A New Block Cipher Based on Chaotic Tent Maps

数字示波器外文翻译文献(文档含中英文对照即英文原文和中文翻译)原文:Design and FPGA implementation of a wireless hyperchaotic communication system for secure real-time image transmission AbstractIn this paper, we propose and demonstrate experimentally a new wireless digital encryption hyperchaotic communication system based on radio frequency (RF) communication protocols for secure real-time data or image transmission. A reconfigurable hardware architecture is developed to ensure the interconnection between two field programmable gate array developmentplatforms through XBee RF modules. To ensure the synchronization and encryption of data between the transmitter and the receiver, a feedback masking hyperchaotic synchronization technique based on a dynamic feedback modulation has been implemented to digitally synchronize the encrypter hyperchaotic systems. The obtained experimental results show the relevance of the idea of combining XBee (Zigbee or Wireless Fidelity) protocol, known for its high noise immunity, to secure hyperchaotic communications. In fact, we have recovered the information data or image correctly after real-time encrypted data or image transmission tests at a maximum distance (indoor range) of more than 30 m and with maximum digital modulation rate of 625,000 baud allowing a wireless encrypted video transmission rate of 25 images per second with a spatial resolution of 128 ×128 pixels. The obtained performance of the communication system is suitable for secure data or image transmissions in wireless sensor networks.IntroductionOver the past decades, the confidentiality of multimedia communications such as audio, images, and video has become increasingly important since communications of digital products over the network (wired/wireless) occur more frequently. Therefore, the need for secure data and transmission is increasing dramatically and defined by the required levels of security depending on the purpose of communication. To meet these requirements, a wide variety of cryptographic algorithms have been proposed. In this context, the main challenge of stream cipher cryptography relates to the generation of long unpredictable key sequences. More precisely, the sequence has to be random, its period must be large, and the various patterns of a given length must be uniformly distributed over the sequence. Traditional ciphers like DES, 3DES, IDEA, RSA, or AES are less efficient for real-time secure multimedia data encryption systems and exhibit some drawbacks and weakness in the high streamdata encryption. Indeed, the increase and availability of a high-power computation machine allow a force brute attack against these ciphers. Moreover, for some applications which require a high-levelcomputation and where a large computational time and high computing power are needed (for example, encryption of large digital images), these cryptosystems suffer from low-level efficiency. Consequently, these encryption schemes are not suitable for many high-speed applications due to their slow speed in real-time processing and some other issues such as in the handling of various data formatting. Over the recent years, considerable researches have been taken to develop new chaotic or hyperchaotic systems and for their promising applications in real-time encryption and communication. In fact, it has been shown that chaotic systems are good candidates for designing cryptosystems with desired properties. The most prominent is sensitivity dependence on initial conditions and system parameters, and unpredictable trajectories.Furthermore, chaos-based and other dynamical systembased algorithms have many important properties such as the pseudorandom properties, ergodicity and nonperiodicity. These properties meet some requirements such as sensitivity to keys, diffusion, and mixing in the cryptographic context. Therefore, chaotic dynamics is expected to provide a fast and easy way for building superior performance cryptosystems, and the properties of chaotic maps such as sensitivity to initial conditions and random-like behavior have attracted the attention to develop data encryption algorithms suitable for secure multimedia communications. Until recently, chaotic communication has been a subject of major interest in the field of wireless communications. Many techniques based on chaos have been proposed such as additive chaos masking (ACM), where the analog message signal is added to the output of the chaos generator within the transmitter. In, chaos shift keying is used where the binary message signal selects the carrier signal from two or more different chaotic attractors. Authors use chaotic modulation where the message information modulates a parameter of the chaotic generator. Chaos control methods rely on the fact that small perturbations cause the symbolic dynamics of a chaotic system to track a prescribed symbol sequence. In, the receiver system is designed in an inverse manner to ensure the recovery of theencryption signal. An impulsive synchronization scheme is employed to synchronize chaotic transmitters and receivers. However, all of these techniques do not provide a real and practical solution to the challenging issue of chaotic communication which is based on extreme sensitivity of chaotic synchronization to both the additive channel noise and parameter mismatches. Precisely, since chaos is sensitive to small variations of its initial conditions and parameters, it is very difficult to synchronize two chaotic systems in a communication scheme. Some proposed synchronization techniques have improved the robustness to parameter mismatches as reported in, where impulsive chaotic synchronization and an open-loop-closed-loopbased coupling scheme are proposed, respectively. Other authors proposed to improve the robustness of chaotic synchronization to channel noise, where a coupled lattice instead of coupled single maps is used to decrease the master-slave synchronization error. In, symbolic dynamics-based noise reduction and coding are proposed. Some research into equalization algorithms for chaotic communication systems are also proposed. For other related results in the literature, see. However, none of them were tested through a real channel under real transmission conditions. Digital synchronization can overcome the failed attempts to realize experimentally a performed chaotic communication system. In particular, when techniques exhibit any difference between the master/transmitter and slave/receiver systems, it is due to additive information or noise channel (disturbed chaotic dynamics) which breaks the symmetry between the two systems, leading to an accurate non-recovery of the transmitted information signal at the receiver. In, an original solution to the hard problem of chaotic synchronization high sensibility to channel noise has been proposed. This solution, based on a controlled digital regenerated chaotic signal at the receiver, has been tested and validated experimentally in a real channel noise environment through a realized wireless digital chaotic communication system based on zonal intercommunication global-standard, where battery life was long, which was economical to deploy and which exhibited efficient use of resources, knownas the ZigBee protocol. However, this synchronization technique becomes sensible to high channel noise from a higher transmission rate of 115 kbps, limiting the use of the ZigBee and Wireless Fidelity (Wi-Fi) protocols which permit wireless transmissions up to 250 kbps and 65 Mbps, respectively.Consequently, no reliable commercial chaos-based communication system is used to date