阅读说明：本技术 一种基于改进sm4算法的水下可移动设备无线加密通信方法 (Underwater movable equipment wireless encryption communication method based on improved SM4 algorithm ) 是由 花芳芳 乔海岩 韩丽娟 李泽峰 张欣召 于 2021-08-17 设计创作，主要内容包括：本发明提供一种基于改进SM4算法的水下可移动设备无线加密通信方法,通信密钥是不断生成和更新的,且通过有线通信方式传输,还将有线通信断开前最后一次更新的密钥作为加密通信的通信密钥,能够避免因事先约定而造成通信密钥的泄露和窃取,进一步加强了水下可移动设备无线通信的安全性和可靠性；此外,本发明采用随机生成密钥扩展参数的方法,增加了轮密钥生成的随机性和复杂性,提升了加密算法的复杂度和安全性。(The invention provides an underwater mobile device wireless encryption communication method based on an improved SM4 algorithm, wherein a communication key is continuously generated and updated and is transmitted in a wired communication mode, and the key updated last before the wired communication is disconnected is used as the communication key of the encryption communication, so that the leakage and stealing of the communication key caused by the prior appointment can be avoided, and the safety and the reliability of the underwater mobile device wireless communication are further enhanced; in addition, the invention adopts a method of randomly generating key expansion parameters, increases the randomness and complexity of the round key generation, and improves the complexity and safety of the encryption algorithm.)

1. An underwater movable equipment wireless encryption communication method based on an improved SM4 algorithm is characterized by comprising the following steps:

s1: when the water surface ship prepares to release the underwater movable equipment, the planned initial path information is transmitted to the underwater movable equipment through the wired data port; meanwhile, the key is updated once every set period by the surface ship, and is transmitted to the underwater movable equipment in real time through the wired data port;

s2: after the initial path information transmission is finished, terminating the wired communication between the surface ship and the underwater movable equipment, starting the wireless communication, and taking the key updated at the last time as the communication key of the encrypted communication;

s3: on the basis of communication keys, the surface ship and the underwater movable equipment generate wheel keys by using an SM4 algorithm, then encrypt respective information to be sent by adopting the wheel keys in a positive sequence, decrypt received information by adopting the wheel keys in a negative sequence, and realize wireless encryption communication.

2. Underwater mobile device wireless encrypted communication method based on modified SM4 algorithm, in accordance with claim 1, characterized in that the round key (rk)₀,rk₁,rk₂,...,rk₃₁) The generation formula of (c) is as follows:

wherein, K₀～K₃₅Is an intermediate variable; MK (MK)₀～MK₃Is a key segment divided by a 128-bit communication key, and MK₀～MK₃Binary sequences of 32 bits each; FK₀～FK₃For the system parameters set in the SM4 algorithm, and FK₀～FK₃Binary sequences of 32 bits each; CK (CK)₀～CK₃₁Is a fixed parameter set in the SM4 algorithm, and CK₀～CK₃₁Are binary sequences of 32 bits, and, at the same time, CK₀～CK₃₁Randomly selecting 64 fixed parameters;an exclusive or operation represented as two numbers; t' (. cndot.) is a reversible transformation compounded by a nonlinear transformation and a linear transformation in the SM4 algorithm.

3. The method for underwater mobile device wireless encrypted communication based on modified SM4 algorithm as claimed in claim 2, wherein said reversible transformation T ' () is represented by L ' (τ (·)), where τ (·) is a nonlinear transformation defined in SM4 algorithm, L ' (·) is a customized linear transformation, and the transformation formula is as follows:

where < < < is the cyclic left shift operation.

4. The underwater movable equipment wireless encryption communication method based on the modified SM4 algorithm is characterized in that each of the 64 fixed parameters is formed by combining 32 non-repeating random positive integers randomly generated by a random function, and the random positive integers are 16-series numbers between 0 and 15.

5. The wireless encryption communication method for the underwater movable equipment based on the improved SM4 algorithm, as claimed in claim 1, wherein before the secret key is transmitted, the control system of the surface vessel checks the connection and disconnection of the cable connected between the surface vessel and the underwater movable equipment, if the connection and disconnection are detected, the current transmission is abandoned, otherwise, normal transmission is carried out.

