KR0144788B1 - The encryption system of personal communication for next generation using representative - Google Patents

Abstract

The present invention relates to a confidentiality method in the communication of digital information. In particular, the receiving side, which should receive data, transmits random variable data of a predetermined bit within a critical range from the receiving side to transmit the data, and transmits the corresponding data at the transmitting side. The first step of receiving the data, and the step of forming the data by using the received random variable data by selecting a unique number other than the level '0' of its own number from the transmitting side receiving the data in the first process And a third process of forming a representative structure using the data formed in the second process and extracting and encrypting the first member having different member attributes, and separately from the member attributes encrypted in the third process. A fourth process of setting a predetermined number of encryption keys randomly generated bit by bit, and the encryption keys set in the fourth process A fifth process of sequentially reading data to be transmitted from the transmitter based on the number of bits to be configured; and a representative structure is formed using the data read in the fifth process, and a member having different member attributes is extracted. And a seventh step of performing a non-OR operation on each component bit of the encryption key used as a reference for reading data in the fifth step and a member attribute encrypted in the sixth step. By providing a encryption method using a variable representative structure and a different decryption method, wherein different encryption keys are used for each section of the transmission data, there is an effect that there is no fear of extracting a recovery method for theft from an encrypted transmission message. .

Description

Next Generation Personal Communication Encryption System Using Representation

1 is a diagram illustrating a configuration of a representative structure.

2 is a flowchart of a representative structure encryption algorithm.

3 is a flowchart of a decoding algorithm corresponding to FIG.

4 is a flowchart of an encryption algorithm of a variable representative structure according to the present invention.

5 is a flowchart of a decoding algorithm corresponding to the variable representative structure according to the present invention.

6 is a simplified block diagram of an encryption key generation process in the encryption algorithm according to the present invention of FIG.

7 is a simplified block diagram of a cipher text generation process in the encryption algorithm according to the present invention of FIG.

8 is a distribution of encryption key sizes.

9 is a distribution of key values when the block attribute is 2. FIG.

10 is an exemplary encryption key size.

11 is a diagram showing bit change in cipher text according to adjacent block attributes.

12 is a flowchart of an authentication operation between a mobile station and a base station.

13 is a diagram illustrating an authentication process of mobile station registration.

14 is a diagram illustrating an encryption key generation process of a calling party and a called station.

15 is a procedure of encrypting a signal message according to the present invention.

16 is a diagram illustrating an experiment of an encryption state and a decryption state of an original text according to the present invention.

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a confidentiality method in communication of digital information, and more particularly, to a method of encrypting and decrypting information for preventing the information from being leaked during an information processing and communication process performed through a wireless communication network.

In general, various information is distributed through the communication network according to the progress of the information society.

These various kinds of information can be classified into voice, data (mail), and video information. Although the importance of information cannot be overemphasized, most of them have been transmitted in the original through various media.

Therefore, there has been a strong need for a method of preventing the leakage of information to securely protect the information and deliver it only to the desired target. In particular, since the introduction of mobile communication service since the early 80's, the market of vehicle phone or mobile phone has been rapidly growing as the personalization and mobility trend of the modern society and the user's awareness of convenience are increasing.

Since the wireless communication uses a wireless communication network, that is, a radio wave, unlike the conventional wired communication network, it is impossible to exclude illegal use of a terminal not joined to the communication network or eavesdropping of various information exchanged on a wireless path. For example, in the case of illegal use of a terminal, any third party joining a communication network analyzes the frequency generated when the other party is calling to find out the serial number of the corresponding terminal, and has the same effect as using another terminal when making a call using the terminal. As a result, the problem arises that a person who has stolen his serial number can have a very large loss.

In order to prevent the problems described above, a conventional cipher system may be ciphered by an individual using a specific cipher, which can be classified into a conventional cipher system and a public key cipher system. have.

In the above classification, the conventional cryptographic system is a system in which the encryption key and the decryption key are the same, and the public key cryptosystem is a system using different keys in the encryption and decryption process.

However, the public key cryptosystem is a method in which the encryption key and the decryption key are not symmetrical with each other, and a representative method is RSA (Rivest, Shamir Adleman), which causes a lot of processing time.

Accordingly, the authentication method in the mobile communication uses a conventional encryption system in which the encryption key and the decryption key are symmetrical with each other. The conventional encryption system can keep track of the decryption key by reversing the decryption key if the encryption key is known. This is a very important factor in the management of the key, which causes a lot of difficulties.

In addition, when a database of secret information is exposed, a large amount of secret information is leaked directly at once.

In addition, the secret information may be stealed by disassembling the hardware of the mobile terminal, and the secret information may be stealed even during the troubleshooting service process. This is a serious problem when considering a large number of base stations and operating personnel.

However, a method for fundamentally solving the above problem is to introduce an asymmetric encryption method, which causes a problem that the existing protocol must be changed as a whole.

In addition, it is possible to prevent the leakage of confidential information as described above by regular change of confidential information, but it may be inconvenient to use, so a comprehensive study should be conducted.

Looking into the contents of the TLA / EIA / IS-95, which has been studied and established as a standard, the protection service provided by IS-95 has authentication and confidentiality.

The authentication service refers to a process for identification verification between a calling mobile station and a base station, and between a called mobile station and a base station. Confidentiality refers to changing data into another signal by encrypting data. There are system data protection and voice data protection.

In addition, the protection mechanism for confidentiality is performed by symmetric key cryptography. The protection algorithm includes the Auth_Signature Procedure used in the authentication mechanism, the SSD Generation procedure used to create the secret key SSD, and the data protection on the traffic channel. Linear PN Sequence Generator with long code mask. In the IS-95 communication protocol, the terminal's unique number (ESN), terminal identification number (MIN), and receiver's telephone number (CHARi), which are secret information, are used to communicate with the base station. It is no longer confidential information.

Therefore, if you know only SSD_A, which is 64 bits of information embedded in the terminal, it is possible to steal calls immediately.

The SSD_A is the only information for maintaining the security of the CDMA mobile communication method.

Or, since the AUTHR output through the certificate name procedure is too small to 18 bits and the execution time of the certificate name procedure is very short, an attack by the exhaustive attack method is realistically possible, which causes a difficulty in confidentiality.

