31 results about "Pseudorandom permutation" patented technology

The described system and method provide for an encryption and authentication technique that achieves enhanced integrity verification through assured error-propagation using a multistage sequence of pseudorandom permutations. The method generates intermediate data-dependent cryptographic variables at each stage, which are systematically combined into feedback loops. The encryption technique also generates an authentication tag with minimal post processing that is the size of the state. The size of the state is dependent on the number of pseudorandom permutations and the size of the LFSR. The authentication tag provides a unique mapping to the plaintext for any number of plaintext blocks that is less than or equal the size of the state. In addition to being a stand alone encryption algorithm, the disclosed technique is applicable to any mode that uses pseudorandom permutations such as, key dependent lookup tables, S-Boxes, and block ciphers such as RC5, TEA, and AES.

The method provided is for the encryption of data block by block, but unlike conventional methods like DES or AES, with a variable and substantially greater block length. The enciphering operations depend not only on the key, but also on the length of the plaintext blocks. The method meets the Strict Avalanche Criterion much better than conventional ciphers and blocks do not need to be padded. The method that additionally partitions outsized blocks executes the following steps:

Derivation of the internal state of the method from the key, pseudorandom permutation of plaintext bits or groups of plaintext bits, partitioning of outsized plaintext data blocks, execution of at least three unbalanced Feistel network rounds with round functions having the ability to output results with variable length and bit-by-bit exclusive-or combination with output of round functions within the Feistel rounds.

Two El Gamal ciphertexts, which are input to a two-input two-output unit switching gates SW forming a permutation network, are randomized with a random number and randomly permuted, and a zero-knowledge proof, which proves the correspondence between the inputs and outputs of the switching gates SW, is output to a verifier without revealing the random number and the random permutation. A decryption unit decrypts ciphertexts from a unit switching gate SW in he last column through the use of a secret key, and proves in zero-knowledge the validity of the decryption without revealing the secret key. A verification unit verifies the proof of each unit switching gate and the proof of the decryption unit.

A method for the generation of small permutations on digits, for example between 7 and 30 digits, uses basic functions that are classic, one-way functions (generally non-bijective) defined on bits, and uses these functions in a generalized Feistel scheme that has at least five rounds.

The invention provides a method of generating arbitrary numbers given a seed, characterized by providing a challenge derived from the seed to a physical token, receiving an initial response from the physical token, combining the initial response with helper data associated with the challenge to produce a stable response, and generating the arbitrary numbers using a pseudo-random number generator using the stable response as a seed for the generator. Preferably one or more of these pseudo-random permutations are used as one or more round function(s) in a Feistel block cipher. The generated arbitrary numbers may also be used to create a cryptographic key.

A system and method for pseudorandom permutation for interleaving in wireless communication are disclosed. In one embodiment, the method comprises receiving a first ordered sequence of communication symbols having a first order, permuting the first ordered sequence of communication symbols to generate a second ordered sequence of communication symbols having a second order, and outputting the second ordered sequence of communication symbols, wherein the second order is based, at least in part, on a third order having a greater size than the second order, the third order being a pseudorandom permutation defined by the input-output relationship Y=mod((m*S*(S+1))/2,P),,wherein P is the smallest power of two not less than the number of elements in the first ordered sequence, S is an input order represented by a sequence of consecutive integers from zero to P-1 in increasing order, Y is an output order represented as a sequence of integers, and m is an integer.

The invention discloses a method for encrypting a white box password based on random permutation. The method comprises the following steps: inputting a confusion function P; performing random permutation on S; and outputting a confusion function Q. By adoption of the method disclosed by the invention, more other information cannot be acquired except that a lookup table is observed, the entire encryption of the encryption scheme can be guaranteed to be not restored by an attacker due to white box attack, namely, an algorithm having the same encryption function is not copied, and thus the security of operating the encryption algorithm on an untrusted terminal is guaranteed.

An encryption and authentication technique that achieves enhanced integrity verification through assured error-propagation using a multistage sequence of pseudorandom permutations. The present invention generates intermediate data-dependent cryptographic variables at each stage, which are systematically combined into feedback loops. The encryption technique also generates an authentication tag without any further steps that is N times longer than the block size where N is the number of pseudorandom permutations used in the encipherment of each block. The authentication tag provides a unique mapping to the plaintext for any number of plaintext blocks that is less than or equal to N. In addition to being a stand alone encryption algorithm, the disclosed technique is applicable to any mode that uses pseudorandom permutations such as, key dependent lookup tables, S-Boxes, and block ciphers such as RC5, TEA, and AES.

The invention relates to a pseudo random permutation (PRPM) based lightweight data encryption method in OPC UA edge computation, and belongs to the field of industrial data security. Lightweight dataencryption is realized in OPC UA edge computation based on PRPM in a chaotic system. A file is converted into a binary format, the file in the binary format is divided into segmented files, each segmented file includes multiple block files, blocks in each segmented file is scrambled by pseudo random arrangement, and all segmented block files are recombined to complete file encryption.