to the best of our knowledge. Therefore, there are still plentiful issues to be resolved before chaos-based systems can be put into practical use. To overcome these drawbacks, we propose in this paper a digital feedback hyperchaotic synchronization and suggest the use of advanced wireless communication technologies, characterized by high noise immunity, to exploit digital hyperchaotic modulation advantages for robust secure data transmissions. In this context, as results of the rapid growth of communication technologies, in terms of reliability and resistance to channel noise, an interesting communication protocol for wireless personal area networks (WPANs, i.e., ZigBee or ZigBee Pro Low-Rate-WPAN protocols) and wireless local area network (WLAN, i.e., Wi-Fi protocol WLAN) is developed. These protocols are identified by the IEEE 802.15.4 and IEEE 802.11 standards and known under the name ZigBee and Wi-Fi communication protocols, respectively. These protocols are designed to communicate data through hostile Radio Frequency (RF) environments and to provide an easy-to-use wireless data solution characterized by secure, low-power, and reliable wireless network architectures. These properties are very attractive for resolving the problems of chaotic communications especially the high noise immunity property. Hence, our idea is to associate chaotic communication with theWLAN or WPAN communication protocols. However, this association needs a numerical generation of the chaotic behavior since the XBee protocol is based on digital communications.In the hardware area, advanced modern digital signal processing devices, such as field programmable gate array (FPGA), have been widely used to generate numerically the chaotic dynamics or the encryption keys. The advantage of these techniques is that the parameter mismatch problem does not existcontrary to the analog techniques. In addition, they offer a large possible integration of chaotic systems in the most recent digital communication technologies such as the ZigBee communication protocol. In this paper, a wireless hyperchaotic communication system based on dynamic feedback modulation and RF XBee protocols is investigated and realized experimentally. The transmitter and the receiver are implemented separately on two Xilinx Virtex-II Pro circuits and connected with the XBee RF module based on the Wi-Fi or ZigBee protocols. To ensure and maintain this connection, we have developed a VHSIC (very high speed integrated circuit) hardware description language (VHDL)-based hardware architecture to adapt the implemented hyperchaotic generators, at the transmitter and receiver, to the XBee communication protocol. Note that the XBee modules interface to a host device through a logic-level asynchronous serial port. Through its serial port, the module can communicate with any logic and voltage-compatible Universal Asynchronous Receiver/Transmitter (UART). The used hyperchaotic generator is the well-known and the most investigated hyperchaotic Lorenz system. This hyperchaotic key generator is implemented on FPGA technology using an extension of the technique developed in for three-dimensional (3D) chaotic systems. This technique is optimal since it uses directly VHDL description of a numerical resolution method of continuous chaotic system models. A number of transmission tests are carried out for different distances between the transmitter and receiver. The real-time results obtained validate the proposed hardware architecture. Furthermore, it demonstrates the efficiency of the proposed solution consisting on the association of wireless protocols to hyperchaotic modulation in order to build a reliable digital encrypted data or image hyperchaotic communication system.Hyperchaotic synchronization and encryption techniqueContrary to a trigger-based slave/receiver chaotic synchronization by the transmitted chaotic masking signal, which limits the performance of the rate synchronization transmission, we propose a digital feedback hyperchaoticsynchronization (FHS). More precisely, we investigate a new scheme for the secured transmission of information based on master-slave synchronization of hyperchaotic systems, using unknown input observers. The proposed digital communication system is based on the FHS through a dynamic feedback modulation (DFM) technique between two Lorenz hyperchaotic generators. This technique is an extension and improvement of the one developed in for synchronizing two 3D continuous chaotic systems in the case of a wired connection.The proposed digital feedback communication scheme synchronizes the master/transmitter and the slave/receiver by the injection of the transmitted masking signal in the hyperchaotic dynamics of the slave/receiver. The basic idea of the FHS is to transmit a hyperchaotic drive signal S(t) after additive masking with a hyperchaotic signal x(t) of the master (transmitter) system (x , y , z ,w ). Hyperchaotic drive signal is then injected both in the three subsystems (y , z ,w ) and (r r r w z y ,,). The subscript r represents the slave or receiver system (r r r r w z y x ,,,). At the receiver, the slave system regenerates the chaotic signal )(t x r and a synchronization is obtained between two trajectories x(t) and )(t x r if()()0||lim =-∞→t X t X r t (1) This technique can be applied to chaotic modulation. In our case, it is used for generating hyperchaotic keys for stream cipher communications, where the synchronization between the encrypter and the decrypter is very important. Therefore, at the transmitter, the transmitted signal after the additive hyperchaos masking (digital modulation) isS(t) = x(t) + d(t). (2)where d(t) is the information signal and x(t) is the hyperchaotic carrier. At the receiver, after synchronization of the regenerated hyperchaotic signal )(t x rwith the received signal )(t S r and the demodulation operation, we can recover the information signal d(t) correctly as follows:)()()(t x t S t d r r -=. (3)Therefore, the slave/receiver will generate a hyperchaotic behavior identical to that of the master/transmitter allowing to recover correctly the information signal after the demodulation operation. The advantageof this technique is that the information signal d(t) doesnot perturb the hyperchaotic generator dynamics, contraryto the ACM-based techniques of and, because d(t) is injected at both the master/transmitter and slave/receiver after the additive hyperchaotic masking. Thus, for small values of information magnitude, the information will be recovered correctly. It should be noted that we have already confirmed this advantage by testing experimentally the HS-DFM technique performances for synchronizing hyperchaotic systems (four-dimensional (4D) continuous chaotic systems) in the case of wired connection between two Virtex-II Pro development platforms. After many experimental tests and from the obtained real-time results, we concluded that the HS-DFM is very suitable for wired digital chaotic communication systems. However, in the present work, one of the objectives is to test and study the performances of the HS-DFM technique in the presence of channel noise through real-time wireless communication tests. To performthe proposed approach, a digital implementation of the master and slave hyperchaotic systems is required. Therefore, we investigate the hardware implementation of the proposed FHS-DFM technique between two Lorenz hyperchaotic generators using FPGA. To achieve this objective, we propose the following details of the proposed architecture.译文:无线超混沌通信系统安全的实时图像传输的设计和FPGA实现摘要在本文中，我们提出并论证了一种基于无线电频率通信协议对数据或图像安全实时传输的新的无线数字超混沌加密通信系统。

