 Encryption method and pseudo-random number generator
专利摘要:
The invention relates to a method and a device for encrypting raw data, the raw data being used - an encryption machine (200) comprising a transformation unit (213) which, depending on its internal state, determines an encryption mode in the form of a transformation rule (gi), wherein the individual bytes (bi) of the raw data are encrypted by different one-to-one transformation instructions (gi), wherein the transformation unit (213) is placed in advance in an initial state dependent on a password (W0), and a deterministic one associated with the encryption engine (200) Random number generator (212) is also brought into an initial state depending on the password (W0). According to the invention, it is provided that the inner state of the transformation unit (213) and the internal state of the random number generator (212) after a number of encryptions of bytes, in particular after the encryption of each byte, depending on each to be encrypted raw data byte and / or the respective End result of the encryption is changed and updated and this new inner state of the next encryption is used as the basis. 公开号:AT515097A4 申请号:T50236/2014 申请日:2014-03-31 公开日:2015-06-15 发明作者: 申请人:Hödl Josef; IPC主号:
专利说明:
Encryption method and pseudo-random number generator The invention relates to a symmetric encryption method according to claim 1 and an associated decryption method according to claim 8 and a method for creating pseudo-random numbers - hereinafter also referred to as random numbers for short - for encryption according to claim 15 and a method for detection and application Furthermore, the invention relates to a data carrier with an encryption or decryption program according to claim 26 and to a data carrier with an encrypted data sequence according to claim 27 , The prior art discloses a multiplicity of different symmetrical methods for encrypting raw data sequences. The object of the invention is to provide an encryption and decryption method which, compared with the known methods, has improved security and enables an efficient and resource-saving realization. It is another object of the invention to provide a deterministic pseudo-random number generator - hereinafter also referred to as random number generator for short - that exhibits highly chaotic behavior. Furthermore, a transformation unit for encrypting and / or decrypting raw data is to be provided. Finally, one should Encryption engine and a decryption engine can be provided with the advantages mentioned. The invention solves this problem in an encryption method of the type mentioned above with the features of claim 1. The invention solves these tasks in a decryption method of the type mentioned above with the features of The invention solves this problem in a random number generator with the features of claim 15 and a transformation unit with the features of claim 19. The invention solves this problem in an encryption machine of the type mentioned above with the features of Patent claim 24. The invention solves these problems in a decryption machine of the type mentioned above with the features of claim 25. For secure encryption of raw data is provided that the inner state of the transformation unit and the internal state of the random number generator after a number of encryptions of bytes, in particular after the encryption of each byte, depending on each to be encrypted raw data byte and / or the respective end result of the In particular, the random number generator generates random numbers that are used for the selection of the transformation rules, and / or the random number generator generates random numbers that are suitable for updating the internal states of the encryption algorithm Random number generator and the transformation unit are used. With the present method it is possible to generate very long passwords, e.g. 100,000 bytes, where the change of each byte significantly affects the internal state and thus the encryption. For the secure decryption of raw data, it is provided that the inner state of the transformation unit and the inner state of the random number generator are changed after a number of decryptions of bytes, in particular after the decryption of each byte, depending on the respective encrypted byte and / or the respective decrypted byte in particular, the random number generator generates random numbers which are used for the selection of the inverse transformation instructions and / or the random number generator generates random numbers which are used to update the internal states of the random number generator and the transformation unit are used. A particularly simple and secure encryption, in which each byte of the encrypted data sequence depends on each byte of the raw data in the respective block, provides that a) the transformation unit and the random number generator are set to an initial state, b) the individual sequentially available bytes of the raw data are encrypted within the same block in succession in the predetermined order from the first to the last byte of the transformation unit, c) after all bytes of the block have been encrypted, the transformation unit and the Random number generator are reset to the initial state, and d) the individual sequentially available bytes of the data present in each block within the same block against the predetermined order from the last to the first byte of the transformation unit are encrypted. A decryption provides accordingly that a) the transformation unit and the random number generator is set to an initial state depending on the respective password. b) the individual sequentially available bytes of the data to be decrypted in the respective block within the same block are decrypted against the predetermined sequence from the last to the first byte by the transformation unit, c) after all the bytes of the block have been decrypted, the transformation unit and the random number generator again is set to the initial state, and d) the individual sequentially available bytes of the data thus obtained within the same block in succession in the predetermined order from the first to the last byte are decrypted by the transformation unit. To increase the dependencies of the encrypted data sequence of each individual byte of the raw data, it may be provided that the encryption steps a) to d) of claim 2 are repeated several times for the same block, wherein optionally only the steps a) and b) are carried out in the last repetition become. A decryption accordingly provides that the decryption steps a) to d) are carried out a plurality of times for the same block, with possibly only the steps a) and b) being carried out during the last execution. In order to be able to advantageously encrypt data sequences of any given length and to enable dependencies of the encrypted data sequence on data processed for a very long time, it may be provided that after performing step b) or one of the steps b) or alternatively after the step has been carried out d) or one of the steps d) and before the subsequent reset to the respective initial state, the internal state of the transformation unit and the random number generator is stored and used as a new initial state for the encryption of the next block. A decryption accordingly provides that after the implementation of step b) or one of steps b) or alternatively after the execution of step d) or one of steps d) and before the subsequent reversion to the respective initial state, the internal state of the encryption machine consisting of the inner state of the transformation unit and the inner state of the random number generator is stored and is used as a new initial state for the decryption of the next block. An advantageous determination of transformation rules provides that, together with the setting of an initial state of the encryption engine, a number of basic transformation rules depending on the initial state is given, and - depending on the internal state of the transformation unit, a number T of these basic transformation rules in a predetermined order wherein the transformation rule is composed of the individual selected basic transformation rules, so that when the transformation rule is applied to the byte to be encrypted, the selected basic transformation rules are applied in the appropriate order to the byte to be encrypted. A decryption accordingly provides that, together with the setting of an initial state of the decryption engine, a number T of basic transformation instructions depending on the initial state of the transformation unit is specified, and depending on the internal state, a number T is selected from these basic transformation instructions in a predetermined order where the transformation rule is composed of the individual selected basic transformation rules, so that when the transformation rule is applied to the byte to be decrypted, the selected basic transformation rules are applied in the reverse order to the byte to be encrypted, and that is the reason Transformation instructions of the transformation unit, the inverse of the basic transformation rules of the transformation unit of an encryption machine initialized with the same password e In particular, the order of application of the individual basic transformation rules for the formation of a transformation rule takes place in the reverse order as in the case of encryption. An advantageous determination of transformation rules, with which an enormously large amount of possible transformation rules is potentially available, provides that the transformation rule is composed of the individual selected basic transformation rules and additionally a special transformation rule, so that when applying the transformation rule to the bytes to be encrypted, the selected basic transformation rules are applied to the byte to be encrypted in the appropriate order, and, in particular, the special transformation rule is additionally applied, and the special transformation rule is modified at each encryption step or after a number of encryption steps in particular exclusively for a given number of modifications, and in particular the use and / or modification of the special transformations Depending on the situation, chrift is switched on and off. Accordingly, a decryption provides that the transformation rule is formed from the special transformation rule and from the individual selected basic transformation rules, so that in the application of the Transformation rule to the byte to be decrypted, in particular first, the special transformation rule and, in particular subsequently, the selected basic transformation rules are applied in the reverse order to the byte to be decrypted - that the special transformation rule at each decryption step or after a number is changed by decryption steps, in particular exclusively for a predetermined number of changes, and that in particular the use and / or modification of the special transformation rule is switched depending on the circumstances and from. For advantageous initialization of the encryption method by means of a password, it may be provided that before encoding the raw data a) a number of sequentially arranged bytes is specified as the password, b) if appropriate the length of the password in bytes and / or a checksum is added to the password, c) if appropriate, if the length of the password falls below a predetermined length, the password, in particular by repetition of the password is extended to the predetermined length and thus a normalized password is created, d) a predetermined start-random number generator is initialized with predetermined values, e) the random numbers created by the seed random number generator are linked to the bytes of the possibly normalized password and a first initialization data sequence is created; f) this initialization sequence is used to generate a first encryption engine comprising a first transformation to create and initialize a first random number generator. g) the first password is encrypted with the first encryption engine, and thus a second password is obtained, h) the created second password is linked to random numbers generated by the random number generator of the first encryption engine, and a second initialization data sequence is created, and this Creation and initialization of another encryption machine is used. An improvement of the initialization, which leads to completely different results even with small deviations from the password, provides that i) wherein the following steps j), k) and I) are carried out optionally multiple times, namely j) that in each case for the Initialization of the encryption engine used password (Wa is encrypted with this encryption machine and thereby a next password is obtained, k) that this password is associated with random numbers of the last created random number generator and so another initialization data sequence is created, and l) that a subsequent another encryption machine with a transformation unit and a random number generator is defined, created and initialized with the respective last-created initialization data sequence, and m) that the last encryption device thus created is used as the encryption machine. An advantageous initialization of a decryption engine provides that for initialization of a decryption engine - an encryption engine according to claim 7 is created, and that subsequently a decryption engine with a random number generator and a transformation unit is created, - the internal state of the random number generator of the encryption engine to the internal state of the random number generator the decryption engine is transmitted and the internal state of the transformation unit of the encryption engine is transmitted to the internal state of the transformation unit of the decryption engine, the inverse of the transformation instructions and / or basic transformation instructions, and optionally the special transformation rule are determined and as inverse transformation instructions and / or inverse basic transformation rules, and optionally the inverse special trans are stored in the transformation unit of the decryption engine and in particular in the case of a change in the transformation rules during the encoding of the data, the non-inverted transformation rules and / or the non-inverted basic transformation rules, and optionally the non-inverted special transformation rule. be stored. An advantageous method for the creation of deterministic pseudo-random numbers, which allows a feedback with the encrypted data, provides that a number H of selection registers each