and the dynamic session key to generate the target ciphertext block. The target ciphertext block is then written into the target ciphertext block set, and the chain value state variable is immediately updated with the target ciphertext block. This ensures that the encryption of the next consecutive plaintext block inherits the chain constraints formed by the previous target ciphertext block. The block number refers to... The logical numbering of consecutive plaintext blocks in the byte order of the emergency broadcast plaintext message; traversal refers to processing the set of consecutive plaintext blocks one by one in ascending order of block number; chain constraint refers to creating a dependency relationship between the current block encryption and the previous ciphertext block through chain value state variables; block encryption processing refers to performing three types of operations on the current block under the block encryption mode rules: fusion, encryption, and update; the target ciphertext block refers to the ciphertext byte block of the same length and corresponding one-to-one with the current consecutive plaintext block; to ensure that chain fusion includes not only simple XOR but also block number-related perturbation, domain separation perturbation, and reproducible diffusion mixing, thereby enhancing cross-block distinguishability without increasing message length, the composite chain block encryption processing of the current block can be expressed as the following set of equations: in, Indicates the first The block perturbation vector, whose value is a byte sequence consistent with the block length; This represents a hash function used to generate block number-dependent and reproducible perturbations; This represents the message identifier, and its value corresponds one-to-one with the internal identifier of the emergency broadcast plaintext message. This indicates the block sequence number encoding field, used to encode the block sequence number. Convert to a fixed-format byte field. Incrementing from 1 to the number of blocks; This indicates a block field separation label, with a value set to a system-preset fixed byte sequence, used to distinguish the perturbation generation fields of different blocks; This represents the target initialization vector, used to bind the perturbation to the initialization conditions of the current message; This indicates a byte concatenation operation.
[0042] in, Indicates the first The block to be encrypted before entering the symmetric encryption algorithm has a byte sequence with the same length as the block. Indicates the first A set of consecutive plaintext blocks, the value of which is obtained by reading the consecutive plaintext block set according to the block number; Indicates encryption number The chain value state variable values before the block, where when hour ; This represents the XOR operation; This represents the block perturbation vector, used to introduce block number-related diffusion; This represents a reproducible diffusion mixing function used to nontrivially fuse chain-valued state variables, plaintext blocks, and block perturbation vectors. This represents the bitwise circular left shift function. This indicates the number of bits to shift left, ranging from 0 to 7, and can be determined by the preset scheduling rules in the message processing context and varies with the block number; This represents the bitwise circular right shift function. This represents the number of bits to shift right, ranging from 0 to 7 and also determined by the scheduling rules; by introducing rotation and two-branch XOR, even... It appears repeatedly in different blocks. Still follow and Significantly different due to changes.
[0043] in, Indicates the first A target ciphertext block, with a value that is ANDed with... Equal-length byte sequences; Indicates the dynamic session key Controlled symmetric encryption algorithm single-block encryption transformation; This represents the dynamic session key, and its value is the working key corresponding only to the current message. This represents the key whitening mask generation function, which generates a whitening mask with the same block length from the dynamic session key and block perturbation vector, and then XORs it with the encrypted output. This enhances the representation of block sequence number-related perturbations on the ciphertext side without changing the ciphertext length. The specific implementation of the key whitening mask generation function is pre-agreed by the system and remains consistent in the message processing context. For example, it can be obtained by deterministically encapsulating the dynamic session key and block perturbation vector and then performing hash mapping.
[0044] in, Indicates the generation of the first Updated values of the chain value state variables after each target ciphertext block; This represents the chain value update function, which is used to fuse the current target ciphertext block with the previous chain value state variable and the block perturbation vector to obtain a new chain value state variable; This indicates the number of rotation bits to be updated, with a value ranging from 0 to 7 and determined by the scheduling rules in the message processing context. Through this chain value update function, the chain constraints of the next block depend not only on the previous block of ciphertext but also on the block perturbation vector, thereby further reducing the predictability caused by cross-message or cross-block reuse.