一种基于混沌映射的快速图像加密算法优化乔建平;邓联文;贺君;廖聪维【摘要】为了解决现有图像加密算法存在随图像尺寸变大导致加密时间迅速增加的问题,采用基于logistic和Arnold映射的改进加密算法实现了快速图像加密算法的优化.该算法基于两种混沌映射对原文图像进行像素置乱和灰度值替代,像素置乱是按图像大小选择以H个相邻像素为单位进行,通过适当调整H的取值实现加密时间优化;灰度值替代是利用Arnold映射产生混沌序列对置乱图像进行操作而得到密文图像.结果表明,对于256×256的Lena标准图像,加密时间降低到0.0817s.该算法具有密钥空间大和加密速度快等优点,能有效抵抗穷举、统计和差分等方式的攻击.%In order to solve the rapid increase of the encryption time because of the increasing image size in the existing image encryption algorithm , the optimized encryption algorithm based on logistic and Arnold mapping was used to achieve the optimization of the fast image encryption algorithm.The algorithm was based on two kinds of chaotic maps to the original image , pixel scrambling and gray value substitution.Pixel scrambling was to select the H adjacent pixels according to the image size , appropriately adjust the H value and realize the encryption time optimization.Gray value substitution is to generate chaotic sequences by Arnold mapping , operate the scrambling image and get the cipher image.The results show that , for 256 ×256 Lena standard images, the encryption time is reduced to 0.0817s.The algorithm has advantages of large key space and fast encryption speed, and can effectively resist the attack of exhaustive , statistical, and differential means.【期刊名称】《激光技术》【年(卷),期】2017(041)006【总页数】7页(P897-903)【关键词】图像处理;图像加密;混沌映射;Lena图像【作者】乔建平;邓联文;贺君;廖聪维【作者单位】中南大学物理与电子学院超微结构与超快过程湖南省重点实验室,长沙410083;中南大学物理与电子学院超微结构与超快过程湖南省重点实验室,长沙410083;中南大学物理与电子学院超微结构与超快过程湖南省重点实验室,长沙410083;中南大学物理与电子学院超微结构与超快过程湖南省重点实验室,长沙410083【正文语种】中文【中图分类】TP309.7近年来，随着互联网、多媒体以及通信技术的快速发展和普及，信息的安全传输显得尤为重要。