having a predetermined number Z of values from 1 to Z are given in any order, a) that the first selection register is preceded by a first addressing unit, which points to a memory position of the first selection register by means of a first incremental value cyclically incremented in each encryption step, b) that the memory position selected by the first pointer is in the first selection register Number is determined and this linked to the number located in the second addressing unit, in particular modulo Z taken and increased by one and then the new content of the addressing unit is formed, and the value thus obtained forms a second pointer value, then is used for addressing a memory position in the second selection register, c) that the procedure for the further addressing and the other selection register analogous to the addressing and the selection register, and / or for the other selection register each at the selected by the respective pointer memory position in the respective Selection register associated number is determined and assigned to each next pointer or added to this or subtracted from this, and the value of the next pointer is used to address a memory position in the next selection register, d) that a number of deterministic partial random number generators e) that the value of the last selection register addressed by the last pointer value of the addressing unit is used to select the partial random number generator, f) if appropriate for selecting a plurality of random number generators at least the first pointer is modified according to predetermined criteria, in particular increased, decreased, incremented or decremented, and steps a) to e) are carried out again, and g) a random number is created and made available with the respectively selected part random number generator , A preferred external influencing of the random number generator provides that the value of one of the addressing units is modified as a function of values present at the input, in particular the byte to be encrypted and / or the encrypted byte and / or of random numbers the value is then modulo Z taken and increased by one, and the value is then assigned to the respective addressing, - where optionally after the presence of an external trigger signal, in particular triggered by an encryption or decryption to be carried out one or a predetermined number of bytes, in each case the value of the next addressing unit is changed, and in the event that the value of the last addressing unit has been changed in the previous step, in turn the first addressing unit is changed. Alternatively or additionally, for externally influencing the random number generator it can be provided that, depending on values present at the input, in particular a byte to be encrypted and / or an encrypted byte and / or random numbers, one of the selection registers is modified, and in particular two stored in the selection registers Values are interchanged with each other, wherein the index of the one value passes through a series of predetermined values in a predetermined order, in particular by cyclic counting between 1 and Z, and the index of the second value is determined by the values applied to the input, optionally after the presence of an external trigger signal, in particular triggered by an encryption or decryption of a byte or a predetermined number of bytes, after each interchange or after a predetermined number of permutations in a selection register for each because the next selection register is changed and in the event that in the previous step in the last selection register already the predetermined number of permutations has taken place, again the first selection register is used for modifications. It can preferably be provided that in an encryption method or a decryption method according to the invention the method according to the invention for generating random numbers is used. Furthermore, the invention relates to a method for the determination and application of transformation rules. The transformation instructions thus created are advantageously suitable for use in encryption and decryption methods. It is provided that a number G of selection registers, each with a predetermined number A values 1 to A are given in any order, wherein in each selection register in each case a number of individual memory positions in the respective selection register representing numbers is given, each representing a memory position number in each case once contained in the selection register, a) that the first selection register is preceded by a first addressing that refers to a storage position of the first selection register by means of one, in particular at each encryption step cyclically incremented, located in the addressing unit to a storage position of the first selection register, b) that the the number selected by the first pointer is located in the first selection register and this number is linked to the number located in the second addressing unit, in particular modulo A is taken and increased by one, and then the n eue content of the addressing is formed, and the value thus obtained forms a second pointer value, which is then used to address a memory position in the second selection register, c) that, if appropriate, proceed for the further addressing and the other selection register analogous to addressing and selection register , and / or that for each of the further selection registers the number located at the memory location selected by the respective pointer in the respective selection register is determined and assigned to or added to the next pointer, respectively, and the value of the respectively next pointer to D) that a number of basic transformation instructions are specified, e) that the value of the last selection register addressed by the last pointer value of the addressing unit is used to select the basic transform f) that, if appropriate for selecting a plurality of basic transformation instructions, the first pointer is modified, in particular increased, reduced, incremented or decremented according to predetermined criteria, and steps a) to e) are carried out again, and g) a data value, in particular a byte to be encrypted or a byte to be decrypted, is specified and the selected transformation rule is applied to the data value, optionally the several selected basic transformation instructions in succession, in the case of encryption in the order of their selection or in the case of decryption the order of their selection, to which data value is applied and the result of the application is kept available. The method allows advantageous feedback and leads to difficult to predict transformation rules. A preferred external influencing of the random number generator provides that the value of one of the addressing units is modified as a function of values present at the input, in particular the byte to be encrypted and / or the encrypted byte and / or random numbers preferably the result is then modulo A taken and increased by one and the value is then assigned to the respective addressing unit, - where appropriate, after the presence of an external trigger signal, in particular triggered by an encryption or decryption to be carried out one or one predetermined number of bytes, in each case the next addressing unit is changed and in the event that in the previous step, the last addressing unit has been changed, in turn, the first addressing unit is changed. Alternatively or additionally, to externally influence the random number generator, it may be provided that one of the selection registers is modified depending on input values, in particular a byte to be encrypted and / or an encrypted byte and / or random numbers, and in particular two values stored in the selection registers in which the index of the one value passes through a series of predefined values in a predetermined order, in particular by cyclic counting between 1 and Z, and the index of the second value is determined by the values applied to the input; Presence of an external trigger signal, in particular triggered by an encryption or decryption to be performed on a byte or a predetermined number of bytes, after each interchange or after a predetermined number of permutations in a selection register for each s next selection register is changed and in the event that in the previous step in the last selection register already the predetermined number of permutations has taken place, again the first selection register is used for modifications. A transformation unit which allows an extremely large number of transformation instructions provides that the transformation instructions or the basic transformation instructions are modified depending on input values, in particular a byte to be encrypted and / or an encrypted byte and / or random numbers the transformation rules for the transformation rules are inverse, - after a predetermined number of changes in a transformation rule or basic transformation rule, to the next transformation rule or basic transformation rule, and in the case that in the previous step the last transformation rule or basic transformation rule Transformation rule, was changed, again the first transformation rule or basic transformation rule, is used for amendments. It may preferably be provided that in an encryption method or a decryption method according to the invention, the method according to the invention is used for determining and applying a transformation instruction. Furthermore, the invention relates to an encryption machine, which ensures a particularly secure encryption, an updating unit, the state memory of the transformation unit after a number of performed encryption, in particular after the encryption of each byte, depending on the encrypted byte and the respective final result of the encryption and / or, depending on random numbers generated by the random number generator changes and updates, and possibly the state memory of the pseudo-random number generator for a number of performed encryptions, in particular after the encryption of each byte, depending on the respective byte to be encrypted and the respective Final result of the encryption and depending on random numbers generated by the random number generator changes and updates. The invention also relates to a corresponding decryption engine an updating unit, the state memory of the transformation unit after a number of performed decryptions, in particular after the decryption of each byte, depending on the respective byte to be decrypted and the respective final result of the decryption and / or created by the random number generator Random numbers change and update, and if necessary, the state memory of the pseudo-random number generator after a number of performed decryptions, in particular after the decryption of each byte, depending on the respective byte to be decrypted and the respective final result of the decryption and dependent on the random number generator previously created random numbers changes and updated. In this case, provision can be made, in particular, for the encryption machine to be designed to carry out all the above-mentioned methods for encryption. Analogously, it can be advantageously provided that the decryption machine is designed to carry out all of the abovementioned methods for decrypting. A program for carrying out one of the methods according to the invention can be stored on a data carrier. Furthermore, an encrypted data sequence can also be stored on a data carrier. Fig. 1 shows a preferred embodiment of an encryption engine. Figs. 2 and 3 show one possible type of encryption as well as decryption. Figures 4 and 5 show a preferred type of blockwise encryption as well as decryption. Figures 6 to 9 show a preferred type of block-wise encryption as well as enhanced security decryption. Fig. 10 shows a preferred embodiment of a random number generator for an encryption engine. Fig. 11 shows a preferred embodiment of a transformation unit for an encryption engine. Fig. 12 shows an advantageous initialization of an encryption engine. Fig. 13 shows a preferred embodiment of a decryption engine. Fig. 14 shows a preferred embodiment of a random number generator for a decryption engine. Fig. 15 shows a preferred embodiment of a transformation unit for a decryption engine. Fig. 16 shows the initialization of a decryption engine. encoding FIG. 1 shows a coding machine 200 with a data memory according to a first exemplary embodiment of the invention. This data memory 211 is filled before the actual encryption with the raw data to be encrypted. In the present embodiment, the data memory comprises a number of N = 4096 bytes of 8 bits each. The encryption engine 200 comprises a pseudo-random number generator 212, hereinafter also referred to as a random number generator for short, for generating pseudo-random numbers, hereinafter referred to as random numbers μ and p, respectively. The random number generator 212 has a state memory and an external input with which the state memory can be filled, initialized or changed. Furthermore, the random number generator 212 has an output on which it emits random numbers μ or p on request. In the context of the invention, random numbers μ and p respectively are understood to mean a sequence of numbers which can be derived in a completely deterministic manner from the state of the random number generator 212 and the values possibly supplied to the random number generator 212, but ideally to someone who knows the values of the state memory of the random number generator Random number generators 212 are not known, providing little or no clues to allow cryptographically useful predictions for the next expected numbers. The encryption engine 200 further comprises a transformation unit 213. The transformation unit 213 is driven by a control unit, not shown, which extracts the corresponding bytes to be encrypted from the data memory 211 at the relevant location i, selected by the index unit 216, and after the encryption again to the pertaining point I in the data memory 211. The transformation unit 213 has an input to which in each case one byte of the data stored in the data memory 211 is applied for encryption. At the output of the transformation unit 213 is after the Encryption is performed by encrypting the encrypted byte. In the present exemplary embodiment of the invention, in each case one byte of the data memory 211 is read out of it and transmitted to the transformation unit 213 for encryption. Subsequently, the encrypted byte is written to the location of the data memory 211 from which the raw data byte