[0045] The above block encryption process continues until all consecutive plaintext blocks in the consecutive plaintext block set are encrypted. Within the message processing context, the process of "reading consecutive plaintext blocks, generating block perturbation vectors, constructing blocks to be encrypted, generating target ciphertext blocks, and updating chain value state variables" is repeated sequentially by block number until the last consecutive plaintext block corresponding to the last block number is encrypted. All target ciphertext blocks are then written into the target ciphertext block set in block number order to maintain a consistent order structure with the consecutive plaintext block set. The target ciphertext block set refers to the collection object composed of target ciphertext blocks in block number order; its purpose is... It serves as the sole data source in the subsequent ciphertext sequence splicing stage to ensure that the ciphertext byte order is consistent with the original emergency broadcast plaintext message group order. After the target ciphertext block set is formed, the encryption completion marker, the number of target ciphertext blocks, the consistency verification result of each block length, and the verification digest of the final value of the chain value state variable are recorded in the message processing context. This enables the block encryption process to form a continuous technical feature link with the preceding target initialization vector generation and dynamic session key generation under the same message identifier constraint, and provides a consistent operational basis for the subsequent ciphertext sequence splicing and session context clearing.
[0046] S160. Concatenate the target ciphertext blocks according to their corresponding block order to form a ciphertext sequence. The overall length of the ciphertext sequence is consistent with that of the emergency broadcast plaintext message to meet the constraint requirement of non-expandable message length in Beidou emergency broadcast narrowband communication. After the ciphertext sequence is generated, clear the session context corresponding to the dynamic session key and the target initialization vector to resist replay attacks without increasing additional communication overhead and improve security protection strength.
[0047] Specifically, after the target ciphertext block set is generated, when sequentially reading each target ciphertext block and performing sequential concatenation processing according to the block number rules determined during the continuous plaintext block set construction phase, the number of blocks and the range of block numbers are first read in the message processing context. Using the block number as the unique order constraint, the corresponding target ciphertext blocks in the target ciphertext block set are located sequentially starting from the smallest block number. The ciphertext byte content of each target ciphertext block is written into the ciphertext sequence buffer in ascending order of block number, thus forming a ciphertext sequence that corresponds one-to-one with the emergency broadcast plaintext message in byte order. The target ciphertext block set refers to the set formed by organizing multiple target ciphertext blocks according to their block numbers. The set object and block sequence number rule refer to the numbering and order constraints determined when constructing a set of consecutive plaintext blocks. The target ciphertext block refers to a ciphertext byte block that corresponds one-to-one with the consecutive plaintext blocks and is of equal length. Sequential splicing processing refers to the processing method of concatenating multiple byte blocks of equal length end to end in a predetermined order to form a continuous byte stream. The ciphertext sequence buffer refers to the continuous storage space used to carry the final ciphertext byte stream. To ensure that the splicing result is verifiable and to avoid missing or duplicate blocks, a splicing cursor, a count of written blocks, and a block sequence number consistency check flag are maintained synchronously in the message processing context. After each write, the cursor position is updated to point to the next write start point in the ciphertext sequence buffer.
[0048] During the concatenation of target ciphertext blocks, when the ciphertext bytes of the target ciphertext block are arranged continuously and the overall length of the ciphertext sequence is consistent with the emergency broadcast plaintext message, length consistency control is performed in the message processing context. This ensures that when each target ciphertext block is written to the ciphertext sequence buffer, only its own ciphertext bytes are written without any padding fields, random fields, or authentication fields, and no inter-block separators are inserted. This guarantees that the overall length of the ciphertext sequence is consistent with the emergency broadcast plaintext message, meeting the constraint requirement of non-expandable message length in BeiDou emergency broadcast narrowband communication. Non-expandable message length means that the output after encryption must not increase the effective payload length of the short message. Continuous arrangement means that the ciphertext bytes are stored in the buffer in block sequence order without gaps. Overall length consistency means that the total number of bytes in the ciphertext sequence is equal to the total number of bytes in the emergency broadcast plaintext message byte stream. To continuously verify length consistency during operation and avoid out-of-bounds writing, the total length of the emergency broadcast plaintext message byte stream is recorded in the message processing context, and a consistency check is performed on the total length of the concatenated ciphertext sequence. This consistency check relationship can be represented as follows: in, This indicates the total byte length of the ciphertext sequence, and its value is the total number of bytes written into the ciphertext sequence buffer. This indicates the number of target ciphertext blocks, and its value is the same as the number of consecutive plaintext blocks and is obtained from the block count record. Indicates the first The byte length of each target ciphertext block is set to the block length of the target ciphertext block and is consistent with the block length of the consecutive plaintext blocks. This represents the total byte length of the plaintext message byte stream in the emergency broadcast, and its value is obtained by statistically analyzing the plaintext byte stream length. This relationship is used to verify that no new bytes are introduced or bytes are lost during the splicing process, thus meeting the requirement that the short message carrying structure remains unchanged.