6. The underwater mobile device wireless encryption communication method based on the improved SM4 algorithm, as claimed in claim 1, is characterized in that before information is encrypted and decrypted, whether the length of the information reaches 128bit is judged, wherein, for the information with the length less than 128bit, 0 is automatically supplemented to make the length reach 128 bit; for information with the length larger than 128 bits, the information is divided and grouped according to the length of 128 bits, and 0 is supplemented for the group with the size of less than 128 bits finally, so that the length of the group reaches 128 bits.

Technical Field

The invention belongs to the field of wireless communication and information security, and particularly relates to an underwater movable equipment wireless encryption communication method based on an improved SM4 algorithm.

Background

The underwater movable equipment fighting cluster system is composed of a plurality of fighting units, wherein each fighting unit is composed of an overwater fighting command ship and a plurality of underwater movable equipment carried on the ship. After the battle is started, the commander initially plans an attack path according to the target position, transmits a planning result to the underwater movable equipment and releases the underwater movable equipment into the sea. The underwater movable equipment moves to the vicinity of a target sea area according to the planned path to carry out latency, regularly receives target real-time information sent by a ship and waits for an attack instruction. After receiving an attack instruction sent by a ship, the underwater attack movable equipment starts attack on the target according to the received target information and destroys the combat target. The underwater movable equipment detects the underwater environment condition through equipment such as a sensor and the like and sends the environment information to the ship, and the ship correspondingly changes the battle task content according to the environment information fed back by the underwater movable equipment.

The combat mode of underwater attack on the movable equipment determines that the communication between the ship and the underwater attack movable equipment must be safe and reliable to realize effective attack on the target. As the number of the movable equipment participating in the battle cluster is large and the battle environment is complex, the command ship and the underwater attack movable equipment mainly adopt a wireless communication mode. The wireless communication mode has the defects of easy interference, easy monitoring of transmission information and easy tampering. Therefore, a method for ensuring the safety and reliability of communication is needed.

Disclosure of Invention

In order to solve the potential safety hazard of wireless communication of the underwater movable equipment battle cluster, the invention provides the underwater movable equipment wireless encryption communication method based on the improved SM4 algorithm, and the safety and the reliability of wireless communication transmission can be ensured.

An underwater movable equipment wireless encryption communication method based on an improved SM4 algorithm comprises the following steps:

s1: when the water surface ship prepares to release the underwater movable equipment, the planned initial path information is transmitted to the underwater movable equipment through the wired data port; meanwhile, the key is updated once every set period by the surface ship, and is transmitted to the underwater movable equipment in real time through the wired data port;

s2: after the initial path information transmission is finished, terminating the wired communication between the surface ship and the underwater movable equipment, starting the wireless communication, and taking the key updated at the last time as the communication key of the encrypted communication;

s3: on the basis of communication keys, the surface ship and the underwater movable equipment generate wheel keys by using an SM4 algorithm, then encrypt respective information to be sent by adopting the wheel keys in a positive sequence, decrypt received information by adopting the wheel keys in a negative sequence, and realize wireless encryption communication.

Further, the round key (rk)₀,rk₁,rk₂,...,rk₃₁) The generation formula of (c) is as follows:

wherein, K₀～K₃₅Is an intermediate variable; MK (MK)₀～MK₃Is a key segment divided by a 128-bit communication key, and MK₀～MK₃Binary sequences of 32 bits each; FK₀～FK₃For the system parameters set in the SM4 algorithm, and FK₀～FK₃Binary sequences of 32 bits each; CK (CK)₀～CK₃₁Is a fixed parameter set in the SM4 algorithm, and CK₀～CK₃₁Are binary sequences of 32 bits, and, at the same time, CK₀～CK₃₁Randomly selecting 64 fixed parameters;an exclusive or operation represented as two numbers; t' (. cndot.) is the sum of nonlinear transformation in SM4 algorithmAnd reversible transformation compounded by linear transformation.

Further, the reversible transformation T ' (·) is denoted as L ' (τ ()), where τ ()) is a nonlinear transformation defined in the SM4 algorithm, L ' (·) is a custom linear transformation, and the transformation formula is as follows:

where < < < is the cyclic left shift operation.

Further, each of the 64 fixed parameters is formed by combining 32 non-repeating random positive integers randomly generated by a random function, and the random positive integers are 16-ary numbers between 0 and 15.