Blockchain technology has been making waves in the financial industry, revolutionizing the way transactions are conducted and how data is stored and managed. This disruptive technology has the potential to transform various aspects of the financial sector, including banking, payments, securities trading, and more. Here are some of the key ways in which blockchain is influencing thefinancial industry:1.Enhanced Security: Blockchain's decentralized and immutablenature makes it inherently secure. By distributing data across a network of nodes and utilizing cryptographic techniques,blockchain ensures that transactions are tamper-proof andresistant to fraud. This increased security is particularlyvaluable in financial applications where data integrity andtrust are critical.2.Streamlined Transactions: Blockchain technology has thepotential to simplify and expedite the process of conductingfinancial transactions. Smart contracts, which are self-executing contracts with the terms of the agreement directlywritten into code, can automate and streamline various financial processes, reducing the need for intermediaries and manualintervention.3.Improved Transparency: The transparent and auditable nature ofblockchain enables greater transparency in financialtransactions. All parties involved in a transaction can havereal-time access to a shared ledger, reducing the potential for disputes and increasing trust among participants.4.Cost Savings: By eliminating intermediaries and automatingprocesses, blockchain can lead to significant cost savings for financial institutions. This can be particularly beneficial in cross-border payments, where traditional processes can be slow and expensive.5.Financial Inclusion: Blockchain technology has the potential toexpand access to financial services for underserved populations.Through decentralized finance (DeFi) applications, individuals can access a range of financial services, such as lending,borrowing, and trading, without the need for traditionalfinancial intermediaries.6.Regulatory Implications: The adoption of blockchain technologyin the financial industry has regulatory implications.Regulators are grappling with how to oversee and regulateblockchain-based financial activities, balancing the need toprotect consumers and maintain market integrity with the desire to foster innovation.Overall, blockchain technology is poised to have a profound impact on the financial industry, reshaping processes, increasing security,continues to mature and gain adoption, its influence on the financial sector is likely to grow even further.。

高二英语区块链技术单选题50题1. The ______ of blockchain technology has brought significant changes to the financial industry.A. introductionB. productionC. conclusionD. decision答案：A。

本题考查名词的词义辨析。

“introduction”意为“引入，引进”；“production”意为“生产”；“conclusion”意为“结论”；“decision”意为“决定”。

区块链技术是被引入到金融行业，带来了重大变化，所以选择A 选项。

2. The company is trying to ______ a new blockchain-based system to improve its business processes.A. developB. destroyC. deliverD. decline答案：A。

本题考查动词的词义辨析。

“develop”意为“开发，发展”；“destroy”意为“破坏”；“deliver”意为“交付，投递”；“decline”意为“下降，拒绝”。

公司是要开发新的基于区块链的系统来改进业务流程，所以选A 选项。

3. The blockchain technology is highly ______ and secure.A. efficientB. expensiveC. exhaustedD. extensive答案：A。

本题考查形容词的词义辨析。

“efficient”意为“高效的”；“expensive”意为“昂贵的”；“exhausted”意为“精疲力竭的”；“extensive”意为“广泛的”。

区块链技术是高效且安全的，所以选A 选项。

4. We need to ______ the advantages of blockchain technology to solve this problem.A. utilizeB. uniteC. updateD. upset答案：A。