An object of the present invention to solve the above problems is to generate a predetermined number of for example 6.000 keys per unit time (for example, 1 second) and the period of the key represents 2 ^th (tn: total number of members) It provides a next-generation personal communication encryption system using the representativeness that can implement the authentication and confidentiality service of personal communication by using the representative structure and its characteristics, that is, the member key whose level is '0' in the representative structure. For the attributes of member whose level is not '0', the public key is defined and the cryptographic key is generated to analyze the characteristics of the key. The plaintext is read by the size bits of the generated cryptographic key, and the ciphertext is created by the variable representative algorithm To present the degree of change.

In the theoretical background of the present invention for achieving the above object, the representative structure is composed of members and member attributes, and each member represents an order (d) indicating how many members are present and a range of values that the members can have. It is a structure whose characteristics are determined by level.

At this time, each member constituting the representative structure has a unique level according to the values of the members of the member, and the member whose level is 0 and the member whose level is not '0' are divided into '0'. Non-members must be composed of one block of members whose level is '0' for each 2 ^d -1 pieces.

In addition, each block also has a level, and the block of level m represents the attributes of blocks below level m-1, and only the members whose attributes are incorrect are extracted through the representativeness algorithm.

A feature of the present invention for achieving the above object is a method of encrypting digital information using a representative structure, wherein a random side data of a predetermined bit within a critical range is transmitted from a receiving side to which a data should be received to a transmitting side to transmit data. In the first process of transmitting and receiving the corresponding data at the transmitting side, and at the transmitting side receiving the data at the first process, the unique number of its own is defined as a member attribute whose level is not '0' in the representative structure and is received randomly. The variable is a second process of forming a member attribute whose level is '0', a third process of extracting a member having a different member attribute from the representative structure using the member formed in the second process, and generating an encryption key; A predetermined number of ciphers that are randomly generated by predetermined bits each of the member attributes of the representative structure used in step 3 A fourth process of repeatedly performing the third process while setting the data; and a fifth process of sequentially reading data to be transmitted from the transmitter based on the number of bits constituting the encryption keys set in the fourth process; By using the data read in the fifth process, a variable representative structure is formed, the sixth process of extracting and encrypting the first member having different member attributes, and the result encrypted in the sixth process and the data in the fifth process. A different encryption key is used for each section of transmission data, including a seventh process of performing second-order encryption on each component bit of the encryption key used as a reference for performing a negative-OR operation.

Another feature of the present invention for achieving the above object is a method of decrypting encrypted data having different encryption keys for each section of transmission data when encrypting digital information using a representative structure, the reception of which should receive and decrypt encrypted data. A first process of randomly generating random data at the side or receiving random variable data within a threshold range transmitted from the transmitting side to form data, and forming a representative structure using the data formed at the first process; A second step of generating a cryptographic key from the data formed in the first step by extracting a member having a different member property; and a predetermined randomly generated predetermined bit of each of the member properties of the representative structure used in the second step. A third process of repeating the second process by setting a number of encryption keys And a fourth process of reading data received from the transmitter by receiving the data based on the number of bits constituting the encryption keys set in the third process, an encryption key generated by encryption in the second process and a certain encryption. A variable representative structure is created by using each component bit of the data read in the fourth step by a key, and then the fifth step of performing a logical OR operation with the result generated by the representative algorithm and the member attribute of the representative structure are reproduced. In order to recover the ciphertext using a different encryption key for each interval of different predetermined bit lengths, a sixth process of decrypting data generated through an unOR operation is performed using the inverse algorithm of the representative structure generation algorithm. I can.

Hereinafter, exemplary embodiments of the present invention will be described with reference to the accompanying drawings.

First, prior to the detailed description of the present invention, the representative algorithm proposed by the present invention refers to defining a bit value as an attribute of members in the representative structure that has representativeness among members, and then extracting members having no representativeness.

Hereinafter, the definition of each term prior to the description of the algorithm for generating and decrypting ciphertext using the representative algorithm is as follows.

[Definition 1]

成員

A member means something having the form (X _d-1 , X _d-2 ,…, X ₁ , X ₀ ), and X _d-1 , X _d-2 ,... Each of, X ₁ , X ₀ is called a member.

[Definition 2]

Degree

The order is the number of elements the member is made of (X _d-1 , X _d-2 , ..., X ₁ , X ₀ ) and the order is d.

[Definition 3]

Member value

A member's value is defined as representing the member's attributes.

For example, if the member value is '1', it is black, and if it is '0', it is white.

[Definition 4]

Level of member

Members have unique levels based on their value. The level of configuration is the component of the member, namely X _d-1 , X _d-2 ,... By expressing the values of, X ₁ , X ₀ in binary, we define each level as the minimum of the number of consecutive '0's from right to left.

[Definition 5]

Max / Min Level

In the case of limiting a member element by expressing a value in the range of 0 to 2 ^m -1 (m0), the maximum level of a member that a member can have is 'm' and the minimum level is '0'.

At this time, all the element values of the maximum level configuration is made of '0'.

[Definition 6]

Create member below level m-1

Members of level m are X _d-1 , X _d-2 ,.. When, X ₁ , X ₀ , the following members Y _d-1 , Y _d-2 ,... , Y ₁ , Y ₀ first generates Z _i according to the following formula 1.

[Formula 1]

Z _i = X _i +2 ^m , (0≤i≤d-1, m: y member level)

Z _i and X _i are created by defining the element Y _i in a cycle of 2 ⁱ .

[Definition 7]

block

Members below level m-1 belonging to members of level m (m0) are created by definition 6 above, so that members of level '0' belonging to members other than level '0' must be 2 ^d -1. (Where d is an order).

At this time, a group of generated members is defined as a block.

[Definition 8]

Block member

Among the members defined as a block, the level refers to a member whose level is not '0'. The attributes and level of a block member are defined as a block attribute and a block level.

[Definition 9]

Member in block

Among the members defined as a block, it refers to a member whose level is '0', and the attributes and levels of the members in the block are defined as attributes in the block and levels in the block.

[Definition 10]

Representative structure

Blocks of level m-1 and lower belong to the block level m, and the blocks are listed in descending order. The leftmost block is always the block with the maximum level. A bit whose member is '0' or '1'. Assigning a value is called a member attribute.