was read out. The transformation unit 213 has a number A of predetermined one-to-one basic transformation specifications T,..., FA. These are stored in a dedicated memory. A preferred way of storing one of the basic Transformation rules T, ..., fA for bytes with a number of bits of B is to provide a memory with 2B bytes, wherein for each of the possible 2B representable by a byte values each a mostly different value is specified. In order to ensure the uniqueness and thus the reversibility of the basic transformation rules T,..., FA, each value, corresponding to a number between 0 and 2B-1, is written into one of the 2B memories only once. In the present exemplary embodiment with B = 8 bits per byte, a memory of 256 bytes is provided for each of the basic transformation instructions T,..., FA. The application of the basic transformation rules U,..., FA to an 8-bit byte to be transformed is done by returning as a result this byte located at this memory position, whose ordinal number, starting with 0, is the number understood as a number ie between 0 and 255 = 2B-1, byte to be transformed corresponds. In principle, it is possible to perform byte transformations exclusively with the basic transformation instructions T,..., FA provided. However, this has the disadvantage that the number of possible transformations is relatively small. Thus, with an available memory of 1 MB, approximately A = 4000 basic transformation instructions T,..., FA can be stored. However, the space of a total of available transformation rules for transforming 8-bit bytes to equally large bytes is (28)! ~ 10506 transformations. The reason- Transformation rules T, ..., fA thus represent only an extremely small subspace from the entire space of possible transformation regulations. For this reason, the present embodiment of the invention uses transformation laws gi, ... composed of a plurality of rules selected from the fundamental transformation laws T, ..., fA. A transformation rule ge {gi, ..., gT} can, for example, given as a sequence of T random numbers μι - μτ or be created by a number of determined by means of a selection unit described later sequence of numbers for each number of the sequence of numbers each one of the basic Transformation rules fMi, ..., fMT is selected and the thus selected basic transformation rules fMi, ..., fMT are successively applied in the order of the respective numbers determining them to the raw data byte b to be encrypted. In order to provide encryption that is difficult for an attacker to decrypt, it is of great advantage to make full use of the available set or group of transformation rules. By concatenating a number T of the present A basic transformation instructions T,..., FA, a number of AT transformation instructions gi,... Are available. If transformation instructions g are created by concatenating P = 10 basic transformation instructions f and 4000 fundamental transformation instructions f are available at 1 MB memory space, then a total of 400010 (~ = 1036) different transformation instructions g can be used, whereby the complexity of the encryption compared to the mere Use of the basic transformation rules fi, ..., fA is only T-fold or ten times higher. By selecting the number A of the basic transformation instructions T,..., FA and the number T of the basic transformation instructions f used for a concatenation, a balance can be found overall between memory requirement, computing time and security. The execution of the basic transformation rule f can be implemented in many different ways, whereby only the bijectivity of the basic transformation rules f is to be ensured. For example, a basic transformation instruction f can be implemented in such a way that a transformation value stored in a memory assigned to the value is available for each possible value of a byte. With a byte length of 8 bits, a total of 256 = 28 different possible values are available, so that for basic transformation instructions f for 8-bit bytes, a 256-byte to 8-bit memory is made available in which each of the values occurs once. The application of the basic transformation instruction f to a value x is effected by accessing the memory and / or its memory position and looking at the value present in the memory as the result f (x) of the application of the basic transformation rule to the value x becomes. A memory for the decryption needed Reversal or inverse f1 of the fundamental transformation law f can be realized in the same way. An alternative variant for applying a basic transformation rule f to a byte value x is to subject the byte value x to a specified mask Mf of a bit-by-bit exclusive-OR operation (XOR operation). Here, only the mask Mf is to be stored, each having the same length as the respective byte. The inverse f1 of such a fundamental transformation rule is identical to the fundamental transformation rule (f'1 = f). Another alternative, advantageous for bytes consisting in particular more than 8 bits, consists in the exchange of individual bits in the application of the basic transformation rule. In each case, it must be indicated which of the bits are to be interchanged with each other. The inversion f1 of such a fundamental transformation law f is identical to the fundamental transformation rule (f'1 = f). Finally, especially for bytes consisting of many bits, it may be provided that basic transformation rules f are not applied to all bits of the byte to save memory space. In this case, the above-described types of basic transformation rules f may also be applied to a specified portion of the byte, respectively. All of the illustrated basic transformation rules can be combined with one another on account of their bijectivity in order to achieve a transformation rule g. For improved encryption, the transformation unit 213 may additionally apply a special transformation rule h to the respective byte b 1 to be encrypted before or after the application of the basic transformation rules fi... FA. The special transformation rule h is modified each time encryption is performed or after a number of encryptions. In particular, the special transformation rule h is defined by completely specifying all 2B values in a memory with 2B memory locations analogous to the basic transformation rules f. Depending on the byte to be encrypted bi, the encrypted byte Ci and optionally random values p, two values can be interchanged with each other to modify the special transformation rule. The special transformation rule may e.g. by swapping two function values to two predetermined positions. The first position may be determined by a counter value of a continuous cyclic counter, the second position by the byte to be encrypted bi, the encrypted byte c, or a random number p. The use of the special transformation rule h during the execution of the coding increases the number of potentially used transformation instructions g to (2B)! = (28)! «10506, but without significantly increasing processing time. A special transformation rule h does not differ in principle from a basic transformation rule. The only difference is that, if their application is foreseen, it can be used in addition to the normal basic transformation rules. Your application is turned on and off by certain events. Such an event may, for example, be the change to a forward or backward movement of the coding (see Fig. 6, Fig. 8), or be the beginning of the processing of a new block (see Fig. 4, Fig. 7). It can also be provided that the special transformation rule h only a limited number is often modified. The modification of the special transformation rule takes place after coding each or only part of the bytes to be encrypted and can be omitted altogether after a number of modifications. The special transformation rule h forms part of the internal state Y of the transformation unit. The random number generator 212 and the transformation unit 213 offer the possibility of storing and outputting their respective current internal state Y and of restoring or loading it at any later time on command from outside. Several such internal states can be saved and restored. The internal state of the random number generator 212 and the transformation unit 213 may be modified by externally given values. In the first embodiment ("STREAM") of an encryption method according to the invention, the following steps are performed with the encryption machine 200 shown in FIG. In a first step, the encryption engine 200 is initialized with the password W0. Here, all the internal memories of the random number generator 212 and the transformation unit 213 are brought into an initial state Y0 determined by the password W0. A preferred type of initialization is shown in more detail later with reference to FIG. In a second step, the data memory 211 is filled with raw data. The amount of raw data bi,..., BN that is simultaneously available in the data memory 211 is also referred to as block or data block D. A data pointer i, with each of which a raw data byte bi is selected from the data memory 211, is set to the first memory location of the data memory 211. The following iteration steps S21... S29 are performed for all the bytes of the data memory 211 as shown in FIGS. 2 and 3. The data pointer i stored in the memory 216 initially points to the first byte bi of the data block D to be encrypted and is incremented after execution of the iteration steps S21... S29 until it points to the last byte bn of the data block D to be encrypted. In a first iteration step S21, the byte of the data block D of the respective memory location of the data memory 211 selected by the value of the data pointer i is copied into a raw data buffer 214 as raw data byte b, and supplied to the transformation unit 213. In a second iteration step S22, a sequence of random numbers μ 1,..., P 1, P is transmitted to the transformation unit 213. Separate random numbers pu, ..., μ ,, Ρ are determined for each iteration. The transformation unit 213 determines in the third iteration step S23 the transformation rule g, as a function of its internal state and the determined random numbers μ 1,..., Μ, ρ. The encrypted byte c, is determined by applying the transformation rule g, to the byte bi to be encrypted in a fourth iteration step S24 according to 0 = gi (bi). In the present case, the transformation law g is determined by composition as described above, whereby the selection of T rules from the A fundamental transformation rules T,..., FA for the composition on the basis of the given random numbers μΜ,..., Μί, ρ takes place. In a fifth iteration step S25, the contents of the respective memory location of the data memory 211 selected by the data pointer i with the encrypted byte c are overwritten. Subsequently, in a sixth iteration step S26, the encrypted byte Ci is written into its own key data buffer 217 as an encrypted byte c. In a seventh iteration step S27, the raw data bytes b 1 and the encrypted byte 0 are transmitted to the random number generator 212 and the future state transformation transformation unit 213. In an eighth iteration step S2s, further random numbers p ,, i... PiiR generated by the random number generator 212 are returned to the random number generator 212 and transmitted to the future state transformation transformation unit 213. In a ninth iteration step S29, the inner state of the random number generator 212 and of the transformation unit 213 is modified with the aid of the bytes or random numbers transmitted in the iteration steps S27 and S28. Overall, when encrypting, it is possible, but not essential, to change the basic transformation rules fi,..., FA when implementing the ninth iteration step S29, for example, one of the basic transformation rules fx can be modified each time the ninth iteration step S29 is performed For example, in the case of basic transformation instructions, which were given by complete enumeration of their function values, by interchanging two function values, ie fx (by) < - > fx (bz). This increases the number of possible transformation instructions from about 1036 to about 10506 different transformation rules, making unauthorized decryption less likely. If provided, the modification of the special transformation template h can be carried out as part of the ninth iteration step S29. Depending on the progress of the encryption, the transformation unit 213 and the random number generator 212 generate different internal states as a function of both the previously processed raw data bytes bi, the encrypted bytes c, and the random numbers p i, piiR supplied by the random number generator 12. The selection of the transformation law g, is therefore directly dependent both on the internal state of the transformation unit 213 at the time of encryption of the raw data byte bi and also indirectly on the random numbers p i, pi, R provided by the random number generator 212 at the same time. μΜ, ..., pi, P, which in turn also from the inner State of the random number generator 212 are generated differently depending on the previously processed raw data bytes and encrypted bytes. The selection of the transformation law g, is therefore dependent on the values and the order of all bi to bn. After encryption, the value of the pointer i is incremented. After the raw data bytes bi,... BN stored in the data memory 211 are all encrypted, they can be made available for further use, in particular for transmission to a receiver. After any further processing of the data in the data memory 211, it may be replenished with further data to be encrypted, which are encrypted analogously as above. It is possible to supplement or expand the data memory 211 with random data before processing. The inner state of both the random number generator 212 and the transformation unit 213 is the same at the beginning of the re-processing of further data in the data memory 211 as at the end of the previous processing of the data of the data memory 211. A procedure according to a second embodiment ("BLOCK"), shown in Fig. 4 and 5, the invention shows an improvement with which the dependencies of the individual bytes Ci, ... Cn of the encrypted data sequence of the bytes bi, ... ön the raw data sequence is increased. In this procedure, the above-described method according to the first embodiment of the invention is used. The encryption machine used to perform the encryption process is the same as the one used in the encryption process Encryption engine 200 of the first embodiment, which is shown in more detail in Fig. 1, the differences are explained in more detail below. Before the beginning of the iteration steps S21 ... S29, in a