[0049] After the ciphertext sequence is constructed and written to the transmission buffer, when performing session cleanup processing in the message processing context corresponding to the message identifier, the ciphertext sequence is first written from the ciphertext sequence buffer to the transmission buffer and a transmission ready flag is generated, so that the ciphertext sequence enters a ready-to-transmit state that can be read by the Beidou emergency broadcast transmission link. Then, session cleanup processing is immediately triggered in the same message processing context to reclaim sensitive session parameters related to the current message. The transmission buffer is the output buffer used to carry the effective payload of the short message to be sent. Session cleanup processing is the process of clearing and dereferencing one-time session parameters to prevent session parameters from remaining in the runtime environment and being obtained by subsequent processes or abnormal dumps. Clearing the memory of the dynamic session key means clearing the bytes of the controlled memory area where the dynamic session key is located. Complete overwrite to zero or overwrite to a predetermined zeroing mode. Dereferencing means deleting the dynamic session key handle, pointer, or index mapping in the message processing context, preventing subsequent processes from accessing the dynamic session key. Clearing the target initialization vector and its corresponding chain value state variables means clearing the target initialization vector content in the initial chain value register and clearing the chain value state variables, while deleting the binding relationship with the message identifier, so that the chain constraint state does not continue to exist after the current message ends. To avoid improper clearing order affecting transmission, in the message processing context, it is first confirmed that the transmission buffer has been written and the transmission link has obtained a reference or copy of the ciphertext sequence before clearing the dynamic session key, target initialization vector, and chain value state variables, ensuring that there is no conflict between secure recycling and service transmission.
[0050] After completing session cleanup, when marking the message processing context as terminated, an termination flag is written into the message processing context, and runtime resources associated with the current message identifier are released. This prevents the message processing context from accepting any new encryption requests or parameter reading requests, thereby blocking session parameter reuse and improving security against replay attacks. The termination state refers to the status flag indicating the end of the message processing context's lifecycle. It is used to indicate that the dynamic factor string, target initialization vector, dynamic session key, and chain value state variables of the current message have all expired and cannot be reused. Blocking session parameter reuse means that any subsequent new emergency broadcast plaintext messages will be blocked. The dynamic factor string must be regenerated and a new target initialization vector and a new dynamic session key must be derived. Replay attack refers to the attacker repeatedly injecting historical ciphertext sequences or historical messages into the communication link in an attempt to induce the receiver to repeatedly accept the same service content or infer security parameters. By combining equal-length ciphertext sequence splicing with session cleanup processing, the encryption parameters of each message are used once at the message level and destroyed immediately after transmission. This significantly reduces the security risks caused by session parameter residue and cross-message reuse without increasing additional communication overhead, and enhances the overall security protection strength in the narrowband communication environment of Beidou emergency broadcasting.