The invention relates to a sequence cipher based search encryption method in a cloud storage environment. The sequence cipher based search encryption method in the cloud storage environment comprises the steps of realizing data security search by improving a key stream generation mode in sequence cipher encryption, and carrying out ECB encryption for a searched keyword to form a direct ciphertext; generating a random number by a pseudorandom generator, and generating a key stream by using the random number and the direct ciphertext through a pseudorandom replacement function; and finally carrying out XOR operation for the key stream and the direct ciphertext to obtain a concealed ciphertext, storing the concealed ciphertext at a server and accordingly building a query matching table; when a new search query occurs, firstly calculating a replacement key and then comparing data in the query matching table with the equality relationship among the concealed ciphertext of the current query session, and accordingly confirming the returned query result. The sequence cipher based search encryption method in the cloud storage environment can realize efficient data search of users, can increase the verification efficiency and can guarantee privacy security.

The invention provides a data security protection method based on granulation. The data security protection method comprises the following steps: S1, acquiring a group of plaintext data; Ss2, preprocessing the plaintext data to obtain plaintext grouped data; Ss3, performing first pseudo-random replacement on the plaintext grouped data to obtain replacement data; Ss4, performing grouping encryptionon the replacement data to obtain grouping encryption data; and S5, performing second pseudo-random replacement on the block encryption data to obtain ciphertext data. According to the data securityprotection method based on granulation, the probability that a secret stealer steals and restores effective information is reduced, and the security of data transmission is improved.

Disclosed is a MAC tag list generating apparatus capable of efficiently performing message authentication through which information pertaining to a falsified position as well as existence of falsification can be obtained. This MAC tag list generating apparatus is provided with: a group test matrix generating means for generating a group test matrix W, which is a parameter of a combined group test, on the basis of a plurality of items obtained by dividing an obtained message M; and a MAC tag list generating means that, while sharing results obtained by applying a pseudo random function to the items forming each row of the generated group test matrix W, sums the results, and then applies the summed results to pseudo random permutation to generate a MAC tag list T, which is a MAC tag list pertaining to the message M.

The invention discloses an efficient searchable agent privacy set intersection method and device, and the method comprises the steps: grouping user data sets according to keywords, generating an index for each sub-set after grouping based on a pseudo-random function, encrypting the sub-set corresponding to each keyword, and generating an encrypted sub-set; the encrypted subset and the index are replaced and then uploaded to a cloud server; sending the to-be-searched keyword of the user initiating intersection calculation and the pseudo-random permutation key to other users, so that the other users find index values of the same keyword subsets of the two users through calculation, and generating an index-to-index mapping to be sent to a cloud server, and finding subsets corresponding to the keywords to be searched in the data of different users according to the mapping, carrying out intersection on the subsets corresponding to the keywords to be searched, and returning an intersection result to the user initiating intersection calculation. According to the embodiment of the invention, a searchable function is added in agent privacy set intersection, and meanwhile, the security and the efficiency are ensured.

The embodiment of the invention discloses a file processing method, electronic equipment and a storage medium, and the file processing method comprises the steps: determining a first identification vector of a file according to the position of the file in a file set; generating a first storage position for storing a first identification vector according to the hash function and the feature vector of the file; determining a second identification vector according to a hash table corresponding to the hash function and the first identification vector; and storing the second identification vector into a second storage position obtained by performing pseudo-random permutation on the first storage position; wherein the second storage position is used for indicating the first storage position corresponding to the feature vector for searching the to-be-searched file according to the first identification vector of the to-be-searched file when the file is searched. Therefore, according to the second storage position, the corresponding file can be searched based on the position of the to-be-searched file in the file set, and a user does not need to provide an accurate keyword for searching, so that the file searching efficiency is improved.

The embodiment of the invention provides a message identification method and an electronic device and belongs to the information security and password. According to the method, pseudorandom functions are constructed based on a short integer difficulty-solving problem, so that computational complexity and modulus can be reduced, and security and the accuracy of message identification can be improved. The message identification method includes the following steps that: a first electronic device receives a first message and a first authentication message which are transmitted by a second electronic device, and the cluster value domain of the pseudorandom functions is a finite abelian group; the first electronic device obtains bit strings and a pseudorandom function cluster, wherein the bit strings are the indexes of functions in the pseudorandom function cluster; the first electronic device searches a function Fb from the pseudorandom function cluster, the index of the function Fb being the bit string; the first electronic device adopts the first message as a parameter, and obtains a second authentication message according to the function Fb; and when the first authentication message is matched with the second authentication message, the first message is determined as a credible message.