In addition, a member is listed in the above-described order and a member attribute is defined as a representative structure.

[Definition 11]

Representation

According to the characteristics of the representative structure, a block attribute of level m represents all member attributes below level m-1 belonging to level m and is defined as representativeness.

Also, among the block attributes representing the block attribute whose level is i (1 ≦ i ≦ m−1), the block having the minimum level is called a higher level.

For example, the relationship between each of the terms defined above will be briefly described as follows.

The process of having representatives among members must first determine how many members are to be composed.

At this time, the number of members is determined by the order. When the members are composed of three members, the members are represented by (X ₂ , X ₁ , X ₀ ) and the order is third order.

When the order according to the member position of the member is determined as described above, the range of values representing the member element is set according to the determined order, and the maximum level is determined by the range.

That is, if the value of member is in the range of '0' to 2 ^m -1 (m0), the maximum level is m and the member of level m is (O _d-1 , O _d-2 ,…, O ₁ , O ₀ ). In this case, as in the above case, when the order is 3 and the member element is represented by a value from '0' to '7', the member level represented by (0,0,0) is 3, and (4 When expressed as (6,7), the member level is '0'.

That is, the number of '0' from right to left until '1' is '2' because '4' is '100' and '6' is '6'. 110 ”, so there is one, and in the case of '7', the binary number of '7' is“ 111 ”, so it is zero, so '0', the minimum number of '0' of each member, is at the level of (4,6,7). It will be.

Further, when the degree is tertiary and the maximum level is 3, the level of the member represented by (0,0,4) becomes '2', and the generation of the member whose level '1' belongs to the member Thus X _i is defined as (0,0,4) and Z _i is defined as (2,2,6).

At this time, Y ₀ is so cycle ²⁰ is a 4, 6, 4, 6, 4, 6, 4, 6, Y 1 is a cycle ²¹ because it is 0,0, 2, 2, 0, 0, 2, 2 and finally, Y ₂ has a period of 2 ^2, so 0, 0, 0, 0, 2, 2, 2, 2 becomes as shown in Table 1 below.

In Table 1, a process of generating a level 1 member belonging to a level 2 member may be described.

However, members whose level is not '0' necessarily include members whose level is '0'.

Therefore, members whose level is not '0' must necessarily create members whose level is '0'.

Thus, for example, in Table 1 above, if members having a level of '0' belonging to a member of level (1, 2,2,6) are generated by Equation 1 described above, X is (2,2,6). , Z are defined as (3,3,7).

In this case, Y has a period of 2 , So 6, 7, 6, 7, 6, 7, 6, 7, and Y has period 2 2, 2, 3, 3, 2, 2, 3, 3 and finally Y has a period of 2 Therefore, it becomes 2, 2, 2, 2, 3, 3, 3, 3, and is shown in Table 2 below.

The blocks thus created are arranged in blocks of level m-1 or less belonging to blocks of level m, starting from the block with the maximum level, in the form as shown in FIG. .

The configuration of FIG. 1 is a configuration in which the degree is 3rd order and the level is 3, in which blocks of (0,0,0) are listed first, and then the blocks whose level is 1 among the blocks belonging to (0,0,0). Are listed.

When the level 1 block is listed, the first level 2 blocks are listed, and then the level 2 blocks belonging to level 2 are listed. The blocks with level 2 are then listed in the manner described above.

Blocks listed in this order sequentially assign the bit values of the input data to the members.

In FIG. 1, the portion indicated by the solid line represents the block member, and the portion indicated by the dotted line represents the member in the block.

Also, the members of the solid line and the members of the dashed lines are 2 It can be seen that one block is formed by grouping them together.

The relationship between the total number of blocks and the number of members in a block is as follows according to how many members are defined based on the total number of members.

Total number of members 2 2 (Where d is the degree), the total number of blocks is obtained.

Also, the number of members in the block is 2 -1.

Of course, block members (see definition 8) represent the attributes of members in the block (see definition 9).

This is because the level of the block member is not '0', and the level of the member in the block is '0'.

According to the above definition, representativeness refers to when a member at level m represents the values of all members below level m-1. In addition, the representativeness algorithm means what represents an attribute by the representative structure.

In other words, it extracts members with attributes that are different from the member attributes they represent.

In other words, the members in the block extract only members with incorrect block members and attributes, and the block members extract only members with incorrect parent members and attributes. Table 3 summarizes only the cases in which members extracted by the representativeness algorithm are extracted according to the relationship between upper block attributes and block attributes.

As shown in Table 3, it can be seen that only the members having attributes opposite to representativeness are extracted. In the representative structure where the block attribute necessarily affects the attributes in one block, different results are generated for each block attribute. To the conclusion.

The reason for reaching the above-mentioned conclusion is that the member property is generated only when the member property is different from the block property or the upper block property representing the current member.

For the members created by the representativeness algorithm, the attribute is defined as '1' to make the representative structure distinguishable.

This representative structure allows you to recreate the original member properties. That is, a member whose member attribute is '1' is defined as opposed to a parent block or block member attribute, and a member whose attribute is '0' is defined by an attribute such as a parent block or block member attribute, and the member attribute is played.

The detailed algorithm for this is the member attribute reproduction algorithm. Therefore, if there is only a representative structure in which the attribute is defined as “1” to identify the members generated by the representative algorithm, the attributes of the members can be reproduced through the member attribute reproduction algorithm.

By using these characteristics, plain text can be ciphertext and ciphertext again.

By organizing and organizing the above-mentioned contents, it can be concluded as in the first and second theories below.

Theory 1: If block attributes are uniquely defined in a representative structure of n block members, the period is 2 Bit streams with are generated by a representative algorithm.

Theory 2: Member properties can be reproduced as long as they have a representative structure that can identify members created by the representativeness algorithm.

The representativeness algorithm and the member attribute reproduction algorithm based on the theory described above will be described in detail with reference to FIGS. 2 and 3, which will be useful for encrypting and decrypting important data.

FIG. 2 is a flowchart of a representative algorithm, and FIG. 3 is a flowchart of a reproduction algorithm corresponding to FIG.

Referring to FIG. 2, the representative algorithm is described as follows.