Block cipher mode of operation (2)History and standardization (3)Initialization vector (IV) (3)Padding (4)Common modes (4)Electronic codebook (ECB) (5)Cipher-block chaining (CBC) (7)Propagating cipher-block chaining (PCBC) (8)Cipher feedback (CFB) (9)Output feedback (OFB) (11)Counter (CTR) (12)Error propagation (14)Authenticated encryption (14)Other modes and other cryptographic primitives (15)References (15)Block cipher mode of operationAuthor:windwalkE_mail:windwalk@This article is about cryptography. For "method of operating", see modus operandi.In cryptography, a mode of operation is an algorithm that uses a block cipher to provide an information service such as confidentiality or authenticity.[1] A block cipher by itself is only suitable for the secure cryptographic transformation (encryption or decryption) of one fixed-length group of bits called a block.[2] A mode of operation describes how to repeatedly apply a cipher's single-block operation to securely transform amounts of data larger than a block.[3][4][5]Most modes require a unique binary sequence, often called an initialization vector (IV), for each encryption operation. The IV has to be non-repeating and for some modes random as well. The initialization vector is used to ensure distinct ciphertexts are produced even when the same plaintext is encrypted multiple times independently with the same key.[6] Block ciphers have one or more block size(s), but during transformation the block size is always fixed. Block cipher modes operate on whole blocks and require that the last part of the data be padded to a full block if it is smaller than the current block size.[2] There are, however, modes that do not require padding because they effectively use a block cipher as a stream cipher.Historically, encryption modes have been studied extensively in regard to their error propagation properties under various scenarios of data modification. Later development regarded integrity protection as an entirely separate cryptographic goal. Some modern modes of operation combine confidentiality and authenticity in an efficient way, and are known as authenticated encryption modes.[7]Contents1 History and standardization2 Initialization vector (IV)3 Padding4 Common modes4.1 Electronic codebook (ECB)4.2 Cipher-block chaining (CBC)4.3 Propagating cipher-block chaining (PCBC)4.4 Cipher feedback (CFB)4.5 Output feedback (OFB)4.6 Counter (CTR)5 Error propagation6 Authenticated encryption7 Other modes and other cryptographic primitives8 ReferencesHistory and standardizationThe earliest modes of operation, ECB, CBC, OFB, and CFB (see below for all), date back to 1981 and were specified in FIPS 81, DES Modes of Operation. In 2001, NIST revised its list of approved modes of operation by including AES as a block cipher and adding CTR mode in SP800-38A, Recommendation for Block Cipher Modes of Operation. Finally, in January, 2010, NIST added XTS-AES in SP800-38E, Recommendation for Block Cipher Modes of Operation: The XTS-AES Mode for Confidentiality on Storage Devices. Other confidentiality modes exist which have not been approved by NIST. For example, CTS is ciphertext stealing mode and available in many popular cryptographic libraries.The block cipher modes ECB, CBC, OFB, CFB, CTR, and XTS provide confidentiality, but they do not protect against accidental modification or malicious tampering. Modification or tampering can be detected with a separate message authentication code such as CBC-MAC, or a digital signature. The cryptographic community recognized the need for dedicated integrity assurances and NIST responded with HMAC, CMAC, and GMAC. HMAC was approved in 2002 as FIPS 198, The Keyed-Hash Message Authentication Code (HMAC), CMAC was released in 2005 under SP800-38B, Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication, and GMAC was formalized in 2007 under SP800-38D, Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC.After observing that compositing a confidentiality mode with an authenticity mode could be difficult and error prone, the cryptographic community began to supply modes which combined confidentiality and data integrity into a single cryptographic primitive. The modes are referred to as authenticated encryption, AE or "authenc". Examples of authenc modes are CCM (SP800-38C), GCM (SP800-38D), CWC, EAX, IAPM, and OCB.Modes of operation are nowadays defined by a number of national and internationally recognized standards bodies. Notable standards organizations include NIST, ISO (with ISO/IEC 10116[5]), the IEC, the IEEE, the national ANSI, and the IETF.Initialization vector (IV)Main article: Initialization vectorAn initialization vector (IV) or starting variable (SV)[5] is a block of bits that is used by several modes to randomize the encryption and hence to produce distinct ciphertexts even if the same plaintext is encrypted multiple times, without the need for a slower re-keying process.[6]An initialization vector has different security requirements than a key, so the IV usually does notneed to be secret. However, in most cases, it is important that an initialization vector is never reused under the same key. For CBC and CFB, reusing an IV leaks some information about the first block of plaintext, and about any common prefix shared by the two messages. For OFB and CTR, reusing an IV completely destroys security.[6] This can be seen because both modes effectively create a bitstream that is XORed with the plaintext, and this bitstream is dependent on the password and IV only. Reusing a bitstream destroys security.[8] In CBC mode, the IV must, in addition, be unpredictable at encryption time; in particular, the (previously) common practice of re-using the last ciphertext block of a message as the IV for the next message is insecure (for example, this method was used by SSL 2.0). If an attacker knows the IV (or the previous block of ciphertext) before he specifies the next plaintext, he can check his guess about plaintext of some block that was encrypted with the same key before (this is known as the TLS CBC IV attack).[9]PaddingMain article: Padding (cryptography)A block cipher works on units of a fixed size (known as a block size), but messages come in a variety of lengths. So some modes (namely ECB and CBC) require that the final block be padded before encryption. Several padding schemes exist. The simplest is to add null bytes to the plaintext to bring its length up to a multiple of the block size, but care must be taken that the original length of the plaintext can be recovered; this is so, for example, if the plaintext is aC style string which contains no null bytes except at the end. Slightly more complex is the original DES method, which is to add a single one bit, followed by enough zero bits to fill out the block; if the message ends on a block boundary, a whole padding block will be added. Most sophisticated are CBC-specific schemes such as ciphertext stealing or residual block termination, which do not cause any extra ciphertext, at the expense of some additional complexity. Schneier and Ferguson suggest two possibilities, both simple: append a byte with value 128 (hex 80), followed by as many zero bytes as needed to fill the last block, or pad the last block with n bytes all with value n.CFB, OFB and CTR modes do not require any special measures to handle messages whose lengths are not multiples of the block size, since the modes work by XORing the plaintext with the output of the block cipher. The last partial block of plaintext is XORed with the first few bytes of the last keystream block, producing a final ciphertext block that is the same size as the final partial plaintext block. This characteristic of stream ciphers makes them suitable for applications that require the encrypted ciphertext data to be the same size as the original plaintext data, and for applications that transmit data in streaming form where