Further, before the secret key is transmitted, the control system of the surface ship can check the on-off condition of a cable connected between the surface ship and the underwater movable equipment, if the cable is disconnected, the transmission is abandoned, and otherwise, normal transmission is carried out.

Further, before encrypting and decrypting the information, judging whether the length of the information reaches 128 bits, wherein, for the information with the length less than 128 bits, automatically supplementing 0 to ensure that the length reaches 128 bits; for information with the length larger than 128 bits, the information is divided and grouped according to the length of 128 bits, and 0 is supplemented for the group with the size of less than 128 bits finally, so that the length of the group reaches 128 bits.

Has the advantages that:

1. the invention provides an underwater movable equipment wireless encryption communication method based on an improved SM4 algorithm, wherein a communication key is continuously generated and updated and is transmitted in a wired communication mode, and the key updated last before the wired communication is disconnected is used as the communication key of the encryption communication, so that the leakage and stealing of the communication key caused by the prior appointment can be avoided, and the safety and the reliability of the underwater movable equipment wireless communication are further enhanced.

2. The invention provides an underwater mobile device wireless encryption communication method based on an improved SM4 algorithm, which is characterized in that in order to enhance the capability of resisting differential attack and linear attack of the SM4 algorithm, a fixed parameter CK used for generating a round key in a key expansion algorithm is generated in a dynamic random combination mode, so that 32 unchangeable fixed parameters in the traditional SM4 algorithm are replaced; therefore, the mode of dynamically and randomly generating the key expansion parameters by using the random function is used for increasing the complexity, the attack resistance and the difficulty of ciphertext cracking of the round key through the randomness and the uncertainty of the parameter generation, so that an attacker cannot simply obtain the statistical characteristics from the ciphertext through a mathematical method, various attacks can be resisted, and the safety of the algorithm is improved.

3. The invention provides an improved SM4 algorithm-based wireless encryption communication method for underwater movable equipment, which is used for carrying out encryption protection on wireless communication of a combat cluster of the underwater movable equipment, so that combat information is difficult to obtain, crack and tamper by an enemy, and the safety and effectiveness of a combat process are ensured.

Drawings

FIG. 1 is a flow chart of wireless encrypted communication of an underwater mobile device provided by the present invention;

fig. 2 is a schematic diagram of the SM4 encryption algorithm.

Detailed Description

In order to make the technical solutions better understood by those skilled in the art, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application.

The SM4 algorithm is an encryption algorithm suitable for the field of wireless communication, is very suitable for occasions with higher real-time requirements, and is easy to realize by hardware and software. The SM4 algorithm is a symmetric encryption algorithm, and the encryption and decryption keys of information are the same. Compared with the DES algorithm, the method can greatly improve the complexity and the safety of the encryption algorithm, is simpler in implementation process compared with the AES algorithm, and has the advantages of high data throughput rate, low hardware resource consumption and the like compared with the public key cryptography algorithm.

Based on this, as shown in fig. 1, the present invention provides an underwater mobile device wireless encryption communication method based on the modified SM4 algorithm, comprising the following steps:

s1: when the water surface ship prepares to release the underwater movable equipment, the planned initial path information is transmitted to the underwater movable equipment through the wired data port; meanwhile, the surface ship updates the secret key every set period, such as every 100ms, and transmits the secret key to the underwater movable equipment in real time through the wired data port.

It should be noted that the secret key is a set of random codes randomly generated and stored by the ship internal control module, and is a 128-bit binary sequence; the random code is transmitted to a control module storage area of the underwater movable equipment through a data port of the wired communication module.

In addition, before the secret key is transmitted, the control system of the surface ship can check the on-off condition of a cable connected between the surface ship and the underwater movable equipment, if the cable is disconnected, the transmission is abandoned, and otherwise, normal transmission is carried out.

S2: and after the initial path information is transmitted, terminating the wired communication between the surface ship and the underwater movable equipment, starting the wireless communication, and taking the key updated at the last time as the communication key for encrypted communication.

That is, the ship releases the underwater mobile device, generates the random code and stops updating at the moment of disconnecting the wired connection, and the random code updated and stored for the last time is used as a secret key for wireless encrypted communication based on the SM4 algorithm.