First, in step S101, the order of members is arbitrarily set in the initialization state.

Thereafter, in step S102, the member comp, the block member b_comp, the in-block member bi_comp, the block level b_level, the maximum level m_level, according to the order of the member set in step S101, The block attribute b_attr, the member attribute c_attr, and the upper block attribute u_attr are generated.

In step S103, it is determined whether the block level is the same as the maximum level in the state where the member comp generated in the step S102 is the same as the block member b_comp. b_attr) and the upper block attribute u_attr are replaced with a member attribute c_attr.

After step S103 or step S04, in step S105, it is determined whether the block attribute b_attr and the upper block attribute u_attr are different in a state in which the member comp generated in the step S102 is the same as the block member b_comp. In step S106, the member comp is output, and the block attribute b_attr and the upper block attribute u_attr are replaced with the member attribute c_attr.

After step S105 or step S106, in step S107, if the member comp generated in the step S102 is the same as the block member b_comp, it is determined whether the member attribute c_attr and the upper block attribute u_attr are different from each other. The flow advances to step S108 to replace the block attribute b_attr with the member attribute c_attr.

In step S107, after step S108, in step S109, when the member comp generated in step S102 is the same as the member bi_comp in the block, it is determined whether the block attribute b_attr and the member attribute c_attr are different. The flow advances to step S110 to output a member comp.

When performed through the representative algorithm as described above, the members of the form shown in Table 3 can be extracted.

In addition, referring to Figure 3 attached to the algorithm for reproducing the original member attribute using the member extracted using the representative algorithm as follows.

First, in step S201, the order of members is arbitrarily set in the initialization state.

Subsequently, in step S202, the member comp, the block member b_comp, the block member bi_comp, the block level b_level, the maximum level m_level, and the block are determined according to the order of the members set in step S201. The attribute b_attr, the member attribute c_attr, the reproduction member attribute ac_attr and the upper block attribute u_attr are generated.

In step S203, if the member comp generated in step S202 is the same as the block member b_comp, it is determined in step S203 that the block level is the same as the maximum level, and the flow proceeds to step S204. u_attr) and playback member attribute (ac_attr) are replaced with member attribute (c_attr).

After the step S203 or step S204, in step S205, whether the block attribute b_attr and the upper block attribute u_attr are both '0' while the member comp generated in the step S202 is the same as the block member b_comp If it is determined and is "0", the flow advances to step S206 to replace the block attribute b_attr and the reproduction member attribute ac_attr with "0".

After step S205 or step S206, in step S207, the upper block attribute u_attr is '0' and the block attribute b_attr is '1' while the member comp generated in step S202 is the same as the block member b_comp. In step S208, the block attribute b_attr and the reproduction member attribute ac_attr are replaced with '1'.

After step S207 or step S208, in step S209, the upper block attribute u_attr is '1' and the block attribute b_attr is '0' while the member comp generated in the step S202 is the same as the block member b_comp. In step S210, if it is determined that the authorization is successful, the block attribute b_attr and the reproduction member attribute ac_attr are replaced with '1'.

After step S209 or step S210, in step S211, it is determined whether both the upper block attribute u_attr and the block attribute b_attr are '1' while the member comp generated in the step S202 is the same as the block member b_comp. If it is determined and is "1", the flow advances to step S212 to replace the block attribute b_attr and the reproduction member attribute ac_attr with "0".

After step S211 or step S212, in step S213, if it is determined that the block attribute b_attr is '0' in the state in which the member comp generated in the step S202 is the same as the member bi_comp in the block, it is '0'. The flow advances to step S214 to replace the playback member attribute ac_attr with the member attribute c_attr.

After step S213 or step S214, in step S215, when the member comp generated in step S202 is the same as the member bi_comp in the block, it is determined that the block attribute b_attr is '1' and is '1'. The flow advances to step S216 to invert the member attribute c_attr and input it to the reproduction member attribute ac_attr.

Through the reproduction algorithm as described above, the member extracted through the representative algorithm can be reproduced. This representativeness does not exactly meet the object of the present invention because the plain text is encrypted by a very regular regularity and the encrypted data is reproduced as plain text. .

Because assuming that the total number of bits of the transmission data is 1,000 bits and a member is extracted and encrypted by 10 bits through the representative algorithm, a total of 100 ciphertexts are formed.

At this time, if any third party finds out that 10 bits are used to form a member, the meaning of encryption is lost.

Therefore, the representative structure to be applied in the present invention proposes a variable representative structure that forms a representative structure by varying the number of bits used in forming a member.

The variable representative structure means that the number of members of the representative structure varies with height.

The sequence of operations of encryption and decryption using the variable representative structure is shown in FIG. 4 and FIG.

4 is a simplified operation flowchart of an encryption process using a variable representative structure according to the present invention when transmitting data such as voice data or handoff from a mobile station.

The mobile station receives, at step S301, random variable data of predetermined bits (for example, about 32 bits when the number of critical bits is 64 bits) from the base station.

Subsequently, in step S302, a unique number whose level is not '0' among unique numbers (for example, ID, telephone number, ...) of the mobile station is selected, and the random variable data received in step S301 is mixed to form a representative structure. Form.

The representativeness algorithm of FIG. 2 described above in step S303 is performed using the representative structure formed in step S302.

LFFR is performed on the member attribute of the representative structure used in step S303 to reform the representative structure.

In step S304, a variable K-bit encryption key is set through the process of step S303 in the remodeled representative structure.

At this time, a plurality of K-bit encryption keys generated through the steps S303 and S304 are random variables having different bit lengths. That is, assuming that the number of bits of the encryption key is arbitrarily defined, the number of bits of the first encryption key is 100, the number of bits of the second encryption key is 200, the number of bits of the third encryption key is 300, and the number of bits of the fourth encryption key is 400. It is decided.

Subsequently, in step S305, data to be transmitted from the mobile station to the base station is sequentially read in accordance with the bit length of the encryption key set in step S304, and X, X,... Create X and X.

For example, if the data to be transmitted from the mobile station to the base station is 1,000 bits, if the number of bits of the first encryption key set in step S304 is 100, first 100 bits are read.

In step S306, the representativeness algorithm of FIG. 2 is executed using the 100-bit data read in step S305.