it is inconvenient to add padding bytes.Common modesMany modes of operation have been defined. Some of these are described below.Electronic codebook (ECB)ECBElectronic codebookEncryption parallelizable: YesDecryption parallelizable: YesThe simplest of the encryption modes is the electronic codebook (ECB) mode. The message is divided into blocks, and each block is encrypted separately.The disadvantage of this method is that identical plaintext blocks are encrypted into identical ciphertext blocks; thus, it does not hide data patterns well. In some senses, it doesn't provide serious message confidentiality, and it is not recommended for use in cryptographic protocols at all.A striking example of the degree to which ECB can leave plaintext data patterns in the ciphertext can be seen when ECB mode is used to encrypt a bitmap image which uses large areas of uniform colour. While the colour of each individual pixel is encrypted, the overall image may still be discerned as the pattern of identically coloured pixels in the original remains in the encrypted version.Original imageEncrypted using ECB modeModes other than ECB result in pseudo-randomnessThe image on the right is how the image might appear encrypted with CBC, CTR or any of the other more secure modes—indistinguishable from random noise. Note that the random appearance of the image on the right does not ensure that the image has been securely encrypted; many kinds of insecure encryption have been developed which would produce output just as "random-looking".ECB mode can also make protocols without integrity protection even more susceptible to replay attacks, since each block gets decrypted in exactly the same way.Cipher-block chaining (CBC)CBCCipher-block chainingEncryption parallelizable: NoDecryption parallelizable: YesIBM invented the cipher-block chaining (CBC) mode of operation in 1976.[10] In CBC mode, each block of plaintext is XORed with the previous ciphertext block before being encrypted. This way, each ciphertext block depends on all plaintext blocks processed up to that point. To make each message unique, an initialization vector must be used in the first block.If the first block has index 1, the mathematical formula for CBC encryption iswhile the mathematical formula for CBC decryption isCBC has been the most commonly used mode of operation. Its main drawbacks are thatencryption is sequential (i.e., it cannot be parallelized), and that the message must be padded to a multiple of the cipher block size. One way to handle this last issue is through the method known as ciphertext stealing. Note that a one-bit change in a plaintext or IV affects all following ciphertext blocks.Decrypting with the incorrect IV causes the first block of plaintext to be corrupt but subsequent plaintext blocks will be correct. This is because a plaintext block can be recovered from two adjacent blocks of ciphertext. As a consequence, decryption can be parallelized. Note that a one-bit change to the ciphertext causes complete corruption of the corresponding block of plaintext, and inverts the corresponding bit in the following block of plaintext, but the rest of the blocks remain intact.Propagating cipher-block chaining (PCBC)PCBCPropagating cipher-block chainingEncryption parallelizable: NoDecryption parallelizable: NoThe propagating cipher-block chaining[11] or plaintext cipher-block chaining[12] mode was designed to cause small changes in the ciphertext to propagate indefinitely when decrypting, as well as when encrypting.Encryption and decryption algorithms are as follows:PCBC is used in Kerberos v4 and WASTE, most notably, but otherwise is not common. On a message encrypted in PCBC mode, if two adjacent ciphertext blocks are exchanged, this does not affect the decryption of subsequent blocks.[13] For this reason, PCBC is not used in Kerberos v5.Cipher feedback (CFB)CFBCipher feedbackEncryption parallelizable: NoDecryption parallelizable: YesThe cipher feedback (CFB) mode, a close relative of CBC, makes a block cipher into a self-synchronizing stream cipher. Operation is very similar; in particular, CFB decryption is almost identical to CBC encryption performed in reverse:This simplest way of using CFB described above is not any more self-synchronizing than other cipher modes like CBC. If a whole blocksize of ciphertext is lost both CBC and CFB will synchronize, but losing only a single byte or bit will permanently throw off decryption. To be able to synchronize after the loss of only a single byte or bit, a single byte or bit must be encrypted at a time. CFB can be used this way when combined with a shift register as the input for the block cipher.To use CFB to make a self-synchronizing stream cipher that will synchronize for any multiple of x bits lost, start by initializing a shift register the size of the block size with the initialization vector. This is encrypted with the block cipher, and the highest x bits of the result are XOR'ed with x bits of the plaintext to produce x bits of ciphertext. These x bits of output are shifted into the shift register, and the process repeats with the next x bits of plaintext. Decryption is similar, start with the initialization vector, encrypt, and XOR the high bits of the result with x bits of the ciphertext to produce x bits of plaintext. Then shift the x bits of the ciphertext into the shift register. This way of proceeding is known as CFB-8 or CFB-1 (according to the size of the shifting).[14]In notation, where Si is the ith state of the shift register, a << x is a shifted up x bits, head(a, x) is the x highest bits of a and n is number of bits of IV:If x bits are lost from the ciphertext, the cipher will output incorrect plaintext until the shift register once again equals a state it held while encrypting, at which point the cipher has resynchronized. This will result in at most one blocksize of output being garbled.Like CBC mode, changes in the plaintext propagate forever in the ciphertext, and encryption cannot be parallelized. Also like CBC, decryption can be parallelized. When decrypting, a one-bit change in the ciphertext affects two plaintext blocks: a one-bit change in the corresponding plaintext block, and complete corruption of the following plaintext block. Later plaintext blocks are decrypted normally.CFB shares two advantages over CBC mode with the stream cipher modes OFB and CTR: the block cipher is only ever used in the encrypting direction, and the message does not need to be padded to a multiple of the cipher block size (though ciphertext stealing can also be used to make padding unnecessary).Output feedback (OFB)OFBOutput feedbackEncryption parallelizable: NoDecryption parallelizable: NoThe output feedback (OFB) mode makes a block cipher into a synchronous stream cipher. It generates keystream blocks, which are then XORed with the plaintext blocks to get the ciphertext. Just as with other stream ciphers, flipping a bit in the ciphertext produces a flipped bit in the plaintext at the same location. This property allows many error correcting codes to function normally even when applied before encryption.Because of the symmetry of the XOR operation, encryption and decryption are exactly the same:Each output feedback block cipher operation depends on all previous ones, and so cannot be performed in parallel. However, because the plaintext or ciphertext is only used for the final XOR, the block cipher operations may be performed in advance, allowing the final step to be performed in parallel once the plaintext or ciphertext is available.It is possible to obtain an OFB mode keystream by using CBC mode with a constant string of zeroes as input. This can be useful, because it allows the usage of fast hardware implementations of CBC mode for OFB mode encryption.Using OFB mode with a partial block as feedback like CFB mode reduces the average cyclelength by a factor of or more. A mathematical model proposed by Davies and Parkin andsubstantiated by experimental results showed that only with full feedback an average cycle length near to the obtainable maximum can be achieved. For this reason, support for truncated feedback was removed from the specification of OFB.