[0051] This application also provides a source encryption system for narrowband communication in BeiDou emergency broadcasting, referring to... Figure 2 , Figure 2This application provides a schematic diagram of a source encryption system for narrowband communication in BeiDou emergency broadcasting. The system is a server, comprising an acquisition module 21 and a processing module 22. The acquisition module 21 acquires the plaintext emergency broadcast message to be sent and determines a fixed packet length based on the carrying constraints of the BeiDou emergency broadcast short message, dividing the plaintext message into a set of continuous plaintext blocks under the fixed packet length constraint. The processing module 22 acquires a set of dynamic factors characterizing the current emergency broadcast communication state based on the message identifier corresponding to the plaintext message, and generates a dynamic factor string based on the dynamic factor set. The dynamic factor set includes communication time, communication device characteristic information, and communication location code. The dynamic factor string has the characteristic of being reproducible under the same message identifier and the characteristic of being distinguishable under different message identifiers. The processing module 22 also generates a dynamic initialization vector corresponding to the message identifier based on the dynamic factor string, and obtains the corresponding dynamic initialization vector by combining the dynamic factor string with preset auxiliary parameters of the dynamic initialization vector and performing hash processing. The plaintext message has a unique target initialization vector; the processing module 22 is also used to intercept the dynamic session key by constructing derived material from the dynamic factor string and the preset master key and performing hash processing; the processing module 22 is also used to configure the block encryption mode of the symmetric encryption algorithm after obtaining the target initialization vector and the dynamic session key, and use the target initialization vector as the initial chain value constraint of the block encryption mode, and use the dynamic session key as the encryption control parameter of the block encryption mode. At the same time, it performs block encryption processing on each continuous plaintext block one by one according to the order of the continuous plaintext block set to generate target ciphertext blocks that correspond one-to-one with each continuous plaintext block; the processing module 22 is also used to splice each target ciphertext block into a ciphertext sequence according to the corresponding block order. The overall length of the ciphertext sequence is consistent with the emergency broadcast plaintext message to meet the constraint requirement of the narrowband communication of Beidou emergency broadcast that the message length cannot be extended. After the ciphertext sequence is generated, the session context corresponding to the dynamic session key and the target initialization vector is cleared so as to resist replay attacks without increasing the additional communication overhead and improve the security protection strength.
[0052] It should be noted that the above embodiments of the apparatus are only illustrated by the division of the above functional modules. In practical applications, the above functions can be assigned to different functional modules as needed, that is, the internal structure of the device can be divided into different functional modules to complete all or part of the functions described above. In addition, the apparatus and method embodiments provided in the above embodiments belong to the same concept, and the specific implementation process can be found in the method embodiments, which will not be repeated here.
[0053] This application also provides an electronic device, with reference to... Figure 3 , Figure 3This is a schematic diagram of the structure of an electronic device provided in an embodiment of this application. The electronic device may include: at least one processor 31, at least one network interface 34, a user interface 33, a memory 35, and at least one communication bus 32.
[0054] The communication bus 32 is used to enable communication between these components.
[0055] The user interface 33 may include a display screen and a camera. Optionally, the user interface 33 may also include a standard wired interface and a wireless interface.
[0056] The network interface 34 may optionally include a standard wired interface or a wireless interface (such as a Wi-Fi interface).
[0057] The processor 31 may include one or more processing cores. The processor 31 connects to various parts of the server via various interfaces and lines, executing instructions, programs, code sets, or instruction sets stored in the memory 35, and calling data stored in the memory 35 to perform various server functions and process data. Optionally, the processor 31 may be implemented using at least one hardware form of Digital Signal Processing (DSP), Field-Programmable Gate Array (FPGA), or Programmable Logic Array (PLA). The processor 31 may integrate one or a combination of several of the following: Central Processing Unit (CPU), Graphics Processing Unit (GPU), and modem. The CPU primarily handles the operating system, user interface, and applications; the GPU is responsible for rendering and drawing the content to be displayed on the screen; and the modem handles wireless communication. It is understood that the modem may also not be integrated into the processor 31 and may be implemented as a separate chip.
[0058] The memory 35 may include random access memory (RAM) or read-only memory. Optionally, the memory 35 may include a non-transitory computer-readable storage medium. The memory 35 can be used to store instructions, programs, code, code sets, or instruction sets. The memory 35 may include a program storage area and a data storage area, wherein the program storage area may store instructions for implementing an operating system, instructions for at least one function (such as touch function, sound playback function, image playback function, etc.), instructions for implementing the above-described method embodiments, etc.; the data storage area may store data involved in the above-described method embodiments, etc. Optionally, the memory 35 may also be at least one storage device located remotely from the aforementioned processor 31. Figure 3 As shown, the memory 35, which serves as a computer storage medium, may include an operating system, a network communication module, a user interface module, and an application program for a source encryption method for BeiDou emergency broadcast narrowband communication.