S3: on the basis of communication keys, the surface ship and the underwater movable equipment generate wheel keys by using an SM4 algorithm, then encrypt respective information to be sent by adopting the wheel keys in a positive sequence, decrypt received information by adopting the wheel keys in a negative sequence, and realize wireless encryption communication.

That is to say, when the surface ship and the underwater mobile device perform wireless communication, the surface ship encrypts the instruction information to be sent by using the SM4 encryption algorithm and the encryption wheel key through the internal control module, and sends the encrypted instruction information to the underwater mobile device through the wireless communication module on the ship communication system. The underwater movable equipment receives the encrypted instruction information through an internal wireless communication module, decrypts the instruction ciphertext into an instruction plaintext through a pre-stored secret key by using an SM4 decryption algorithm, and transmits the instruction plaintext to a control module of the movable equipment for corresponding processing and control operation.

The underwater movable equipment encrypts the detected underwater environment information and other information into a cipher text through an SM4 encryption algorithm and an encryption key, and the cipher text is sent to the surface ship through a wireless communication module on the underwater movable equipment. The water surface ship receives the ciphertext information, the ciphertext information is transmitted to the control module through the wireless communication module, the plaintext information is decrypted through the SM4 decryption algorithm, and the information is judged, processed and stored through the control module.

It should be noted that before encrypting and decrypting the information, it is necessary to determine whether the length of the information reaches 128 bits, wherein, for the information with a length less than 128 bits, 0 is automatically complemented, so that the length reaches 128 bits; for information with the length larger than 128 bits, the information is divided and grouped according to the length of 128 bits, and 0 is supplemented for the group with the size of less than 128 bits finally, so that the length of the group reaches 128 bits.

The basic principle of the existing SM4 algorithm is presented below:

the SM4 algorithm includes an encryption algorithm, a decryption algorithm, and a key expansion algorithm.

As shown in fig. 2, the encryption algorithm includes 32 iterative computations and 1 reverse order transformation.

Definition ofIs a binary e-bit vector set, assuming the plaintext input to be encrypted isThe ciphertext processed by the encryption algorithm is output asThe round key isThe encryption algorithm comprises the following steps:

s31: plaintext information (X) to be input₀,X₁,X₂,X₃) 32 iterative calculations are performed, and the iterative formula is as follows:

wherein F (-) is a round function;an exclusive or operation represented as two numbers; t (·) is a reversible transformation, which is a composite of a nonlinear transformation and a linear transformation, and can be represented as T (·) L (τ (·).

Let us assume that the input content of the tau (-) transformation isBy performing a non-linear transformation, the output result isThe transformation formula is expressed as follows:

τ(A)＝(Sbox(a₀),Sbox(a₁),Sbox(a₂),Sbox(a₃))＝(b₀,b₁,b₂,b₃)＝B

in this embodiment, the encryption algorithm includes 32 iterative computations and 1 inverse transformation, the iterative computations are composed of a non-linear transformation τ (-) and a linear transformation L (-) and an exclusive-or operation, and the inverse transformation:

R(A₀，A₁，A₂，A₃)＝(A₃，A₂，A₁，A₀)

the nonlinear transformation τ (-) is composed of 4 parallel S-boxes, which is a table of 8-bit input and 8-bit output, denoted as Sbox (-) for nonlinear substitution of input data. The S-boxes of SM4 are shown in table 1 below, and the inputs, outputs of the S-boxes and the values in the table are all 16-ary. As can be seen from the table, if the input of the S-box is "8 f", the output is the value corresponding to the 8 th row and f th column of the S-box through table 1, i.e., the output result is Sbox (8f) ═ a 1.