[15][16]Counter (CTR)CTRCounterEncryption parallelizable: YesDecryption parallelizable: YesNote: CTR mode (CM) is also known asinteger counter mode (ICM) and segmented integer counter (SIC) modeLike OFB, counter mode turns a block cipher into a stream cipher. It generates the next keystream block by encrypting successive values of a "counter". The counter can be any function which produces a sequence which is guaranteed not to repeat for a long time, although an actual increment-by-one counter is the simplest and most popular. The usage of a simple deterministic input function used to be controversial; critics argued that "deliberately exposing a cryptosystem to a known systematic input represents an unnecessary risk."[17] By now, CTR mode is widely accepted, and problems resulting from the input function are recognized as a weakness of the underlying block cipher instead of the CTR mode.[18] Along with CBC, CTR mode is one of two block cipher modes recommended by Niels Ferguson and Bruce Schneier.[19]CTR mode has similar characteristics to OFB, but also allows a random access property during decryption. CTR mode is well suited to operate on a multi-processor machine where blocks can be encrypted in parallel. Furthermore, it does not suffer from the short-cycle problem that can affect OFB.[20]Note that the nonce in this diagram is the same thing as the initialization vector (IV) in the other diagrams. The IV/nonce and the counter can be combined together using any lossless operation (concatenation, addition, or XOR) to produce the actual unique counter block for encryption.Error propagationBefore the widespread use of message authentication codes and authenticated encryption, it was common to discuss the "error propagation" properties as a selection criterion for a mode of operation. It might be observed, for example, that a one-block error in the transmitted ciphertext would result in a one-block error in the reconstructed plaintext for ECB mode encryption, while in CBC mode such an error would affect two blocks.Some felt that such resilience was desirable in the face of random errors (e.g., line noise), while others argued that error correcting increased the scope for attackers to maliciously tamper with a message.However, when proper integrity protection is used, such an error will result (with high probability) in the entire message being rejected. If resistance to random error is desirable, error-correcting codes should be applied to the ciphertext before transmission.Authenticated encryptionMain article: Authenticated encryptionA number of modes of operation have been designed to combine secrecy and authentication in a single cryptographic primitive. Examples of such modes are XCBC,[21] IACBC, IAPM,[22] OCB, EAX, CWC, CCM, and GCM. Authenticated encryption modes are classified as single pass modes or double pass modes. Unfortunately for the cryptographic user community, many of the single pass authenticated encryption algorithms (such as OCB mode) are patent encumbered.In addition, some modes also allow for the authentication of unencrypted associated data, and these are called AEAD (Authenticated-Encryption with Associated-Data) schemes. For example, EAX mode is a double pass AEAD scheme while OCB mode is single pass.Other modes and other cryptographic primitivesMany more modes of operation for block ciphers have been suggested. Some have been accepted, fully described (even standardized), and are in use. Others have been found insecure, and should never be used. Still others don't categorize as confidentiality, authenticity, or authenticated encryption - for example key feedback mode and Davies-Meyer hashing.NIST maintains a list of proposed modes for block ciphers at Modes Development.[14][23]Disk encryption often uses special purpose modes specifically designed for the application. Tweakable narrow-block encryption modes (LRW, XEX, and XTS) and wide-block encryption modes (CMC and EME) are designed to securely encrypt sectors of a disk. (See disk encryption theory)Block ciphers can also be used in other cryptographic protocols. They are generally used in modes of operation similar to the block modes described here. As with all protocols, to be cryptographically secure, care must be taken to build them correctly.There are several schemes which use a block cipher to build a cryptographic hash function. See one-way compression function for descriptions of several such methods.Cryptographically secure pseudorandom number generators (CSPRNGs) can also be built using block ciphers.Message authentication codes (MACs) are often built from block ciphers. CBC-MAC, OMAC and PMAC are examples.References^NIST Computer Security Division's (CSD) Security Technology Group (STG) (2013). "Block cipher modes". Cryptographic Toolkit. NIST. Retrieved April 12, 2013.^ a bCryptography Engineering: Design Principles and Practical Applications. Ferguson, N., Schneier, B. and Kohno, T. Indianapolis: Wiley Publishing, Inc. 2010. pp. 63, 64. ISBN 978-0-470-47424-2.^NIST Computer Security Division's (CSD) Security Technology Group (STG) (2013). "Proposed modes". Cryptographic Toolkit. NIST. Retrieved April 14, 2013.^Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone (1996). Handbook of Applied Cryptography. CRC Press. pp. 228–233. ISBN 0-8493-8523-7.^ a b cISO JTC 1/SC 27 (2006). "ISO/IEC 10116:2006 - Information technology -- Security techniques -- Modes of operation for an n-bit block cipher". ISO Standards catalogue.^ a b cKuo-Tsang Huang, Jung-Hui Chiu, and Sung-Shiou Shen (January 2013). "A Novel Structure with Dynamic Operation Mode for Symmetric-Key Block Ciphers". International Journal of Network Security & Its Applications (IJNSA) 5 (1): 19.^NIST Computer Security Division's (CSD) Security Technology Group (STG) (2013). "Current modes". Cryptographic Toolkit. NIST. Retrieved April 12, 2013.^"Stream Cipher Reuse: A Graphic Example". Cryptosmith LLC. Retrieved 27 March 2013.^B. Moeller (May 20, 2004), Security of CBC Ciphersuites in SSL/TLS: Problems and Countermeasures^William F. Ehrsam, Carl H. W. Meyer, John L. Smith, Walter L. Tuchman, "Message verificationand transmission error detection by block chaining", US Patent 4074066, 1976^http://www.iks-jena.de/mitarb/lutz/security/cryptfaq/q84.html^Kaufman, C.; Perlman, R.; Speciner, M. (2002). Network Security (2nd ed.). Upper Saddle River, NJ: Prentice Hall. p. 319. ISBN 0130460192.^Kohl, J. (1990). "The Use of Encryption in Kerberos for Network Authentication". Proceedings, Crypto '89. Berlin: Springer. ISBN 0387973176.^ a bNIST: Recommendation for Block Cipher Modes of Operation^Davies, D. W.; Parkin, G. I. P. (1983). "The average cycle size of the key stream in output feedback encipherment". Advances in Cryptology, Proceedings of CRYPTO 82. New York: Plenum Press. pp. 263–282. ISBN 0306413663.^http://www.crypto.rub.de/its_seminar_ws0809.html^Jueneman, Robert R. (1983). "Analysis of certain aspects of output feedback mode". Advances in Cryptology, Proceedings of CRYPTO 82. New York: Plenum Press. pp. 99–127. ISBN 0306413663.^Helger Lipmaa, Phillip Rogaway, and David Wagner. Comments to NIST concerning AES modes of operation: CTR-mode encryption. 2000^Niels Ferguson, Bruce Schneier, Tadayoshi Kohno, Cryptography Engineering, page 71, 2010^/crypto/co040601.htm^Virgil D. Gligor, Pompiliu Donescu, "Fast Encryption and Authentication: XCBC Encryption and XECB Authentication Modes". Proc. Fast Software Encryption, 2001: 92-108.^Charanjit S. Jutla, "Encryption Modes with Almost Free Message Integrity", Proc. Eurocrypt 2001, LNCS 2045, May 2001.^NIST: Modes Development。