[0059] exist Figure 3 In the electronic device shown, the user interface 33 is mainly used to provide an input interface for the user and to obtain the user input data; while the processor 31 can be used to call the application program stored in the memory 35 for a source encryption method for Beidou emergency broadcast narrowband communication. When executed by one or more processors, the electronic device executes one or more methods as described in the above embodiments.
[0060] It should be noted that, for the sake of simplicity, the foregoing method embodiments are all described as a series of actions. However, those skilled in the art should understand that this application is not limited to the described order of actions, as some steps may be performed in other orders or simultaneously according to this application. Furthermore, those skilled in the art should also understand that the embodiments described in the specification are preferred embodiments, and the actions and modules involved are not necessarily essential to this application.
[0061] This application also provides a non-transitory computer-readable storage medium storing instructions. When executed by one or more processors, these instructions cause an electronic device to perform one or more of the methods described in the above embodiments.
[0062] In the above embodiments, the descriptions of each embodiment have different focuses. For parts not described in detail in a certain embodiment, please refer to the relevant descriptions in other embodiments.
[0063] In the several embodiments provided in this application, it should be understood that the disclosed apparatus can be implemented in other ways. For example, the apparatus embodiments described above are merely illustrative; for instance, the division of units is only a logical functional division, and in actual implementation, there may be other division methods. For example, multiple units or components may be combined or integrated into another system, or some features may be ignored or not executed. Furthermore, the shown or discussed mutual couplings or direct couplings or communication connections may be through some service interfaces; indirect couplings or communication connections between apparatuses or units may be electrical or other forms.
[0064] The units described as separate components may or may not be physically separate. The components shown as units may or may not be physical units; that is, they may be located in one place or distributed across multiple network units. Some or all of the units can be selected to achieve the purpose of this embodiment according to actual needs.
[0065] Furthermore, the functional units in the various embodiments of this application can be integrated into one processing unit, or each unit can exist physically separately, or two or more units can be integrated into one unit. The integrated unit can be implemented in hardware or as a software functional unit.
[0066] If the integrated unit is implemented as a software functional unit and sold or used as an independent product, it can be stored in a computer-readable storage device (CMD). Based on this understanding, the technical solution of this application, in essence, or the part that contributes to the prior art, or all or part of the technical solution, can be embodied in the form of a software product. This computer software product is stored in a memory and includes several instructions to cause a computer device (which may be a personal computer, server, or network device, etc.) to execute all or part of the steps of the methods of the various embodiments of this application. The aforementioned memory includes various media capable of storing program code, such as USB flash drives, portable hard drives, magnetic disks, or optical disks.
[0067] The foregoing description is merely an exemplary embodiment of this disclosure and should not be construed as limiting the scope of this disclosure. Any equivalent changes and modifications made in accordance with the teachings of this disclosure shall still fall within the scope of this disclosure. Those skilled in the art will readily conceive of other embodiments of this disclosure upon considering the specification and the disclosure of practical truth. This application is intended to cover any variations, uses, or adaptations of this disclosure that follow the general principles of this disclosure and include common knowledge or customary techniques in the art not described in this disclosure. The specification and embodiments are considered exemplary only, and the scope and spirit of this disclosure are defined by the claims.
Claims
1. A source encryption method for narrowband emergency broadcast communication using BeiDou, characterized in that, The method includes: The emergency broadcast plaintext message to be sent is obtained, and a fixed packet length is determined according to the carrying constraints of the Beidou emergency broadcast short message, so as to divide the emergency broadcast plaintext message into a set of continuous plaintext blocks under the constraints of the fixed packet length; Around the message identifier corresponding to the emergency broadcast plaintext message, a set of dynamic factors for characterizing the current emergency broadcast communication status is obtained, and a dynamic factor string is generated based on the set of dynamic factors. The set of dynamic factors includes communication time, communication device characteristic information and communication location code. The dynamic factor string has the characteristic of being reproducible under the same message identifier and has the characteristic of being distinguishable under different message identifiers. Based on the dynamic factor string, a dynamic initialization vector corresponding to the message identifier is generated. By combining the dynamic factor string with the preset auxiliary parameters of the dynamic initialization vector and performing hash processing, a target initialization vector uniquely corresponding to the emergency broadcast plaintext message is obtained. The dynamic session key is obtained by constructing derived material from the dynamic factor string and the preset master key and performing hash processing. After obtaining the target initialization vector and the dynamic session key, the block encryption mode of the symmetric encryption algorithm is configured, and the target initialization vector is used as the initial chain value constraint of the block encryption mode. The dynamic session key is used as the encryption control parameter of the block encryption mode. At the same time, the block encryption process is performed on each consecutive plaintext block in the order of the consecutive plaintext block set to generate a target ciphertext block that corresponds one-to-one with each consecutive plaintext block. Each target ciphertext block is concatenated in the corresponding block order to form a ciphertext sequence. The overall length of the ciphertext sequence is consistent with that of the emergency broadcast plaintext message to meet the constraint requirement of non-expandable message length in Beidou emergency broadcast narrowband communication. After the ciphertext sequence is generated, the session context corresponding to the dynamic session key and the target initialization vector is cleared to resist replay attacks without increasing additional communication overhead and improve security protection strength.