In step S306, X, X,... When the representative algorithm is performed using the members of X, X, 100 bits of data of 1,000 bits, which are data to be transmitted from the mobile station to the base station, are encrypted.

Thereafter, in step S307, the variable representative encryption variable i is initialized (i = 0). After initializing the variable i in step S307 and performing an exclusive OR operation between the i th bits constituting the representative cipher member ac_attr and the i th encryption key generated in S306 in step S308, In step S309, it is determined whether the variable i performs an exclusive OR (XOR) operation with the k-th bit, which is the last bit constituting the i-th encryption key, until it is determined that the operation is finished. If it is determined that the operation is not finished, the process proceeds to step S310 where the variable i is increased by 1 and the process proceeds to the step S308.

In this case, only the first encryption key has been described in the above encryption process. However, as described above, when the transmission data is 1,000 bits, the transmission data is for each bit section of each encryption key, that is, the first encryption key, the second encryption key, and the third. All data transmitted by the encryption key and the fourth encryption key are encrypted and transmitted by the four encryption keys.

In addition, although not shown in FIG. 4, the operation is repeated to be performed for each encryption key.

The decryption operation for the above encryption operation is as shown in FIG.

5 is a simplified operation flowchart of a decoding process using a variable representative structure according to the present invention at a base station when transmitting data such as voice data or handoff from a mobile station. Since the decryption process is the reverse of the above-described encryption process, a detailed description thereof will be omitted.

Briefly explaining the above-described encryption process and decryption process, variable representative structure encryption first generates arbitrary k bits using a representativeness algorithm.

In other words, the block attributes of the representative structure are randomly defined as randomly generated or received values, and the attributes in the block are defined by unique numbers such as identification numbers and machine numbers to create representative structures.

That is, the attributes of members whose level is not 0 are random values, and members having level 0 are defined as eigenvalues to form a representative structure.

A representative k-bit is generated through the representative algorithm again with the representative structure created in the above process.

The k bits are then defined as an encryption key and the input data bits are read by k bits to form a variable representative structure.

The variable representative structure encryption algorithm is used to encrypt the variable representative structure data.

The variable representative structure decryption process reads the ciphertext generated by the variable representative structure encryption algorithm by random k bits like the encryption process to create a variable representative structure. The plain text is then created by the variable representative decoding algorithm.

A block member attribute of the representative structure is defined as a public key, and a member attribute within a block is defined as a secret key, and a process of generating a ciphertext by generating an encryption key by a representative algorithm is illustrated in FIG. 6 and FIG.

6 is a simplified block configuration of the encryption key generation process. A block member attribute (x), which is a public key, and an attribute (y), which is a secret key, are inputted, and the cipher key is larger than '0' and represented by a representative algorithm. It can be seen that the encryption key z, which is less than or equal to the total bits (x + y) of the structure, is generated.

FIG. 7 is a simplified block diagram of a process of making a ciphertext using the cipher key generated by FIG. 6, and reads the plaintext into arbitrary k bit blocks and first encrypts it with a variable representativeness algorithm. z) shows the process of making a ciphertext by performing second-order encryption with an exclusive logical OR (XOR).

An important part of generating the ciphertext is the random distribution of the encryption key. When analyzing the distribution of the encryption key with reference to FIG. 8, the block number is assumed to be 4, and the number of members in the block is 12. Assuming all cases that can be generated, i.e. 2 In the case of (65,536), it shows the size of all keys generated.

As an experimental method, the size of a key generated from a representative structure consisting of 16 bits in total is composed of 4 bits of block attribute of public key and 12 bits of attribute in block of secret key.

At this time, the size of the generated key was normally distributed as shown in FIG.

The cipher key size showed the highest frequency in 8 and 9, and it can be seen that the smaller or larger the key, the smaller the frequency. In addition, the frequency of each key size affected only the number of members of the representative structure.

And, the type generated as the unique key value for each encryption key size can be seen in Table 4 below.

Referring to Table 4, the number of encryption keys is 1,056. Appeared larger. Using the representative algorithm, the number of public keys is 2 Much larger than the number of secret keys 2 If smaller, the number can be generated internally.

And, the probability that the size of the key is generated equal to or larger than the block attribute is 99.7%. In addition, the probability of having a value larger than half of the total number of members of the representative structure was 58%.

The average redundancy is low from 1 to 4, where the size of the key is smaller than the block attribute, but the size of the key is small. can do.

Therefore, it can be said that the availability of a key having a redundancy of 10 or more with a large key size and a total redundancy smaller than 62 is high. Binary values in a given range are normally distributed with the number "1" and "0".

In other words, if you look at the number of “0” and “1” in binary numbers of values between 0 and 15 as “0”, 4 is 1, 3 is 4, 2 is 6, 1 is 4, 0 is 1 Normal distribution is shown.

As the bit values of the block attribute and the attributes in the block represent a normal distribution, the sizes of the keys generated by the representative algorithm that extract only the block attribute and other intra-block attributes always show a normal distribution.

In addition, if the property of the block is 0 when the block property is “1”, the property is always symmetrical as the property of the block is 1 if the property is “0”. Therefore, it is difficult to find a condition that can be generated only when the size of the key is 10 or more.

Looking at the range of key values for each key size by referring to Table 5 below, it can be seen that the maximum value of the range always starts with “0” and the end value of the range starts with “1”.

In addition, referring to Table 5, it can be seen that a large encryption key is generated when the attributes in one block have the same attributes and are different from the block attributes. In addition, knowing the total membership of the representative structure, you can also know the start and end values for each key size.

Therefore, in FIG. 6, when the public key x is fixed and only the secret key y is changed, the distribution of the encryption key generated by the representative algorithm is shown in Table 6 below.

Referring to Table 6, the attributes in the block for each block attribute are 2 In this case, key values generated as encryption keys by the representativeness algorithm are shown.

The block attributes 0, 1, 14, and 15 indicate the kind of the smallest key value. In other words, when publishing block attributes, it is necessary to prevent them from being created if the block attributes are less than or equal to the maximum block or upper block attributes.

Except in this case, the average number of block attributes is 166, which is about 2 Showed above.