TABLE 1S Box lookup Table

	0	1	2	3	4	5	6	7	8	9	a	b	c	d	e	f
																	0	d6	90	e9	fe	cc	e1	3d	b7	16	b6	14	c2	28	fb	2c	05
1	2b	67	9a	76	2a	be	04	c3	aa	44	13	26	49	86	06	99
																	2	9c	42	50	f4	91	ef	98	7a	33	54	0b	43	ed	cf	ac	62
3	e4	b3	1c	a9	c9	08	e8	95	80	df	94	fa	75	8f	3f	a6
																	4	47	07	a7	fc	f3	73	17	ba	83	59	3c	19	e6	85	4f	a8
5	68	6b	81	b2	71	64	da	8b	f8	eb	0f	4b	70	56	9d	35
																	6	1e	24	0e	5e	63	58	d1	a2	25	22	7c	3b	01	21	78	87
7	d4	00	46	57	9f	d3	27	52	4c	36	02	e7	a0	c4	c8	9e
																	8	ea	bf	8a	d2	40	c7	38	b5	a3	f7	f2	ce	f9	61	15	a1
9	e0	ae	5d	a4	9b	34	1a	55	ad	93	32	30	f5	8c	b1	e3
																	a	1d	f6	e2	2e	82	66	ca	60	c0	29	23	ab	0d	53	4e	6f
b	d5	db	37	45	de	fd	8e	2f	03	ff	6a	72	6d	6c	5b	51
																	c	8d	1b	af	92	bb	dd	bc	7f	11	d9	5c	41	1f	10	5a	d8
d	0a	c1	31	88	a5	cd	7b	bd	2d	74	d0	12	b8	e5	b4	b0
																	e	89	69	97	4a	0c	96	77	7e	65	b9	f1	09	c5	6e	c6	84
f	18	f0	7d	ec	3a	dc	4d	20	79	ee	5f	3e	d7	cb	39	48

Assume that the input content isBy performing a non-linear transformation τ (-) the output result isThe nonlinear transformation formula is:

τ(A)＝(Sbox(a₀)，Sbox(a₁)，Sbox(a₂)，Sbox(a₃))＝(b₀，b₁，b₂，b₃)＝B

the input to the linear transformation L (-) is the output of the non-linearity τ (-) for example. Assume that the L (-) transform input isOutput is asThe linear transformation formula is as follows:

where < < < is the cyclic left shift operation.

Definition ofIs a binary e-bit vector set, assuming the plaintext input to be encrypted isThe ciphertext processed by the encryption algorithm is output asThe round key isFor plaintext information (X)₀,X₁,X₂,X₃) The process of encryption is as follows:

wherein F (-) is a round function;an exclusive or operation represented as two numbers; t (-) is a reversible transformation, which is a composite of a nonlinear transformation and a linear transformation, and can be represented by T: (·)＝L(τ(·))。

After 32 times of iterative computation, performing reverse order transformation R on the encrypted content obtained by the 32 th iterative computation to obtain a final ciphertext (Y)₀,Y₁,Y₂,Y₃) The reverse order transformation process is expressed as:

(Y₀,Y₁,Y₂,Y₃)＝R(X₃₂,X₃₃,X₃₄,X₃₅)＝(X₃₅,X₃₄,X₃₃,X₃₂)

based on the existing SM4 algorithm, the invention provides an improved SM4 algorithm, which is improved by the round key (rk)₀,rk₁,…,rk₃₁) Is obtained from the encryption key by a key expansion algorithm. Specifically, the communication key used for encryption in the SM4 algorithm has a length of 128 bits, which is expressed asThe system parameters of the key expansion algorithm areWith a fixed parameter ofThe round key generation formula is as follows:

FK＝(FK₀,FK₁,FK₂,FK₃)

wherein, K₀～K₃₅Is an intermediate variable; MK (MK)₀～MK₃Is a key segment divided by a 128-bit communication key, and MK₀～MK₃Binary sequences of 32 bits each; FK₀～FK₃For the system parameters set in the SM4 algorithm, and FK₀～FK₃Binary sequences of 32 bits each; CK (CK)₀～CK₃₁Is a fixed parameter set in the SM4 algorithm, and CK₀～CK₃₁Are binary sequences of 32 bits, and, at the same time, CK₀～CK₃₁Randomly selecting 64 fixed parameters;an exclusive or operation represented as two numbers; t' (. cndot.) is a reversible transformation compounded by a nonlinear transformation and a linear transformation in the SM4 algorithm.