2. The source encryption method for narrowband emergency broadcast communication based on BeiDou as described in claim 1, characterized in that, The process of acquiring the plaintext emergency broadcast message to be sent and determining a fixed packet length based on the bearer constraints of the BeiDou emergency broadcast short message, and dividing the emergency broadcast plaintext message into a set of continuous plaintext blocks under the constraints of the fixed packet length, specifically includes: On the sending side, a plaintext processing context corresponding to a single emergency broadcast message is established, and the emergency broadcast plaintext message represented in byte stream form is obtained in the plaintext processing context. In the plaintext processing context, the bearer constraint parameters corresponding to the BeiDou emergency broadcast short message communication protocol are read. The bearer constraint parameters include the effective payload length allowed to be carried by a single short message, the constraint condition that the message length extension is not allowed to be introduced during the encryption process, and the alignment requirements of the packet size for the packet encryption mode. Based on the aforementioned bearer constraint parameters, a fixed packet length for processing plaintext messages in this emergency broadcast is determined to ensure that the fixed packet length simultaneously meets the short message bearer capacity constraint and the consistency requirements of the packet encryption mode on the packet structure. After the fixed group length is determined, the emergency broadcast plaintext message is sequentially scanned from the starting position according to the byte order, and the fixed group length is used as the unique segmentation benchmark to sequentially extract equal-length data segments to form multiple plaintext groups; When the scan reaches the end of the emergency broadcast plaintext message and the remaining byte length is less than the fixed group length, without introducing additional padding bytes, the remaining bytes and adjacent plaintext groups are rearranged according to the equal-length mapping method allowed by the Beidou emergency broadcast short message protocol to ensure that each plaintext group formed meets the fixed group length requirement. Multiple plaintext packets are numbered according to their order of appearance in the corresponding emergency broadcast plaintext messages, and a set of continuous plaintext blocks containing block numbers and plaintext byte content is constructed.
3. The source encryption method for narrowband emergency broadcast communication of BeiDou as described in claim 1, characterized in that, The step of obtaining a dynamic factor set to characterize the current emergency broadcast communication state based on the message identifier corresponding to the plaintext emergency broadcast message, and generating a dynamic factor string based on the dynamic factor set, specifically includes: On the sending side, a one-to-one corresponding message identifier is established for the emergency broadcast plaintext message, and the message identifier is used as a unique association index throughout the source encryption process; A set of dynamic factors is collected around the message identifier to characterize the current emergency broadcast communication status, wherein the communication time is obtained from a time source with a unified time base and is processed by precision normalization, the communication device feature information is read from the stable identifier field inside the communication device and is verified for consistency, and the communication location code is obtained from the location configuration or scheduling information bound to the emergency broadcast service. After the dynamic factor set is collected, the communication time, the communication device feature information, and the communication location code are subjected to unified standardization processing. The standardization processing includes fixing the field order, aligning the field length, and unifying the field encoding format. Based on the standardized processing, the communication time, the communication device feature information, and the communication location code are combined in a pre-agreed and unchangeable splicing order to generate a dynamic factor string, so that the dynamic factor string has the characteristic of being reproducible under the same message identifier and the characteristic of being distinguishable under different message identifiers.