Therefore, the representativeness algorithm inputs a block attribute that is public information. The number of cases close to (tn: total number of members) is guaranteed. The height is consistently over 12.

In addition, even when the block attribute is fixed, it can be seen from FIG. 9 that the symmetry is normally symmetric and is normally distributed when looking at the frequency of key values.

The reason for the above distribution is that the block attributes of the encryption key generated by the representative algorithm are composed only of the upper block and the wrong ones, and the attributes within the block are generated regardless of the position of the block attributes and the wrong attributes.

In other words, attributes in a block are always symmetrical and normally distributed because they are related to the number of bits whose attributes are '1' or the number of '0' bits.

If the secret key y is fixed in FIG. 6 and only the public key x is changed, the distribution of the encryption key size generated by the representative algorithm is shown in FIG.

In other words, the block attributes defined as random values are changed from '0' to '255', and the attributes in the block defined by the unique numbers are fixed to test the redundancy of the encryption key generated by the representative algorithm. In other words, by assigning '8' bit as the block attribute and '56' bit as the intra-block attribute, the block attribute value was changed from '0' to '255' to create a representative structure up to '256'.

As the input of each representative structure, the encryption key was generated through the representative algorithm to check the redundancy.

When the block attribute is '127', and the attributes in the block are composed of '1' bit '34' and '0' bit '22', the representative algorithm generates '35' bits. .

Simply labeling the contents as described above is shown in Table 7 below.

In FIG. 10, the x axis represents the number of block attribute values from '0' to '255', and the y axis represents the size of the key obtained through the representative algorithm.

In the experiment as described above, the size of the encryption key ranged from '23' to '41'. As a result of examining the number of bits of each generated encryption key, there was no duplicate encryption key.

If the block attributes are different, and look at the relationship between the encryption keys generated with the same number of bits, if the encryption key bit number is '39', no regularity was found in the encryption key values with the same encryption key bit number, and there is no redundancy. It can be seen through Table 8 below.

In addition, the experiment proved about theory 1.

2 total members in the representative structure In the case of, different representative structures are created according to the relationship between the order and the level.

2 if the level is m × 2 … × 2 To calculate the total number of members 2 If it is greater than or equal to, it can be defined as the level of representative structure.

2 from above Each represents a range of member values.

Also, by the order d, the number of members in one block is 2 The number of block members in the representative structure can be obtained by dividing the total number of members by the number of members in a block.

Accordingly, the following equations 1 and 2 are generated.

Total members = 2 ^d × number of block members

Number of members in a block = total members-block members

In Formula 1, the order d may have a value from 2 to k, but is considered in Table 9 below in consideration of practicality.

As shown in Table 9 above, the range of k values is limited.

However, the order can be sufficiently practical up to the tenth order.

Therefore, if the block attribute is disclosed, the size of the encryption key can be easily adjusted to obtain the desired size of the encryption key. That is, as can be seen from the size distribution of the key of Table 4, the middle of the total members represents the most frequent frequency. If the block member is 32, if the average encryption key of 200 bits or more is desired, the order is 4th order. This can be done by creating a representative structure consisting of 32, 512 attributes in the block.

That is, when only the block attribute is disclosed in FIG. 6, in order to decrypt the cipher text, the following matters should be known.

First, you need to know the order.

To know the range of any k, we first need to know the total number of members of the representative structure. Since the number of block members is the same as the size of the public key, anyone can know the order. However, as can be seen from Table 4, the range of orders is limited and thus not an important factor.

Subsequently, when the order is known, the total number of members can be known by Equation (1), and the number of members in a block can be known by Equation (2).

In this way, you can see the size of the secret key. However, the secret key cannot be known only by the size of the secret key.

Second, we need to know the properties of the members in the block defined by the secret key.

2 for this (bln: number of members in the block) should be investigated. If the block member is 32, then if the order is only 4th order, the number is 2 This is a problem that cannot be solved in a given time.

Third, we need to find an encryption key consisting of arbitrary k bit streams generated by the representative algorithm.

That is, as shown in Table 6, only the number of cases per block attribute need to be investigated. However, even in this case on average 2 The number of cases close to should be investigated.

Thus, if the total number of members is 512, 2 (10 ) Has sufficient complexity.

A bit change of a ciphertext according to a block attribute value having a copy value of the representative algorithm is as follows. Hereinafter, the relationship between the cipher text and the cipher key generated through the representative algorithm using the same input data will be described.

That is, when the difference in the block attribute is 1, the bit change at the same position in the ciphertext generated by the block attribute has been described. That is, cipher keys are generated with block attributes whose block attribute difference is 1, ciphertexts are generated by the representative algorithm using the generated cipher keys, and the wrong number of bits of 512 bits in the same position in each ciphertext are generated. In the drawings, the bit change as shown in FIG. 11 is shown.

The x-axis of FIG. 11 represents pairs having a block attribute difference of 1, and the y-axis represents an incorrect number of bits of 512 bits at the same position in a generated cipher text when the block attribute difference is 1. FIG.

As can be seen in FIG. 11, since an average of 200 or more bits of the 512 bits are shown incorrectly, it cannot be known which ciphertext is generated close to the encryption key.

Therefore, since the size of the encryption key has a specific shape according to the configuration of the attributes in the block, it is necessary to know the attributes in the block to find the encryption key.

In addition, the characteristic of the representative algorithm is that the block attribute and the attributes in the block are mixed by the representative and are generated as the encryption key, so it is difficult to estimate the encryption key with the encrypted result if the attributes of all members are not known correctly.

In addition, since the values generated by the representativeness have little correlation with each other, it is impossible to know whether the input value is similar to the encryption key. Therefore, when the block attribute is '127' and '128', the generated ciphertext and the plaintext are output as hexadecimal codes and are shown as shown in Tables 10, 11, and 12 below.

Assuming that the original transmission data is a hexadecimal data value shown in Table 10, Table 11 shows a cipher text when the block attribute is '127', and Table 12 shows a cipher text when the block attribute is '128'. It is shown.

Looking at Table 10 to Table 12, it can be seen that the space part of the plain text changes in this way, but it can be seen that the space part is encrypted with different hexadecimal codes. You can see that the characters appear, but they are not related to the size of the encryption key.

Hereinafter, look at the practicality of the representativeness algorithm according to the present invention that can generate the cipher text as described above.