preparation step S2o, a, the entire internal state of the encryption engine 200, i. the internal state of the random number generator 212, and optionally the internal state of the Transformation unit 213, stored in a state memory. This state is referred to as initial state Y0. Subsequently, the encryption is performed from the first to the last byte according to the iteration steps S21 to S29. After the encryption of the entire block, i. all raw data bi ... bN located in the data memory 211, the random number generator 212 and optionally the transformation unit 213 are reset to their respective initial state Y0 in a reset step S2o, m. Subsequently, encryption is performed again according to iteration steps S21... S29 described above, wherein the value of the data pointer i initially points to the last position N of the data memory 211 and is guided counter to the previously traversed direction, i. is decremented in this case, and thereby the individual bytes of the data memory 211 are treated in reverse order. Subsequently, the data is read from the memory in a read-out step S2o, z and optionally replaced by a new data block. Due to this procedure, it is ensured that the value of each encrypted byte c, dependent on the value and position of all raw data bytes b, and a change of any raw data byte b, affects the encryption of all other bytes of the data memory 211. Each raw data byte b to be encrypted is also encrypted twice with the procedure. The encryption of the raw data in the data memory 211 may optionally also be performed multiple times, as shown in FIG. 6, wherein in each case alternately in the predetermined data direction and then against the predetermined data direction is encrypted. In such a case, the encryption engine 200 will continue each time after each encryption pass, i. after the last byte bi or bN has been encrypted in or against the data direction, set in the prestored inner state Yo. After the above-described processing of the data of the data memory 211 and any further use of the data, the random number generator 212 and the transformation unit 213 are again set to the respective initial state Yo. Further possibly remaining raw data are transferred into the data memory 211 and the processing with the new raw data begins again. It is possible to supplement or expand the data memory 211 with random data before processing. In a third embodiment ("CHAINED BLOCK") of the invention shown in Figs. 7 and 8, the data memory 211 is processed in the processing of the first loaded data as in the second embodiment. The processing of data remaining and newly loaded into the data memory 211 differs from the processing according to the second embodiment in that, for the random number generator 212 and the transformation unit 213, the respective initial states differ in the processing steps S2o, b, S2o, c, S2o, y be set to the second embodiment. These new initial states are each the internal states Yi, Y2,... Of the encryption machine 200 reached during the preceding processing of data. These new initial states Yi, Y2 .... (FIG. 8) are the inner states of random number generator 212 and transformation unit 213 after processing the byte at the last position N in the data memory 211 in one of the forward processes of the previous data. Alternatively, the inner state after processing of the byte at location 1 in the data memory 211 may be used in one of the backward processing therefor. For a real-time data transmission, the data memory 211 and the data blocks have only a very small number of raw data bytes bi, possibly even only a single raw data byte. Encryption takes place byte by byte, wherein after the encryption of a data block D - and thus of the entire data memory 211 - a new data block D is loaded into the data memory 211. Such a procedure is particularly well suited to the ongoing encryption of data that is present as a data stream and that are forwarded in real time, as it were. At best, it is also possible, as described for the second embodiment, to divide the data stream into very small blocks D with only a few, in particular less than 10 bytes and to encrypt these blocks according to the second or third embodiment of the invention and as a block data stream transfer. If the number of bytes per data block can be kept low, the encryption can also be used for real-time data transmission. In this case, by selecting the size of the data blocks, the invention makes it possible to strike a balance between real-time capability or delay and security. Random number generator and selection unit In principle, very different deterministic random number generators 212 can be used for the invention. An improvement of the invention that can be used for all the embodiments of the invention presented above uses an optimized random number generator 212 shown in FIG. 10 with a selection unit 230. In the present case, the random number generator 212 is composed of a number Z of simple deterministic partial random number generators 233-1 to 233-Z which will be selected depending on the internal state of the selection unit 230 of the random number generator 212, as will be described later. The number Z of partial Random number generators 233 are not predetermined in advance and can be determined based on a password W. In addition, it is also possible to pre-specify different types of partial random number generators 233. Furthermore, it is also possible to specify with which probability the individual sub-random number generators 233 are selected from the given types of sub-random number generators. The password W then determines, with the aid of an already existing random number generator 212, the number Z of the partial random number generators 233, the types of the partial random number generators 232 and the order of the partial random numbers 232 in which they are used for the construction of the random number generator 212. The initialization of the partial random number generators 233 is also carried out by the password W in connection with the predetermined random number generator and will be shown in more detail later. The random number generator 212 has a selection unit 230. The selection unit 230 of the random number generator 212 is used to select one of the partial random number generators 233-1 to 233-Z. Its values are then provided at the output of the random number generator 212. The selection unit 230 has a number H of selection gates 231 -1 ... 231-H each having a predetermined number Z of individual registers. The totality of the individual registers of a selection register 231-1 ... 231-H contains a permutation of the numbers 1 to Z. The first of the selection registers 231-1 is preceded by a first addressing unit 232-1, which contains a first pointer ki. This first pointer ki is automatically cyclically incremented or decremented after each selection. The first pointer ki designates or references a memory position in the first selection register 231-1. In a further step, the number θ 1 determined at the memory position selected by the first pointer ki in the first selection register 231-1 is determined. This number θι is entered into a second addressing unit 232-2 as a second pointer k2 or added to this second pointer k2 or the second pointer k2 is determined by another operation based on the number θι and its previous value. The value of the second pointer k2, which always lies in the range from 1 to Z, is used to address a memory position k2 in the second selection register 231-2. One selection register 231 and one selection unit 232 each are combined to form a selection stage 230-1... 230-H. Analogous to the selection stage 230-1, the following selection stages are also run through to the selection stage 230-H. The register value ΘΗ of the last selection stage 230-H then selects the partial random number generator 233-ΗΗ. In principle, a large number of selection stages 230-1... 230-H can be provided in the selection unit 230, wherein a larger number of selection stages 230-1... 230-H leads to a greater resource load and ultimately results in increased data security However, the execution time of the encryption increases. By selecting the number of selection stages 230-1... 230-H, a balance can thus be made between the computing power and data security. In the present case, a total of ten H = 10 selection stages 230-1... 230-H are provided. For the selection register 231 and addressing units 232, the memory position selected at the respective pointer ki... KH in the addressing unit 231 is respectively in the respective one Selection register 231 determined number and entered in the next pointer k in the next addressing unit 231 or added to this or determined by another operation with the previous value. The value of the next pointer k, which is always in the range from 1 to Z, is used to address a memory position in the respective next selection register 231. The value ΘΗ of the last selection register 231-H addressed by the respective pointer is used to select one of the sub-random number generators 233-1 ... 233-Z. The individual part-random number generators 233-1... 233-Z have a common internal state, wherein normally each of the part-random number generators 233-1... 233-Z has in each case a subarea of the internal state assigned to it. It is also possible that individual ones of the partial random number generators 233-1... 233-Z have read access or optionally also write access to the subareas of the remaining random number generators 233-1... 233-Z. transformation unit A selection unit 220 constructed analogously to 320 serves to select a basic transformation f from the given basic transformations T to fA. 11 shows the selection unit 220 for selecting basic transformation instructions f. For the composition of the transformation law g, a number of A fundamental transformation rules fi ... fA are given, which are formed and selected as described later depending on the internal state of the random number generator 212. The number of the basic transformation instruction fi ... fA as well as its content can be determined based on the password W0. In addition, it is also possible to prescribe different types of basic transformation rules fi ... fA in advance. The transformation unit 213 has a selection unit 220. The selection unit 220 serves to select one of the basic transformation rules fi ... fA. The selection unit 220 of the transformation unit 213 is shown in greater detail in FIG. 11. It has a number G of selection registers 221-1 ... 221-G each having a predetermined number A of individual registers. The totality of the individual registers of a selection register 221-1 ... 221-G contains a permutation of the numbers 1 to A. The first of the selection registers 221-1 is preceded by a first addressing unit 222-1, which contains a first pointer ji. This first pointer ji is automatically incremented or decremented after each selection. The first pointer ji denotes a memory position in the first selection register 221-1. In a further step, the number Φι located at the memory position selected by the first pointer ji in the first selection register 221-1 is determined. This number Φι is entered into a second addressing unit 222-2 as the second pointer j2 or added to this second pointer j2 or the second pointer j2 is determined by another operation on the basis of the number Φι and its previous value. The value of the second pointer j2, which is always in the range of 1 to A, is used to address a memory position j2 in the second selection register 221-2. Analogous to the selection unit of the random number generator, one selection register 221 and one selection unit 222 are each combined into a selection stage 220-1... 220-G. Analogous to the selection stage 220-1, the following selection stages are also passed through to the selection stage 220-G. The register value φΰ of the last selection stage 220-G then selects the fundamental transformation f (|) G. In principle, a large number of selection stages may be provided in the selection unit 220, with a larger number of selection stages 220-1... 220-G resulting in a greater resource load and ultimately resulting in increased data security, but increasing the execution time of the encryption. By selecting the number G of the selection stages 220-1... 220-G, a balance between the computing power and data security can thus be made. In the present case, a total of ten G = 10 selection stages 220-1... 220-G are provided. For the selection register 221 and addressing units 222, the number located at the memory location selected by the respective pointer ji... JG in the addressing unit 221 is determined in the respective selection register 221 and entered or added to the next pointer j in the next addressing unit 221 or determined by another arithmetic operation. The value of each next pointer j is used to address a memory position in the next selection register 221. The value Φ0 of the last selection register 221-G addressed by the respective pointer is used to select a basic transformation instruction fi ... fA. The length of the selection register 221 normally corresponds to the number of basic used Transformation regulations fi ... fA. The selection unit 220, 230 of the random number generator 212 and the transformation unit 213 have a very similar structure. The following improvements are described jointly for both selection units 220, 230, but may be used for each of the Selection units 220, 230 are made separately. By the above procedure, only a selection of a basic transformation rule fi ... fA or the partial random number generator 233-1 ... 