4. The source encryption method for narrowband emergency broadcast communication of BeiDou as described in claim 1, characterized in that, The step of generating a dynamic initialization vector corresponding to the message identifier based on the dynamic factor string involves combining the dynamic factor string with preset auxiliary parameters of the dynamic initialization vector and performing hash processing to obtain a target initialization vector uniquely corresponding to the emergency broadcast plaintext message. Specifically, this includes: In the message processing context corresponding to the emergency broadcast plaintext message, read the preset auxiliary parameters used for initialization vector generation. The preset auxiliary parameters are a set of fixed parameters that are pre-configured during the system deployment phase and remain unchanged during operation. According to a pre-agreed and unchangeable combination method, the dynamic factor string is combined with the preset auxiliary parameters. The combination method includes a fixed combination order, clear field boundaries, and consistent field length constraints, so as to form an initialization vector input data with a defined structure that can be repeatedly constructed. The initialization vector input data is subjected to hash processing to obtain a first hash output result, and after the hash processing is completed, the first hash output result is subjected to length normalization processing to generate a target initialization vector that meets the requirements of block encryption mode.
5. The source encryption method for narrowband emergency broadcast communication of BeiDou as described in claim 1, characterized in that, The process of obtaining the dynamic session key by constructing derived material from the dynamic factor string and the preset master key and performing hash processing specifically includes: In the message processing context corresponding to the emergency broadcast plaintext message, the preset master key is read from the secure storage area. The preset master key is a root key parameter written during the system deployment phase and remains unchanged during operation. The preset master key does not directly participate in plaintext encryption operations. According to a pre-agreed and unchangeable derivation structure, the dynamic factor string is combined with the preset master key to form the derived material. The derivation structure includes a fixed arrangement order of the master key field and the dynamic factor field, field boundary identifiers, and field length constraint rules. The derived material is subjected to hash processing to obtain a second hash output result. After the hash processing is completed, the second hash output result is subjected to length truncation processing to generate a dynamic session key according to the key length requirements of the block encryption mode.
6. The source encryption method for narrowband emergency broadcast communication based on BeiDou as described in claim 1, characterized in that, After obtaining the target initialization vector and the dynamic session key, the step involves configuring a block cipher mode for a symmetric encryption algorithm, using the target initialization vector as the initial chain constraint for the block cipher mode, and using the dynamic session key as the encryption control parameter for the block cipher mode. Simultaneously, block cipher processing is performed on each consecutive plaintext block in the order of the set of consecutive plaintext blocks to generate a target ciphertext block corresponding to each consecutive plaintext block. Specifically, this includes: In the message processing context corresponding to the emergency broadcast plaintext message, select a block encryption mode that satisfies the constraint that the ciphertext length and plaintext length are consistent, and configure the block length of the block encryption mode to be consistent with the block length of each consecutive plaintext block in the set of consecutive plaintext blocks, so as to ensure that each consecutive plaintext block can directly participate in the block encryption process without introducing padding data. Write the target initialization vector into the initial chain value register of the block cipher mode, and write the dynamic session key into the key register of the block cipher mode. At the same time, establish a chain value state variable in the message processing context, and set the initial value of the chain value state variable to the target initialization vector. According to the block number order of the set of consecutive plaintext blocks, each consecutive plaintext block is traversed. For the consecutive plaintext block corresponding to the current block number, block encryption processing is performed under the common constraints of the chain value state variable and the dynamic session key to generate the target ciphertext block. After the target ciphertext block is generated, the chain value state variable is updated to the current target ciphertext block so that the encryption processing of the next consecutive plaintext block inherits the chain constraints formed by the previous target ciphertext block. The above-described group encryption process is performed until all consecutive plaintext blocks in the set of consecutive plaintext blocks are encrypted, so as to obtain a set of target ciphertext blocks that correspond one-to-one with the set of consecutive plaintext blocks and are in the same order.