Referring to FIG. 6 of the accompanying drawings, it was found that the time required for generating 65,536 encryption keys was measured about 2.59 seconds.

Therefore, the time required to generate one cryptographic key is 40ms, which shows that it is suitable for real-time environment.

In other words, the representativeness algorithm is 2 The cycle of? Of course, the time required to generate the encryption key was affected by the total number of members.

If all members are 256, 6,000 keys are generated per second, and if 512, about 1,000 keys are generated. However, considering the size of the generated encryption key as a whole, even if the key is generated small, it can be said that the practicality is high.

An embodiment in which the encryption and decryption method according to the present invention, which can maintain the above practicality, is applied to a mobile communication system is as follows.

In the following embodiments, a case of applying to authentication of registration, call, challenge-response, secret data sharing update, and call of personal communication will be described.

However, in all cases, the procedure may be applied in the same manner, but since only the input parameters are different, only the case of registration authentication will be described in the following description.

First, the generation and distribution of keys is as follows. A method of generating an authentication and encryption key using a unique key, such as a master secret key and a sender's public key, and a random bit, which is an access message, is an attribute in a block whose level is '0'. For example, an access message having a random bit is defined as a block attribute whose level is not '0' to form a representative structure.

Then, the representative algorithm shown in FIG. 2 generates a key or random bits necessary for authentication. At this time, the unique key is defined as an individual telephone number (MIN), a shared password SSD, and a terminal unique number ESN, which are owned only by the terminal and the authentication center that registered the terminal, as in IS-95.

The access message is defined as random bits generated by the base station and the mobile station when authentication and voice signal encryption are required.

To generate a random bit or an encryption key for authentication, a representative structure is defined by defining a random bit that is an access message as a block attribute whose level is not '0', and a unique key as an attribute in a block whose level is '0'. Make.

It is also used as a random bit or encryption key for authentication. If a representative algorithm is generated using the representative or public key structure shown in FIG. 6 as the input of the secret and public keys shown in FIG. 6, random k bits are generated.

At this time, using the k bits that are generated or defined as an encryption key, the voice is encrypted or authenticated such as registration, call, challenge-response, secret shared data update, and call.

In the key distribution in the symmetric key encryption system, the unique key is registered and distributed to the terminal and the base station when registering the terminal in the authentication center. In addition, randomly generated access messages are distributed by the mobile station and the base station in order to perform authentication and encryption procedures.

Detailed procedures will be described later in the authentication and voice signal encryption process.

◎ Certification

In the protocol of IS-95, the process of exchanging ESN with SSD_B between calling / receiving station for signaling message encryption was added.

The authentication mechanism is based on the IS-95 standard, and the generation of authenticator AUTHR is generated using the representative algorithm to be developed.

The composition of authentication parameters for each process is defined as in Table 13 below.

The procedure of registration authentication using the configuration of the authentication parameters shown in Table 13 is shown in FIG. 12 of the accompanying drawings. The certificate naming procedure is described in the mobile station according to the procedure shown in FIG. 12 above.

In the mobile station, set the input variables required for the certificate name procedure to RAND 32 bits, which are random bits received from the base station, and the attributes in the block whose level is '0' are RAND 32 bits, MIN2. The LBS 8-bit, ESN 32-bit, MINI 24-bit, and SSD 128-bit lists for a representative structure.

A representation of k-bits is obtained by performing the representativeness algorithm in the order shown in FIG. At this time, the obtained k bits are defined as AUTHR, and a registration message composed of MIN, ESN, RANDC (the upper 8 bits of RAND), and AUTHRC (the upper 18 bits of AUTH) is made.

By performing the encryption algorithm according to the procedure shown in Figure 4 attached to the registration message made in the above process, and encrypts, and sends the encrypted registration encryption message (REM) to the base station. The procedure of mobile station registration authentication in the above process can be examined with reference to FIG.

In the base station that receives the registration encryption message (REM) of the mobile station sent by the above process, the representative algorithm according to the sequence shown in FIG. 2 is attached using RAND, ESN, MIN, SSD, etc. of the related mobile station. We get a result of k bits and define it as AUTHR.

The received registration encryption message is decrypted with a decryption algorithm in the order shown in FIG. 5 to generate the original MIN, ESN, RANDC, and AUTHRC. Compare the values of the decoded RANDC, MIN, ESN, and AUTHRCs to the values stored internally.

The encryption process of the control signal message other than the transmission message such as voice in the encryption and decryption process as described above is as follows.

First, the signaling ciphers are controlled on a call-by-call basis and the general value is “off”. In order to enable signaling message encryption for mobile stations assigned to the analog voice channel, the base station must send a message encryption mode command with the command class field set to "001".

Signaling message encryption can be activated while the base station sends an analog handoff indication message with the MEM field equal to "1" to perform an analog call transfer in CDMA.

The data used to initialize the algorithm is calculated based on the parameters that are valid at the time when the AUTHR added to the originating / incoming response message is calculated.

It is calculated based on the parameters valid at that time for the call initiated through the CDMA access channel. Once activated, signal message encryption is stopped by the base station sending a message encryption mode command with the command class field set to '000'.

If the call is successfully performed through the above process, the base station encrypts the SSD_B and ESN of the mobile stations with an encryption algorithm using a valid parameter (AUTHR) and sends them to each mobile station, and each mobile station decrypts the SSD_B and ESN with a decryption algorithm. To get. The base station encrypts the RAND, which is the random bit used for the call authentication, and SSD_B and the ESN of the called station by an encryption algorithm using the calling station's AUTHR and sends it to the calling station.

In addition, the RAND, which is a random bit used for call authentication, and SSD_B of the calling station and the ESN are encrypted by an encryption algorithm using the AUTHR of the called station and sent to the called station.

The calling station and the calling station use the decoded and built-in SSD_B, ESN and RAND to set the parameters as follows and the signaling message encryption key n1 of MESSAGE_calling (Org.) And MESSAGE_calling (Ter.). Generate n2 (see FIG. 14 in the accompanying drawings).

In other words, the attributes in the block with level '0' are SSD_B 64 bits, ESN 32 bits, and A-Key 352 bits of the called mobile station received from the base station, and the non-zero block attributes are random bits used for call authentication. Representation structure is made up of 32 bits which are 32 bits which are random bits used in authentication of call and 32 bits in total.