我发明了密码作文英语英文回答：I have always been fascinated by the art of cryptography. The idea of taking a simple message and turning it into an unbreakable code has always intrigued me. However, the existing encryption methods were either too complex or not secure enough for my liking. That's why I set out to create my own cipher, one that was both simple to use and virtually impossible to crack.After months of tireless work, I finally had a breakthrough. I had invented a new type of cipher that used a combination of substitution and transposition. The key to my cipher was a randomly generated sequence of numbers, which I called the "encryption key." This key would then be used to determine how each letter in the message would be encrypted.To encrypt a message, I would simply replace each letterin the message with the corresponding letter in the encrypted alphabet, which was generated using the encryption key. I would then transpose the letters in the encrypted message, again using the encryption key to determine how the letters would be rearranged.To decrypt the message, the recipient would need to know the encryption key. They would then use this key to reverse the process, transposing the letters back to their original order and then using the encrypted alphabet to replace each letter with its corresponding letter in the original message.I was so excited about my new cipher that I couldn't wait to share it with the world. I wrote a paper describing my invention and submitted it to a prestigious cryptography journal. To my surprise and delight, my paper was accepted and published, and my cipher quickly gained recognition in the cryptography community.Since then, my cipher has been used to protect sensitiveinformation in a variety of applications, from secure communications to financial transactions. I am proud to know that my invention has made a positive impact on the world, and I hope that it will continue to be used to protect people's privacy and security for many years to come.中文回答：我一直对密码术着迷。

2024年高二英语区块链技术单选题40题1.Blockchain technology is a decentralized system that records transactions in multiple locations. The word "decentralized" means _____.A.centralizedB.scatteredC.concentratedD.gathered答案：B。

“decentralized”意思是分散的，选项A“centralized”是集中的；选项B“scattered”是分散的；选项C“concentrated”是集中的；选项D“gathered”是聚集的。

正确答案是B，因为“decentralized”的意思就是分散的。

2.In blockchain technology, a block contains a list of transactions. What does "transaction" mean?A.dealB.agreementC.contractD.promise答案：A。

“transaction”意思是交易，选项A“deal”有交易的意思；选项B“agreement”是协议；选项C“contract”是合同；选项D“promise”是承诺。

正确答案是A，因为“transaction”通常指交易。

3.Blockchain is known for its security. What does "security" mean in this context?A.dangerB.insecurityC.safetyD.risk答案：C。

“security”在这个语境中意思是安全，选项A“danger”是危险；选项B“insecurity”是不安全；选项C“safety”是安全；选项D“risk”是风险。