7. The source encryption method for narrowband emergency broadcast communication of BeiDou as described in claim 1, characterized in that, The process involves concatenating the target ciphertext blocks in their corresponding block order to form a ciphertext sequence. The overall length of this ciphertext sequence is consistent with the plaintext message of the emergency broadcast, satisfying the constraint requirement of non-expandable message length in BeiDou emergency broadcast narrowband communication. After generating the ciphertext sequence, the session context corresponding to the dynamic session key and the target initialization vector is cleared. This enhances security by mitigating replay attacks without increasing communication overhead. Specifically, this includes: After the target ciphertext block set is generated, each target ciphertext block is read sequentially according to the block numbering rules determined in the continuous plaintext block set construction stage. Then, each target ciphertext block is sequentially concatenated in ascending order of block number to form a ciphertext sequence that corresponds one-to-one with the emergency broadcast plaintext message in byte order. During the concatenation of the target ciphertext block, the ciphertext bytes of the target ciphertext block are arranged continuously so that the overall length of the ciphertext sequence is consistent with that of the emergency broadcast plaintext message, thereby meeting the constraint requirement of Beidou emergency broadcast narrowband communication that the message length cannot be extended. After the ciphertext sequence is constructed and written to the transmission buffer, session clearing is performed in the message processing context corresponding to the message identifier. The dynamic session key is cleared from memory and its reference relationship is removed. At the same time, the target initialization vector and its corresponding chain value state variable are cleared so that the session parameters related to the current emergency broadcast plaintext message are no longer retained in the running environment. After completing the session cleanup process, the message processing context is marked as terminated to block session parameter reuse and improve the security protection against replay attacks without increasing additional communication overhead.
8. A source encryption system for narrowband emergency broadcast communication using the BeiDou Navigation Satellite System, characterized in that: The system is used to execute the source encryption method for narrowband emergency broadcast communication for BeiDou as described in any one of claims 1 to 7. The system includes an acquisition module and a processing module, wherein... The acquisition module is used to acquire the emergency broadcast plaintext message to be sent, and determine the fixed group length according to the bearing constraints of the Beidou emergency broadcast short message, so as to divide the emergency broadcast plaintext message into a set of continuous plaintext blocks under the constraints of the fixed group length. The processing module is used to obtain a set of dynamic factors to characterize the current emergency broadcast communication status around the message identifier corresponding to the emergency broadcast plaintext message, and generate a dynamic factor string based on the set of dynamic factors. The set of dynamic factors includes communication time, communication device characteristic information and communication location code. The dynamic factor string has the characteristic of being reproducible under the same message identifier and has the characteristic of being distinguishable under different message identifiers. The processing module is further configured to generate a dynamic initialization vector corresponding to the message identifier based on the dynamic factor string, and obtain a target initialization vector that uniquely corresponds to the emergency broadcast plaintext message by combining the dynamic factor string with the preset auxiliary parameters of the dynamic initialization vector and performing hash processing. The processing module is also used to intercept the dynamic session key by forming derived material from the dynamic factor string and the preset master key and performing hash processing. The processing module is further configured to, after obtaining the target initialization vector and the dynamic session key, configure the block cipher mode of the symmetric encryption algorithm, use the target initialization vector as the initial chain value constraint of the block cipher mode, use the dynamic session key as the encryption control parameter of the block cipher mode, and perform block cipher processing on each consecutive plaintext block one by one according to the order of the consecutive plaintext block set to generate a target ciphertext block corresponding to each consecutive plaintext block. The processing module is further configured to concatenate each of the target ciphertext blocks in the corresponding block order to form a ciphertext sequence. The overall length of the ciphertext sequence is consistent with that of the emergency broadcast plaintext message to meet the constraint requirement of Beidou emergency broadcast narrowband communication that the message length is not scalable. After the ciphertext sequence is generated, the module also clears the session context corresponding to the dynamic session key and the target initialization vector to resist replay attacks without increasing additional communication overhead and thus improve the security protection strength.
9. An electronic device, characterized in that, The electronic device includes a processor, a memory, a user interface, and a network interface. The memory is used to store instructions. The user interface and the network interface are both used to communicate with other devices. The processor is used to execute the instructions stored in the memory to cause the electronic device to perform the method as described in any one of claims 1 to 7.
10. A non-transitory computer-readable storage medium, characterized in that, The non-transitory computer-readable storage medium stores instructions that, when executed, perform the method as described in any one of claims 1 to 7.