233-Z is made, which is completely independent of the individual raw data bytes b to be encrypted, and therefore allows easier reconstruction. The present improvement of the invention now provides an update of the selection unit 220, 230 made by the updating unit, wherein, depending on the respective byte to be encrypted b, and / or the respectively encrypted byte c, and / or provided random numbers pi... PR of the Value of one of the pointers ji ... jG, ki ... kH in the addressing units 222, 232 is changed. Here, the numerical value of the addressing unit 222, 232 is determined by an arithmetic function from the old numerical value of the addressing unit 222, 232 and an external value provided via an input 224, 234, e.g. the numerical value b, the unencrypted byte, the numerical value c, the encrypted byte or the provided random numbers p ,, recalculated. If the resulting value exceeds the length of the selection register 221, 231, this length is subtracted from the pointer value correspondingly many times, so that the pointer j, k lies between 1 and A or Z. In each encryption step, the next pointer j, k is changed in each case, and in the case where the last Gth or Hth pointer was changed in the previous step, the first pointer j, k is changed again in the next step. Alternatively or additionally, it is possible for two individual registers of one of the selections register 221, 231 to be modified depending on the byte to be encrypted bi and / or of the respective encrypted byte c, and / or provided random numbers p by interchanging the words contained in them Values. The selection of these two individual registers is also dependent on the number of permutations already made in this selection register 221, 231. At each encryption step, a number of swaps are performed. After a certain number of exchanges have been made in a selection register 221, 231, then the next selection register 221, 231 is changed. In the event that the last selection register 221, 231 has been changed in the previous step, then the first selection register 221, 231 is changed again. In order to select a plurality of basic transformation instructions T,..., FA or a plurality of partial random number generators 233-1... 233-Z, the first pointer ji, ki is respectively modified according to predetermined criteria, in particular increased, reduced, incremented or decrements, and the aforementioned steps for addressing the individual selection registers 221, 231 again carried out, wherein in each case that basic transformation rule T, ..., fA is used for the formation of the transformation rules or the random number of that partial random number generator 233, their ordinal number corresponds to the numerical value of the value referenced in the last selection register 221-G, 231-F1. The number of individual registers of a selection register 221, 231 corresponds to the number A of the available basic transformation rules fi,..., FA or the number Z of the available partial random number generators 233. It is also possible for the selection unit 230 of the random number generator 212 or the selection unit 220 of the transformation unit 213 to be supplied with additional random numbers p generated by the random number generator 212 and for the values of the respective selection registers 221, 231 to be reset or modified by means of these random numbers p or the pointers in the addressing units 222, 232 are overwritten or modified. In the determination of random numbers p by the random number generator 212, a predetermined number of random numbers generated by this can be used. With such a selection unit 220, 230, it is avoided that a state change made in one step is reversed by a state change made in a following step. It also avoids that plain texts that are very similar to each other and differ only in a few characters, the encrypted text differs even in these few characters. The greater the number G, Fl of the selection stages 220, 230 is selected, the lower the Probability for a later match of the encrypted text or the internal state. The individual selection registers 221, 231 are in the course of the initialization of Transformation unit 213 and the random number generator 212 set to values that depend on the password W and derived from the password W data. Also, the value of the addressing units 222, 232 is set to a value derived from the password W at initialization. The content of the selection registers 221, 231 and the addressing units 222, 232 counts to the internal state of the random number generator 212 or the transformation unit 213 and thus to the internal state of the encryption engine 200. The initialization of the selection units 220, 230 is performed separately, so that the inner states of the random number generator 212 and the transformation unit 213 are different. Also, the contents of the selection registers 221, 231 and the selection pointers 222, 232 are basically different, i. the selection units 220, 230 access different internal states, each forming part of the internal state of the encryption engine. Also during the execution of the coding, in particular of the iteration step S2g, or during the decryption, the inverse basic transformation instructions t1 to f1A, in particular at the iteration step S39, depending on bi, c, and p be modified. The number of possible transformations g increases (28)! = 10506. These are all possible transforms of 8-bit bytes. By this measure, an unauthorized access to the plain text without knowledge of the password and the plaintext is almost impossible. As a result of this measure, the time required for the ninth iteration step S29 or during the decryption at iteration step S39 becomes significantly longer. A favorable application of a special transformation rule h for the STREAM processing according to the first embodiment of the invention is to modify the special transformation rule h during the encryption of the first 256 bytes and then to leave it unchanged. But always stay active for the rest of the data. A favorable application of a special transformation instruction h for the BLOCK processing according to the second or third embodiment of the invention consists in not applying and / or not modifying the special transformation rule in the first forward coding and the special coding method for the first reverse coding. Apply and / or modify transformation rule but to make a modification of this only for the first 256 encryptions. A further favorable application of a special transformation rule h for the BLOCK processing according to the second or third embodiment of the invention is the special transformation rule h created when the first data block is coded during the processing of the following data blocks unchanged during the forward and / or reverse coding use. During decryption, the inverse h'1 of the special transformation rule h is used accordingly and, if necessary, also modified accordingly. initialization In the following, a possible advantageous embodiment of an initialization of the random number generator 212, a transformation unit 213 and the encryption machine 200 will be described with reference to FIG. 12, wherein the initialization can be used for all of the embodiments of the invention presented above. Basically, the specific way of initializing the encryption engine 200 is determined by the password W0 used in the encryption. The password W0 is transmitted to an initialization unit that performs the following steps. In Fig. 12, the initialization of the encryption engine 200 is shown. In a first step, a start random number generator 212-UR is used, which is known in advance and, in principle, can be made generally known. The password W0 is provided by the user before the encryption of the raw data. The password W0 is a number of sequentially arranged bytes of 8 bits per byte. In order to be able to exclude the effects of different passwords W0 with the same beginning as far as possible, the respective password is preceded by its length in bytes. Alternatively or additionally, the password W0 can also be preceded by a check sum. If the length of the password falls below a predetermined value, the password W0 is extended by repeating or consecutive stringing of the password to the predetermined length and a start password WN is created in a password creation step S101. Subsequently, a first encryption engine 200a is initialized with values resulting from the start password WN and the values of the seed random number generator 212-UR. The start password WN and the values of the start-up random number generator 212-UR are supplied to a linking unit 219a in steps S102a and S103a. The initial password WN and the random numbers of the seed random number generator 212-UR are linked there, for example, by bit-wise exclusive-or-combining (XORing) corresponding bytes, the resulting values being used to initialize the first encryption engine 200a, i. for determining its inner state, in particular the inner state of its transformation unit 213a in step S105a and its random number generator 212a used in step S104a. Subsequently, the start password WN is encrypted by the first encryption machine 200a in an encryption step S106a, and a first password Wa is obtained. A second encryption engine 200b is created by transmitting and linking the first password Wa and random numbers generated with the random number generator 212a of the first encryption engine 200a to the linking unit 219b in steps S102b and S103b, and resulting from this combination Data for determining the inner state of the second encryption machine 200b may be used in steps S104b and S105b. A second password Wb is created by encrypting the first password Wa with the second encryption machine 200b in step S106b. This process can be repeated as often as desired. At the end, an encryption engine 200 shown in FIG. 12 below is obtained. Choice of bits per byte In general, instead of the data memory 211 used in the present embodiment, another memory layout may also be used. It is basically possible to use memory with a different number of bits per byte in order to achieve better mixing of the individual input data. In this case, the raw data available at 8 bits per byte is written to the data memory bit by bit, changing the assignment between bits and bytes. Increase in processing speed It is advantageous, but not mandatory, for the transformation instruction g to be changed separately for each byte to be encrypted. It is also possible that several bytes are encrypted with the same transformation rule g and only then a new transformation rule g is determined. It is also possible for the two selection units 230, 220 to be modified after the selection of a basic transformation rule f or of a partial random number generator 233 merely in that the selection pointer 222-1, 232-1 of the first selection stage 220-1 or 230-1 is incremented, but otherwise no changes are made. In order to avoid multiple encodings with the same transformation rule g, the selection of the increment of the selection pointer 222, 232 without externally caused state change by supplying external data should be less than the length A or Z of the selection registers 221 and 231, respectively. A method in which multiple bytes are encrypted with the same rule is more susceptible to attack than a method that uses its own transformation rule g for each byte. Likewise, due to time constraints, the feedback mechanism need not be performed every step. It is also possible that feedback of the selection units 220, 230 takes place alternately or not synchronously. Also, the feedback to the random number generator 212 or to the transformation unit 213 may be omitted in some steps. Nevertheless, in these cases, the transformation rule used is a different one. decryption The decryption is performed substantially the same as encryption with a decryption engine 300 shown in FIG Transformation unit 313 and the random number generator 312 are identical to the inner state of the transformation unit 213 and the random number generator 212 after the processing of each i-th byte in the encryption and the decryption, of course, except for the data which the inverse fundamental transforms f1 In the case of the dynamic change of the (basic) transformation rules, the respectively changed, non-inverted (basic) transformation rules are at best kept available in addition to the inverse of the (basic) transformation rules. The same applies of course to the special transformation rule h. Also, the structure of the encryption engine 200 and the decryption engine 300 is identical except for the differences shown below. The decryption engine 300 has a data memory 311, a Random number generator 312 and a transformation unit 313 as shown in FIG. As with an encryption according to the first embodiment of the invention, the decryption (Fig. 3) is performed such that the individual bytes Ci, ..., cN of the data memory 11 are sequentially traversed from beginning to end in the data direction. Unlike the encryption, the inverse transformation rules g'1 and inverse fundamental transformation rules fr1, ..., fA'1 are used instead of the transformation rules g and basic transformation rules T,..., FA. If, as an improvement of the invention suggests, the transformation rules are composed of basic transformation rules T,..., FA, it suffices to replace the basic transformation rules T,..., FA by the inverse fundamental transformation rules fr1,. .., fA'1 store. In the event that the basic transformation rules fi or the special transformation rule h are modified during the encryption, then for the decryption in addition to the inverse transformation rules h'1, fr1 ... fA'1, the original transformation rules h, T ... fA held up. If one wishes to determine the inverse g'1 of a transformation rule g composed of several basic transformation rules fMi, ίμ2, ..., fMP, then the inverse fundamental transformation rules fr1,..., FA'1 i are optionally h'1 in FIG reverse order: In order to actually obtain the same internal state consistently, the raw data bytes b and the encrypted bytes c and any random numbers are used in the same way as in the encryption, for example, to change the internal state of the selection units 320, 330 of the random number generator 312 and the Transformation unit 313. In particular, the encrypted and decrypted bytes are written in a data file 317 provided for this purpose, the decrypted bytes are written into a data memory 314 provided for this purpose. The decryption engine shown in Fig. 13 will be shown with respect to the decryption according to the first embodiment of the invention. In a first step, the decryption engine 300 is initialized with the password W0. Here, all the internal memories of the random number generator 312 and the transformation unit 313 are brought into an initial state Y'o determined by a password W0. The special initialization of the decryption engine for the Decryption engine will be described later with reference to FIG. 16. In a second step, the data memory 311 is filled with encrypted data. The amount of encrypted data Ci,..., CN that is simultaneously available in the data memory 311 is also referred to as block or data block D. A data pointer i, with each one byte Ci is selected from the data memory 211, is set to the first memory location of the data memory 311. The following iteration steps are performed for all bytes of the data memory 311. The data pointer i stored in the memory 316 initially points to the first byte Ci of the data block D to be encrypted and is incremented after execution of the iteration steps S31... S39 until it points to the last