A representativeness algorithm according to the sequence shown in FIG. 2 attached as the input representative structure is obtained to obtain a MESSAGE_calling n1 bit, which is a signal encryption key of the called mobile station.

In addition, the attributes in the block where the calling mobile station level is 0 are built-in SSD_B 64 bits, ESN 32 bits, and A-Key 352 bits. A representative structure is created by enumerating a total of 64 bits with 32 bits, which are random bits used for call authentication.

MESSAGE_calling n2 bits are obtained by performing a representativeness algorithm in the order shown in FIG.

At this time, referring to Figure 15 of the accompanying drawings the encryption procedure of the message, the calling station MESAGE_Ter. n1 bit, MESSAGE_Org of the calling station. After generating n2 bits, the message is cut into n1 bits and n2 bits, and the signal is encrypted and sent to the called mobile station through the variable representative structure encryption algorithm according to the sequence shown in FIG.

The corresponding message decryption procedure is performed in the called station by the MESSAGE_Ter. n1 bit, MESSAGE_Org of the calling station. After generating the n2 bits, when the encrypted signal is received, the received message is cut into n1 bits and n2 bits and reproduced as an original message through a variable representative structure decryption algorithm according to the sequence shown in FIG. .

If the method according to the present invention according to the present invention is encrypted and decrypted, there is a concern that a recovery method necessary for theft may be extracted from the encrypted transmission message as shown in FIG. There is no effect.

Referring to the effects of the present invention in more detail as follows. The services of TIA / EIA / IS-95, which have been studied and established as standards, have been certified and confidential.

The protection mechanisms are performed by symmetric key cryptography, and the authentication mechanisms and algorithms used to protect data on traffic channels have different functions, and no algorithms for speech are disclosed.

In addition, if you look at the communication protocol of IS-95, if you only know SSD_A, which is 64 bits of information embedded in the terminal, you can immediately use the phone for stealing. The present invention has been proposed to solve the problem that it is difficult to guarantee confidentiality, but the following results were obtained through experiments in which the encryption key and the ciphertext were generated by the method according to the present invention.

First, 2 Not only was a bit stream having a period of (bn: number of public key bits) was generated, but the size range of the generated key was different according to the secret key. Also, encryption keys generated with the same size did not have the same value.

Second, of public key, 0, 1, 2 -1, 2 Values of -2 were more likely to generate the same key, while values in the middle range were less likely. And with the exception of the four cases above, the only type of generated key is 2 Seemed. In addition, for all public keys, the size distribution of keys is constant.

Third, the size distribution of the keys generated by the representative algorithm showed the highest frequency in the size that is half of the total number of members of the representative structure, and the larger or smaller the size, the smaller the frequency was.

In addition, the probability of generating a key larger than half of the total number of members is 58%, and the larger the generated key is, the lower the probability of generating the same key is.

In addition, the frequency of each key size was affected only by the total number of members regardless of the order of the representative structure.

Fourth, as a result of generating a key by changing the representative structure using LFSR, the period is 2 Appeared.

Fifth, as a result of analyzing the change of wrong bit in ciphertext by adjacent keys, the average was over 40%.

The result of applying the representativeness algorithm with these characteristics to authentication and signal encryption of personal communication is as follows.

First, the Auth_Signature Procedure used for the authentication mechanism, the SSD_Generation Procedure used to update the secret key SSD, the Linear PN Sequence Generation with long code mask used to protect the data on the traffic channel, and the voice encryption functions were unified as representative algorithms.

Second, the cycle of the key is 2 10, which can be used cryptographically with only a representative structure of 168 members. Indicated.

Third, 6,000 keys were generated in one second.

Based on the results of these experiments, there is an additional effect that the representative algorithm, which was applied only to the authentication or encryption fields, can be used as a data structure in more diverse fields, such as lossless compression or other fields.

Claims (2)

1. A method of encrypting digital information using a representative structure, comprising: transmitting a predetermined bit of random variable data within a critical range from a receiving party that needs to receive data to a transmitting party that wants to transmit the data, and then receiving the data from the transmitting side; First course; In the first process, the transmitting side that receives the data defines its own unique number as a member attribute whose level is not '0' in the representative structure, and the received random variable is formed as a member attribute whose level is '0'. Process; A third step of extracting a member having a different member attribute from the representative structure using the member formed in the second step to generate an encryption key; A fourth step of repeating the third step while generating a predetermined number of encryption keys by randomly generating each of the member attributes of the representative structure used in the third step individually; A fifth step of sequentially reading data to be transmitted from a transmitter on the basis of the number of bits constituting the encryption keys set in the fourth step; A sixth step of forming a variable representative structure using the data read in the fifth step and extracting and first encrypting members having different member attributes; And a seventh step of performing second-order encryption on the result encrypted in the sixth step and each component bit of the encryption key used as a reference for reading the data in the fifth step by performing a logical OR operation. An encryption method using a variable representative structure, characterized in that different encryption keys are used for each section. A method of decrypting encrypted data having different encryption keys for each section of transmission data when encrypting digital information using a representative structure, wherein the receiving side that receives and decrypts the encrypted data is randomly generated at the receiving side or transmitted from the transmitting side. Receiving a predetermined bit of random variable data within a critical range to form data; A second step of forming a representative structure using the data formed in the first step, extracting a member having different member attributes, and generating an encryption key using the data formed in the first step; A third step of repeating the second step by setting a predetermined number of encryption keys that are randomly generated by predetermined bits each of the member attributes of the representative structure used in the second step; A fourth step of reading data transmitted and received from the transmitter based on the number of bits constituting the encryption keys set in the third step; A variable representative structure is generated by using the encryption key generated by the encryption in the second process and each component bit of the data read in the fourth process by a certain encryption key, and then the result generated by the representative algorithm and the negation operation. Performing a fifth process; And a sixth step of decoding the data generated through the negation operation in the fifth step, using an inverse algorithm of the representative structure generation algorithm to reproduce the member attribute of the representative structure. A method for decrypting a cipher text using a variable representative structure, characterized in that the cipher text can be restored using the encryption key.