It should be noted that, in the conventional SM4 algorithm, both the system parameter FK and the fixed parameter CK are fixed values, as shown in table 2 and table 3, respectively; however, in order to enhance the capability of the SM4 algorithm against differential attacks and linear attacks, the invention expands the fixed parameters from the original 32 to 64, as shown in Table 4, and meanwhile, improves the conventional SM4 algorithm in which 32 fixed parameters are fixedly adopted to generate 32 parameters from 64 parameters in a dynamic random combination mode, so as to increase the complexity of the key by the randomness and uncertainty of parameter generation; in addition, the T (-) transformation of the invention is similar to the operation process of the T (-) transformation in the traditional encryption algorithm, only the linear transformation L (-) transformation in the transformation is changed into the L (-) transformation, other operation transformations are not changed, and the L (-) transformation formula is as follows:

TABLE 2 FK parameter Table

FK0	FK1	FK2	FK3
				A3B1BAC6	56AA3350	677D99197	B27022DC

TABLE 3 original CK parameter table

00070E15	1C232A31	383F464D	545B6269
				70777E85	8C939AA1	A8AFB6BD	C4CBD2D9
E0E7EEF5	FC030A11	181F26BD	343B4249
				50575E65	6C737A81	888F969D	A4ABB2B9
C0C7CED5	DSE3EAF1	F8FF060D	141B2229
				30373E45	4C535A61	686F767D	848B9299
A0A7AEB5	BCC3CAD1	D8DFE6ED	F4FB0209
				10171E25	2C333A41	484F5565D	646B7279

TABLE 4 CK PARAMETERS EXTENDED

00070E15	1C232A31	383F464D	545B6269
				70777E85	8C939AA1	A8AFB6BD	C4CBD2D9
E0E7EEF5	FC030A11	181F26BD	343B4249
				50575E65	6C737A81	888F969D	A4ABB2B9
C0C7CED5	DSE3EAF1	F8FF060D	141B2229
				30373E45	4C535A61	686F767D	848B9299
A0A7AEB5	BCC3CAD1	D8DFE6ED	F4FB0209
				10171E25	2C333A41	484F5565D	646B7279
34E2E7A4	BB23482E	9124A015	98CA015A
				73B65FA3	E4C35952	24763151	21FAACFC
B7584DBD	17707B32	6FEF2C24	ED4BB3AC
				FBC1733F	92444239	41662B61	CFCBB5D9
7C359A66	D420B428	A1800CF2	E4FC7326
				CC874699	A520307C	0633FA19	FF99F357
01CF72E5	F7140C81	B79BE680	FE941606
				E4FC7756	1FD3FF2D	25FDE680	104495A1

It should be noted that the specific method of the present invention for improving SM4 is to expand the originally fixed 32 parameters CK into 64 CK parameters, and the values are shown in table 4. The method for determining the parameter CK value of the key expansion algorithm is characterized in that 32 nonrepeating random positive integers between 0 and 15 are randomly generated by adopting a random function, the random positive integers serve as query index numbers, and query is carried out according to a table 4 to determine a group of parameter CK values for the round key expansion algorithm.

Therefore, the improved SM4 algorithm is an improved key expansion algorithm of the original SM4 algorithm, the CK parameter is determined in a dynamic random combination mode to replace the original parameter, and the anti-attack performance of a ciphertext and the difficulty of ciphertext cracking are enhanced by improving the randomness of round key generation.

Finally, in the present invention, the structure of the decryption algorithm and the encryption algorithm is the same, except that the round key used in the decryption algorithm is the reverse order of the round key of the encryption algorithm, i.e. if the encryption round key used in the encryption algorithm is (rk)₀,rk₁,…,rk₃₁) Then the decryption round key used for decryption is (rk)₃₁,rk₃₀,…,rk₀)。

In summary, the invention provides an underwater mobile device wireless encryption communication method based on an improved SM4 algorithm, firstly, a communication key is continuously generated and updated and transmitted in a wired communication mode, thereby avoiding the leakage and stealing of the communication key caused by the prior appointment and further enhancing the security and reliability of the wireless communication of the underwater mobile device; secondly, a random key generation and parameter expansion method is adopted, so that the randomness and complexity of round key generation are increased, and the complexity and safety of an encryption algorithm are improved; finally, the wireless communication of the underwater movable equipment combat cluster is encrypted and protected, so that combat information is difficult to acquire, crack and tamper by an enemy, and the safety and effectiveness of the combat process are ensured.

The present invention may be embodied in other specific forms without departing from the spirit or essential attributes thereof, and it will be understood by those skilled in the art that various changes and modifications may be made herein without departing from the spirit and scope of the invention as defined in the appended claims.