byte bN of the data block D to be encrypted. In a first iteration step S31, the byte of the data block D of the respective memory location of the data memory 311 selected by the value of the data pointer i becomes one Key data buffer 317 as a key data byte c, copied and the transformation unit 313 supplied. In a second iteration step S32, a sequence of random numbers μ 1 -1,..., Μ 1, übermittelt is transmitted to the transformation unit 313. For each iteration, separate random numbers μ i - 1,..., Μ i, ρ are determined. These random numbers are identical to the random numbers μ 1 -1,..., Μ 1, which were transmitted in the iteration step S 22 during the encryption of the transformation unit 213. The transformation unit 313 determines in the third iteration step S33 Transformation rule gr1 as a function of its internal state and the determined random numbers μ ,, - ι, ..., μ ,, ρ. The encrypted byte c, is decrypted by applying the transformation rule gr1 in a fourth iteration step S34 according to b, = gr1 (Ci), in turn one receives the raw data byte bi. In the present case, the transformation law g is determined by composition as described above, wherein the selection of T rules from the A fundamental transformation rules fr1,..., FA'1 for the composition on the basis of the given random numbers μΜ,. μι, p takes place. In a fifth iteration step S35, the content of the respective memory location of the data memory 311 selected by the data pointer i with the decrypted byte b, is overwritten. Subsequently, in a sixth iteration step S36, the decrypted byte bi is written into its own raw data buffer 314 as raw data byte b. In a seventh iteration step S37, the raw data byte b and the encrypted byte o are transmitted to the random number generator 312 and the future state transformation unit 313 thereof. In an eighth iteration step S3s, further random numbers pt, i... Pi, R generated by the random number generator 312 are identical to the random numbers pt, i... Pi, R transmitted during the encryption step in the iteration step S28 Random number generator 312 and transmitted to the transformation unit 313 for the future state changes. In a ninth iteration step S39, the internal state of the random number generator 312 and of the transformation unit 313 is modified by means of the bytes or random numbers transmitted in the iteration steps S37 and S38. The inner state of the Random number generator 312 is now identical to the inner state of Random number generator 212 after processing the ith data byte. The inner state of the transformation unit 313 is now equal to the inner state of the transformation unit 213 after the processing of the ith data byte, except, of course, the data describing the inverse fundamental transformations f1. If the basic transformation rules fi or the special transformation rule h are modified after encryption in the iteration step S29, the inverses of the basic transformation rules f1i or the inverses of the special transformation rule h'1 must also be modified analogously during the decryption, so that in the iteration step S39 in each case the inverse of the modified basic transformation rules fi or the inverse of the modified special transformation instruction h is determined and available for the next decryption step. Depending on the progress of the encryption, the transformation unit 313 and the random number generator 312 generate different, internal, random numbers p i, p i, R, depending on both the previously processed decrypted bytes bi, the encrypted bytes c and the random number generator 312 Conditions. The selection of the transformation rule g, or of its inverse g'1, is therefore directly dependent both on the internal state of the transformation unit 313 at the time of encryption of the raw data byte b and indirectly on the random numbers p provided by the random number generator 312 at the same time. , i ... pi, R, μ ..., μ ,, ρ, which in turn are also generated by the inner state of the random number generator 312 in response to the raw data bytes and encrypted bytes processed so far. The selection of the transformation rule g, is therefore dependent on the values and the order of all encrypted bytes Ci, ... Cm and the bytes bi, ... bi-i. After encryption, the value of the pointer i is incremented. After the encrypted bytes Ci, ... cN stored in the data memory 311 are all decrypted, they are kept available for further use. After the further processing of the data in the data memory 311, if necessary, it will be replenished in accordance with the second step with further data to be decrypted, which are encrypted analogously as above. The inner state of both the random number generator 312 and the transformation unit 313 is equal to the beginning of the re-processing of further data in the data memory 311 as at the end of the previous processing of the data of the data memory 311. In the decryption of data encrypted according to the second embodiment of the invention, the decryption begins in reverse order of the data (Figures 4, 5). The decryption engine 300 is set in the initial state Y'o. The initial state Y'o differs from the initial state Y0 only by the data describing the inverse fundamental transformations f1 instead of the fundamental transformations f. At best, when changing basic transformation rules fr1 ... fA'1, it may become necessary to keep the basic transformation rules fi ... fA available. Likewise, in the case of using the special transformation instructions, it may be necessary to have them available in non-inverted form as well. The data pointer i is first shifted against the data direction of the data memory 311, the individual bytes being decrypted in each case. Subsequently, the transformation unit 313 is again set to the initial state Y'o, wherein the individual bytes in the data memory 311 are decrypted from the first byte to the last byte in the data direction. After this second pass, the raw data sequence is located in the data memory 311. If the raw data sequence has been encrypted several times, the decryption process is also repeated several times in order to obtain the raw data sequence. (Fig. 6) In the decryption of data encrypted according to the third embodiment of the invention, the decryption begins at the last byte of the respective block (Figures 7, 9). The decryption engine 300 is set in the initial state Y'o. The data pointer i is first shifted against the data direction of the data memory 311, the individual bytes being decrypted in each case. Subsequently, the decryption engine 300 is again set in the initial state Y'o, its current internal state Yx is discarded. Subsequently, the individual bytes in the data memory 311 are decrypted from the first byte to the last byte in the data direction. After this second Pass is the raw data sequence in the data memory 311. If the raw data sequence has been encrypted multiple times, the decryption process is repeated several times to obtain the raw data sequence of the respective data block. The decryption engine 300 has the internal state Y'i. At the next pass, the state Y'i is used as the initial state, and the above procedure is performed again, wherein the inner state in which the decryption engine 300 is at the end of the decryption of the respective data block is used as an initial state for decrypting the next data block. The respective decrypted data block D is kept available for further use. The next encrypted data block to be decrypted is loaded into the data memory 311. The inner state buffered in the decryption of the previous block is the initial state for the block now being processed. This is loaded into the decryption engine 300 and the process illustrated for the first block is performed again. This process can be performed for all data blocks to be decrypted. As already mentioned, the encryption also provides the option of buffering the inner state in which the encryption engine 200 is located after the first encryption pass as an internal state and to use it as the initial state before the encryption of the next data block D. In this case, in the decryption, the internal state of the decryption engine 300 need not be stored. In the decryption of a second or later data block, the inner state which was present at the decryption engine 300 at the end of the decryption of the first or respectively preceding data block can be used as the initial state. The random number generator 312 (Figure 13) of the decryption engine 300 identically corresponds to the random number generator 212 (Figure 1) of the encryption engine 200. The partial random number generators 233 and 333 are equal. The selection units 230 and 330 (Figs. 10 and 14) are the same. The transformation unit 313 (FIG. 13) of the decryption engine 300 corresponds to the transformation unit 213 of the encryption engine 200 with the difference that instead of the means 240 for forming the basic transformation rule f means 340 are available for forming their respective inverses f1. The selection units 220 and 320 (Figs. 11 and 15) are the same. Initialization of the decryption engine The initialization of the decryption engine 300 is essentially the same as the initialization of the encryption engine 200 (FIG. 12). Upon initialization, a number of encryption engines 1a, 1b, ... are formed, respectively in the same manner as in the initialization of the encryption engine 200 concerned. From the initial state Y0 of the last encryption engine formed, the initial state Y'o of the decryption engine 300 subsequently becomes educated. The random number generators 212 and 312 (Figure 1, 13) and the selection units 220 and 320 (Figures 11, 15) are the same. The difference of the states Y0 and Y'o is between the processing units 240 and 340. In order to achieve decoding, instead of the basic transform rule fi ... fA, their inverses fr1 ... fA " 1 are used respectively. These are transmitted by the encryption engine 200 to an inversion unit 319, which determines the respective inverses fr1... FA'1 and optionally the inverse h'1 of the special transformation rule, and stores these in the respective memories of the transformation unit 313 of the decryption engine 300 If necessary, the basic transformation rules fi ... fA itself as well as the special transformation rule h and its inverse h'1 are stored. For storing and reloading an inner state Y'o, a state memory 318 is available at the decryption engine 300.
权利要求:
Claims (27) [1] Claims: 1. A method of encrypting raw data, the raw data comprising bytes (bi) comprising a predetermined number B of bits and the bytes being in a predetermined order, - using an encryption engine (200) comprising a transformation unit (213), which determines, depending on its internal state, an encryption method in the form of a transformation instruction (g,) for replacing the raw data byte (bi) with an encrypted byte (c,), the individual bytes (b,) of the raw data being separated and by various one-to-one transformation instructions (g,) are encrypted and an encrypted byte (c,) is determined for each byte (bi) of the raw data by the transformation unit (213), where appropriate the respective data memory containing the byte (b,) of the raw data (211) is overwritten with the encrypted byte (c,), and - wherein the transformation unit (213) v orab is brought into an initial state dependent on a password (Wo), and a deterministic random number generator (212) belonging to the encryption machine (200) is likewise brought into an initial state depending on the password (Wo), characterized in that the internal state of the transformation unit ( 213) and the internal state of the random number generator (212) is changed and updated after a number of encryptions of bytes, in particular after the encryption of each byte, depending on the respective raw data byte to be encrypted and / or the respective end result of the encryption and this new inner In particular, the random number generator (212) generates random numbers that are used for the selection of the transformation rules, and / or the random number generator (212) creates random numbers that are suitable for updating the inner Z States of the random number generator (212) and the transformation unit (213) are used. [2] 2. The method of claim 1, wherein the raw data is divided into blocks, in particular blocks of the same length (D) comprising a predetermined number of N bytes, and encrypted in blocks by a) the transformation unit (213) and the random number generator (212 b) the individual sequentially available bytes of the raw data within the same block are sequentially encrypted in the predetermined order from the first to the last byte of the transformation unit (213), c) after all bytes of the block ( D), the transform unit (213) and the random number generator (212) are reset to the initial state (Yo), and d) the individual sequentially available bytes of the data present in the respective block (D) within the same block (D) the given order from the last to the first byte of the transformation unit (213) is encrypted n. [3] 3. The method according to claim 2, characterized in that the encryption steps a) to d) of claim 2 are repeated several times for the same block (D), wherein optionally in the last repetition only the steps a) and b) are performed. [4] 4. The method according to claim 2 or 3, characterized in that after the implementation of step b) or one of the steps b) or alternatively after the implementation of step d) or one of the steps d) and before the subsequent reduction in the respective Initial state (Yo) the inner state of the transformation unit (213) and the random number generator (212) is stored and used as a new initial state for the encryption of the next block (D). [5] 5. The method according to any one of the preceding claims, characterized in that together with the setting of an initial state of the encryption engine (200) a number of basic transformation rules (f) depending on the initial state is given, and - depending on the internal state of the transformation unit (213 ) a number T is selected from these basic transformation rules in a predetermined order, - the transformation rule (g) is composed of the individual selected basic transformation rules (f), so that when applying the transformation rule (g) to the byte to be encrypted the selected basic transformation rules (f) are applied in the appropriate order to the byte to be encrypted. [6] 6. The method according to claim 5, characterized in that the transformation rule (g) from the individual selected basic transformation rules (f) and in addition a special transformation rule (h) is composed so that when applying the transformation rule (g) to the encrypting bytes, the selected basic transformation rules (f) are applied in the respective order to the byte to be encrypted and, in particular thereafter, the special transformation rule (h) is additionally applied, and that the special transformation rule (h) is used at each encryption step or after a number of encryption steps, is modified, in particular exclusively for a predetermined number of modifications, and in particular that the use and / or modification of the special transformation rule (h) is switched on and off as appropriate. [7] 7. Method according to one of the preceding claims for initializing an encryption machine (200), characterized in that before the encryption of the raw data a) as a password (Wo) a number of sequentially arranged bytes is specified b) optionally the password (Wo) its length in bytes and / or a checksum is attached, c) if necessary, if the length of the password (W0) falls below a predetermined length, the password (Wo), in particular by repeating the password (Wo), is extended to the predetermined length and thus creating a normalized password (WN), d) initializing a given random number generator (212-UR) with predetermined values, e) generating the random numbers produced by the random number generator (212-UR) with the bytes of, possibly normalized Password (WN) are linked and a first initialization data sequence is created, f) this initialization sequence will verwen to create and initialize a first encryption engine (200a) comprising a first transformation unit (213a) and a first random number generator (212a). g) encrypting the first password (WN) with the first encryption engine (200a) and thereby obtaining a second password (Wa), h) generating the created second password (Wa) with the random number generator (212a) of the first encryption engine (200a ) and a second initialization data sequence is created, and this is used to create and initialize another encryption machine (200b), i) wherein the following steps j), k) and I) are optionally performed multiple times, namely j) that in each case the password (Wa, ...) used for the initialization of the encryption engine (200b, ...) is encrypted with this encryption engine (200b, ...) and thereby a next password (Wb, ... k), that this password (Wb) is associated with random numbers of the respectively last created random number generator (212b,...) and thus a further initialization data sequence and l) that a subsequent further encryption engine (200c, ...) with a transformation unit (213c, ...) and a random number generator (212c, ...) defined with the respective last-created initialization data sequence created and initialized, and m) that the last encryption engine (200a, 200b, ...) thus created is used as the encryption engine (200). [8] A method of decrypting data encrypted according to any one of the preceding claims, wherein the encrypted data comprises bytes comprising a predetermined number B of bits and the bytes are in a predetermined order, - a decryption engine (300) comprising a transformation unit (313) which, depending on its internal state, determines a decryption type in the form of a transformation instruction (gr1), the individual bytes (c,) of the data to be decrypted being decrypted separately by means of the transformation instruction (gr1) and for each byte (c,) the encrypted data is in each case a decrypted byte (bi) determined by the decryption engine (313), - where appropriate, the respective the byte (c,) of the encrypted data containing data memory (311) is overwritten with the decrypted byte (bi), - wherein the transformation unit (313) in advance in ei NEN dependent on a password (Wo) dependent initial state is brought and the decoding machine (300) associated deterministic random number generator (312) depending on the password (Wo) in an initial state, characterized in that - the inner state of the transformation unit (313) and the inner state of the random number generator (312) is changed and updated after a number of decryptions of bytes, in particular after the decryption of each byte, depending on the respective encrypted byte and / or the respective decrypted byte, and this new inner state is taken as the basis for the next decryption in particular, the random number generator (312) generates random numbers that are used for the selection of the inverse transformation instructions, and / or the random number generator (312) generates random numbers that are suitable for updating the internal states of the random number generator ators (312) and the transformation unit (313). [9] 9. The method according to claim 8, characterized in that the data to be decrypted in, in particular the same length, blocks (D) comprising a predetermined number N of bytes are divided, wherein the number of bytes per block (D) of the number in the Encryption uses bytes per block (D), and that the data to be decrypted are decrypted in blocks by a) the transformation unit (313) and the random number generator (312) in an initial state (Y'o) depending on the respective password (W0) set becomes. b) the individual sequentially available bytes of the data to be decrypted in the respective block (D) within the same block (D) are decrypted by the transformation unit (313) against the predetermined order from the last to the first byte; c) after all the bytes of the block (D) were decrypted, the transformation unit (313) and the random number generator (312 is set to the initial state (Y'o) again, and d) the individual sequentially available bytes of the data thus obtained within the same block (D) in succession in the predetermined Order from the first to the last byte of the transformation unit (313) are decrypted. [10] 10. The method according to claim 9, characterized in that the decryption steps a) to d) are performed several times for the same block (D), wherein optionally in the last execution only the steps a) and b) are performed. [11] 11. The method according to any one of claims 9 or 10, characterized in that after the implementation of step b) or one of the steps b) or alternatively after the implementation of step d) or one of the steps d) and before the subsequent reset in the respective initial state (Y'o) the internal state of the encryption engine (300), consisting of the inner state of the transformation unit (313) and the inner state of the random number generator (312) is stored and as a new initial state for the decryption of the next block ( D) is used. [12] 12. The method according to claim 8 to 11, characterized in that together with the setting of an initial state (Y'o) of the decryption engine (300) a number T of basic transformation rules (f1) depending on the initial state of the transformation unit (313) is specified , and - depending on the internal state, a number T is selected from these basic transformation rules (f1) in a predetermined order, the transformation rule (g-1) being composed of the single selected basic transformation rules (f1), so that in use the transform rule (g_1) to the byte to be decrypted, the selected basic transformation instructions (f1) are applied in the respectively reverse order to the byte to be encrypted, and that in particular the basic transformation instructions (f1) of the transformation unit (313) correspond to the inverse of Basic transformation rules (f) of the transformation nation unit (213) correspond to an encryption engine (300) initialized with the same password (W0), and in particular the order of application of the individual basic transformation rules (f1) for the formation of a transformation rule (g_1) in the reverse order as in the encryption , [13] 13. The method according to claim 12, characterized in that the transformation rule (g_1) is formed from the special transformation rule (Ir1) and from the individual selected basic transformation rules (f1), so that when applying the transformation rule (g_1) to the decrypting bytes, in particular first, the special transformation rule (Ir1) and, in particular subsequently, the selected basic transformation rules (f1) are applied in the respectively reverse order to the byte (c,) to be decrypted, - that the special transformation rule ( Ir1) at each decryption step or after a number of decryption steps is changed, in particular exclusively for a predetermined number of changes, and that in particular the use and / or modification of the special transformation rule (Ir1) is switched on and off depending on the circumstances. [14] 14. The method according to any one of claims 8 to 13, characterized in that for initialization of a decryption engine (300) - an encryption engine (200) according to claim 7 is created, and then that a decryption engine (300) with a random number generator (312) and a Transformation unit (313) is created, - the internal state of the random number generator (212) of the encryption engine (200) is transmitted to the internal state of the random number generator (312) of the decryption engine (300) and - the internal state of the transformation unit (213) of the encryption engine (213) 200) is transferred to the inner state of the transformation unit (313) of the decryption engine (300), the inverse of the transformation rules (g) and / or basic transformation rules (f), and optionally the special transformation rule (h) are determined and as inverse transformation rules (g'1) un d / or inverse basic transformation rules (f1), and optionally the inverse special transformation rule (h'1), in the transformation unit (313) of the decryption engine (300) are stored and in particular in the event of a change in the transformation rules during the encoding of the data Also, the non-inverted transformation rules (g) and / or the non-inverted basic transformation rules (f), and optionally the non-inverted special transformation rule (h). Are stored [15] 15. A method for generating random numbers, characterized in that a number H of selection registers (231; 331) each having a predetermined number Z of values from 1 to Z are given in any order, a) that the first selection register (231-1 331-1) is preceded by a first addressing unit (232-1; 332-1) which is connected to the first pointer value (ki) in the addressing unit (232-1; 332-1), in particular cyclically incremented in each encryption step. b) the number (θι) located at the memory position selected by the first pointer (ki) in the first selection register (231-1; 331-1) is determined and these are linked to the number located in the second addressing unit (232-2; 332-2), in particular modulo Z taken and increased by one and then the new content of the addressing unit (232-2, 332-2) is formed, and the value thus obtained e forms a second pointer value (k2), which is then used to address a memory position in the second selection register (231-2; 331-2), c) that optionally for the further addressing units (232-3, ... 232-H, 332-3, ... 332-H) and the further selection registers (231-3 ... 231 -H; 331-1 ... 331-H) is performed analogously to the addressing unit (232-2; 332-2) and to the selection register (231-2; 331-2), and / or for the further selection registers (231-2). 3, ... 231-Η; 331-3, ... 321-H) in each case the number located at the memory location selected by the respective pointer (ki ... kG) in the respective selection register (231; 331) is determined and the number each next pointer (ki ... kH) is added to or subtracted from this, and the value of the next pointer (ki ... kH) used to address a memory position in the next selection register (231; 331) d) that a number of deterministic partial random number generators (233-1 ... 233-Z, 333-1 ... 333-Z) is specified, e) that of the last pointer value (kH) of the addressing unit (232 -H; 33 2-H) addressed value (Θη) of the last selection register (231-H; 331-H) is used to select the partial random number generator (233-1 ... 233-Z, 333-1 ... 333-Z), f) if appropriate for selecting a plurality of random number generators, the first pointer (ki ) is modified according to predetermined criteria, in particular increased, reduced, incremented or decremented, and steps a) to e) are carried out again, and g) a random number is created and made available with the respectively selected partial random number generator (233; 333) becomes. [16] 16. Method according to claim 15, characterized in that depending on the values present at the input (234; 334), in particular the byte to be encrypted and / or the encrypted byte and / or of random numbers (p), the value of one of the addressing units ( 232, 332), wherein these values are linked with the value located in the respective addressing unit 232, 332, preferably the result is taken modulo Z and increased by one, and the value is then assigned to the respective addressing unit 232. where appropriate, after the presence of an external trigger signal, in particular triggered by an encryption or decryption of one or a predetermined number of bytes, the value of the next addressing unit is changed, and in the case where in the previous step the value of the last addressing unit (232-H; 332-H), again the first addressing unit (232-1; 332-1) will be changed. [17] 17. The method as claimed in claim 15 or 16, characterized in that, depending on values (bi, q, p,) present at the input (234; 334), in particular a byte to be encrypted (bi) and / or an encrypted byte (c, ) and / or random numbers (p,), one of the selection registers (231; 331) is changed, and in particular two values stored in the selection registers (231; 331) are interchanged, - the index of the one value being a series of predetermined values Passing values according to a predefined sequence, in particular by cyclic counting up between 1 and Z, and setting the index of the second value by the values present at the input (234; 334), where appropriate after the presence of an external trigger signal, in particular triggered by a encryption or decryption of a byte or a predetermined number of bytes to be performed, after each permutation or after a predetermined number of permutations in a selection register (231; 331) is switched to the next selection register (231; 331) and, in the case where in the previous step in the last selection register (231-H; 331-H) the predetermined number of permutations has already taken place, the first selection register ( 231-1, 331-1) is used for amendments. [18] 18. The method according to any one of claims 1 to 14, characterized in that the generation of random numbers according to at least one of claims 15 to 17 takes place. [19] 19. A method for determining and applying a transformation rule (g ,, gr1) for encryption methods or decryption methods, in particular according to one of claims 1 to 14 or 18, characterized in that a number G of selection registers (221; 321) each having a predetermined number A values 1 to A are given in arbitrary order, wherein in each selection register (221; 321) in each case a number of individual memory positions in the respective selection register (221; 321) representing numbers is given, each representing a memory position number once each in the selection register (221; 321), a) that the first selection register (221-1; 321-1) is preceded by a first addressing unit (222-1; 322-1), which by means of a, in particular at each encryption step cyclically incremented in the addressing unit (222-1; 322-1) located first pointer value (ji) to a storage position of the first off election register (221-1; 321-1), b) that the number (φι) located at the memory position selected by the first pointer (ji) in the first selection register (221-1; 321-1) is determined, and this number is compared with the number (222) 2, 322-2), in particular modulo A is taken and increased by one, and then the new content of the addressing unit (222-2, 322-2) is formed, and the value thus obtained a second pointer value (j2) which is then used to address a memory position in the second selection register (221-2, 321-2), c) that if appropriate for the further addressing units (222-3, ... 222-G; 322-3, ... 322-G) and the further selection register (221-3 ... 221-G; 321-1 ... 321-G) analogously to the addressing unit (222-2; 322-2) and to the selection register (221-2; 321-2), and / or that for the further selection registers (221-3, ... 221-G; 321-3, ... 321-G), in each case those at the respective pointer (ji ... jG) selected storage pos tion in the respective selection register (221; 321) is determined and added to or subtracted from the next pointer (ji ... jo), respectively, and the value of the next pointer (ji ... jG) for addressing one memory position in the next D) that a number of basic transformation rules (fi ... fA; f1i ... f1A) is specified, e) that the last pointer value (jG) of the addressing unit (222-G ; 322-G) address value (φο) of the last selection register (221-G; 321-G) is used to select the basic transformation rules (fi ... fA; f f1A); F1A), in each case the first pointer (ji) is modified according to predetermined criteria, in particular increased, reduced, incremented or decremented, and the steps a) to e) are selected from a plurality of basic transformation instructions. and g) a data value, in particular a byte to be encrypted (bi) or a byte to be decrypted (ο), and the selected transformation rule (g ,; g'1,) is applied to the data value, if appropriate, the plurality of selected basic transformation rules (fi, i ... fi, T; f "1 i, 1 ... f" 1 ϊ, τ) one behind the other, in the case of Encryption in the order of their selection or, in the case of decryption contrary to the order of their selection, to which data value is applied and the result of the application is kept available. [20] 20. Method according to claim 19, characterized in that, depending on the values present at the input (224; 324), in particular the byte to be encrypted and / or the encrypted byte and / or of random numbers (p), the value of one of the addressing units (222 322), wherein these values are linked to the value located in the respective addressing unit (222; 322), preferably the result is taken modulo A and increased by one and the value is then assigned to the respective addressing unit (222; 322) ) is assigned, where appropriate, after the presence of an external trigger signal, in particular triggered by an encryption or decryption of one or a predetermined number of bytes, the next addressing unit is changed and in the event that in the previous step, the last addressing unit (222- G; 322-G), again modifying the first addressing unit (222-1; 322-1). [21] 21. Method according to claim 19, characterized in that, depending on values (bi, c, p) present at the input (224, 324), in particular a byte (bi) to be encrypted and / or an encrypted byte (c, ) and / or random numbers (p) of one of the selection registers (221; 321) are changed, and in particular two values stored in the selection registers (221; 321) are interchanged with each other, - the index of the one value being a series of predetermined values after one preceded by a predetermined order, in particular by cyclic counting up between 1 and Z, and the index of the second value by the input (234; 334) is set values, - where appropriate, after the presence of an external trigger signal, in particular triggered by an encryption or Decrypting one byte or a given number of bytes, after each interchange or after a given number of permutations into one em selection register (221; 321) is switched to the next selection register (221; 321) and, in the event that in the previous step in the last selection register (221-G; 321-G) the predetermined number of permutations has already taken place, the first selection register ( 221-1, 321-1) for amendments. [22] 22. The method according to claim 1 to 14 and 18 to 21, characterized in that depending on the input (224; 324) applied values (bi, c ,, p), in particular a byte to be encrypted (bi) and / or an encrypted Byte (o) and / or random numbers (p) the transformation rules (g ,, gr1) or the basic transformation rules (f ,,; f ) are modified, - the transformation rules (g, f) to the transformation rules (gr1 fr1) are inverse, - after a predetermined number of changes in a transformation rule or basic transformation rule (f), to the next transformation rule or basic transformation rule (f), is changed and in the case that in the previous step, the last Transformation rule or basic transformation rule (fA) was changed, again the first transformation rule or basic transformation rule, is used for amendments. [23] 23. The method according to any one of claims 1 to 14 or 18, characterized in that the application of the transformation rules (g ,, g-1,) or basic transformation rules (f ,, f'1i) in the encryption of a byte of the raw data or the decryption of an encrypted byte according to any one of claims 19 to 23 is made. [24] 24. Encryption engine (200) for encryption of raw data, in particular for carrying out a method according to one of claims 1 to 7, comprising - a data memory (211) for receiving raw data with a number N bytes, each comprising a predetermined number of B bits, the random number generator (212) optionally generates random numbers which are used for the selection of the transformation instructions, and a transformation unit (213) which depends on an internal state (Y) predetermined by a password (W0), optionally with the aid of Random number generator (212) provides a different kind of encryption, in particular for each byte of the raw data, determines - a deterministic random number generator (212) initialized by a password (W0) which accesses an internal state (Y) when the random numbers are generated, a state memory for storing the i the state of the transformation unit (213) and of the random number generator (212), - a control unit for activating the transformation unit (213) to separately encrypt the individual bytes of the raw data in the data memory (211), - an initialization unit for setting the state memory to one of a password (Wo) dependent initial state (Yo), characterized by an updating unit, the state memory of the transformation unit (213) for a number of performed encryptions, in particular after the encryption of each byte, depending on the respective encrypted byte (b,) and the respective end result the encryption (c,) and / or dependent on generated by the random number generator random numbers (p) changes and updates, and possibly the state memory of the pseudo-random number generator (212) for a number of performed encryption, in particular after the encryption elung of each single byte, depending on the respective byte to be encrypted (b,) as well as on the respective final result of the encryption (o) and dependent on the random number generator previously created random numbers (p) changes and updates. [25] 25, a decryption engine (300) for decrypting encrypted data, in particular for performing a method according to any one of claims 8 to 14, comprising - a data memory (321) for receiving encrypted data with a number N bytes each comprising a predetermined number of B bits a transformation unit (313), which determines and executes a decryption mode as a function of an internal state (Y) specified by a password (W0), a deterministic random number generator (312) initialized by a password (W0) and used in the creation of An internal state (Y) accesses, - a state memory for storing the internal state of the transformation unit (313) and the random number generator (312), - a control unit for controlling the transformation unit (313) for the separate decryption of the individual bytes of the raw data in the data memory (311), - an initialization unit it for setting the state memory to an initial state dependent on a password (Wo), characterized by an updating unit which stores the state memory of the transformation unit (313) after a number of decryptions, in particular after the decryption of each individual byte, depending on the byte to be decrypted (c,) and of the respective final result of the decryption (bi) and / or dependent on random number generator generated random numbers (p) changes and updated, and possibly the state memory of the pseudo-random number generator (212) after a number of performed decryptions, in particular the decryption of each individual byte, depending on the byte (Ci) to be decrypted as well as on the respective final result of the decryption (b,) and dependent on random numbers (p) previously created by the random number generator, changes and updates, [26] 26. A data carrier on which a computer program for carrying out a method according to one of claims 1 to 23 is stored. [27] 27. A data carrier, on the encrypted data, generated according to one of claims 1 to 7, 18, 22 and 23 are stored.
类似技术:
公开号 | 公开日 | 专利标题 EP2605445B1|2015-09-30|Method and apparatus for securing block ciphers against template attacks DE60105788T2|2005-02-10|AES encryption circuit EP1777913B1|2009-11-25|Methodto enciphering/deciphering data packets of a data steam DE10347455B4|2010-08-26|Pseudo-random number generator for a stream cipher DE102005010779B4|2010-07-08|Key disposition device and system for encrypting / decrypting data DE2658065A1|1978-07-06|MACHINE ENCRYPTION AND DECHIFREEZE DE602004001732T2|2007-08-09|Data encryption in an electronic device with multiple symmetric processors WO2005043396A2|2005-05-12|Word-individual key generation DE102013213354A1|2014-01-16|RANDOM BATTERY GENERATOR WITH GUARANTEED MINIMUM PERIOD DE102013213316A1|2014-01-16|Random bitstream generator with improved backward commonality DE60305781T2|2007-05-16|Encrypting the content of a memory located outside of a processor EP0012974A1|1980-07-09|Method for enciphering data blocks of a given length EP2446580B1|2014-05-21|Apparatus and method for forming a signature EP3552344B1|2021-07-21|Bidirectionally linked blockchain structure DE60027163T2|2007-03-29|OPPOSITION METHOD IN AN ELECTRONIC COMPONENT WITH A CRYPTOSYSTEM WITH A PRIVATE KEY DE102004010666B4|2006-02-02|Key bit stream generation AT515097B1|2015-06-15|Encryption method and pseudo-random number generator EP1887458A1|2008-02-13|Pseudo random number generator for a smartcard DE69928684T2|2006-08-24|COUNTER-MEASURING APPARATUS IN AN ELECTRONIC COMPONENT TO LEAD A CRYPTIC ALGORITHM WITH SECRET KEY EP2807788A2|2014-12-03|Method for writing and reading data DE69934707T2|2007-10-11|COUNTER-MEASUREMENT DEVICE IN AN ELECTRONIC COMPONENT TO CARRY OUT A CYCLO ALGORITHM WITH SECRETARY KEY DE102009029749A1|2010-12-23|System for generating arbitrarily long randomized bit lists on computers in normal operation DE10162991A1|2003-07-17|Process for computer-aided encryption and decryption of data DE102015201430A1|2016-07-28|Intrinsic authentication of program code DE102005044885B4|2008-03-27|A method and arrangement for providing a constant rate key stream
同族专利:
公开号 | 公开日 EP3174239B1|2018-08-22| EP3127272A2|2017-02-08| EP3127272B1|2020-04-29| WO2015149099A3|2016-01-14| EP3174239A1|2017-05-31| AT515097B1|2015-06-15| WO2015149099A2|2015-10-08|
引用文献:
公开号 | 申请日 | 公开日 | 申请人 | 专利标题 US20080112560A1|2006-11-13|2008-05-15|Bon Seok Koo|Arithmetic method and apparatus for supporting aes and aria encryption/decryption functions| US20100054461A1|2008-09-02|2010-03-04|Apple Inc.|Systems and methods for implementing block cipher algorithms on attacker-controlled systems|DE102016012191A1|2016-10-12|2018-04-12|Uwe Zühlke|Method for increasing the protection of password-protected computers and computer systems against hacker attacks|DE19736954A1|1997-08-25|1999-08-19|Siemens Ag|Computer-aided number sequence mixing method| US6259789B1|1997-12-12|2001-07-10|Safecourier Software, Inc.|Computer implemented secret object key block cipher encryption and digital signature device and method| US20060039558A1|2002-10-07|2006-02-23|Masakatu Morii|Pseudo-random number generation method and pseudo-random number generator| CN101019367A|2004-09-14|2007-08-15|P·普拉拉德·辛加纳马拉|Method and system for computational transformation| US8509427B2|2005-08-01|2013-08-13|Eric Myron Smith|Hybrid mode cryptographic method and system with message authentication| EP1901477A1|2006-09-13|2008-03-19|Astrium Limited|Random number generation|
法律状态:
2018-09-15| PC| Change of the owner|Owner name: IRIS-ANNA HOEDL, AT Effective date: 20180724 Owner name: MAXIMILIAN HOEDL, AT Effective date: 20180724 |
优先权:
[返回顶部]
申请号 | 申请日 | 专利标题 ATA50236/2014A|AT515097B1|2014-03-31|2014-03-31|Encryption method and pseudo-random number generator|ATA50236/2014A| AT515097B1|2014-03-31|2014-03-31|Encryption method and pseudo-random number generator| EP15727535.5A| EP3127272B1|2014-03-31|2015-03-30|Encryption method and pseudo-random number generator| EP16202664.5A| EP3174239B1|2014-03-31|2015-03-30|Encryption method and pseudo-random number generator| PCT/AT2015/050082| WO2015149099A2|2014-03-31|2015-03-30|Encryption method and pseudo-random number generator| 相关专利
Sulfonates, polymers, resist compositions and patterning process
Washing machine
Washing machine
Device for fixture finishing and tension adjusting of membrane
Structure for Equipping Band in a Plane Cathode Ray Tube
Process for preparation of 7 alpha-carboxyl 9, 11-epoxy steroids and intermediates useful therein an
国家/地区
|